From fad87a9962ee33cfebc4fa59aba589e98b076cea Mon Sep 17 00:00:00 2001
From: Oleg Fayans <ofayans@redhat.com>
Date: Thu, 24 Nov 2016 11:14:15 +0100
Subject: Test: uniqueness of certificate renewal master

https://fedorahosted.org/freeipa/ticket/6504

Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
---
 .../test_integration/test_replica_promotion.py     | 42 ++++++++++++++++++++++
 1 file changed, 42 insertions(+)

(limited to 'ipatests')

diff --git a/ipatests/test_integration/test_replica_promotion.py b/ipatests/test_integration/test_replica_promotion.py
index 0e93356c7..e75f4fcea 100644
--- a/ipatests/test_integration/test_replica_promotion.py
+++ b/ipatests/test_integration/test_replica_promotion.py
@@ -441,3 +441,45 @@ class TestWrongClientDomain(IntegrationTest):
                                      raiseonerr=False)
         assert(result1.returncode == 0), (
             'Failed to promote the client installed with the upcase domain name')
+
+
+class TestRenewalMaster(IntegrationTest):
+
+    topology = 'star'
+    num_replicas = 1
+
+    @classmethod
+    def uninstall(cls, mh):
+        super(TestRenewalMaster, cls).uninstall(mh)
+
+    def test_replica_not_marked_as_renewal_master(self):
+        """
+        https://fedorahosted.org/freeipa/ticket/5902
+        """
+        master = self.master
+        replica = self.replicas[0]
+        result = master.run_command(["ipa", "config-show"]).stdout_text
+        assert("IPA CA renewal master: %s" % master.hostname in result), (
+            "Master hostname not found among CA renewal masters"
+        )
+        assert("IPA CA renewal master: %s" % replica.hostname not in result), (
+            "Replica hostname found among CA renewal masters"
+        )
+
+    def test_manual_renewal_master_transfer(self):
+        replica = self.replicas[0]
+        replica.run_command(['ipa', 'config-mod',
+                             '--ca-renewal-master-server', replica.hostname])
+        result = self.master.run_command(["ipa", "config-show"]).stdout_text
+        assert("IPA CA renewal master: %s" % replica.hostname in result), (
+            "Replica hostname not found among CA renewal masters"
+        )
+
+    def test_automatic_renewal_master_transfer_ondelete(self):
+        # Test that after master uninstallation, replica overtakes the cert
+        # renewal master role
+        tasks.uninstall_master(self.replicas[0])
+        result = self.master.run_command(['ipa', 'config-show']).stdout_text
+        assert("IPA CA renewal master: %s" % self.master.hostname in result), (
+            "Master hostname not found among CA renewal masters"
+        )
-- 
cgit