diff --git a/testsuite/features/secondary/srv_rename_hostname.feature b/testsuite/features/secondary/srv_rename_hostname.feature index 27b294e3692b..1f15f0bf2ab2 100644 --- a/testsuite/features/secondary/srv_rename_hostname.feature +++ b/testsuite/features/secondary/srv_rename_hostname.feature @@ -63,6 +63,9 @@ Feature: Reconfigure the server's hostname Scenario: Apply high state on the PXE boot minion to populate new server CA When I apply highstate on "pxeboot_minion" + Scenario: Check all new server certificates on the minions + When I check all certificates after renaming the server hostname + Scenario: Do some minimal smoke test on the renamed server Given I am on the Systems overview page of this "sle_minion" When I follow "Details" in the content area @@ -124,3 +127,6 @@ Feature: Reconfigure the server's hostname @pxeboot_minion Scenario: Apply high state on the PXE boot minion to populate new server CA When I apply highstate on "pxeboot_minion" + + Scenario: Check all new server certificates on the minions + When I check all certificates after renaming the server hostname diff --git a/testsuite/features/step_definitions/command_steps.rb b/testsuite/features/step_definitions/command_steps.rb index 17a8b3d2fa19..d5c85d74076c 100644 --- a/testsuite/features/step_definitions/command_steps.rb +++ b/testsuite/features/step_definitions/command_steps.rb @@ -1508,7 +1508,7 @@ hostname, _result = get_target('server').run("hostname") hostname.strip! - raise "Wrong hostname after changing it. Is: #{hostname}, should be: #{new_hostname}" if hostname != new_hostname + raise "Wrong hostname after changing it. Is: #{hostname}, should be: #{new_hostname}" unless hostname == new_hostname # Add the new hostname on controller's /etc/hosts to resolve in smoke tests `echo '#{server_node.public_ip} #{new_hostname}#{server_node.full_hostname.delete_prefix(server_node.hostname)} #{new_hostname}' >> /etc/hosts` @@ -1546,6 +1546,29 @@ raise 'Error in the output logs - see logs above' if out_spacewalk.include? 'No such file or directory' end +When(/^I check all certificates after renaming the server hostname$/) do + # get server certificate serial to compare it with the other minions + command_server = "openssl x509 --noout --text -in /etc/pki/trust/anchors/LOCAL-RHN-ORG-TRUSTED-SSL-CERT | grep -A1 'Serial' | grep -v 'Serial'" + server_cert_serial, result_code = get_target('server').run(command_server) + server_cert_serial.strip! + log "Server certificate serial: #{server_cert_serial}" + + raise 'Error getting server certificate serial!' unless result_code.zero? + + command_minion = "openssl x509 --noout --text -in /etc/pki/trust/anchors/RHN-ORG-TRUSTED-SSL-CERT | grep -A1 'Serial' | grep -v 'Serial'" + targets = %w[proxy sle_minion ssh_minion rhlike_minion deblike_minion build_host kvm_server] + targets.each do |target| + # get all defined minions from the environment variables and check their certificate serial + next unless ENV.key? ENV_VAR_BY_HOST[target] + minion_cert_serial, result_code = get_target(target).run(command_minion) + minion_cert_serial.strip! + log "#{target} certificate serial: #{minion_cert_serial}" + + raise 'Error getting server certificate serial!' unless result_code.zero? + raise "Error comparing #{target} certificate with server!" unless minion_cert_serial == server_cert_serial + end +end + When(/^I change back the server's hostname$/) do server_node = get_target('server') old_hostname = server_node.hostname @@ -1556,6 +1579,10 @@ sed -i \'$d\' /etc/hosts && sed -i \'$d\' /etc/hosts") get_target('server', refresh: true) # This will refresh the attributes of this node + hostname, _result = get_target('server').run("hostname") + hostname.strip! + + raise "Wrong hostname after changing it. Is: #{hostname}, should be: #{new_hostname}" unless hostname == new_hostname # Cleanup the temporary entry in /etc/hosts on the controller `sed -i \'$d\' /etc/hosts`