QE: Fix and improve the server hostname rename test #7700
Conversation
| @sle_minion | ||
| Scenario: Apply high state on the SUSE Minion to populate new server CA | ||
| When I apply highstate on "sle_minion" | ||
|
|
||
| @ssh_minion | ||
| Scenario: Apply high state on the SUSE SSH Minion to populate new server CA | ||
| When I apply highstate on "ssh_minion" | ||
|
|
||
| @rhlike_minion | ||
| Scenario: Apply high state on the Red Hat-like Minion to populate new server CA | ||
| When I apply highstate on "rhlike_minion" | ||
|
|
||
| @deblike_minion | ||
| Scenario: Apply high state on the Debian-like Minion to populate new server CA | ||
| When I apply highstate on "deblike_minion" | ||
|
|
||
| @buildhost | ||
| Scenario: Apply high state on the build host to populate new server CA | ||
| When I apply highstate on "build_host" | ||
|
|
||
| @virthost_kvm | ||
| Scenario: Apply high state on the virthost to populate new server CA | ||
| When I apply highstate on "kvm_server" | ||
|
|
||
| @pxeboot_minion | ||
| Scenario: Apply high state on the PXE boot minion to populate new server CA | ||
| When I apply highstate on "pxeboot_minion" |
There was a problem hiding this comment.
I would use SSM to apply high state to all the registered systems at the same time.
That way if we add any other system in our CI test suite later, we don't need to go here and maintain this part.
There was a problem hiding this comment.
Good idea. I still have issues with high state for the proxy when doing it with Salt:
@proxy
Scenario: Apply high state on the proxy to populate new server CA # features/secondary/srv_rename_hostname.feature:67
This scenario ran at: 2023-10-18 09:37:30 +0200
Given the Salt master can reach "proxy" # features/step_definitions/salt_steps.rb:11
It took 1 seconds to contact the minion
And I apply highstate on "proxy" # features/step_definitions/command_steps.rb:241
Timeout after 250 seconds (repeat_until_timeout), last result was: bash: dominik-pxy.mgr.suse.de: command not found
(RuntimeError)
./features/support/commonlib.rb:117:in `block in repeat_until_timeout'
./features/support/commonlib.rb:100:in `repeat_until_timeout'
./features/support/lavanda.rb:193:in `run_until_ok'
./features/step_definitions/command_steps.rb:248:in `/^I apply highstate on "([^"]*)"$/'
features/secondary/srv_rename_hostname.feature:69:in `I apply highstate on "proxy"'which uses
When(/^I apply highstate on "([^"]*)"$/) do |host|
system_name = get_system_name(host)
if host.include? 'ssh_minion'
cmd = 'mgr-salt-ssh'
elsif host.include? 'minion' or host.include? 'build'
cmd = 'salt'
end
get_target('server').run_until_ok("#{cmd} #{system_name} state.highstate")
endAnd running salt dominik-pxy.mgr.suse.de state.highstatemanually from the server works.
There was a problem hiding this comment.
After wondering about SSM, I think we do not yet have a step to select all systems from the systems list and add them to the SSM.
There was a problem hiding this comment.
Here a new proposal scenario that will apply high-state in all registered systems:
Scenario: Apply high-state to all systems registered
When I follow the left menu "System > System List > All"
And I click on "Select All"
And I follow the left menu "Systems > System Set Manager > Overview"
And I click on "Apply"
And I click on "Apply Highstate"
And I click on the clear SSM buttonThere was a problem hiding this comment.
Thanks for the suggestion. I will do some test run with this code.
There was a problem hiding this comment.
Scenario: Apply high-state to all systems registered # features/secondary/srv_rename_hostname.feature:34
This scenario ran at: 2023-10-20 16:35:03 +0200
When I follow the left menu "System > System List > All" # features/step_definitions/navigation_steps.rb:363
WARN: Step ends with an ajax transition not finished, let's wait a bit!
And I click on "Select All" # features/step_definitions/navigation_steps.rb:282
And I follow the left menu "Systems > System Set Manager" # features/step_definitions/navigation_steps.rb:363
WARN: Step ends with an ajax transition not finished, let's wait a bit!
And I click on "Apply" # features/step_definitions/navigation_steps.rb:282
Unable to find button "Apply" that is not disabled (Capybara::ElementNotFound)
./features/support/commonlib.rb:146:in `click_button_and_wait'
./features/step_definitions/navigation_steps.rb:283:in `/^I click on "([^"]*)"$/'
features/secondary/srv_rename_hostname.feature:38:in `I click on "Apply"'
And I click on "Apply Highstate" # features/step_definitions/navigation_steps.rb:282
Then I should see a "Applying the highstate has been scheduled" text # features/step_definitions/navigation_steps.rb:599
And I click on the clear SSM button # features/step_definitions/navigation_steps.rb:799
=> /var/log/rhn/rhn_web_ui.log
It seems no systems were selected before. This is the screen when no systems are currently selected:
nodeg
force-pushed
the
qe-fix-hostname-renam
branch
4 times, most recently
from
57ac40a
to
c1b95a5
Compare
|
I implemented some basic certificate and hostname checks which did work: (...)
Scenario: Check all new server certificates on the minions # features/secondary/srv_rename_hostname.feature:131
This scenario ran at: 2023-10-19 14:42:12 +0200
When I check all certificates after renaming the server hostname # features/step_definitions/command_steps.rb:1626
Server certificate serial: 0a:cb:26:d4:e6:56:6a:0d:24:a9:52:d1:01:af:ab:a6:ce:36:81:f5
proxy certificate serial: 0a:cb:26:d4:e6:56:6a:0d:24:a9:52:d1:01:af:ab:a6:ce:36:81:f5
sle_minion certificate serial: 0a:cb:26:d4:e6:56:6a:0d:24:a9:52:d1:01:af:ab:a6:ce:36:81:f5
ssh_minion certificate serial: 0a:cb:26:d4:e6:56:6a:0d:24:a9:52:d1:01:af:ab:a6:ce:36:81:f5
This scenario took: 1 seconds
24 scenarios (10 skipped, 14 passed)
47 steps (10 skipped, 37 passed)
5m42.736s |
nodeg
force-pushed
the
qe-fix-hostname-renam
branch
2 times, most recently
from
95aa7d9
to
11139ed
Compare
|
I will squash my commits before merging. |
nodeg
changed the title
| hostname, _result = get_target('server').run("hostname") | ||
| hostname.strip! | ||
|
|
||
| raise "Wrong hostname after changing it. Is: #{hostname}, should be: #{new_hostname}" unless hostname == new_hostname |
There was a problem hiding this comment.
Maybe such basic checks would deserve a Then step of their own. It would make more explicit / readable that we do them.
There was a problem hiding this comment.
Yes, we could do that. However, my main issue with this is, that our hostname rename and then changing the hostname back step, has a hardcoded new hostname variable in it. We do not define this new hostname in the step itself. Which is good, since across all our CIs and PR tests, the prefix of the hostname is different. Those are the reasons why I did not implement a new step of its own to check for the new hostname.
ktsamis
changed the title
|
All tests passed. |
nodeg
force-pushed
the
qe-fix-hostname-renam
branch
from
11139ed
to
6521d86
Compare
|
👋 Hello! Thanks for contributing to our project 😄 |
|
👋 Hello! Thanks for contributing to our project 😄 |
| targets = %w[proxy sle_minion ssh_minion rhlike_minion deblike_minion build_host kvm_server] | ||
| targets.each do |target| | ||
| # get all defined minions from the environment variables and check their certificate serial | ||
| next unless ENV.key? ENV_VAR_BY_HOST[target] |
There was a problem hiding this comment.
You can either do this or:
next if $node_by_host[target].nil?
There was a problem hiding this comment.
But at a higher level, I think you can also do:
$host_by_node.each do |node, _host|
minion_cert_serial, result_code = node.run(command_minion)
minion_cert_serial.strip!
log "#{target} certificate serial: #{minion_cert_serial}"
raise 'Error getting server certificate serial!' unless result_code.zero?
raise "Error comparing #{target} certificate with server!" unless minion_cert_serial == server_cert_serial
endBearing in mind that if you use this suggested loop, you will be iterating over all initialized twopences, so not only some particular targets.
There was a problem hiding this comment.
Thanks for the suggestion. I will do some test run with this code.
There was a problem hiding this comment.
This broke the code somehow.
Scenario: Check all new server certificates on the minions # features/secondary/srv_rename_hostname.feature:134
This scenario ran at: 2023-10-20 16:53:27 +0200
When I check all certificates after renaming the server hostname # features/step_definitions/command_steps.rb:1550
Server certificate serial: 35:a1:54:c6:5e:c3:f5:f5:c6:d8:52:e6:f9:73:20:a2:d1:c5:75:83
FAIL: openssl x509 --noout --text -in /etc/pki/trust/anchors/RHN-ORG-TRUSTED-SSL-CERT | grep -A1 'Serial' | grep -v 'Serial' returned status code = 1.
Output:
Can't open /etc/pki/trust/anchors/RHN-ORG-TRUSTED-SSL-CERT for reading, No such file or directory
139797779679040:error:02001002:system library:fopen:No such file or directory:crypto/bio/bss_file.c:69:fopen('/etc/pki/trust/anchors/RHN-ORG-TRUSTED-SSL-CERT','r')
139797779679040:error:2006D080:BIO routines:BIO_new_file:no such file:crypto/bio/bss_file.c:76:
unable to load certificate
(RuntimeError)
./features/support/lavanda.rb:177:in `run_local'
./features/support/lavanda.rb:155:in `run'
./features/step_definitions/command_steps.rb:1561:in `block (2 levels) in <top (required)>'
./features/step_definitions/command_steps.rb:1560:in `each'
./features/step_definitions/command_steps.rb:1560:in `/^I check all certificates after renaming the server hostname$/'
features/secondary/srv_rename_hostname.feature:135:in `I check all certificates after renaming the server hostname'
=> /var/log/rhn/rhn_web_ui.log
nodeg
force-pushed
the
qe-fix-hostname-renam
branch
from
05fc200
to
de1750e
Compare
|
👋 Hello! Thanks for contributing to our project 😄 |
nodeg
force-pushed
the
qe-fix-hostname-renam
branch
from
de1750e
to
00c87fb
Compare
|
👋 Hello! Thanks for contributing to our project. Happy hacking! |
Signed-off-by: Dominik Gedon <dominik.gedon@suse.com>
Signed-off-by: Dominik Gedon <dominik.gedon@suse.com>
nodeg
force-pushed
the
qe-fix-hostname-renam
branch
from
00c87fb
to
acbd866
Compare
|
👋 Hello! Thanks for contributing to our project. Happy hacking! |
|
Rebase and squashing commits done. The tests already passed (see screenshot above), so I merge without waiting for them again. |
What does this PR change?
This
When(/^I apply highstate on "([^"]*)"$/) do |host|tosalt_steps.rbsince it belongs thereupdate_camethod to its original form because we only need it on the controllerFixed test
Improvements
I implemented some basic certificate and hostname checks which did work:
GUI diff
No difference.
Documentation
No documentation needed: only internal and user invisible changes
DONE
Test coverage
Cucumber tests were added
DONE
Links
Changelogs
Make sure the changelogs entries you are adding are compliant with https://github.com/uyuni-project/uyuni/wiki/Contributing#changelogs and https://github.com/uyuni-project/uyuni/wiki/Contributing#uyuni-projectuyuni-repository
If you don't need a changelog check, please mark this checkbox:
If you uncheck the checkbox after the PR is created, you will need to re-run
changelog_test(see below)Re-run a test
If you need to re-run a test, please mark the related checkbox, it will be unchecked automatically once it has re-run: