#9140 Test test_rekey_keytype_DSA should be disabled
Closed: fixed 2 years ago by rcritten. Opened 2 years ago by frenaud.

The nightly test test_integration/test_cert.py::TestCertmongerRekey::test_rekey_keytype_DSA should be disabled if certmonger >= 0.79.15-2.fc35 or certmonger >= 0.79.15-3 for f36+.

With this certmonger update, DSA keys support has been removed (see https://bugzilla.redhat.com/show_bug.cgi?id=2066439) and the test is expected to fail. Test scenario:
- install IPA server
- request a cert for test/master.ipa.test, stored in a pem file
- call getcert rekey with a key of DSA type

Since DSA support has been disabled in the default crypto policy since fedora 30, this test scenario is not relevant any more.

The test is failing with the updates-testing repo enabled, see for instance the PR #1640 with the following report.


Metadata Update from @frenaud:
- Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/6236

2 years ago

The F36 and F35 to disable the support are in updates-testing nearly ready to push to stable:

https://bodhi.fedoraproject.org/updates/FEDORA-2022-c171e2c873
https://bodhi.fedoraproject.org/updates/FEDORA-2022-99b1a06324

It's possible the F36 version will be delayed by the code freeze.

master:

  • 3edd09a ipatests: remove test_rekey_keytype_DSA

ipa-4-9:

  • b3093d9 ipatests: remove test_rekey_keytype_DSA

Metadata Update from @rcritten:
- Issue close_status updated to: fixed
- Issue status updated to: Closed (was: Open)

2 years ago

Login to comment on this ticket.

Metadata