The nightly test test_integration/test_ipahealthcheck.py::TestIpaHealthCheckWithoutDNS::test_ipa_dns_systemrecords_check is failing on rawhide, see for instance PR #2248 with the following logs and report:
test_integration/test_ipahealthcheck.py::TestIpaHealthCheckWithoutDNS::test_ipa_dns_systemrecords_check
self = <ipatests.test_integration.test_ipahealthcheck.TestIpaHealthCheckWithoutDNS object at 0x7f132429c0d0> def test_ipa_dns_systemrecords_check(self): """ Test checks the result of IPADNSSystemRecordsCheck when ipa-server is configured without DNS. """ expected_msgs = { "Expected SRV record missing", "Got {count} ipa-ca A records, expected {expected}", "Got {count} ipa-ca AAAA records, expected {expected}", "Expected URI record missing", } tasks.install_packages(self.master, HEALTHCHECK_PKG) returncode, data = run_healthcheck( self.master, "ipahealthcheck.ipa.idns", "IPADNSSystemRecordsCheck", ) assert returncode == 1 for check in data: assert check["result"] == "WARNING" > assert check["kw"]["msg"] in expected_msgs E AssertionError: assert 'expected ipa-ca to contain {ipaddr} for {server}' in {'Expected SRV record missing', 'Expected URI record missing', 'Got {count} ipa-ca A records, expected {expected}', 'Got {count} ipa-ca AAAA records, expected {expected}'}
Test scenario: - install ipa server without DNS - launch ipa-healthcheck --source ipahealthcheck.ipa.idns --check IPADNSSystemRecordsCheck
ipa-healthcheck --source ipahealthcheck.ipa.idns --check IPADNSSystemRecordsCheck
The test expects a WARNING related to ipa-ca records.
The reported WARNING has a different message. With freeipa-healthcheck-0.11-5.fc37.noarch:
{ "source": "ipahealthcheck.ipa.idns", "check": "IPADNSSystemRecordsCheck", "result": "WARNING", "uuid": "56ba3fa4-89d1-4c7e-b748-eee19dc1a111", "when": "20221126153845Z", "duration": "0.202203", "kw": { "key": "ca_count_a_rec", "msg": "Got {count} ipa-ca A records, expected {expected}", "count": 0, "expected": 1 }
With freeipa-healthcheck-0.12-1.fc38.noarch:
{ "source": "ipahealthcheck.ipa.idns", "check": "IPADNSSystemRecordsCheck", "result": "WARNING", "uuid": "9e7e99a8-f4b8-4d50-a1d1-02de0f8cbdd6", "when": "20221204161002Z", "duration": "0.216402", "kw": { "key": "ipa_ca_missing_master.ipa.test", "server": "master.ipa.test", "ipaddr": "192.168.122.95", "msg": "expected ipa-ca to contain {ipaddr} for {server}" }
The test needs to be adapted in order to be compatible with both versions of freeipa-healthcheck.
The test test_ipahealthcheck.py::TestIpaHealthCheck::test_ipa_dns_systemrecords_check is also failing: PR #2275, logs, report:
test_ipahealthcheck.py::TestIpaHealthCheck::test_ipa_dns_systemrecords_check
self = <ipatests.test_integration.test_ipahealthcheck.TestIpaHealthCheck object at 0x7f8b84fb7c90> def test_ipa_dns_systemrecords_check(self): """ This test ensures that the ipahealthcheck.ipa.idns check displays the correct result when master and replica is setup with integrated DNS. """ SYSTEM_RECORDS = [ rr for h in [self.master, self.replicas[0]] for rr in [ # SRV rrs f"_ldap._tcp.{h.domain.name}.:{h.hostname}.", f"_kerberos._tcp.{h.domain.name}.:{h.hostname}.", f"_kerberos._udp.{h.domain.name}.:{h.hostname}.", f"_kerberos-master._tcp.{h.domain.name}.:{h.hostname}.", f"_kerberos-master._udp.{h.domain.name}.:{h.hostname}.", f"_kpasswd._tcp.{h.domain.name}.:{h.hostname}.", f"_kpasswd._udp.{h.domain.name}.:{h.hostname}.", # URI rrs f"_kerberos.{h.domain.name}.:krb5srv:m:tcp:{h.hostname}.", f"_kerberos.{h.domain.name}.:krb5srv:m:udp:{h.hostname}.", f"_kpasswd.{h.domain.name}.:krb5srv:m:tcp:{h.hostname}.", f"_kpasswd.{h.domain.name}.:krb5srv:m:udp:{h.hostname}.", ] + [str(ip) for ip in resolve_ip_addresses_nss(h.external_hostname)] ] SYSTEM_RECORDS.append(f'"{self.master.domain.realm.upper()}"') returncode, data = run_healthcheck( self.master, "ipahealthcheck.ipa.idns", "IPADNSSystemRecordsCheck" ) assert returncode == 0 for check in data: assert check["result"] == "SUCCESS" > assert check["kw"]["key"] in SYSTEM_RECORDS E AssertionError: assert 'ipa_ca_check' in ['_ldap._tcp.ipa.test.:master.ipa.test.', '_kerberos._tcp.ipa.test.:master.ipa.test.', '_kerberos._udp.ipa.test.:master.ipa.test.', '_kerberos-master._tcp.ipa.test.:master.ipa.test.', '_kerberos-master._udp.ipa.test.:master.ipa.test.', '_kpasswd._tcp.ipa.test.:master.ipa.test.', ...]
The expected SYSTEM_RECORDS should also contain the ipa-ca records.
Metadata Update from @amore: - Issue assigned to mbhalodi
These failures were being seen in an unrelated healthcheck PR that ran these classes. This should fix it up https://github.com/freeipa/freeipa/pull/6646
@rcritten The issue says that it's failing on rawhide, so by looking into your PR, I believe fedore-rawhide should be there instead of fedora-latest in temp_commit.yaml file. isn't it so?
fedore-rawhide
fedora-latest
temp_commit.yaml
@mbhalodi the issue is also seen in fedora 37, see nightly PR #2401. When the problem was first reported, rawhide was the only Fedora version with ipa-healthcheck 0.12 but this version also reached f37 a bit later.
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/6646 - Issue assigned to rcritten (was: mbhalodi)
master:
ipa-4-10:
ipa-4-9:
Metadata Update from @frenaud: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.