The nightly test test_integration/test_cert.py::TestCAShowErrorHandling::test_ca_show_error_handling may fail when replication is slow.
test_integration/test_cert.py::TestCAShowErrorHandling::test_ca_show_error_handling
Test scenario: call ipa ca-add on replicas[0] ensure the entry is available on the master with ipa ca-find
If replication didn't complete, the call to ipa ca-find may not return the new subca.
Logs:
self = <ipatests.test_integration.test_cert.TestCAShowErrorHandling object at 0x7f8008de8190> def test_ca_show_error_handling(self): """ Test to verify if the case of a request for /ca/rest/authority/{id}/cert (or .../chain) where {id} is an unknown authority ID. Test Steps: 1. Setup a freeipa server and a replica 2. Stop ipa-custodia service on replica 3. Create a LWCA on the replica 4. Verify LWCA is recognized on the server 5. Run `ipa ca-show <LWCA>` PKI Github Link: https://github.com/dogtagpki/pki/pull/3605/ """ self.replicas[0].run_command(['systemctl', 'stop', 'ipa-custodia']) lwca = 'lwca1' result = self.replicas[0].run_command([ 'ipa', 'ca-add', lwca, '--subject', 'CN=LWCA 1' ]) assert 'Created CA "{}"'.format(lwca) in result.stdout_text result = self.master.run_command(['ipa', 'ca-find']) > assert 'Name: {}'.format(lwca) in result.stdout_text E AssertionError: assert 'Name: lwca1' in '------------\n1 CA matched\n------------\n Name: ipa\n Description: IPA CA\n Authority ID: 76aa8a9d-8b80-41e5-b4dd-4cc4ed1c79ee\n Subject DN: CN=Certificate Authority,O=UFREEIPA.TEST\n Issuer DN: CN=Certificate Authority,O=UFREEIPA.TEST\n RSN Version: 3\n----------------------------\nNumber of entries returned 1\n----------------------------\n' E + where 'Name: lwca1' = <built-in method format of str object at 0x7f8008e12b30>('lwca1') E + where <built-in method format of str object at 0x7f8008e12b30> = 'Name: {}'.format E + and '------------\n1 CA matched\n------------\n Name: ipa\n Description: IPA CA\n Authority ID: 76aa8a9d-8b80-41e5-b4dd-4cc4ed1c79ee\n Subject DN: CN=Certificate Authority,O=UFREEIPA.TEST\n Issuer DN: CN=Certificate Authority,O=UFREEIPA.TEST\n RSN Version: 3\n----------------------------\nNumber of entries returned 1\n----------------------------\n' = <pytest_multihost.transport.SSHCommand object at 0x7f8008dd2eb0>.stdout_text lwca = 'lwca1' result = <pytest_multihost.transport.SSHCommand object at 0x7f8008dd2eb0> self = <ipatests.test_integration.test_cert.TestCAShowErrorHandling object at 0x7f8008de8190> test_integration/test_cert.py:552: AssertionError
Output on the replica:
RUN ['ipa', 'ca-add', 'lwca1', '--subject', 'CN=LWCA 1'] ------------------ Created CA "lwca1" ------------------ Name: lwca1 Authority ID: 52abe9c5-4f68-4419-b885-e40be54a56b8 Subject DN: CN=LWCA 1 Issuer DN: CN=Certificate Authority,O=UFREEIPA.TEST Certificate: MIIEejCCAuKgAwIBAgIRANRbXwWJlupeIqam9zPu/iIwDQYJKoZIhvcNAQELBQAwODEWMBQGA1UECgwNVUZSRUVJUEEuVEVTVDEeMBwGA1UEAwwVQ2VydGlmaWNhdGUgQXV0aG9yaXR5MB4XDTI1MDMxMTE3MDQ1OVoXDTQ1MDMxMTE2NDc1NFowETEPMA0GA1UEAwwGTFdDQSAxMIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEArLUHIDRDWJMx5Xwra9xshSzt+aQIILcTyO4IkVLfDD3BLJvQgWNyxE2oor33wtHF8JpWTNsOQMYXc1q0XGfom5xexLZ2pOtmNbLRk2WZnO0PwxGy9ZoENK5RpnjwfTX4i1Qs4bP5auGca9f4q2jGVq1Vd9567NEt2XJptNcXqSaVhACnLldryszY8YqtTObRonOU+GbMWdWQmJTmWJR4rikS+gBVpQgyRrDc0hgAGJ1xAW0S9uFeJqL8ChNSerqlNZeuGgV/N15W4AS3Xyn/K7rJ7s+KOVBIu+ayqChy65ybHZP9jbyFevbXGZS0UHSv+o7zunulk9v1eQSQ1XfH4Rznjtla/2FM04FvjUiRmtWJe3yIHoJqi8Ud4deYZkRZcsEWmKY3g0FneksFxcTxuxxaCNVv4o7dHCvnazF75g8DpOFUsDAiED4zgXEaEoJmcS4YFq/G0w20J90HbQTrPbDmq8O2vUndR5qvo5yGzR5BPtpiWfHH7W4uEpYYdBShAgMBAAGjgaUwgaIwHQYDVR0OBBYEFJzM2d1drHUkAeMTQJFW4i4urVx6MB8GA1UdIwQYMBaAFNiqtRvENawRkY82VF0ZwgAXpoKQMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgHGMD8GCCsGAQUFBwEBBDMwMTAvBggrBgEFBQcwAYYjaHR0cDovL2lwYS1jYS51ZnJlZWlwYS50ZXN0L2NhL29jc3AwDQYJKoZIhvcNAQELBQADggGBACU0tunlPnxQ2UFFvSuRJIOcyL+K0iVP9TuUz8UKcj5C/UGctFf5f+jTYZaZLPgsleobShj7MdWMDTEQUYy5+4s0W6nxg1n4PNf9+n7/QtXEJBZG3qZmdTXV6K1k7dRRnoAjlULqPDDJeUf3Cagel5uvmlHoGxrM/llCLg3wwblx3nedI241CDWwKGP0bVBsuP7s8mw2BzKvCjHXtuOYIwcEiaixFvfcl2T3S+3VkFHIDSQlFiMUaPecWT8vN1TA7Ii16zkKOl4sWgHbXx4SkASx/nUNMaBXyI9MAaE2LUIj+31hMQs2asyXiv2Tq7ZZ9/EU3NhD5uD3hKyyhbQm2JLSTgwZ6tjAVMR7hi9hseaA4ZPlyYvldqXcQqFAyHg+WoHytcmhgHC8pQKBvDzMafa4JGAHJ2CQAC32TZZERIBTTe3n0khvydsiKnM6Wk975VPfhpNXzGLFjKAt8wZvTbH6UikkN0Di52D/FY/oAc5/T653UpjznliUZbwi7Lz4NQ== Exit code: 0
on the master:
RUN ['ipa', 'ca-find'] RUN ['ipa', 'ca-find'] ------------ 1 CA matched ------------ Name: ipa Description: IPA CA Authority ID: 76aa8a9d-8b80-41e5-b4dd-4cc4ed1c79ee Subject DN: CN=Certificate Authority,O=UFREEIPA.TEST Issuer DN: CN=Certificate Authority,O=UFREEIPA.TEST RSN Version: 3 ---------------------------- Number of entries returned 1 ---------------------------- Exit code: 0
Metadata Update from @frenaud: - Custom field on_review adjusted to https://github.com/freeipa/freeipa/pull/7727
Example of failing run in our internal artifacts server: https://$artifact_server/idm-ci/freeipa_upstream_nightly/Nightly-rawhide/master/2025-03-10_14-15/rawhide/test_cert/5/report.html?sort=result
master:
ipa-4-12:
Metadata Update from @sumenon: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.