Jump to: navigation, search

Testing

In-tree testing

Install

  • local install of IPA so you have a kerberos and LDAP infrastructure on your development machine
  • install additional packages listed in freeipa.spec.in file in source repository

Configure

You also need to configure IPA for your local installation.

  • When running the server in-tree the server will use ~/.ipa/ instead of /etc/ipa to look for configuration files. You need to create ~/.ipa/default.conf. You can copy this from /etc/ipa/default.conf.
mkdir -p ~/.ipa
cp /etc/ipa/default.conf ~/.ipa/
  • If you need to test DNS plugin, you should add the wait_for_dns=<timeout> option to the default.conf (IPA version >=4.0)
echo 'wait_for_dns=5' >> ~/.ipa/default.conf
  • In order for the certificate tests to pass you'll also need to create ~/.ipa/alias. The easiest way to populate this is to grab the 3 NSS db files from /etc/httpd/alias and copy them ~/.ipa/alias. Copy /etc/httpd/alias/pwdfile.txt to ~/.ipa/alias/.pwd. Be sure to change ownership of these files too. That should do it.
mkdir -p ~/.ipa/alias
cp /etc/httpd/alias/*.db ~/.ipa/alias
cp /etc/httpd/alias/pwdfile.txt ~/.ipa/alias/.pwd
chown -R $USER ~/.ipa/alias
  • As the last step, you need to store password for Directory Managed to ~/.ipa/.dmpw file.

Run tests

To use correct files from templates, run

make version-update

You also need to run tests with admin ticket:

kinit admin

Run the test script:

./make-test

This command executes all the tests in ipatests folder.

You can also use this to run specific tests. Here is how you would test the user plugin:

./make-test ipatests/test_xmlrpc/test_user_plugin.py

Or you can run only tests from specific test class...

./make-test ipatests/test_xmlrpc/test_user_plugin.py::TestUser

... or even one particular test case (applies for non-declarative tests only):

./make-test ipatests/test_xmlrpc/test_user_plugin.py::TestUser::test_retrieve

Note that some of the tests make certain assumptions about the data on the server. Some tests, for example, pull all entries and expect a certain number to be returned and may raise an error.

Lite server

For testing, you can also use lite server, although it's use is designed mainly for debugging during development. Lite server info can be found here.

Remote testing

You can also test against an IPA installation on another machine, it just requires a bit more configuration.

You first need to update ~/.ipa/default.conf to point to the remote machine. My test machine is lion.example.com, here is my configuration:

[global]
domain=example.com
realm=EXAMPLE.COM
basedn=dc=example,dc=com
server=lion.example.com
enable_ra=True
xmlrpc_uri=https://lion.lion.com/ipa/xml
in_tree=True
wait_for_attr=True

If you need to test DNS plugin, you should add the wait_for_dns=<timeout> option to the default.conf (IPA version >=4.0)

echo 'wait_for_dns=5' >> ~/.ipa/default.conf

Next, you need to configure yourself to be in the realm on your test machine. The easiest way to do this is to grab the remote krb5.conf and use that:

% scp lion.example.com:/etc/krb5.conf lion-krb5.conf
% export KRB5_CONFIG=`pwd`/lion-krb5.conf
% kinit admin

Finally you need to trust the CA on the remote machine. You need to be root to do this.

# wget -O /tmp/lion.crt http://lion.example.com/ipa/config/ca.crt
# certutil -A -d /etc/pki/nssdb -n "lion IPA CA" -t CT,CT, -a -i /tmp/lion.crt

Now you should be good-to-go to run the XML-RPC tests against a remote server.

Web UI testing

Web UI testing is covered by unit tests and integration tests.

Integration tests

Install

To run the integration tests you need to have the freeipa-tests package installed. For versions 4.2 and earlier, run:

# yum install freeipa-tests

Versions 4.3 and higher use new package:

# yum install python2-ipatests

or

# yum install python3-ipatests

All the files containing actual test implementations are located in the $PYTHON_SITELIB/ipatests/test_integration/ directory and start with a test_ prefix.

Configuration

To properly configure the environment, see integration testing configuration page.

Particularly, the configuration of your environment used for the testing can be done in two ways:

Run tests

To run the whole integration test suite, run the following:

$ ipa-run-tests

To run only tests from a specific file, run the following:

$ ipa-run-tests test_integration/test_simple_replication.py

To run tests from specific class, run:

$ ipa-run-tests test_integration/test_simple_replication.py::TestSimpleReplication

To run only one specific test, run:

$ ipa-run-tests test_integration/test_simple_replication.py::TestSimpleReplication::test_user_replication_to_master

Please note that you need to specify a whole path relative to the python's site-packages/ipatests/ directory.