Tests: Skip tests unstable on other archs and tweak realm join.

Unify realm join for AD params tests to use code with timeout to prevent suite freezing in sasl authid tests. Set the whole suite as flaky to retry when realm join freezes. Reviewed-by: Shridhar Gadekar <[email protected]> (cherry picked from commit 88a386e)
SSSD · Oct 12, 2023 · 2ba4644 · 2ba4644
1 parent 0c73cdb
commit 2ba4644
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 25 deletions.
diff --git a/src/tests/multihost/ad/test_adparameters_ported.py b/src/tests/multihost/ad/test_adparameters_ported.py
@@ -185,6 +185,7 @@ def set_ssh_key_ldap(session_multihost, user, pubkey, operation="replace"):
     return cmd.returncode == 0
 
 
+@pytest.mark.flaky(reruns=5, reruns_delay=30)
 @pytest.mark.adparameters
 @pytest.mark.usefixtures("change_client_hostname")
 class TestADParamsPorted:
@@ -491,6 +492,10 @@ def test_0004_ad_parameters_valid_domain_shorthost(
         :bugzilla:
           https://bugzilla.redhat.com/show_bug.cgi?id=892197
         """
+        arch = multihost.client[0].run_command(
+            'uname -m', raiseonerr=False).stdout_text
+        if 'x86_64' not in arch:
+            pytest.skip("Test is unstable on architectures other than x68_64.")
         adjoin(membersw='adcli')
         client = sssdTools(multihost.client[0], multihost.ad[0])
         # Create AD user with posix attributes
@@ -751,7 +756,7 @@ def test_0008_ad_parameters_homedir_override_both(
     @pytest.mark.tier1_2
     @pytest.mark.c_ares
     def test_0009_ad_parameters_ldap_sasl_full(
-            multihost, create_aduser_group):
+            multihost, adjoin, create_aduser_group):
         """
         :title: IDM-SSSD-TC: ad_provider: ad_parameters: Using full principal
           bz877972
@@ -778,17 +783,12 @@ def test_0009_ad_parameters_ldap_sasl_full(
         """
         hostname = multihost.client[0].run_command(
             'hostname', raiseonerr=False).stdout_text.rstrip()
+        client = sssdTools(multihost.client[0], multihost.ad[0])
         ad_realm = multihost.ad[0].domainname.upper()
-        # Join AD manually to set the user-principal for sasl
-        joincmd = f"realm join --user=Administrator --user-principal=host/" \
-                  f"{hostname}@{ad_realm} {multihost.ad[0].domainname.lower()}"
-        multihost.client[0].run_command(
-            joincmd, stdin_text=multihost.ad[0].ssh_password,
-            raiseonerr=False)
+
         # Create AD user
         (aduser, _) = create_aduser_group
         # Configure sssd
-        client = sssdTools(multihost.client[0], multihost.ad[0])
         client.backup_sssd_conf()
         dom_section = f'domain/{client.get_domain_section_name()}'
         sssd_params = {
@@ -817,8 +817,6 @@ def test_0009_ad_parameters_ldap_sasl_full(
         # TEARDOWN
         client.restore_sssd_conf()
         client.clear_sssd_cache()
-        multihost.client[0].run_command(
-            f"realm leave {ad_realm}", raiseonerr=False)
 
         # EVALUATION
         assert f"Option ldap_sasl_authid has value " \
@@ -836,7 +834,7 @@ def test_0009_ad_parameters_ldap_sasl_full(
     @pytest.mark.tier2
     @pytest.mark.c_ares
     def test_0010_ad_parameters_ldap_sasl_short(
-            multihost, create_aduser_group):
+            multihost, adjoin, create_aduser_group):
         """
         :title: IDM-SSSD-TC: ad_provider: ad_parameters: Using short principal
         :id: 6f1cc204-0dd3-40eb-a3e2-a113cc7c2df3
@@ -860,21 +858,14 @@ def test_0010_ad_parameters_ldap_sasl_short(
         :customerscenario: False
         :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1137015
         """
-
         hostname = multihost.client[0].run_command(
             'hostname', raiseonerr=False).stdout_text.rstrip()
         ad_realm = multihost.ad[0].domainname.upper()
+        client = sssdTools(multihost.client[0], multihost.ad[0])
 
-        # Join AD manually to set the user-principal for sasl
-        joincmd = f"realm join --user=Administrator --user-principal=host/" \
-                  f"{hostname}@{ad_realm} {multihost.ad[0].domainname.lower()}"
-        multihost.client[0].run_command(
-            joincmd, stdin_text=multihost.ad[0].ssh_password,
-            raiseonerr=False)
         # Create AD user
         (aduser, _) = create_aduser_group
         # Configure sssd
-        client = sssdTools(multihost.client[0], multihost.ad[0])
         client.backup_sssd_conf()
         dom_section = f'domain/{client.get_domain_section_name()}'
         sssd_params = {
@@ -904,8 +895,6 @@ def test_0010_ad_parameters_ldap_sasl_short(
         # TEARDOWN
         client.restore_sssd_conf()
         client.clear_sssd_cache()
-        multihost.client[0].run_command(
-            f"realm leave {ad_realm}", raiseonerr=False)
 
         # EVALUATION
         assert f"Option ldap_sasl_authid has value " \
@@ -1173,7 +1162,6 @@ def test_0014_ad_parameters_server_blank(
         assert su_result, "The su command failed!"
 
     @staticmethod
-    @pytest.mark.flaky(reruns=5, reruns_delay=30)
     @pytest.mark.tier2
     def test_0015_ad_parameters_ad_hostname_machine(
             multihost, adjoin, create_aduser_group):
@@ -2205,7 +2193,6 @@ def test_0027_ad_parameters_group_membership_empty(
         assert aduser in grp_cmd.stdout_text, f"{aduser} not in getent out."
 
     @staticmethod
-    @pytest.mark.flaky(reruns=5, reruns_delay=30)
     @pytest.mark.tier2
     def test_0028_ad_parameters_nested_in_nonposix_group(
             multihost, adjoin, create_aduser_group):
@@ -2277,7 +2264,6 @@ def test_0028_ad_parameters_nested_in_nonposix_group(
         assert group_2 in usr_cmd.stdout_text, f"{group_2} not in id output."
 
     @staticmethod
-    @pytest.mark.flaky(reruns=5, reruns_delay=30)
     @pytest.mark.tier2
     def test_0029_ad_parameters_tokengroups_with_ldap(
             multihost, adjoin, create_aduser_group):
@@ -2339,7 +2325,6 @@ def test_0029_ad_parameters_tokengroups_with_ldap(
                not in log_str
 
     @staticmethod
-    @pytest.mark.flaky(reruns=5, reruns_delay=30)
     @pytest.mark.tier2
     def test_0030_ad_parameters_tokengroups_searchbase(
             multihost, adjoin, create_aduser_group):

diff --git a/src/tests/multihost/sssd/testlib/common/utils.py b/src/tests/multihost/sssd/testlib/common/utils.py
@@ -389,6 +389,13 @@ def realm_join(self, domainname, admin_password,
                     f'--client-software={client_software} ' \
                     f'--server-software={server_software} ' \
                     f'--membership-software={membership_software} -v'
+        # For AD sasl authid tests we need to have user-principal populated.
+        if server_software == 'active-directory':
+            hostname = self.multihost.run_command(
+                'hostname', raiseonerr=False).stdout_text.rstrip()
+            ad_realm = self.adhost.domainname.upper()
+            realm_cmd += f' --user-principal=host/{hostname}@{ad_realm}'
+
         print(realm_cmd)
         cmd = self.multihost.run_command(realm_cmd, stdin_text=admin_password,
                                          raiseonerr=False)