Skip to content

Commit

Permalink
Update ssnv2 tests to support new ranges object for legacy2 migration
Browse files Browse the repository at this point in the history
  • Loading branch information
fmarco76 committed Oct 28, 2024
1 parent 89a1447 commit e75f0b2
Show file tree
Hide file tree
Showing 4 changed files with 247 additions and 14 deletions.
137 changes: 131 additions & 6 deletions .github/workflows/ca-clone-ssnv1-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -1006,7 +1006,7 @@ jobs:
docker exec primary pki-server ca-id-generator-update --type legacy2 request
docker exec primary pki-server ca-id-generator-update --type legacy2 cert
- name: Check request range objects
- name: Check old request range objects
run: |
tests/ca/bin/ca-request-range-objects-ssnv1.sh primaryds | tee output
Expand All @@ -1026,6 +1026,21 @@ jobs:
diff expected output
- name: Check new request range objects
run: |
tests/ca/bin/ca-request-range-objects-ssnv1.sh primaryds ou=requests,ou=ranges_v2 | tee output
# request ranges should remain the same
cat > expected << EOF
SecurePort: 8443
beginRange: 11
endRange: 20
host: primary.example.com
EOF
diff expected output
- name: Check request next range
run: |
tests/ca/bin/ca-request-next-range-ssnv1.sh primaryds | tee output
Expand All @@ -1037,18 +1052,34 @@ jobs:
diff expected output
- name: Check cert range objects
- name: Check old cert range objects
run: |
tests/ca/bin/ca-cert-range-objects-ssnv1.sh primaryds | tee output
# cert ranges should remain the same but converted from hex to decimal
# the range value for the primary move from 13-30 (hex) to 19-48 (dec)
cat > expected << EOF
SecurePort: 8443
beginRange: 13
endRange: 30
host: primary.example.com
SecurePort: 8443
beginRange: 31
endRange: 48
host: secondary.example.com
EOF
diff expected output
- name: Check new cert range objects
run: |
tests/ca/bin/ca-cert-range-objects-ssnv1.sh primaryds ou=certificateRepository,ou=ranges_v2 | tee output
# cert ranges should remain the same but converted from hex to decimal
# the range value for the primary move from 13-30 (hex) to 19-48 (dec)
cat > expected << EOF
SecurePort: 8443
beginRange: 19
endRange: 48
Expand Down Expand Up @@ -1127,6 +1158,22 @@ jobs:
diff expected output
- name: Check the new range object is configured in a different DN in all CAs
run: |
docker exec primary pki-server ca-config-show dbs.serialRangeDN | tee output
docker exec primary pki-server ca-config-show dbs.requestRangeDN | tee -a output
docker exec secondary pki-server ca-config-show dbs.serialRangeDN | tee -a output
docker exec secondary pki-server ca-config-show dbs.requestRangeDN | tee -a output
cat > expected <<EOF
ou=certificateRepository,ou=ranges_v2
ou=requests,ou=ranges_v2
ou=certificateRepository,ou=ranges_v2
ou=requests,ou=ranges_v2
EOF
diff expected output
- name: Check cert range config in primary CA
run: |
tests/ca/bin/ca-cert-range-config.sh primary | tee output
Expand Down Expand Up @@ -1155,7 +1202,7 @@ jobs:
diff expected output
- name: Check request range objects
- name: Check old request range objects
run: |
tests/ca/bin/ca-request-range-objects-ssnv1.sh primaryds | tee output
Expand All @@ -1170,6 +1217,25 @@ jobs:
endRange: 30
host: secondary.example.com
EOF
diff expected output
- name: Check new request range objects
run: |
tests/ca/bin/ca-request-range-objects-ssnv1.sh primaryds ou=requests,ou=ranges_v2 | tee output
cat > expected << EOF
SecurePort: 8443
beginRange: 11
endRange: 20
host: primary.example.com
SecurePort: 8443
beginRange: 21
endRange: 30
host: secondary.example.com
SecurePort: 8443
beginRange: 31
endRange: 40
Expand All @@ -1184,10 +1250,30 @@ jobs:
diff expected output
- name: Check cert range objects
- name: Check old cert range objects
run: |
tests/ca/bin/ca-cert-range-objects-ssnv1.sh primaryds | tee output
# cert ranges should remain the same
cat > expected << EOF
SecurePort: 8443
beginRange: 13
endRange: 30
host: primary.example.com
SecurePort: 8443
beginRange: 31
endRange: 48
host: secondary.example.com
EOF
diff expected output
- name: Check new cert range objects
run: |
tests/ca/bin/ca-cert-range-objects-ssnv1.sh primaryds ou=certificateRepository,ou=ranges_v2 | tee output
# cert ranges should remain the same but in dec.
# the range value for the primary move from 13-30 (hex) to 19-48 (dec)
# the range value for the secondary move from 31-48 (hex) to 49-72 (dec)
Expand Down Expand Up @@ -1395,7 +1481,7 @@ jobs:
diff expected output
- name: Check request range objects
- name: Check old request range objects
run: |
tests/ca/bin/ca-request-range-objects-ssnv1.sh primaryds | tee output
Expand All @@ -1410,6 +1496,25 @@ jobs:
endRange: 30
host: secondary.example.com
EOF
diff expected output
- name: Check new request range objects
run: |
tests/ca/bin/ca-request-range-objects-ssnv1.sh primaryds ou=requests,ou=ranges_v2 | tee output
cat > expected << EOF
SecurePort: 8443
beginRange: 11
endRange: 20
host: primary.example.com
SecurePort: 8443
beginRange: 21
endRange: 30
host: secondary.example.com
SecurePort: 8443
beginRange: 31
endRange: 40
Expand Down Expand Up @@ -1449,10 +1554,30 @@ jobs:
diff expected output
- name: Check cert range objects
- name: Check old cert range objects
run: |
tests/ca/bin/ca-cert-range-objects-ssnv1.sh primaryds | tee output
# cert ranges should remain the same
cat > expected << EOF
SecurePort: 8443
beginRange: 13
endRange: 30
host: primary.example.com
SecurePort: 8443
beginRange: 31
endRange: 48
host: secondary.example.com
EOF
diff expected output
- name: Check new cert range objects
run: |
tests/ca/bin/ca-cert-range-objects-ssnv1.sh primaryds ou=certificateRepository,ou=ranges_v2 | tee output
cat > expected << EOF
SecurePort: 8443
beginRange: 19
Expand Down
Loading

0 comments on commit e75f0b2

Please sign in to comment.