Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add pki-server <subsystem>-db-repl-agmt-init #4636

Merged
merged 2 commits into from
Dec 12, 2023
Merged

Add pki-server <subsystem>-db-repl-agmt-init #4636

merged 2 commits into from
Dec 12, 2023

Conversation

edewata
Copy link
Contributor

@edewata edewata commented Dec 11, 2023

The pki-server <subsystem>-db-repl-agmt-init has been added to start initializing the replication agreement and wait until it's complete.

The SubsystemDBReplicationSetupCLI has been modified to no longer include initializing the replication agreement.

The test for CA cloning with replicated DS has been updated to use the new command. The test has also been updated to
import the primary CA's system certs and keys into the secondary CA's NSS database prior to running pkispawn so it's no longer necessary to specify the PKCS #12 path and password for pkispawn.

The ConfigurationFile.verify_predefined_configuration_file_data() and initialization.py have been modified such that the PKCS #12 path and password are no longer mandatory for cloning.

https://github.com/dogtagpki/389-ds-base/wiki/Configuring-DS-Replication-with-DS-Tools
https://github.com/dogtagpki/389-ds-base/wiki/Configuring-DS-Replication-with-LDAP-Tools
https://github.com/dogtagpki/389-ds-base/wiki/Configuring-DS-Replication-with-PKI-Tools

@edewata edewata requested a review from fmarco76 December 11, 2023 15:51
fmarco76
fmarco76 approved these changes Dec 11, 2023
View reviewed changes
Copy link
Member

@fmarco76 fmarco76 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@edewata
Update test for CA cloning with replicated DS
bd1c603 
The test for CA cloning with replicated DS has been updated to
import the primary CA's system certs and keys into the secondary
CA's NSS database prior to running pkispawn so it's no longer
necessary to specify the PKCS dogtagpki#12 path and password for pkispawn.

The ConfigurationFile.verify_predefined_configuration_file_data()
and initialization.py have been modified such that the PKCS dogtagpki#12
path and password are no longer mandatory for cloning.
@edewata
Add pki-server <subsystem>-db-repl-agmt-init
68567fa 
The pki-server <subsystem>-db-repl-agmt-init has been added
to start initializing the replication agreement and wait
until it's complete.

The SubsystemDBReplicationSetupCLI has been modified to no
longer include initializing the replication agreement.

The test for CA cloning with replicated DS has been updated
to use the new command.
@sonarqubecloud SonarQubeCloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 3 Code Smells

0.0% 0.0% Coverage
2.3% 2.3% Duplication

@edewata
Copy link
Contributor Author

edewata commented Dec 12, 2023

@fmarco76 Thanks! I rebased and cleaned up the help message.

@edewata edewata merged commit bc04a8e into dogtagpki:master Dec 12, 2023
131 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fmarco76 fmarco76 fmarco76 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@edewata @fmarco76