From 8e8d7a7b84a3bef9d948beadc3cf3f99eaa147fb Mon Sep 17 00:00:00 2001 From: Marco Fargetta Date: Thu, 13 Jun 2024 16:53:40 +0200 Subject: [PATCH] Add ansible step for DS setup In CI test using ansible, after DS setup the following operation fails because DS is not ready and the authentication bind get error. An additional step to repeat the connection until the bind authentication succeed is added after DS configuration. --- .github/workflows/ocsp-tests.yml | 2 +- tests/ansible/est/tasks/main.yml | 11 ++++++++++ .../certificate_self_validation_with_crl.yml | 20 +++++++++++++++++++ 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ocsp-tests.yml b/.github/workflows/ocsp-tests.yml index a0fff9975bb..d393f6e4009 100644 --- a/.github/workflows/ocsp-tests.yml +++ b/.github/workflows/ocsp-tests.yml @@ -82,6 +82,6 @@ jobs: - name: Execute OCSP playbook run: | - ansible-playbook -e 'pki_subsystem="ocsp"' tests/ansible/pki-playbook.yml + ansible-playbook -e 'pki_subsystem="ocsp"' tests/ansible/pki-playbook.yml env: ANSIBLE_CONFIG: ${{ github.workspace }}/tests/ansible/ansible.cfg diff --git a/tests/ansible/est/tasks/main.yml b/tests/ansible/est/tasks/main.yml index fdb7152e636..667cb500338 100644 --- a/tests/ansible/est/tasks/main.yml +++ b/tests/ansible/est/tasks/main.yml @@ -44,6 +44,17 @@ container: "{{ ds_container }}" command: dsconf slapd-localhost backend create --suffix dc=example,dc=com --be-name userRoot +- name: Check ds connection + community.docker.docker_container_exec: + container: "{{ ds_container }}" + command: ldapsearch -H ldap://{{ ds_hostname }}:3389 -D "cn=Directory Manager" -w {{ ds_password }} -x -b dc=example,dc=com + register: ds_connection + retries: 5 + delay: 15 + failed_when: ds_connection.rc != 32 and ds_connection.rc != 49 + until: ds_connection.rc == 32 + + - name: Add base entry community.docker.docker_container_exec: container: "{{ ds_container }}" diff --git a/tests/ansible/ocsp/tasks/certificate_self_validation_with_crl.yml b/tests/ansible/ocsp/tasks/certificate_self_validation_with_crl.yml index 2138453267d..853e3695843 100644 --- a/tests/ansible/ocsp/tasks/certificate_self_validation_with_crl.yml +++ b/tests/ansible/ocsp/tasks/certificate_self_validation_with_crl.yml @@ -44,6 +44,16 @@ - sed -i -e "s/;self_sign_cert = .*/self_sign_cert = True/g" ds.inf - dscreate from-file ds.inf +- name: Check CA ds connection + community.docker.docker_container_exec: + container: "{{ cads_container }}" + command: ldapsearch -H ldap://{{ cads_hostname }}:3389 -D "cn=Directory Manager" -w {{ cads_password }} -x -b dc=example,dc=com + register: cads_connection + retries: 5 + delay: 15 + failed_when: cads_connection.rc != 32 and cads_connection.rc != 49 + until: cads_connection.rc == 32 + - name: Add CA base entry community.docker.docker_container_exec: container: "{{ cads_container }}" @@ -140,6 +150,16 @@ - sed -i -e "s/;self_sign_cert = .*/self_sign_cert = True/g" ds.inf - dscreate from-file ds.inf +- name: Check OCSP ds connection + community.docker.docker_container_exec: + container: "{{ ocspds_container }}" + command: ldapsearch -H ldap://{{ ocspds_hostname }}:3389 -D "cn=Directory Manager" -w {{ ocspds_password }} -x -b dc=example,dc=com + register: ocspds_connection + retries: 5 + delay: 15 + failed_when: ocspds_connection.rc != 32 and ocspds_connection.rc != 49 + until: ocspds_connection.rc == 32 + - name: Add OCSP base entry community.docker.docker_container_exec: