From 4cbdf4f8cdb12f1b4d4c5c41d7b5b0e0b39270f8 Mon Sep 17 00:00:00 2001
From: Rafael Guterres Jeffman <rjeffman@gmail.com>
Date: Tue, 31 Dec 2024 16:10:19 -0300
Subject: [PATCH] Added ipareplica and ipaclient tests

---
 .github/workflows/test_deployment.yml    | 106 ++++++++++++++++-------
 tests/deployment/ipareplica-vars.yml     |   2 +
 tests/deployment/ipareplica_ca.yml       |  12 +++
 tests/deployment/ipaserver_1_client.yml  |  12 +++
 tests/deployment/ipaserver_ca.yml        |  10 ---
 tests/deployment/ipaserver_test_base.yml |   5 +-
 6 files changed, 103 insertions(+), 44 deletions(-)
 create mode 100644 tests/deployment/ipareplica-vars.yml
 create mode 100644 tests/deployment/ipareplica_ca.yml
 create mode 100644 tests/deployment/ipaserver_1_client.yml
 delete mode 100644 tests/deployment/ipaserver_ca.yml

diff --git a/.github/workflows/test_deployment.yml b/.github/workflows/test_deployment.yml
index 09cbebc6d..2f897e831 100644
--- a/.github/workflows/test_deployment.yml
+++ b/.github/workflows/test_deployment.yml
@@ -4,7 +4,7 @@ on:
   - push
   - pull_request
 env:
-  test_path: "${HOME}/.ansible/collections/ansible_collections/freeipa/ansible_freeipa"
+  test_path: ".galaxy_bulid"
 
 jobs:
   check_roles:
@@ -44,10 +44,13 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
+        distro:
+          - fedora-latest
+          - c10s
         cluster_config:
           - ipaserver_test_base.yml
-          # - ipaserver_ca_dns_kra_ad.yml
-          # - ipaserver_ipaclient_ca.yml
+          # - ipaserver_ca_dns_nokra_noad.yml
+          # - ipaserver_ipaclient_ca_only.yml
     steps:
       - uses: actions/checkout@v4.1.1
         with:
@@ -55,12 +58,12 @@ jobs:
 
       - name: Build and install collection
         run: |
-          utils/build-galaxy-release.sh -i \
+          utils/build-galaxy-release.sh -k \
                 -o "$(curl -L https://api.github.com/repos/freeipa/ansible-freeipa/releases 2>/dev/null \
                       | jq '.[0].tag_name' | tr -d '"v')-dev$(date +"%Y%m%d%H%M")"
 
       - name: Test ipaserver
-        uses: rjeffman/FreeIPA-Cluster-Test@devel
+        uses: rjeffman/FreeIPA-Cluster-Test@v1.0.0
         with:
           cluster_configuration: tests/deployment/${{ matrix.cluster_config }}
           # ansible_vars: test/deployment/ipaserver-vars.yml
@@ -70,29 +73,70 @@ jobs:
             ${{ env.test_path }}/tests/host/test_host.yml
             ${{ env.test_path }}/tests/hbacrule/test_hbacrule.yml
 
-#   test_ipareplica:
-#     name: Test ipareplica role
-#     needs: [check_roles]
-#     if: ${{ needs.check_roles.outputs.ipareplica }}
-#     runs-on: ubuntu-latest
-#     strategy:
-#       matrix:
-#         # The ipaserver configuration is always "ca-dns-kra-ad"
-#         cluster_config:
-#           - ipareplica_none.yml
-#           - ipareplica_ca.yml
-#     steps:
-#
-#   test_ipaclientt:
-#     name: Test ipareplica role
-#     needs: [check_roles]
-#     if: ${{ needs.check_roles.outputs.ipareplica }}
-#     runs-on: ubuntu-latest
-#     strategy:
-#       matrix:
-#         # The ipaserver configuration is always "ca-dns-kra-ad"
-#         cluster_config:
-#           - ipareplica_none.yml
-#           - ipareplica_ca.yml
-#           - ipareplica_copy.yml
-#     steps:
+  test_ipareplica:
+    name: Test ipareplica role
+    needs: [check_roles]
+    if: ${{ needs.check_roles.outputs.ipareplica }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        distro:
+          - fedora-latest
+          - c10s
+        # The ipaserver capabilities are "ca-dns-kra"
+        cluster_config:
+          - ipareplica_ca.yml
+          # - ipareplica_none.yml
+    steps:
+      - uses: actions/checkout@v4.1.1
+        with:
+          fetch-depth: 1
+
+      - name: Build and install collection
+        run: |
+          utils/build-galaxy-release.sh -k \
+                -o "$(curl -L https://api.github.com/repos/freeipa/ansible-freeipa/releases 2>/dev/null \
+                      | jq '.[0].tag_name' | tr -d '"v')-dev$(date +"%Y%m%d%H%M")"
+
+      - name: Test ipareplica
+        uses: rjeffman/FreeIPA-Cluster-Test@v1.0.0
+        with:
+          cluster_configuration: tests/deployment/${{ matrix.cluster_config }}
+          ansible_vars: test/deployment/ipareplica-vars.yml
+          test_playbooks: >-
+            ${{ env.test_path }}/tests/user/test_user.yml
+            ${{ env.test_path }}/tests/group/test_group.yml
+            ${{ env.test_path }}/tests/host/test_host.yml
+            ${{ env.test_path }}/tests/hbacrule/test_hbacrule.yml
+
+  test_ipaclientt:
+    name: Test ipareplica role
+    needs: [check_roles]
+    if: ${{ needs.check_roles.outputs.ipaclient }}
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        # The ipaserver capabilities are "ca-dns-kra"
+        cluster_config:
+          - ipaserver_1_client.yml
+    steps:
+      - uses: actions/checkout@v4.1.1
+        with:
+          fetch-depth: 1
+
+      - name: Build and install collection
+        run: |
+          utils/build-galaxy-release.sh -k \
+                -o "$(curl -L https://api.github.com/repos/freeipa/ansible-freeipa/releases 2>/dev/null \
+                      | jq '.[0].tag_name' | tr -d '"v')-dev$(date +"%Y%m%d%H%M")"
+
+      - name: Test ipaclient
+        uses: rjeffman/FreeIPA-Cluster-Test@v1.0.0
+        with:
+          cluster_configuration: tests/deployment/${{ matrix.cluster_config }}
+          # ansible_vars: test/deployment/ipaclient-vars.yml
+          test_playbooks: >-
+            ${{ env.test_path }}/tests/user/test_user_client_context.yml
+            ${{ env.test_path }}/tests/group/test_group_client_context.yml
+            ${{ env.test_path }}/tests/host/test_host_client_context.yml
+            ${{ env.test_path }}/tests/hbacrule/test_hbacrule_client_context.yml
diff --git a/tests/deployment/ipareplica-vars.yml b/tests/deployment/ipareplica-vars.yml
new file mode 100644
index 000000000..adc1bcfe9
--- /dev/null
+++ b/tests/deployment/ipareplica-vars.yml
@@ -0,0 +1,2 @@
+---
+ipa_test_host: ipareplicas
diff --git a/tests/deployment/ipareplica_ca.yml b/tests/deployment/ipareplica_ca.yml
new file mode 100644
index 000000000..98486ad93
--- /dev/null
+++ b/tests/deployment/ipareplica_ca.yml
@@ -0,0 +1,12 @@
+lab_name: ipareplica_ca
+ipa_deployments:
+  - name: ipareplica_ca
+    domain: ipa.test
+    admin_password: SomeADMINpassword
+    dm_password: SomeDMpassword
+    cluster:
+      servers:
+        - name: server
+          capabilities: ["CA", "DNS", "KRA"]
+        - name: replica
+          capabilities: ["CA"]
diff --git a/tests/deployment/ipaserver_1_client.yml b/tests/deployment/ipaserver_1_client.yml
new file mode 100644
index 000000000..58d94ce4b
--- /dev/null
+++ b/tests/deployment/ipaserver_1_client.yml
@@ -0,0 +1,12 @@
+lab_name: ipaserver_1_client
+ipa_deployments:
+  - name: ipaserver_1_client
+    domain: ipa.test
+    admin_password: SomeADMINpassword
+    dm_password: SomeDMpassword
+    cluster:
+      servers:
+        - name: server
+          capabilities: ["CA", "DNS", "KRA"]
+      clients:
+        - name: cli-01
diff --git a/tests/deployment/ipaserver_ca.yml b/tests/deployment/ipaserver_ca.yml
deleted file mode 100644
index 8b1049fcf..000000000
--- a/tests/deployment/ipaserver_ca.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-lab_name: ipaserver_ca
-ipa_deployments:
-  - name: ipaserver_with_ca
-    domain: ipa.test
-    admin_password: SomeADMINpassword
-    dm_password: SomeDMpassword
-    distro: fedora-latest
-    cluster:
-      servers:
-        - name: ipaserver
diff --git a/tests/deployment/ipaserver_test_base.yml b/tests/deployment/ipaserver_test_base.yml
index 584df16fc..eeb627a9b 100644
--- a/tests/deployment/ipaserver_test_base.yml
+++ b/tests/deployment/ipaserver_test_base.yml
@@ -1,10 +1,9 @@
-lab_name: ipaserver_ca
+lab_name: ipaserver_test_base
 ipa_deployments:
-  - name: ipaserver_with_ca
+  - name: ipaserver_test_base
     domain: ipa.test
     admin_password: SomeADMINpassword
     dm_password: SomeDMpassword
-    distro: fedora-latest
     cluster:
       servers:
         - name: server