OSG 3.3 purge: drop VOMS-Admin tests

Author: matyasselmeci

files/test_sequence

@@ -19,7 +19,6 @@ test_200_voms
 test_220_myproxy
 test_230_gratia
 test_240_tomcat
-test_250_voms_admin
 test_280_gsiopenssh
 test_290_slurm
 test_300_misc

osgtest/library/voms.py

@@ -27,43 +27,25 @@ def _get_sqlloc():
     return voms_mysql_so_path
 
 
-def create_vo(vo, dbusername='voms_osgtest', dbpassword='secret', vomscert='/etc/grid-security/voms/vomscert.pem', vomskey='/etc/grid-security/voms/vomskey.pem', use_voms_admin=False):
-    """Create the given VO using either voms-admin or the voms_install_db script that comes with voms-server. A new
+def create_vo(vo, dbusername='voms_osgtest', dbpassword='secret', vomscert='/etc/grid-security/voms/vomscert.pem', vomskey='/etc/grid-security/voms/vomskey.pem'):
+    """Create the given VO using the voms_install_db script that comes with voms-server. A new
     database user with the given username/password is created with access to the VO database.
     """
-    if use_voms_admin:
-        command = ('voms-admin-configure', 'install',
-                   '--vo', vo,
-                   '--dbtype', 'mysql', '--createdb', '--deploy-database',
-                   '--dbauser', 'root', '--dbapwd', '', '--dbport', '3306',
-                   '--dbusername', dbusername, '--dbpassword', dbpassword,
-                   '--port', '15151', '--sqlloc', _get_sqlloc(),
-                   '--mail-from', 'root@localhost', '--smtp-host', 'localhost',
-                   '--cert', vomscert,
-                   '--key', vomskey,
-                   '--read-access-for-authenticated-clients')
-
-        stdout, _, fail = core.check_system(command, 'Configure VOMS Admin')
-        good_message = 'VO %s installation finished' % vo
-        assert good_message in stdout, fail
-
-    else:
-
-        mysql.execute("CREATE USER '%(dbusername)s'@'localhost';" % locals())
-
-        command = ['/usr/share/voms/voms_install_db',
-                   '--voms-vo=' + vo,
-                   '--port=15151',
-                   '--db-type=mysql',
-                   '--db-admin=root',
-                   '--voms-name=' + dbusername,
-                   '--voms-pwd=' + dbpassword,
-                   '--sqlloc=' + _get_sqlloc(),
-                   '--vomscert=' + vomscert,
-                   '--vomskey=' + vomskey,
-                   ]
-
-        core.check_system(command, 'Create VO')
+    mysql.execute("CREATE USER '%(dbusername)s'@'localhost';" % locals())
+
+    command = ['/usr/share/voms/voms_install_db',
+               '--voms-vo=' + vo,
+               '--port=15151',
+               '--db-type=mysql',
+               '--db-admin=root',
+               '--voms-name=' + dbusername,
+               '--voms-pwd=' + dbpassword,
+               '--sqlloc=' + _get_sqlloc(),
+               '--vomscert=' + vomscert,
+               '--vomskey=' + vomskey,
+               ]
+
+    core.check_system(command, 'Create VO')
 
 
 def advertise_lsc(vo, hostcert='/etc/grid-security/hostcert.pem'):
@@ -89,33 +71,25 @@ def advertise_vomses(vo, hostcert='/etc/grid-security/hostcert.pem'):
     files.write(vomses_path, contents, backup=False, chmod=0o644)
 
 
-def add_user(vo, usercert, use_voms_admin=False):
-    """Add the user identified by the given cert to the specified VO. May use voms-admin or direct MySQL statements.
+def add_user(vo, usercert):
+    """Add the user identified by the given cert to the specified VO. Uses direct MySQL statements instead of voms-admin.
     The CA cert that issued the user cert must already be in the database's 'ca' table - this happens automatically if
     the CA cert is in /etc/grid-security/certificates when the VOMS database is created.
     """
     usercert_dn, usercert_issuer = cagen.certificate_info(usercert)
-    if use_voms_admin:
-        hostname = socket.getfqdn()
-
-        command = ('voms-admin', '--vo', core.config['voms.vo'], '--host', hostname, '--nousercert', 'create-user',
-               usercert_dn, usercert_issuer, 'OSG Test User', 'root@localhost')
-        core.check_system(command, 'Add VO user')
-
-    else:
-        dbname = 'voms_' + vo
+    dbname = 'voms_' + vo
 
-        # Find the index in the "ca" table ("cid") for the OSG Test CA that gets created by voms_install_db.
-        output, _, _, = mysql.check_execute(r'''SELECT cid FROM ca WHERE ca='%(usercert_issuer)s';''' % locals(),
-                                            'Get ID of user cert issuer from database', dbname)
-        output = output.strip()
-        assert output, "User cert issuer not found in database"
-        ca = int(output)
+    # Find the index in the "ca" table ("cid") for the OSG Test CA that gets created by voms_install_db.
+    output, _, _, = mysql.check_execute(r'''SELECT cid FROM ca WHERE ca='%(usercert_issuer)s';''' % locals(),
+                                        'Get ID of user cert issuer from database', dbname)
+    output = output.strip()
+    assert output, "User cert issuer not found in database"
+    ca = int(output)
 
-        mysql.check_execute(r'''
-            INSERT INTO `usr` VALUES (1,'%(usercert_dn)s',%(ca)d,NULL,'root@localhost',NULL);
-            INSERT INTO `m` VALUES (1,1,1,NULL,NULL);''' % locals(),
-            'Add VO user', dbname)
+    mysql.check_execute(r'''
+        INSERT INTO `usr` VALUES (1,'%(usercert_dn)s',%(ca)d,NULL,'root@localhost',NULL);
+        INSERT INTO `m` VALUES (1,1,1,NULL,NULL);''' % locals(),
+        'Add VO user', dbname)
 
 
 def destroy_lsc(vo):
@@ -148,12 +122,6 @@ def is_installed():
         if not core.dependency_is_installed(dep):
             return False
 
-    # TODO: drop this check when 3.3 is completely EOL
-    if core.el_release() >= 7:
-        if core.PackageVersion('voms-server') < '2.0.12-3.2':
-            core.log_message("voms-server installed but too old (missing SOFTWARE-2357 fix)")
-            return False
-
     return True
 
 

osgtest/tests/test_200_voms.py

@@ -4,15 +4,12 @@
 import osgtest.library.core as core
 import osgtest.library.files as files
 import osgtest.library.service as service
-import osgtest.library.tomcat as tomcat
 import osgtest.library.voms as voms
 import osgtest.library.osgunittest as osgunittest
 
 class TestStartVOMS(osgunittest.OSGTestCase):
 
     def test_01_config_certs(self):
-        core.config['certs.httpcert'] = '/etc/grid-security/http/httpcert.pem'
-        core.config['certs.httpkey'] = '/etc/grid-security/http/httpkey.pem'
         core.config['certs.vomscert'] = '/etc/grid-security/voms/vomscert.pem'
         core.config['certs.vomskey'] = '/etc/grid-security/voms/vomskey.pem'
 
@@ -26,23 +23,9 @@ def test_02_install_voms_certs(self):
         core.install_cert('certs.vomscert', 'certs.hostcert', 'voms', 0o644)
         core.install_cert('certs.vomskey', 'certs.hostkey', 'voms', 0o400)
 
-    def test_03_install_http_certs(self):
-        core.skip_ok_unless_installed('voms-admin-server')
-        httpcert = core.config['certs.httpcert']
-        httpkey = core.config['certs.httpkey']
-        self.skip_ok_if(core.check_file_and_perms(httpcert, 'tomcat', 0o644) and
-                        core.check_file_and_perms(httpkey, 'tomcat', 0o400),
-                        'HTTP cert exists and has proper permissions')
-        core.install_cert('certs.httpcert', 'certs.hostcert', 'tomcat', 0o644)
-        core.install_cert('certs.httpkey', 'certs.hostkey', 'tomcat', 0o400)
-
     def test_04_config_voms(self):
         core.config['voms.vo'] = 'osgtestvo'
         core.config['voms.lock-file'] = '/var/lock/subsys/voms.osgtestvo'
-        core.config['voms.vo-webapp'] = os.path.join(
-            tomcat.datadir(), "conf/Catalina/localhost/voms#osgtestvo.xml")
-        core.config['voms.webapp-log'] = os.path.join(
-            tomcat.logdir(), 'voms-admin-osgtestvo.log')
         # The DB created by voms-admin would have the user 'admin-osgtestvo',
         # but the voms_install_db script provided by voms-server does not
         # like usernames with '-' in them.
@@ -51,41 +34,11 @@ def test_04_config_voms(self):
     def test_05_create_vo(self):
         voms.skip_ok_unless_installed()
 
-        use_voms_admin = core.rpm_is_installed('voms-admin-server')
         voms.create_vo(vo=core.config['voms.vo'],
                        dbusername=core.config['voms.dbusername'],
                        dbpassword='secret',
                        vomscert=core.config['certs.vomscert'],
-                       vomskey=core.config['certs.vomskey'],
-                       use_voms_admin=use_voms_admin)
-
-    def test_06_add_local_admin(self):
-        core.skip_ok_unless_installed('voms-admin-server', 'voms-mysql-plugin')
-        host_dn, host_issuer = \
-            cagen.certificate_info(core.config['certs.hostcert'])
-        command = ('voms-db-deploy.py', 'add-admin',
-                   '--vo', core.config['voms.vo'],
-                   '--dn', host_dn, '--ca', host_issuer)
-        core.check_system(command, 'Add VO admin')
-
-    def test_07_config_va_properties(self):
-        core.skip_ok_unless_installed('voms-admin-server')
-
-        path = os.path.join('/etc/voms-admin', core.config['voms.vo'],
-                            'voms.service.properties')
-        contents = files.read(path)
-
-        had_csrf_line = False
-        for line in contents:
-            if 'voms.csrf.log_only' in line:
-                line = 'voms.csrf.log_only = true\n'
-                had_csrf_line = True
-            elif line[-1] != '\n':
-                line = line + '\n'
-        if not had_csrf_line:
-            contents += 'voms.csrf.log_only = true\n'
-
-        files.write(path, contents, backup=False)
+                       vomskey=core.config['certs.vomskey'])
 
     def test_08_advertise(self):
         voms.skip_ok_unless_installed()
@@ -111,11 +64,3 @@ def test_09_start_voms(self):
         service.check_start(core.config['voms_service'])
 
         core.state['voms.started-server'] = True
-
-    def test_10_install_vo_webapp(self):
-        core.state['voms.installed-vo-webapp'] = False
-        core.skip_ok_unless_installed('voms-admin-server')
-        self.skip_ok_if(os.path.exists(core.config['voms.vo-webapp']), 'apparently installed')
-
-        service.check_start('voms-admin')
-        core.state['voms.installed-vo-webapp'] = True

osgtest/tests/test_250_voms_admin.py

@@ -24,12 +24,7 @@ def test_01_add_user(self):
         pwd_entry = pwd.getpwnam(core.options.username)
         cert_path = os.path.join(pwd_entry.pw_dir, '.globus', 'usercert.pem')
 
-        use_voms_admin = False
-        if core.rpm_is_installed('voms-admin-server') and core.rpm_is_installed('voms-admin-client'):
-            self.skip_bad_unless(core.state['tomcat.started'])
-            use_voms_admin = True
-
-        voms.add_user(core.config['voms.vo'], cert_path, use_voms_admin)
+        voms.add_user(core.config['voms.vo'], cert_path)
 
         core.state['voms.added-user'] = True
 

osgtest/tests/test_407_voms.py

@@ -25,15 +25,6 @@ def test_02_restore_vomses(self):
     def test_03_remove_vo(self):
         voms.skip_ok_unless_installed()
 
-        if core.rpm_is_installed('voms-admin-server'):
-            # Ask VOMS Admin to remove VO
-            command = ('voms-admin-configure', 'remove',
-                       '--vo', core.config['voms.vo'],
-                       '--undeploy-database')
-            stdout, _, fail = core.check_system(command, 'Remove VO')
-            self.assert_('Database undeployed correctly!' in stdout, fail)
-            self.assert_(' succesfully removed.' in stdout, fail)
-
         # Really remove database -- the voms-admin-configure command above does
         # not actually destroy the mysql database.
         voms.destroy_db(core.config['voms.vo'], core.config['voms.dbusername'])
@@ -45,6 +36,4 @@ def test_04_remove_certs(self):
         # Do the keys first, so that the directories will be empty for the certs.
         core.remove_cert('certs.vomskey')
         core.remove_cert('certs.vomscert')
-        core.remove_cert('certs.httpkey')
-        core.remove_cert('certs.httpcert')
         core.state['voms.removed-certs'] = True