force delete Kerberos test principals
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/push Build is passing
Details
This commit is contained in:
parent
862dfc01b2
commit
7142659a8c
|
@ -1,6 +1,7 @@
|
||||||
import os
|
import os
|
||||||
import shutil
|
import shutil
|
||||||
import subprocess
|
import subprocess
|
||||||
|
from typing import List
|
||||||
|
|
||||||
from zope import component
|
from zope import component
|
||||||
from zope.interface import implementer
|
from zope.interface import implementer
|
||||||
|
@ -50,31 +51,34 @@ class KerberosService:
|
||||||
if princ is not None:
|
if princ is not None:
|
||||||
lib.krb5_free_principal(k_ctx, princ)
|
lib.krb5_free_principal(k_ctx, princ)
|
||||||
|
|
||||||
|
def _run(self, args: List[str]):
|
||||||
|
subprocess.run(args, check=True)
|
||||||
|
|
||||||
def addprinc(self, principal: str, password: str):
|
def addprinc(self, principal: str, password: str):
|
||||||
subprocess.run([
|
self._run([
|
||||||
'kadmin', '-k', '-p', self.admin_principal, 'addprinc',
|
'kadmin', '-k', '-p', self.admin_principal, 'addprinc',
|
||||||
'-pw', password,
|
'-pw', password,
|
||||||
'-policy', 'default',
|
'-policy', 'default',
|
||||||
'+needchange',
|
'+needchange',
|
||||||
'+requires_preauth',
|
'+requires_preauth',
|
||||||
principal
|
principal
|
||||||
], check=True)
|
])
|
||||||
|
|
||||||
def delprinc(self, principal: str):
|
def delprinc(self, principal: str):
|
||||||
subprocess.run([
|
self._run([
|
||||||
'kadmin', '-k', '-p', self.admin_principal, 'delprinc',
|
'kadmin', '-k', '-p', self.admin_principal, 'delprinc',
|
||||||
'-force',
|
'-force',
|
||||||
principal
|
principal
|
||||||
], check=True)
|
])
|
||||||
|
|
||||||
def change_password(self, principal: str, password: str):
|
def change_password(self, principal: str, password: str):
|
||||||
subprocess.run([
|
self._run([
|
||||||
'kadmin', '-k', '-p', self.admin_principal, 'cpw',
|
'kadmin', '-k', '-p', self.admin_principal, 'cpw',
|
||||||
'-pw', password,
|
'-pw', password,
|
||||||
principal
|
principal
|
||||||
], check=True)
|
])
|
||||||
subprocess.run([
|
self._run([
|
||||||
'kadmin', '-k', '-p', self.admin_principal, 'modprinc',
|
'kadmin', '-k', '-p', self.admin_principal, 'modprinc',
|
||||||
'+needchange',
|
'+needchange',
|
||||||
principal
|
principal
|
||||||
], check=True)
|
])
|
||||||
|
|
|
@ -47,6 +47,17 @@ def cfg(_drone_hostname_mock):
|
||||||
return _cfg
|
return _cfg
|
||||||
|
|
||||||
|
|
||||||
|
def delete_test_princs(krb_srv):
|
||||||
|
proc = subprocess.run([
|
||||||
|
'kadmin', '-k', '-p', krb_srv.admin_principal, 'listprincs', 'test_*',
|
||||||
|
], text=True, capture_output=True, check=True)
|
||||||
|
princs = [line.strip() for line in proc.stdout.splitlines()]
|
||||||
|
# remove the password prompt
|
||||||
|
princs = princs[1:]
|
||||||
|
for princ in princs:
|
||||||
|
krb_srv.delprinc(princ)
|
||||||
|
|
||||||
|
|
||||||
@pytest.fixture(scope='session')
|
@pytest.fixture(scope='session')
|
||||||
def krb_srv(cfg):
|
def krb_srv(cfg):
|
||||||
# TODO: create temporary Kerberos database using kdb5_util.
|
# TODO: create temporary Kerberos database using kdb5_util.
|
||||||
|
@ -60,7 +71,10 @@ def krb_srv(cfg):
|
||||||
cache_dir = cfg.get('ceod_krb5_cache_dir')
|
cache_dir = cfg.get('ceod_krb5_cache_dir')
|
||||||
krb = KerberosService(principal)
|
krb = KerberosService(principal)
|
||||||
component.provideUtility(krb, IKerberosService)
|
component.provideUtility(krb, IKerberosService)
|
||||||
|
|
||||||
|
delete_test_princs(krb)
|
||||||
yield krb
|
yield krb
|
||||||
|
delete_test_princs(krb)
|
||||||
shutil.rmtree(cache_dir)
|
shutil.rmtree(cache_dir)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue