Tests: Remove gen_cert util
#14449
Merged
Tests: Remove gen_cert util
#14449
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Please don't keep us in suspense, what was it? :) |
ah ok will read those :) |
tomponline
previously approved these changes
Nov 12, 2024
|
Hmmm test failures. Weird because the auth tests passed locally. Will look into it. |
This test was unnecessarily moving certificates around to test that a server administrator can create and edit certificates. This is simplified by using a separate LXD_CONF directory. Additionally, now use `gen_cert_and_key` instead of `gen_cert`. Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Mark Laing <[email protected]>
Signed-off-by: Mark Laing <[email protected]>
This util did not specify the `--auth-type` flag when adding the dummy remote. This caused issues if another LXD is running on the host machine while listening on :8443 with OIDC configured. The `remote add` command would fail and get the OIDC headers, then attempt to start the device authorization grant flow with the IdP configured on the other LXD. With `BROWSER=curl` set for use with the `mini-oidc` test util, it was causing `lxc` to attempt to curl the code verification page. Since we have a simpler and more efficient equivalent in `gen_cert_and_key`, I've opted to remove it instead of setting the `--auth-type` flag to avoid this behaviour. Signed-off-by: Mark Laing <[email protected]>
markylaing
force-pushed
the
test-gen-cert
branch
from
a679840
to
84896c2
Compare
Should be sorted now. The value of |
tomponline
approved these changes
Nov 12, 2024
hamistao
pushed a commit
to hamistao/lxd
that referenced
this pull request
Nov 12, 2024
The `gen_cert` util had a weird side-effect if I was concurrently running a LXD snap with OIDC configured. (I realise that there can be some test failures when doing this related to networks etc. but I do it regularly when running a single suite as I'm often using the snapped LXD for something else). I've put more details in the commit messages. Additionally simplifies the `user_is_server_admin` function in the fine-grained auth tests. Signed-off-by: hamistao <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The
gen_certutil had a weird side-effect if I was concurrently running a LXD snap with OIDC configured. (I realise that there can be some test failures when doing this related to networks etc. but I do it regularly when running a single suite as I'm often using the snapped LXD for something else). I've put more details in the commit messages.Additionally simplifies the
user_is_server_adminfunction in the fine-grained auth tests.