Use 'test.openqa.fedoraproject.org' not 'domain.local'

Using .local is apparently Bad Form because it's reserved for
mDNS. However there doesn't appear to be any particularly Good
Form for what to call a test domain you never want to exist
outside of a closed system, apparently. Sigh. Let's try this.
Includes a bump to disk_ks version because the kickstarts on
that image also need to have this change applied.

Signed-off-by: Adam Williamson <awilliam@redhat.com>
This commit is contained in:
Adam Williamson 2020-12-15 12:43:53 -08:00
parent 0de57180ee
commit 940848b628
12 changed files with 49 additions and 49 deletions

View File

@ -42,7 +42,7 @@ sub start_webui {
# https://bugzilla.redhat.com/show_bug.cgi?id=1439429
assert_script_run "sed -i -e 's,enable_xauth=1,enable_xauth=0,g' /usr/bin/startx";
disable_firefox_studies;
type_string "startx /usr/bin/firefox -width 1024 -height 768 https://ipa001.domain.local\n";
type_string "startx /usr/bin/firefox -width 1024 -height 768 https://ipa001.test.openqa.fedoraproject.org\n";
assert_screen ["freeipa_webui_login", $user_screen], 60;
wait_still_screen(stilltime=>5, similarity_level=>45);
# softfail on kerberos ticket bugs meaning we get auto-logged in

View File

@ -1140,7 +1140,7 @@
},
"settings": {
"GRUB": "inst.ks=hd:vdb1:/root-user-crypted-net.ks",
"HDD_2": "disk_ks_4.img",
"HDD_2": "disk_ks_5.img",
"KICKSTART": "1",
"NUMDISKS": "2",
"ROOT_PASSWORD": "111111",
@ -1557,7 +1557,7 @@
"fedora-Server-dvd-iso-x86_64-*-64bit": 40
},
"settings": {
"GRUB": "inst.vnc net.ifnames=0 biosdevname=0 ip=172.16.2.114::172.16.2.2:255.255.255.0:vnc001.domain.local:eth0:off",
"GRUB": "inst.vnc net.ifnames=0 biosdevname=0 ip=172.16.2.114::172.16.2.2:255.255.255.0:vnc001.test.openqa.fedoraproject.org:eth0:off",
"NICTYPE": "tap",
"VNC_SERVER": "1",
"WORKER_CLASS": "tap"
@ -1587,7 +1587,7 @@
"fedora-Server-dvd-iso-x86_64-*-64bit": 40
},
"settings": {
"GRUB": "inst.vnc inst.vncconnect=172.16.2.117:5500 net.ifnames=0 biosdevname=0 ip=172.16.2.116::172.16.2.2:255.255.255.0:vnc003.domain.local:eth0:off",
"GRUB": "inst.vnc inst.vncconnect=172.16.2.117:5500 net.ifnames=0 biosdevname=0 ip=172.16.2.116::172.16.2.2:255.255.255.0:vnc003.test.openqa.fedoraproject.org:eth0:off",
"INSTALL_UNLOCK": "vncconnect_client_ready",
"NICTYPE": "tap",
"PARALLEL_WITH": "install_vncconnect_client",
@ -1672,7 +1672,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "iot_zezere_server",
"POSTINSTALL": "iot_zezere_ignition",
"POST_STATIC": "172.16.2.119 zezere001.domain.local",
"POST_STATIC": "172.16.2.119 zezere001.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -1690,7 +1690,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "_iot_zezere_server _setup_browser _iot_zezere_remote",
"POST_STATIC": "172.16.2.118 zezere002.domain.local",
"POST_STATIC": "172.16.2.118 zezere002.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"TEST_TARGET": "NONE",
@ -1766,7 +1766,7 @@
"HDD_1": "disk_%FLAVOR%_%MACHINE%.qcow2",
"NICTYPE": "tap",
"POSTINSTALL": "podman",
"POST_STATIC": "172.16.2.114 podman001.domain.local",
"POST_STATIC": "172.16.2.114 podman001.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -1785,7 +1785,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "podman",
"POSTINSTALL": "_podman_client",
"POST_STATIC": "172.16.2.115 podclient001.domain.local",
"POST_STATIC": "172.16.2.115 podclient001.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -1805,7 +1805,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "server_role_deploy_domain_controller",
"POSTINSTALL": "realmd_join_cockpit freeipa_webui freeipa_password_change freeipa_client",
"POST_STATIC": "172.16.2.102 client002.domain.local",
"POST_STATIC": "172.16.2.102 client002.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"USER_LOGIN": "false",
"WORKER_CLASS": "tap"
@ -1823,7 +1823,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "server_role_deploy_domain_controller",
"POSTINSTALL": "realmd_join_sssd freeipa_client",
"POST_STATIC": "172.16.2.103 client003.domain.local",
"POST_STATIC": "172.16.2.103 client003.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -1912,7 +1912,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "server_role_deploy_database_server",
"POSTINSTALL": "database_client",
"POST_STATIC": "172.16.2.105 dbclient.domain.local",
"POST_STATIC": "172.16.2.105 dbclient.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -1961,7 +1961,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "server_freeipa_replication_replica",
"POSTINSTALL": "realmd_join_sssd freeipa_client",
"POST_STATIC": "172.16.2.108 client005.domain.local",
"POST_STATIC": "172.16.2.108 client005.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -1981,7 +1981,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "role_deploy_domain_controller role_deploy_domain_controller_check",
"POST_STATIC": "172.16.2.106 ipa002.domain.local",
"POST_STATIC": "172.16.2.106 ipa002.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -2002,7 +2002,7 @@
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"PARALLEL_WITH": "server_freeipa_replication_master",
"POSTINSTALL": "realmd_join_sssd",
"POST_STATIC": "172.16.2.107 ipa003.domain.local",
"POST_STATIC": "172.16.2.107 ipa003.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -2017,7 +2017,7 @@
},
"settings": {
"GRUB": "inst.ks=hd:vdb1:/freeipaclient.ks",
"HDD_2": "disk_ks_4.img",
"HDD_2": "disk_ks_5.img",
"INSTALL_UNLOCK": "freeipa_ready",
"KICKSTART": "1",
"NICTYPE": "tap",
@ -2041,7 +2041,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "server_remote_logging_server",
"POSTINSTALL": "server_remote_logging_client",
"POST_STATIC": "172.16.2.113 rsyslogclient.domain.local",
"POST_STATIC": "172.16.2.113 rsyslogclient.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -2060,7 +2060,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "server_remote_logging_server",
"POST_STATIC": "172.16.2.112 rsyslogserver.domain.local",
"POST_STATIC": "172.16.2.112 rsyslogserver.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -2079,7 +2079,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "role_deploy_database_server",
"POST_STATIC": "172.16.2.104 db.domain.local",
"POST_STATIC": "172.16.2.104 db.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -2098,7 +2098,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "role_deploy_domain_controller role_deploy_domain_controller_check",
"POST_STATIC": "172.16.2.100 ipa001.domain.local",
"POST_STATIC": "172.16.2.100 ipa001.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
"USER_LOGIN": "false",
@ -2121,7 +2121,7 @@
"NUMDISKS": "2",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "_support_server",
"POST_STATIC": "172.16.2.110 support.domain.local",
"POST_STATIC": "172.16.2.110 support.test.openqa.fedoraproject.org",
"ROOT_PASSWORD": "weakpassword",
"TEST_TARGET": "NONE",
"USER_LOGIN": "false",
@ -2213,7 +2213,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "upgrade_2_server_domain_controller",
"POSTINSTALL": "_setup_browser freeipa_webui freeipa_password_change freeipa_client",
"POST_STATIC": "172.16.2.103 client003.domain.local",
"POST_STATIC": "172.16.2.103 client003.test.openqa.fedoraproject.org",
"PREUPGRADE": "realmd_join_sssd",
"ROOT_PASSWORD": "weakpassword",
"TEST_TARGET": "COMPOSE",
@ -2249,7 +2249,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "role_deploy_domain_controller_check",
"POST_STATIC": "172.16.2.100 ipa001.domain.local",
"POST_STATIC": "172.16.2.100 ipa001.test.openqa.fedoraproject.org",
"PREUPGRADE": "role_deploy_domain_controller",
"ROOT_PASSWORD": "weakpassword",
"TEST_TARGET": "COMPOSE",
@ -2344,7 +2344,7 @@
"NICTYPE": "tap",
"PARALLEL_WITH": "upgrade_server_domain_controller",
"POSTINSTALL": "_setup_browser freeipa_webui freeipa_password_change freeipa_client",
"POST_STATIC": "172.16.2.103 client003.domain.local",
"POST_STATIC": "172.16.2.103 client003.test.openqa.fedoraproject.org",
"PREUPGRADE": "realmd_join_sssd",
"ROOT_PASSWORD": "weakpassword",
"TEST_TARGET": "COMPOSE",
@ -2381,7 +2381,7 @@
"NICTYPE": "tap",
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
"POSTINSTALL": "role_deploy_domain_controller_check",
"POST_STATIC": "172.16.2.100 ipa001.domain.local",
"POST_STATIC": "172.16.2.100 ipa001.test.openqa.fedoraproject.org",
"PREUPGRADE": "role_deploy_domain_controller",
"ROOT_PASSWORD": "weakpassword",
"TEST_TARGET": "COMPOSE",

View File

@ -21,7 +21,7 @@ sub run {
assert_script_run "zezere-manage loaddata fedora_iot_runreqs";
assert_script_run "zezere-manage loaddata fedora_installed";
# create admin user
assert_script_run 'zezere-manage createsuperuser --username admin --email zezere@domain.local --no-input';
assert_script_run 'zezere-manage createsuperuser --username admin --email zezere@test.openqa.fedoraproject.org --no-input';
# set admin password (can't find a non-interactive way sadly)
type_string "zezere-manage changepassword admin\n";
sleep 2;

View File

@ -103,7 +103,7 @@ sub run {
}
## DNS / DHCP (dnsmasq)
# create config
assert_script_run "printf 'domain=domain.local\ndhcp-range=172.16.2.150,172.16.2.199\ndhcp-option=option:router,172.16.2.2\n' > /etc/dnsmasq.conf";
assert_script_run "printf 'domain=test.openqa.fedoraproject.org\ndhcp-range=172.16.2.150,172.16.2.199\ndhcp-option=option:router,172.16.2.2\n' > /etc/dnsmasq.conf";
# do PXE setup if this is not an update test
_pxe_setup() unless (get_var("ADVISORY_OR_TASK"));
# open firewall ports

View File

@ -8,7 +8,7 @@ sub run {
my $self = shift;
boot_to_login_screen(timeout => 300);
$self->root_console(tty=>3);
setup_tap_static('172.16.2.115', 'vnc002.domain.local');
setup_tap_static('172.16.2.115', 'vnc002.test.openqa.fedoraproject.org');
# test test: check if we can see the server
assert_script_run "ping -c 2 172.16.2.114";
desktop_vt;

View File

@ -8,7 +8,7 @@ sub run {
my $self = shift;
boot_to_login_screen(timeout => 300);
$self->root_console(tty=>3);
setup_tap_static('172.16.2.117', 'vnc004.domain.local');
setup_tap_static('172.16.2.117', 'vnc004.test.openqa.fedoraproject.org');
# install tigervnc (Boxes doesn't do reverse VNC)
assert_script_run "dnf -y install tigervnc", 180;
# take down the firewall

View File

@ -11,28 +11,28 @@ sub run {
send_key "ctrl-alt-f1";
wait_still_screen 1;
# check domain is listed in 'realm list'
validate_script_output 'realm list', sub { $_ =~ m/domain-name: domain\.local.*configured: kerberos-member/s };
validate_script_output 'realm list', sub { $_ =~ m/domain-name: test\.openqa\.fedoraproject\.org.*configured: kerberos-member/s };
# check we can see the admin user in getent
assert_script_run 'getent passwd admin@DOMAIN.LOCAL';
assert_script_run 'getent passwd admin@TEST.OPENQA.FEDORAPROJECT.ORG';
# check keytab entries
my $hostname = script_output 'hostname';
my $qhost = quotemeta($hostname);
validate_script_output 'klist -k', sub { $_ =~ m/$qhost\@DOMAIN\.LOCAL/ };
validate_script_output 'klist -k', sub { $_ =~ m/$qhost\@TEST\.OPENQA\.FEDORAPROJECT\.ORG/ };
# check we can kinit with the host principal
assert_script_run "kinit -k host/$hostname\@DOMAIN.LOCAL";
assert_script_run "kinit -k host/$hostname\@TEST.OPENQA.FEDORAPROJECT.ORG";
# Set a longer timeout for login(1) to workaround RHBZ #1661273
assert_script_run 'echo "LOGIN_TIMEOUT 180" >> /etc/login.defs';
# switch to tty2 for login tests
send_key "ctrl-alt-f2";
# try and login as test1, should work
console_login(user=>'test1@DOMAIN.LOCAL', password=>'batterystaple');
console_login(user=>'test1@TEST.OPENQA.FEDORAPROJECT.ORG', password=>'batterystaple');
type_string "exit\n";
# try and login as test2, should fail. we cannot use console_login
# as it takes 10 seconds to complete when login fails, and
# "permission denied" message doesn't last that long
sleep 2;
assert_screen "text_console_login";
type_string "test2\@DOMAIN.LOCAL\n";
type_string "test2\@TEST.OPENQA.FEDORAPROJECT.ORG\n";
assert_screen "console_password_required";
type_string "batterystaple\n";
assert_screen "login_permission_denied";

View File

@ -10,7 +10,7 @@ sub run {
# check whether test3 exists, i.e. whether freeipa_webui at
# least managed to create it. if not, we may as well just
# die now, this test cannot work.
assert_script_run 'getent passwd test3@DOMAIN.LOCAL';
assert_script_run 'getent passwd test3@TEST.OPENQA.FEDORAPROJECT.ORG';
# clear browser data so we don't go back to the 'admin' login
assert_script_run 'rm -rf /root/.mozilla';
# clear kerberos ticket so we don't auto-auth as 'test4'

View File

@ -48,19 +48,19 @@ sub run {
assert_screen "root_console";
wait_still_screen 5;
# set permanent passwords for both accounts
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test3@DOMAIN.LOCAL';
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test4@DOMAIN.LOCAL';
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test3@TEST.OPENQA.FEDORAPROJECT.ORG';
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test4@TEST.OPENQA.FEDORAPROJECT.ORG';
# switch to tty4 (boy, the tty jugglin')
send_key "ctrl-alt-f4";
# try and login as test3, should work
console_login(user=>'test3@DOMAIN.LOCAL', password=>'batterystaple');
console_login(user=>'test3@TEST.OPENQA.FEDORAPROJECT.ORG', password=>'batterystaple');
type_string "exit\n";
# try and login as test4, should fail. we cannot use console_login
# as it takes 10 seconds to complete when login fails, and
# "permission denied" message doesn't last that long
sleep 2;
assert_screen "text_console_login";
type_string "test4\@DOMAIN.LOCAL\n";
type_string "test4\@TEST.OPENQA.FEDORAPROJECT.ORG\n";
assert_screen "console_password_required";
type_string "batterystaple\n";
assert_screen "login_permission_denied";

View File

@ -10,7 +10,7 @@ sub run {
my $self = shift;
# use FreeIPA server as DNS server
bypass_1691487;
assert_script_run "printf 'search domain.local\nnameserver 172.16.2.100' > /etc/resolv.conf";
assert_script_run "printf 'search test.openqa.fedoraproject.org\nnameserver 172.16.2.100' > /etc/resolv.conf";
# this gets us the name of the first connection in the list,
# which should be what we want
my $connection = script_output "nmcli --fields NAME con show | head -2 | tail -1";
@ -50,7 +50,7 @@ sub run {
# cockpit 232: https://github.com/cockpit-project/cockpit/issues/14895
my $tabs = $cockpitver > 231 ? "\t\t\t" : "\t";
type_string($tabs, 4);
type_string("ipa001.domain.local", 4);
type_string("ipa001.test.openqa.fedoraproject.org", 4);
type_string("\t\t", 4);
type_string("admin", 4);
send_key "tab";

View File

@ -9,15 +9,15 @@ use utils;
sub run {
my $self=shift;
# use FreeIPA server or replica as DNS server
my $server = 'ipa001.domain.local';
my $server = 'ipa001.test.openqa.fedoraproject.org';
my $server_ip = '172.16.2.100';
my $server_mutex = 'freeipa_ready';
if (get_var("FREEIPA_REPLICA")) {
$server = 'ipa002.domain.local';
$server = 'ipa002.test.openqa.fedoraproject.org';
$server_ip = '172.16.2.106';
}
if (get_var("FREEIPA_REPLICA_CLIENT")) {
$server = 'ipa003.domain.local';
$server = 'ipa003.test.openqa.fedoraproject.org';
$server_ip = '172.16.2.107';
$server_mutex = 'replica_ready';
}

View File

@ -38,7 +38,7 @@ sub run {
}
assert_script_run "systemctl restart firewalld.service";
# deploy the server
my $args = "-U --auto-forwarders --realm=DOMAIN.LOCAL --domain=domain.local --ds-password=monkeys123 --admin-password=monkeys123 --setup-dns --reverse-zone=2.16.172.in-addr.arpa --allow-zone-overlap";
my $args = "-U --auto-forwarders --realm=TEST.OPENQA.FEDORAPROJECT.ORG --domain=test.openqa.fedoraproject.org --ds-password=monkeys123 --admin-password=monkeys123 --setup-dns --reverse-zone=2.16.172.in-addr.arpa --allow-zone-overlap";
assert_script_run "ipa-server-install $args", 1200;
# enable and start the systemd service
assert_script_run "systemctl enable ipa.service";
@ -47,7 +47,7 @@ sub run {
# kinit as admin
assert_script_run 'echo "monkeys123" | kinit admin';
# set up an OTP for client001 enrolment (it will enrol with a kickstart)
assert_script_run 'ipa host-add client001.domain.local --password=monkeys --force';
assert_script_run 'ipa host-add client001.test.openqa.fedoraproject.org --password=monkeys --force';
# create two user accounts, test1 and test2
assert_script_run 'echo "correcthorse" | ipa user-add test1 --first test --last one --password';
assert_script_run 'echo "correcthorse" | ipa user-add test2 --first test --last two --password';
@ -61,10 +61,10 @@ sub run {
assert_script_run 'ipa pwpolicy-mod --minlife=0';
# magic voodoo crap to allow reverse DNS client sync to work
# https://docs.pagure.org/bind-dyndb-ldap/BIND9/SyncPTR.html
assert_script_run 'ipa dnszone-mod domain.local. --allow-sync-ptr=TRUE';
assert_script_run 'ipa dnszone-mod test.openqa.fedoraproject.org. --allow-sync-ptr=TRUE';
# kinit as each user and set a new password
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test1@DOMAIN.LOCAL';
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test2@DOMAIN.LOCAL';
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test1@TEST.OPENQA.FEDORAPROJECT.ORG';
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test2@TEST.OPENQA.FEDORAPROJECT.ORG';
# we're ready for children to enrol, now
mutex_create("freeipa_ready");
# if upgrade test, wait for children to enrol before upgrade