Fix tests such to disable legacy fqan encoding

italiangrid · Jan 12, 2024 · 9f0cb03 · 9f0cb03
1 parent 8c6778d
commit 9f0cb03
Show file tree

Hide file tree

Showing 6 changed files with 31 additions and 17 deletions.
diff --git a/.github/workflows/iam-dev.ci.yml b/.github/workflows/iam-dev.ci.yml
@@ -18,7 +18,7 @@ jobs:
     continue-on-error: true
 
     env:
-      ROBOT_OPTIONS: --variable vo1:test.vo --variable vo1_host:voms-dev.cloud.cnaf.infn.it --variable vo1_issuer:'/DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/CN=voms-dev.cloud.cnaf.infn.it' --variable vo2:vo.1 --variable vo2_host:voms.test.example --variable vo2_issuer:/C=IT/O=IGI/CN=*.test.example
+      ROBOT_OPTIONS: --variable vo1:test.vo --variable vo1_host:voms-dev.cloud.cnaf.infn.it --variable vo1_issuer:'/DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/CN=voms-dev.cloud.cnaf.infn.it' --variable vo1_legacy_fqan_enabled:False --variable vo2:vo.1 --variable vo2_host:voms.test.example --variable vo2_issuer:/C=IT/O=IGI/CN=*.test.example
 
     steps:
     - name: Checkout

diff --git a/lib/variables.robot b/lib/variables.robot
@@ -9,10 +9,12 @@ ${vo1_host}  vgrid02.cnaf.infn.it
 ${vo2_host}  vgrid02.cnaf.infn.it
 ${vo1_issuer}  /DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/CN=vgrid02.cnaf.infn.it
 ${vo2_issuer}  /DC=org/DC=terena/DC=tcs/C=IT/ST=Roma/O=Istituto Nazionale di Fisica Nucleare/CN=vgrid02.cnaf.infn.it
+${vo1_legacy_fqan_enabled}   True
+${vo2_legacy_fqan_enabled}   True
 ${vo1CorePort}  15001
 
 ${myproxy_server}  omii001.cnaf.infn.it
 ${myProxyPassPhrase}   123456
 ${srmEndpoint}   srm://omii005-vm03.cnaf.infn.it:8444/testers.eu-emi.eu
 
-${client_version}  3
+${client_version}  3
diff --git a/tests/clients/info/tests.robot b/tests/clients/info/tests.robot
@@ -54,8 +54,10 @@ See if a voms proxy has the right attributes
   Should Match Regexp  ${output}  subject\\s+:\\s+/C=IT/O=IGI/CN=test0/
   ${vo1_issuer_escaped} =  Regexp Escape  ${vo1_issuer}  
   Should Match Regexp  ${output}  issuer\\s+:\\s+${vo1_issuer_escaped}
-  Should Match Regexp  ${output}  attribute\\s+:\\s+/${vo1}/Role=NULL/Capability=NULL
-  Should Match Regexp  ${output}  attribute\\s+:\\s+/${vo1}/G1/Role=NULL/Capability=NULL
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True   attribute\\s+:\\s+/${vo1}/Role=NULL/Capability=NULL   attribute\\s+:\\s+/${vo1}
+  Should Match Regexp  ${output}  ${expected}
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True  attribute\\s+:\\s+/${vo1}/G1/Role=NULL/Capability=NULL   attribute\\s+:\\s+/${vo1}/G1
+  Should Match Regexp  ${output}  ${expected}
   Should Match Regexp  ${output}  timeleft\\s+:\\s+\\d+:\\d+:\\d+
   Should Match Regexp  ${output}  uri\\s+:\\s+${vo1_host}:\\d+
   [Teardown]  Stop using certificate
@@ -129,7 +131,7 @@ See if voms-proxy-info -fqan works
   Create voms proxy
   ${output}   Get proxy info  -fqan
   Log  ${output}
-  ${expected}   Set Variable  /${vo1}/Role=NULL/Capability=NULL\n/${vo1}/G1/Role=NULL/Capability=NULL\n/${vo1}/G2/Role=NULL/Capability=NULL\n/${vo1}/G2/G3/Role=NULL/Capability=NULL
+  ${expected}   Set Variable If  ${vo1_legacy_fqan_enabled} == True   /${vo1}/Role=NULL/Capability=NULL\n/${vo1}/G1/Role=NULL/Capability=NULL\n/${vo1}/G2/Role=NULL/Capability=NULL\n/${vo1}/G2/G3/Role=NULL/Capability=NULL   /${vo1}\n/${vo1}/G1\n/${vo1}/G2\n/${vo1}/G2/G3
   Log  ${expected}
   Should Be Equal As Strings  ${output}  ${expected}
   [Teardown]  Stop using certificate

diff --git a/tests/clients/init/delegation.robot b/tests/clients/init/delegation.robot
@@ -12,7 +12,8 @@ See if voms-proxy-init -noregen work as expected
   ${proxySubject}   Get proxy info   --subject
   ${certSubject}   Get named certificate subject   test0
   Should Match Regexp   ${proxySubject}   ${certSubject}/CN=[0-9]+/CN=[0-9]+
-  Should Contain   ${fqans}   /${vo1}/Role=NULL/Capability=NULL
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True  /${vo1}/Role=NULL/Capability=NULL   /${vo1}
+  Should Contain   ${fqans}   ${expected}
   [Teardown]   Stop using certificate
 
 multiple voms-proxy-init -noregen work as expected
@@ -28,7 +29,8 @@ multiple voms-proxy-init -noregen work as expected
   ${subject}   Get proxy info   --subject
   ${fqans}   Get proxy info   --fqan
   Should Match Regexp  ${subject}  ${certificateSubject}(/CN=[0-9]+){6}
-  Should Start With   ${fqans}  /${vo1}/Role=NULL/Capability=NULL 
+  ${expected}=   Set Variable If  ${vo1_legacy_fqan_enabled} == True   /${vo1}/Role=NULL/Capability=NULL   /${vo1}
+  Should Start With   ${fqans}  ${expected}
   [Teardown]   Stop using certificate
 
 See if voms-proxy-init --noregen of an rfc proxy works

diff --git a/tests/clients/init/options.robot b/tests/clients/init/options.robot
@@ -64,7 +64,7 @@ See if voms-proxy-init --order works
   [Setup]  Use certificate  test0
   Create proxy   -voms ${vo1} -order /${vo1}/G1
   ${output}  Get proxy info  -fqan
-  ${expected}  Set Variable    /${vo1}/G1/Role=NULL/Capability=NULL\n/${vo1}/Role=NULL/Capability=NULL\n/${vo1}/G2/Role=NULL/Capability=NULL\n/${vo1}/G2/G3/Role=NULL/Capability=NULL
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True  /${vo1}/G1/Role=NULL/Capability=NULL\n/${vo1}/Role=NULL/Capability=NULL\n/${vo1}/G2/Role=NULL/Capability=NULL\n/${vo1}/G2/G3/Role=NULL/Capability=NULL  /${vo1}/G1\n/${vo1}\n/${vo1}/G2\n/${vo1}/G2/G3  
   Should Be Equal As Strings  ${output}  ${expected}
   [Teardown]  Stop using certificate
 
@@ -73,7 +73,7 @@ See if voms-proxy-init --order works with multiple arguments
   [Setup]  Use certificate  test0
   Create proxy   -voms ${vo1} -order /${vo1}/G2/G3 -order /${vo1}/G2 
   ${output}  Get proxy info  -fqan
-  ${expected}  Set Variable  /${vo1}/G2/G3/Role=NULL/Capability=NULL\n/${vo1}/G2/Role=NULL/Capability=NULL\n/${vo1}/G1/Role=NULL/Capability=NULL\n/${vo1}/Role=NULL/Capability=NULL
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True  /${vo1}/G2/G3/Role=NULL/Capability=NULL\n/${vo1}/G2/Role=NULL/Capability=NULL\n/${vo1}/G1/Role=NULL/Capability=NULL\n/${vo1}/Role=NULL/Capability=NULL   /${vo1}/G2/G3\n/${vo1}/G2\n/${vo1}/G1/\n/${vo1}
   Should Be Equal As Strings  ${output}  ${expected}
   [Teardown]  Stop using certificate
 

diff --git a/tests/clients/init/tests.robot b/tests/clients/init/tests.robot
@@ -43,16 +43,19 @@ See if a requested role ends up as primary fqan
   [Setup]   Use certificate   test0
   Create proxy   --voms ${vo1}:/${vo1}/G1/Role=R1
   ${output}  Get proxy info   --fqan
-  Should Start With   ${output}   /${vo1}/G1/Role=R1/Capability=NULL
+  ${primary_fqan}=   Set Variable If   ${vo1_legacy_fqan_enabled} == True   /${vo1}/G1/Role=R1/Capability=NULL   /${vo1}/G1/R1
+  Should Start With   ${output}   ${primary_fqan}
   [Teardown]  Stop using certificate
 
 See if multiple -voms work as expected
   [Tags]  remote  legacy
   [Setup]   Use certificate   test0
   Create proxy   --voms ${vo1}:/${vo1}/G1 --voms ${vo1}:/${vo1}/G1/Role=R1 
   ${output}  Get proxy info   --fqan
-  Should Start With   ${output}   /${vo1}/G1/Role=NULL/Capability=NULL
-  Should Contain   ${output}   /${vo1}/G1/Role=R1/Capability=NULL
+  ${voms_role}=   Set Variable If   ${vo1_legacy_fqan_enabled} == True   /${vo1}/G1/Role=NULL/Capability=NULL   /${vo1}/G1
+  Should Start With   ${output}   ${voms_role}
+  ${voms_role}=   Set Variable If   ${vo1_legacy_fqan_enabled} == True   /${vo1}/G1/Role=R1/Capability=NULL   /${vo1}/G1/R1
+  Should Contain   ${output}   ${voms_role}
   [Teardown]  Stop using certificate
 
 See if request for multiple VOs work as expected
@@ -61,7 +64,9 @@ See if request for multiple VOs work as expected
   [Setup]   Use certificate   test0
   Create proxy   --voms ${vo2} --voms ${vo1} 
   ${output}  Get proxy info   --fqan
-  Should Start With   ${output}   /${vo2}/Role=NULL/Capability=NULL
+  ${expected}=   Set Variable If   ${vo2_legacy_fqan_enabled} == True   /${vo2}/Role=NULL/Capability=NULL   /${vo2}
+  Should Start With   ${output}   ${expected}
+  ${expected}=   Set Variable If   ${vo1_legacy_fqan_enabled} == True   /${vo1}/Role=NULL/Capability=NULL   /${vo1}
   Should Contain   ${output}   /${vo1}/Role=NULL/Capability=NULL
   [Teardown]   Stop using certificate
 
@@ -132,8 +137,10 @@ voms-proxy-init --order cannot force role requests
   [Setup]   Use certificate   test0
   Create proxy   -voms ${vo1} -order /${vo1}/G1/Role=R1 -order /${vo1}/G1
   ${output}   Get proxy info   --fqan
-  Should Start With   ${output}   /${vo1}/G1/Role=NULL/Capability=NULL
-  Should Not Contain   ${output}   /${vo1}/G1/Role=R1/Capability=NULL
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True  /${vo1}/G1/Role=NULL/Capability=NULL  /${vo1}/G1
+  Should Start With   ${output}   ${expected}
+  ${expected}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True  /${vo1}/G1/Role=R1/Capability=NULL  /${vo1}/G1/R1
+  Should Not Contain   ${output}   ${expected}
   [Teardown]   Stop using certificate
 
 long delegation chain work as expected
@@ -307,9 +314,10 @@ See if voms does not allow expansion of credential set
   [Tags]  remote  legacy
   [Setup]  Use certificate  test0
   Create proxy   -voms ${vo1}
-  Create proxy   -voms ${vo1}:/${vo1}/G1/Role=R1 --valid 10:00 --noregen
+  ${voms_role}=  Set Variable If  ${vo1_legacy_fqan_enabled} == True   /${vo1}/G1/Role=R1   /${vo1}/G1/R1
+  Create proxy   -voms ${vo1}:${voms_role} --valid 10:00 --noregen
   ${output}  Get proxy info  -all
-  Should Not Contain   ${output}  /${vo1}/G1/Role=R1
+  Should Not Contain   ${output}  ${voms_role}
   [Teardown]  Stop using certificate
 
 See if voms-proxy-init --debug works