Gdm c9s updates#250
Conversation
topology_controller updates for hostname changes and setup/teardown stability. Keycloak tests when run manually often didn't clean up correctly (even with backup/restores) so the setup is updated to remove clients before trying to add if found. GDM topology controller didn't have some necessary updates to make hostname changes work during setup.
Because the log messages for GDM/Gnome differ between c9s versions and newer, the wait_for_login method in the gdm util now checks for two different log messages to confirm login before continuing.
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces several improvements to the SSSD test framework, including robust error handling during domain uninstallation, hostname configuration backups, and cleanup of existing Keycloak clients and IPA IDP entries before recreation. In sssd_test_framework/utils/gdm.py, the login detection mechanism is updated to check for multiple patterns. The review feedback suggests refactoring duplicated domain uninstallation and hostname setup logic, combining regex patterns in wait_for_login for better readability, and removing a redundant inline import time statement.
| if isinstance(provider, (IPAHost)): | ||
| client.conn.exec(["ipa-client-install", "--uninstall", "-U"]) | ||
| result = client.conn.exec(["ipa-client-install", "--uninstall", "-U"], raise_on_error=False) | ||
| if result.rc != 0: | ||
| self.logger.info( | ||
| f"Running ipa-client-install --uninstall failed with:\n{result.stdout}\n{result.stderr}" | ||
| ) | ||
| self.logger.info("Trying to remove sssd.conf now") | ||
| client.fs.rm("/etc/sssd/sssd.conf") | ||
| else: | ||
| client.conn.exec(["realm", "leave", "--unattended", provider.domain], input=provider.adminpw) | ||
| result = client.conn.exec( | ||
| ["realm", "leave", "--unattended", provider.domain], input=provider.adminpw, raise_on_error=False | ||
| ) | ||
| if result.rc != 0: | ||
| self.logger.info(f"Running realm leave failed with:\n{result.stdout}\n{result.stderr}") | ||
| self.logger.info("Trying to remove sssd.conf now") | ||
| client.fs.rm("/etc/sssd/sssd.conf") |
There was a problem hiding this comment.
The error handling logic for ipa-client-install --uninstall and realm leave is duplicated. To improve maintainability and reduce redundancy, this can be refactored into a single block of code.
if isinstance(provider, (IPAHost)):
uninstall_cmd = ["ipa-client-install", "--uninstall", "-U"]
uninstall_input = None
cmd_desc = "ipa-client-install --uninstall"
else:
uninstall_cmd = ["realm", "leave", "--unattended", provider.domain]
uninstall_input = provider.adminpw
cmd_desc = "realm leave"
result = client.conn.exec(uninstall_cmd, input=uninstall_input, raise_on_error=False)
if result.rc != 0:
self.logger.info(f"Running {cmd_desc} failed with:\n{result.stdout}\n{result.stderr}")
self.logger.info("Trying to remove sssd.conf now")
client.fs.rm("/etc/sssd/sssd.conf")| short_hostname = client.conn.run("hostname").stdout.split(".")[0].strip() | ||
| hostname = f"{short_hostname}.{keycloak.domain}" | ||
| hostname = f"{short_hostname}.{ipa.domain}" | ||
| client.fs.backup("/etc/hostname") | ||
| client.fs.backup("/etc/hosts") | ||
| client.conn.run(f"echo {hostname} > /etc/hostname") | ||
| client.fs.write("/etc/hosts", client.fs.read("/etc/hosts").replace("client.test", hostname)) |
There was a problem hiding this comment.
This block of code for setting the client hostname is also present in IPATopologyController. To improve maintainability and avoid code duplication, consider extracting this logic into a private helper method, e.g., _set_client_hostname(self, client: ClientHost, domain: str).
| rc = 0 | ||
| checks = ["Opening and taking control of.*card", "Adding device.*card"] | ||
| for check in checks: | ||
| if not re.search(check, result.stdout): | ||
| rc += 1 | ||
|
|
||
| if rc >= len(checks): | ||
| raise AssertionError("Unable to see gnome-shell take control of video card") |
There was a problem hiding this comment.
Instead of iterating through the checks and calling re.search in a loop, it's more efficient and readable to combine the patterns into a single regular expression using |.
checks = ["Opening and taking control of.*card", "Adding device.*card"]
pattern = "|".join(checks)
if not re.search(pattern, result.stdout):
raise AssertionError("Unable to see gnome-shell take control of video card")|
|
||
| if rc >= len(checks): | ||
| raise AssertionError("Unable to see gnome-shell take control of video card") | ||
| import time |
There was a problem hiding this comment.
The time module is already imported at the top of this file. This import statement is redundant and violates PEP 8 style guidelines, which recommend placing all imports at the top of the file. Please remove this line.
ikerexxe
left a comment
ikerexxe
left a comment
There was a problem hiding this comment.
Some minor issues inline. In addition, I'd highly recommend to read gemini's proposals
| rc = 0 | ||
| checks = ["Opening and taking control of.*card", "Adding device.*card"] | ||
| for check in checks: | ||
| if not re.search(check, result.stdout): | ||
| rc += 1 | ||
|
|
||
| if rc >= len(checks): | ||
| raise AssertionError("Unable to see gnome-shell take control of video card") |
| self.logger.info( | ||
| f"Running ipa-client-install --uninstall failed with:\n{result.stdout}\n{result.stderr}" | ||
| ) | ||
| self.logger.info("Trying to remove sssd.conf now") |
There was a problem hiding this comment.
I'd state Removing sssd.conf now, unless a check for the removal of the file exists somewhere
| ) | ||
| if result.rc != 0: | ||
| self.logger.info(f"Running realm leave failed with:\n{result.stdout}\n{result.stderr}") | ||
| self.logger.info("Trying to remove sssd.conf now") |
| self.logger.info(f"IPA already enrolled in keycloak. Removing.") | ||
| ipa.conn.run("ipa idp-del keycloak") | ||
|
|
||
| result = ipa.conn.run( |
There was a problem hiding this comment.
Either you check for something on result or you don't assign any value here
| # Check if IPA entry for Keycloak already exists and delete | ||
| result = ipa.conn.run("ipa idp-show keycloak", raise_on_error=False) | ||
| if "ipa_oidc_client" in result.stdout: | ||
| self.logger.info(f"IPA already enrolled in keycloak. Removing.") |
There was a problem hiding this comment.
This doesn't need to be an f-string
2 participants
gdm: fixes to better support c9s/rhel9
topologies: hostname and setup/teardown fixes