[DNM] add content guard test#74
Conversation
Signed-off-by: Bartosz Bezak <bartosz@stackhpc.com>
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request expands the container distribution tests by introducing a test case for guarded distributions. The changes include creating an x509 certificate guard, utilizing it in a new distribution, and performing subsequent verification and cleanup. Feedback from the reviewer highlights a potential issue where the content_guard parameter likely requires a URI/HREF instead of a name, suggesting that the guard creation task's output should be registered and its HREF used. Additionally, it was recommended to enhance the assertion logic to verify that the new distribution is correctly reported as changed.
| - name: test_dist_guarded | ||
| base_path: test_dist_guarded | ||
| repository: test_dist_repo | ||
| content_guard: test_dist_guard |
There was a problem hiding this comment.
The container_distributions module (as seen in the context) does not currently implement name-to-HREF resolution for the content_guard parameter, unlike the repository parameter which has explicit resolution logic (lines 189-204 of the module). Since the Pulp API typically expects a URI/HREF for the content guard field, passing the name test_dist_guard directly will likely cause the task to fail with a 400 Bad Request.
It is recommended to either update the module to support name resolution for content_guard or pass the HREF directly from the registered result of the guard creation task.
content_guard: "{{ guard_result.x509_cert_guard.pulp_href }}"There was a problem hiding this comment.
exactly why this test here ;)
| - name: Create test content guard | ||
| pulp.squeezer.x509_cert_guard: | ||
| pulp_url: "{{ pulp_url }}" | ||
| username: "{{ pulp_username }}" | ||
| password: "{{ pulp_password }}" | ||
| validate_certs: "{{ pulp_validate_certs }}" | ||
| name: test_dist_guard | ||
| ca_certificate: "{{ lookup('file', 'files/ca.pem') }}" | ||
| state: present |
There was a problem hiding this comment.
To ensure the created content guard can be correctly referenced by its HREF in subsequent tasks, it is recommended to register the output of this task. This is particularly important because the container_distributions module (as seen in the context) does not currently appear to perform name-to-HREF resolution for the content_guard parameter.
- name: Create test content guard
pulp.squeezer.x509_cert_guard:
pulp_url: "{{ pulp_url }}"
username: "{{ pulp_username }}"
password: "{{ pulp_password }}"
validate_certs: "{{ pulp_validate_certs }}"
name: test_dist_guard
ca_certificate: "{{ lookup('file', 'files/ca.pem') }}"
state: present
register: guard_result| - create_result.distributions[2].name == "test_dist_guarded" | ||
| - create_result.distributions[2].distribution.content_guard is search("/contentguards/") |
There was a problem hiding this comment.
It is recommended to verify that the newly created distribution was actually marked as changed during the creation task.
- create_result.distributions[2].name == "test_dist_guarded"
- create_result.distributions[2].changed == true
- create_result.distributions[2].distribution.content_guard is search("/contentguards/")1 participant
just to test if it works