[autobackport: sssd-2-10] Smartcard multi token tests#8663
Conversation
Reviewed-by: Scott Poore <spoore@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> (cherry picked from commit e5b6597)
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request introduces new system tests for smartcard authentication scenarios involving multiple SoftHSM tokens, along with a helper function to initialize these tokens with IPA-signed certificates. A critical issue was identified in the parametrized test test_smartcard__two_tokens_match_on_both, where the attempt to create the same IPA user in every iteration would lead to a failure; a suggestion was provided to ensure unique usernames are used for each test run.
| username = "scuser_both" | ||
| ipa.user(username).add() |
There was a problem hiding this comment.
The test test_smartcard__two_tokens_match_on_both is parametrized by cert_selection, which causes the entire test function to run twice. On the second iteration, ipa.user(username).add() will fail because the user scuser_both already exists in the IPA server. To ensure test isolation and avoid this failure, you should use a unique username for each iteration.
| username = "scuser_both" | |
| ipa.user(username).add() | |
| username = f"scuser_both_{cert_selection}" | |
| ipa.user(username).add() |
|
Ah, sorry, I realized too late that the tests were failing in the CI run. Will check this .... |
5 participants
This is an automatic backport of PR#8519 Smartcard multi token tests to branch sssd-2-10, created by @krishnavema.
Please make sure this backport is correct.
Note
The commits were cherry-picked without conflicts.
You can push changes to this pull request
Original commits
e5b6597 - tests: implement multi-token support for smart card authentication
Backported commits
Original Pull Request Body