Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Tests: Test trasformation #7831

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Conversation

aborah-sudo
Copy link
Contributor

@aborah-sudo aborah-sudo commented Feb 7, 2025

Test transformation net group with generic provider

@aborah-sudo aborah-sudo force-pushed the new_net branch 2 times, most recently from 85bd068 to c8ffaa7 Compare March 3, 2025 14:20
@aborah-sudo aborah-sudo requested a review from ikerexxe March 3, 2025 14:21
@aborah-sudo aborah-sudo force-pushed the new_net branch 4 times, most recently from b3af7ea to 67af1f0 Compare March 4, 2025 10:28
@aborah-sudo aborah-sudo requested a review from danlavu March 5, 2025 05:28
@aborah-sudo aborah-sudo changed the title Tests: Test trasformation netgroup Tests: Test trasformation Mar 7, 2025
@aborah-sudo aborah-sudo requested review from danlavu and removed request for danlavu March 16, 2025 15:04
6. The expected log entries are present in the logs
:customerscenario: True
"""
if not isinstance(provider, (LDAP, Samba, AD)):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's change this condition to check for what it should skip, IPA.

if isinstance(provider, IPA):

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

tests/test_netgroups.py:348: error: Unexpected keyword argument "domain" for "add_member" of "GenericNetgroup" [call-arg]
.venv/lib/python3.11/site-packages/sssd_test_framework/roles/generic.py:794: note: "add_member" of "GenericNetgroup" defined here

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So this needs to be this way only

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That got me thinking. First of all, why would you use @pytest.mark.topology(KnownTopologyGroup.AnyProvider) if you're not going to test it with all the topologies in that group? In other tests you correctly put exactly the exact topologies on which this test is going to run:

@pytest.mark.topology(KnownTopology.LDAP)
@pytest.mark.topology(KnownTopology.AD)
@pytest.mark.topology(KnownTopology.Samba)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

changed

client.sssd.nss.update(
filter_groups="root", filter_users="root", debug_level="9", entry_cache_nowait_percentage="50"
)
client.sssd.dom("test").update(entry_cache_timeout="30")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You should lower this value to the minimum possible to avoid getting stuck in this test for too long

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is 30 the minimum value?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes, for this test we must

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you state the reasons? I'd like to understand why this is happening

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The default value is typically 5400 seconds (90 minutes), which is a reasonable balance between performance and freshness of cached data. So i am setting it to 30 second at least.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also sssd.conf says.

If the domain's entry_cache_timeout is set to 30s and entry_cache_nowait_percentage is set to 50 (percent), entries that come in after 15 seconds past the last cache update will be returned immediately, but
Valid values for this option are 0-99 and represent a percentage of the entry_cache_timeout for each domain. For performance reasons, this percentage will never reduce the nowait timeout to less than 10 seconds.

@danlavu
Copy link

danlavu commented Mar 17, 2025

  1. What are we testing, netgroup or entry_cache_nowait_percentage?
  2. If entry_cache_nowait_percentage, should we test users and regular groups as well?

If netgroup, and we only create netgroups and assert netgroups, this should go in test_netgroup.py, as it is right now, this is where it should go. If we can extend the test to users, groups, it should go in test_cache.py.

@aborah-sudo
Copy link
Contributor Author

  1. What are we testing, netgroup or entry_cache_nowait_percentage?

    1. If entry_cache_nowait_percentage, should we test users and regular groups as well?

If netgroup, and we only create netgroups and assert netgroups, this should go in test_netgroup.py, as it is right now, this is where it should go. If we can extend the test to users, groups, it should go in test_cache.py.

I am moving this test to test_netgroup.py again, before this test was placed there

@aborah-sudo aborah-sudo force-pushed the new_net branch 4 times, most recently from 4926a4b to 3adc070 Compare March 18, 2025 04:08
@aborah-sudo aborah-sudo requested a review from ikerexxe March 18, 2025 04:10
@aborah-sudo aborah-sudo force-pushed the new_net branch 3 times, most recently from 2698672 to 39f37d7 Compare March 19, 2025 11:52
…netgroup timeout when backend is offline

SSSD does not crash in nss responder after netgroup timeout when backend is offline
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants