Task #6810: Add a test to ensure FileRemote with client_cert and client_key configured can sync from a protected repository - CertGuard - Pulp

Send by e-mail

Task #6810

Add a test to ensure FileRemote with client_cert and client_key configured can sync from a protected repository

Added by bmbouter about 1 year ago.

Status:

NEW

Priority:

Normal

Assignee:

Sprint/Milestone:

Start date:

Due date:

% Done:

Estimated time:

Platform Release:

Groomed:

Sprint Candidate:

Tags:

Sprint:

Quarter:

Description

It's possible to have a Pulp Remote, e.g. FileRemote sync from a CertGaurd protected repo. This should work with either RHSM or X509 Certificate as long as the header is right.

We need to add a test that does the following:

Setup parts of the test¶

Create a FileRepository and sync some content into it
Create a Publication from (1) and serve it at a FileDistribution

Test sync when it's unprotected¶

Create a FileRemote and a second repository and sync the FileDistribution from (2) with it

Test sync fails against protected repo without cert_key and client_key¶

Protect this content with an X509 certificate
Try to sync the second repo using the FileRemote and assert that it fails with a 403 error (because the FileRemote has no client_cert and client_key)

Test sync works when FileRemote has client_cert and client_key¶

Add the client_cert and client_key to the FileRemote from (3)
Sync the second repo once more and assert it passes

Please register to edit this issue

Send by e-mail

Also available in: Atom PDF

Project

Profile

Help

CertGuard

Issues