Add AD certificate authentication test#8453
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request adds a new system test for AD certificate authentication using a virtual smartcard. The changes include updating a test dependency and adding the new test case with a helper function for certificate enrollment. The overall approach is sound, but I've identified one area for improvement to increase test reliability by replacing a fixed sleep with a more robust polling mechanism.
| client.sssd.restart() | ||
|
|
||
| client.svc.restart("virt_cacard.service") | ||
| time.sleep(5) |
There was a problem hiding this comment.
Using a fixed time.sleep(5) can lead to flaky tests. If the virt_cacard.service takes longer to start under load, the test might fail. Conversely, if the service starts quickly, the test is unnecessarily delayed. A more robust approach is to poll for the service's status until it becomes active.
| time.sleep(5) | |
| for _ in range(10): | |
| result = client.host.conn.run("systemctl is-active --quiet virt_cacard.service", raise_on_error=False) | |
| if result.rc == 0: | |
| break | |
| time.sleep(1) | |
| else: | |
| pytest.fail("virt_cacard.service did not become active in time.") |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| username = "adcertuser1" | ||
| try: | ||
| ad.user(username).delete() | ||
| except Exception: |
Check notice
Code scanning / CodeQL
Empty except Note test
1 participant
No description provided.