From bfb2aad9d32a57694dee6f9a3d6ecc19ab1c1993 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Wed, 19 Feb 2025 18:38:17 -0600 Subject: [PATCH] Fix expected backup folder permissions in CI The expected permissions of backup folder have been updated due to recent changes in PKIServer.create_logs_dir(). --- .github/workflows/acme-basic-test.yml | 4 ++-- .github/workflows/acme-separate-test.yml | 4 ++-- .github/workflows/ca-basic-test.yml | 4 ++-- .github/workflows/ca-container-basic-test.yml | 2 +- .github/workflows/ca-container-existing-certs-test.yml | 2 +- .github/workflows/ca-container-system-service-test.yml | 2 +- .github/workflows/ca-container-user-service-test.yml | 2 +- .github/workflows/ca-existing-config-test.yml | 2 +- .github/workflows/est-ds-realm-separate-test.yml | 4 ++-- .github/workflows/est-ds-realm-test.yml | 4 ++-- .github/workflows/est-postgresql-realm-test.yml | 4 ++-- .github/workflows/est-separate-provided-certs-test.yml | 4 ++-- .github/workflows/kra-basic-test.yml | 4 ++-- .github/workflows/kra-container-test.yml | 2 +- .github/workflows/kra-existing-config-test.yml | 2 +- .github/workflows/ocsp-basic-test.yml | 4 ++-- .github/workflows/ocsp-container-test.yml | 2 +- .github/workflows/ocsp-existing-config-test.yml | 2 +- .github/workflows/server-basic-test.yml | 2 ++ .github/workflows/tks-basic-test.yml | 4 ++-- .github/workflows/tks-container-test.yml | 2 +- .github/workflows/tks-existing-config-test.yml | 2 +- .github/workflows/tps-basic-test.yml | 4 ++-- .github/workflows/tps-container-test.yml | 2 +- .github/workflows/tps-existing-config-test.yml | 2 +- 25 files changed, 37 insertions(+), 35 deletions(-) diff --git a/.github/workflows/acme-basic-test.yml b/.github/workflows/acme-basic-test.yml index 28f566b3b80..6cc849507c2 100644 --- a/.github/workflows/acme-basic-test.yml +++ b/.github/workflows/acme-basic-test.yml @@ -186,7 +186,7 @@ jobs: # TODO: review permissions cat > expected << EOF drwxrwx--- pkiuser pkiuser acme - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log @@ -760,7 +760,7 @@ jobs: # TODO: review permissions cat > expected << EOF drwxrwx--- pkiuser pkiuser acme - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/acme-separate-test.yml b/.github/workflows/acme-separate-test.yml index a65e73dfbd4..fa5f3165149 100644 --- a/.github/workflows/acme-separate-test.yml +++ b/.github/workflows/acme-separate-test.yml @@ -204,7 +204,7 @@ jobs: # TODO: review permissions cat > expected << EOF drwxrwx--- pkiuser pkiuser acme - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup -rw-r--r-- pkiuser pkiuser catalina.$DATE.log -rw-r--r-- pkiuser pkiuser host-manager.$DATE.log -rw-r--r-- pkiuser pkiuser localhost.$DATE.log @@ -796,7 +796,7 @@ jobs: # TODO: review permissions cat > expected << EOF drwxrwx--- pkiuser pkiuser acme - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup -rw-r--r-- pkiuser pkiuser catalina.$DATE.log -rw-r--r-- pkiuser pkiuser host-manager.$DATE.log -rw-r--r-- pkiuser pkiuser localhost.$DATE.log diff --git a/.github/workflows/ca-basic-test.yml b/.github/workflows/ca-basic-test.yml index 1469e6632e2..2f5ab786520 100644 --- a/.github/workflows/ca-basic-test.yml +++ b/.github/workflows/ca-basic-test.yml @@ -125,7 +125,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log @@ -591,7 +591,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/ca-container-basic-test.yml b/.github/workflows/ca-container-basic-test.yml index 303e16388ed..3d367e9b66c 100644 --- a/.github/workflows/ca-container-basic-test.yml +++ b/.github/workflows/ca-container-basic-test.yml @@ -148,7 +148,7 @@ jobs: # everything should be owned by docker group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- docker backup + drwxrwxrwx docker backup drwxrwxrwx docker ca -rw-rw-rw- docker catalina.$DATE.log -rw-rw-rw- docker host-manager.$DATE.log diff --git a/.github/workflows/ca-container-existing-certs-test.yml b/.github/workflows/ca-container-existing-certs-test.yml index c44b3e82f21..66b69cee3c2 100644 --- a/.github/workflows/ca-container-existing-certs-test.yml +++ b/.github/workflows/ca-container-existing-certs-test.yml @@ -254,7 +254,7 @@ jobs: # everything should be owned by docker group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- docker backup + drwxrwxrwx docker backup drwxrwxrwx docker ca -rw-rw-rw- docker catalina.$DATE.log -rw-rw-rw- docker host-manager.$DATE.log diff --git a/.github/workflows/ca-container-system-service-test.yml b/.github/workflows/ca-container-system-service-test.yml index 0d562a6d8e1..18ed7d7b56b 100644 --- a/.github/workflows/ca-container-system-service-test.yml +++ b/.github/workflows/ca-container-system-service-test.yml @@ -227,7 +227,7 @@ jobs: # everything should be owned by pkiuser group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- pkiuser backup + drwxrwxrwx pkiuser backup drwxrwxrwx pkiuser ca -rw-rw-rw- pkiuser catalina.$DATE.log -rw-rw-rw- pkiuser host-manager.$DATE.log diff --git a/.github/workflows/ca-container-user-service-test.yml b/.github/workflows/ca-container-user-service-test.yml index 42707d2322e..a195b2f5631 100644 --- a/.github/workflows/ca-container-user-service-test.yml +++ b/.github/workflows/ca-container-user-service-test.yml @@ -260,7 +260,7 @@ jobs: # everything should be owned by pkiuser group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- pkiuser backup + drwxrwxrwx pkiuser backup drwxrwxrwx pkiuser ca -rw-rw-rw- pkiuser catalina.$DATE.log -rw-rw-rw- pkiuser host-manager.$DATE.log diff --git a/.github/workflows/ca-existing-config-test.yml b/.github/workflows/ca-existing-config-test.yml index 47a0c129c06..082573bfb3a 100644 --- a/.github/workflows/ca-existing-config-test.yml +++ b/.github/workflows/ca-existing-config-test.yml @@ -199,7 +199,7 @@ jobs: # all log files should be retained # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/est-ds-realm-separate-test.yml b/.github/workflows/est-ds-realm-separate-test.yml index bae4f019132..8f6cff40736 100644 --- a/.github/workflows/est-ds-realm-separate-test.yml +++ b/.github/workflows/est-ds-realm-separate-test.yml @@ -184,7 +184,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup -rw-r--r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est -rw-r--r-- pkiuser pkiuser host-manager.$DATE.log @@ -333,7 +333,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup -rw-r--r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est -rw-r--r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/est-ds-realm-test.yml b/.github/workflows/est-ds-realm-test.yml index 1a3a140b634..f37a0d3ab94 100644 --- a/.github/workflows/est-ds-realm-test.yml +++ b/.github/workflows/est-ds-realm-test.yml @@ -197,7 +197,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est @@ -397,7 +397,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est diff --git a/.github/workflows/est-postgresql-realm-test.yml b/.github/workflows/est-postgresql-realm-test.yml index 23cc98b8337..9b73048013c 100644 --- a/.github/workflows/est-postgresql-realm-test.yml +++ b/.github/workflows/est-postgresql-realm-test.yml @@ -268,7 +268,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est @@ -444,7 +444,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est diff --git a/.github/workflows/est-separate-provided-certs-test.yml b/.github/workflows/est-separate-provided-certs-test.yml index 6027e579f31..b1b23152eb5 100644 --- a/.github/workflows/est-separate-provided-certs-test.yml +++ b/.github/workflows/est-separate-provided-certs-test.yml @@ -220,7 +220,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup -rw-r--r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est -rw-r--r-- pkiuser pkiuser host-manager.$DATE.log @@ -369,7 +369,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup -rw-r--r-- pkiuser pkiuser catalina.$DATE.log drwxrwx--- pkiuser pkiuser est -rw-r--r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/kra-basic-test.yml b/.github/workflows/kra-basic-test.yml index 8db15540158..51a0f052894 100644 --- a/.github/workflows/kra-basic-test.yml +++ b/.github/workflows/kra-basic-test.yml @@ -186,7 +186,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log @@ -536,7 +536,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/kra-container-test.yml b/.github/workflows/kra-container-test.yml index 0b1a3b84343..46c8a44fff4 100644 --- a/.github/workflows/kra-container-test.yml +++ b/.github/workflows/kra-container-test.yml @@ -395,7 +395,7 @@ jobs: # everything should be owned by docker group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- docker backup + drwxrwxrwx docker backup -rw-rw-rw- docker catalina.$DATE.log -rw-rw-rw- docker host-manager.$DATE.log drwxrwxrwx docker kra diff --git a/.github/workflows/kra-existing-config-test.yml b/.github/workflows/kra-existing-config-test.yml index 755fcee5688..ea017436bc6 100644 --- a/.github/workflows/kra-existing-config-test.yml +++ b/.github/workflows/kra-existing-config-test.yml @@ -162,7 +162,7 @@ jobs: # all log files should be retained # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/ocsp-basic-test.yml b/.github/workflows/ocsp-basic-test.yml index 95edd7279f9..11348bc865a 100644 --- a/.github/workflows/ocsp-basic-test.yml +++ b/.github/workflows/ocsp-basic-test.yml @@ -215,7 +215,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log @@ -668,7 +668,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/ocsp-container-test.yml b/.github/workflows/ocsp-container-test.yml index 1435edca3ea..5d4adacba37 100644 --- a/.github/workflows/ocsp-container-test.yml +++ b/.github/workflows/ocsp-container-test.yml @@ -375,7 +375,7 @@ jobs: # everything should be owned by docker group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- docker backup + drwxrwxrwx docker backup -rw-rw-rw- docker catalina.$DATE.log -rw-rw-rw- docker host-manager.$DATE.log -rw-rw-rw- docker localhost.$DATE.log diff --git a/.github/workflows/ocsp-existing-config-test.yml b/.github/workflows/ocsp-existing-config-test.yml index 032fa611a2a..8e1a8bbaa23 100644 --- a/.github/workflows/ocsp-existing-config-test.yml +++ b/.github/workflows/ocsp-existing-config-test.yml @@ -162,7 +162,7 @@ jobs: # all log files should be retained # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/server-basic-test.yml b/.github/workflows/server-basic-test.yml index a78e755bd2c..d021f140047 100644 --- a/.github/workflows/server-basic-test.yml +++ b/.github/workflows/server-basic-test.yml @@ -360,6 +360,7 @@ jobs: # TODO: review permissions cat > expected << EOF + drwxr-x--- tomcat tomcat backup -rw-r--r-- tomcat tomcat catalina.$DATE.log -rw-r--r-- tomcat tomcat host-manager.$DATE.log -rw-r--r-- tomcat tomcat localhost.$DATE.log @@ -442,6 +443,7 @@ jobs: # TODO: review permissions cat > expected << EOF + drwxr-x--- tomcat tomcat backup -rw-r--r-- tomcat tomcat catalina.$DATE.log -rw-r--r-- tomcat tomcat host-manager.$DATE.log -rw-r--r-- tomcat tomcat localhost.$DATE.log diff --git a/.github/workflows/tks-basic-test.yml b/.github/workflows/tks-basic-test.yml index f5efc61ac93..af17949089b 100644 --- a/.github/workflows/tks-basic-test.yml +++ b/.github/workflows/tks-basic-test.yml @@ -139,7 +139,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log @@ -319,7 +319,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/tks-container-test.yml b/.github/workflows/tks-container-test.yml index dea84e94324..b1c828c70e9 100644 --- a/.github/workflows/tks-container-test.yml +++ b/.github/workflows/tks-container-test.yml @@ -364,7 +364,7 @@ jobs: # everything should be owned by docker group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- docker backup + drwxrwxrwx docker backup -rw-rw-rw- docker catalina.$DATE.log -rw-rw-rw- docker host-manager.$DATE.log -rw-rw-rw- docker localhost.$DATE.log diff --git a/.github/workflows/tks-existing-config-test.yml b/.github/workflows/tks-existing-config-test.yml index 42c29e56bb9..c1237b69c00 100644 --- a/.github/workflows/tks-existing-config-test.yml +++ b/.github/workflows/tks-existing-config-test.yml @@ -162,7 +162,7 @@ jobs: # all log files should be retained # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/tps-basic-test.yml b/.github/workflows/tps-basic-test.yml index 9d5335905cb..6ade3d4cf04 100644 --- a/.github/workflows/tps-basic-test.yml +++ b/.github/workflows/tps-basic-test.yml @@ -165,7 +165,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log @@ -435,7 +435,7 @@ jobs: # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log diff --git a/.github/workflows/tps-container-test.yml b/.github/workflows/tps-container-test.yml index c12e8523492..746239df1f2 100644 --- a/.github/workflows/tps-container-test.yml +++ b/.github/workflows/tps-container-test.yml @@ -722,7 +722,7 @@ jobs: # everything should be owned by docker group # TODO: review owners/permissions cat > expected << EOF - drwxrwx--- docker backup + drwxrwxrwx docker backup -rw-rw-rw- docker catalina.$DATE.log -rw-rw-rw- docker host-manager.$DATE.log -rw-rw-rw- docker localhost.$DATE.log diff --git a/.github/workflows/tps-existing-config-test.yml b/.github/workflows/tps-existing-config-test.yml index 690ffcb576d..9bcfa4c23d0 100644 --- a/.github/workflows/tps-existing-config-test.yml +++ b/.github/workflows/tps-existing-config-test.yml @@ -184,7 +184,7 @@ jobs: # all log files should be retained # TODO: review permissions cat > expected << EOF - drwxr-x--- pkiuser pkiuser backup + drwxrwx--- pkiuser pkiuser backup drwxrwx--- pkiuser pkiuser ca -rw-rw-r-- pkiuser pkiuser catalina.$DATE.log -rw-rw-r-- pkiuser pkiuser host-manager.$DATE.log