diff --git a/tests/testflows/helpers/cluster.py b/tests/testflows/helpers/cluster.py index 6d3ae97e000..aa39c268d2f 100644 --- a/tests/testflows/helpers/cluster.py +++ b/tests/testflows/helpers/cluster.py @@ -164,7 +164,7 @@ class Cluster(object): if not os.path.exists(docker_compose_file_path): raise TypeError("docker compose file '{docker_compose_file_path}' does not exist") - self.docker_compose += f" --project-directory \"{docker_compose_project_dir}\" --file \"{docker_compose_file_path}\"" + self.docker_compose += f" --no-ansi --project-directory \"{docker_compose_project_dir}\" --file \"{docker_compose_file_path}\"" self.lock = threading.Lock() def shell(self, node, timeout=120): diff --git a/tests/testflows/ldap/docker-compose/clickhouse-service.yml b/tests/testflows/ldap/docker-compose/clickhouse-service.yml index 9787b37abbb..e6fa8542948 100644 --- a/tests/testflows/ldap/docker-compose/clickhouse-service.yml +++ b/tests/testflows/ldap/docker-compose/clickhouse-service.yml @@ -19,9 +19,9 @@ services: healthcheck: test: clickhouse client --query='select 1' interval: 3s - timeout: 2s - retries: 40 - start_period: 2s + timeout: 10s + retries: 5 + start_period: 30s cap_add: - SYS_PTRACE security_opt: diff --git a/tests/testflows/ldap/docker-compose/docker-compose.yml b/tests/testflows/ldap/docker-compose/docker-compose.yml index c8ff683df58..c788e089b4f 100644 --- a/tests/testflows/ldap/docker-compose/docker-compose.yml +++ b/tests/testflows/ldap/docker-compose/docker-compose.yml @@ -57,6 +57,9 @@ services: LDAP_TLS_ENFORCE: "false" LDAP_TLS_VERIFY_CLIENT: "never" LDAP_TLS_CIPHER_SUITE: "SECURE256:+SECURE128:-VERS-TLS-ALL:+VERS-TLS1.2:-RSA:-DHE-DSS:-CAMELLIA-128-CBC:-CAMELLIA-256-CBC" + healthcheck: + # May need some time to generate DH parameters... + start_period: 300s volumes: - "${CLICKHOUSE_TESTS_DIR}/configs/ldap4/config:/container/service/slapd/assets/config/bootstrap/ldif/custom" - "${CLICKHOUSE_TESTS_DIR}/configs/ldap4/certs:/container/service/slapd/assets/certs/" diff --git a/tests/testflows/ldap/docker-compose/openldap-service.yml b/tests/testflows/ldap/docker-compose/openldap-service.yml index 56690285756..d642c535f30 100644 --- a/tests/testflows/ldap/docker-compose/openldap-service.yml +++ b/tests/testflows/ldap/docker-compose/openldap-service.yml @@ -13,11 +13,11 @@ services: - "389" - "636" healthcheck: - test: echo 1 + test: ldapsearch -x -H ldap://localhost:$${LDAP_PORT:-389} -b "dc=company,dc=com" -D "cn=admin,dc=company,dc=com" -w admin interval: 3s - timeout: 2s + timeout: 10s retries: 5 - start_period: 2s + start_period: 30s security_opt: - label:disable diff --git a/tests/testflows/ldap/regression.py b/tests/testflows/ldap/regression.py index 4a18052dcb5..567807fc0a8 100755 --- a/tests/testflows/ldap/regression.py +++ b/tests/testflows/ldap/regression.py @@ -23,8 +23,6 @@ xfails = { "connection protocols/starttls with custom port": [(Fail, "it seems that starttls is not enabled by default on custom plain-text ports in LDAP server")], "connection protocols/tls cipher suite": - [(Fail, "can't get it to work")], - "connection protocols/tls minimum protocol version/:": [(Fail, "can't get it to work")] } diff --git a/tests/testflows/ldap/tests/connections.py b/tests/testflows/ldap/tests/connections.py index 410298ba5e1..8de4b3f4d01 100644 --- a/tests/testflows/ldap/tests/connections.py +++ b/tests/testflows/ldap/tests/connections.py @@ -237,8 +237,7 @@ def tls_cipher_suite(self): ("ssl3", None, None), ("tls1.0", None, None), ("tls1.1", None, None), - ("tls1.2", None, None), - ("tls1.3", 36, "DB::Exception: LDAP server 'openldap4' is not configured") + ("tls1.2", None, None) ]) def tls_minimum_protocol_version(self, version, exitcode, message): """Check that `tls_minimum_protocol_version` parameter can be used specify