Skip to content

[autobackport: sssd-2-9] Tests: ADuser external group cache update#8247

Merged
sumit-bose merged 1 commit intoSSSD:sssd-2-9from
sssd-bot:SSSD-sssd-backport-pr8046-to-sssd-2-9
Dec 3, 2025
Merged

[autobackport: sssd-2-9] Tests: ADuser external group cache update#8247
sumit-bose merged 1 commit intoSSSD:sssd-2-9from
sssd-bot:SSSD-sssd-backport-pr8046-to-sssd-2-9

Conversation

@sssd-bot
Copy link
Contributor

@sssd-bot sssd-bot commented Nov 27, 2025

This is an automatic backport of PR#8046 Tests: ADuser external group cache update to branch sssd-2-9, created by @shridhargadekar.

Please make sure this backport is correct.

Note

The commits were cherry-picked without conflicts.

You can push changes to this pull request

git remote add sssd-bot git@github.com:sssd-bot/sssd.git
git fetch sssd-bot refs/heads/SSSD-sssd-backport-pr8046-to-sssd-2-9
git checkout SSSD-sssd-backport-pr8046-to-sssd-2-9
git push sssd-bot SSSD-sssd-backport-pr8046-to-sssd-2-9 --force

Original commits
ec81ea2 - Tests: ADuser external group cache update

Backported commits

  • ad41aa5 - Tests: ADuser external group cache update

Original Pull Request Body

In IPA-AD trust, a AD user is member of large number of IPA groups. When AD user is removed from one external-group, and cache of AD user is expired, subsequent look up of that AD user should update the user cache correctly.

verifies #7938

gemini-code-assist[bot]
gemini-code-assist bot reviewed Nov 27, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request backports a test case for an issue where an AD user's external group memberships were not updated correctly after cache expiration, especially when dealing with a large number of groups. The new test test_ipa_trusts__aduser_membership_update_cache is added to src/tests/system/tests/test_ipa_trusts.py.

My review focuses on the correctness and clarity of the new test. I've found a significant discrepancy between the test's documentation (docstring) and its implementation, particularly concerning the number of groups created. This could affect the test's ability to validate the intended fix. I've left a detailed comment with suggestions for improvement.

@shridhargadekar shridhargadekar force-pushed the SSSD-sssd-backport-pr8046-to-sssd-2-9 branch 2 times, most recently from 2f25466 to e5e803f Compare December 1, 2025 13:00
sumit-bose
sumit-bose approved these changes Dec 1, 2025
View reviewed changes
Copy link
Contributor

@sumit-bose sumit-bose left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

thank you for the updates, ACK.

bye,
Sumit

@shridhargadekar shridhargadekar force-pushed the SSSD-sssd-backport-pr8046-to-sssd-2-9 branch from e5e803f to 8ed74d4 Compare December 2, 2025 10:52
@shridhargadekar shridhargadekar force-pushed the SSSD-sssd-backport-pr8046-to-sssd-2-9 branch from 8ed74d4 to 776fbc3 Compare December 2, 2025 13:07
@sumit-bose
Copy link
Contributor

sumit-bose commented Dec 2, 2025

Hi,

I'm not sure if it is a good idea to change the content of the test in a backport. I'm afraid we might get lost to understand what is tested in which branch.

bye,
Sumit

@shridhargadekar
Copy link
Contributor

shridhargadekar commented Dec 2, 2025

Hi,

I'm not sure if it is a good idea to change the content of the test in a backport. I'm afraid we might get lost to understand what is tested in which branch.

bye, Sumit

I agree. I've raised 8255 for master as well. Now, the master and the backport should be in sync.
Thanks,

@shridhargadekar @sssd-bot
Tests: ADuser external group cache update
770ed1f 
AD user in external group is not cleared when expiring the cache
In IPA-AD trust, a ADuser is member of large number of IPA groups.
When ADuser is removed from one external-group, and cache of ADuser
is expired, subsequent look up should update the cache correctly.

verifies SSSD#7938

Reviewed-by: Jakub Vávra <jvavra@redhat.com>
Reviewed-by: Sumit Bose <sbose@redhat.com>
(cherry picked from commit ec81ea2)
@sssd-bot
Copy link
Contributor Author

sssd-bot commented Dec 3, 2025

The pull request was accepted by @sumit-bose with the following PR CI status:

🟢 CodeQL (success)
🟢 rpm-build:centos-stream-9-x86_64:upstream (success)
🟢 Analyze (target) / cppcheck (success)
🟢 ci / prepare (success)
🟢 ci / system (centos-9) (success)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.

@sssd-bot sssd-bot force-pushed the SSSD-sssd-backport-pr8046-to-sssd-2-9 branch from 776fbc3 to 770ed1f Compare December 3, 2025 15:04
@sumit-bose sumit-bose merged commit b357459 into SSSD:sssd-2-9 Dec 3, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shridhargadekar shridhargadekar shridhargadekar left review comments

@sumit-bose sumit-bose sumit-bose approved these changes

@jakub-vavra-cz jakub-vavra-cz jakub-vavra-cz approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@sumit-bose sumit-bose

@jakub-vavra-cz jakub-vavra-cz

Labels

Accepted

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@sssd-bot @sumit-bose @shridhargadekar @jakub-vavra-cz