Merge #1778 switch to using gssapi_login for koji

module_build_service/common/koji.py

@@ -135,13 +135,6 @@ def get_session(config, login=True):
     authtype = koji_config.authtype
     log.info("Authenticate session with %r.", authtype)
     if authtype == "kerberos":
-        try:
-            import krbV
-            # We want to create a context per thread to avoid Kerberos cache corruption
-            ctx = krbV.Context()
-        except ImportError:
-            # If no krbV, we can assume GSSAPI auth is available
-            ctx = None
         keytab = getattr(config, "krb_keytab", None)
         principal = getattr(config, "krb_principal", None)
         if not keytab and principal:
@@ -151,7 +144,7 @@ def get_session(config, login=True):
         # We want to use the thread keyring for the ccache to ensure we have one cache per
         # thread to avoid Kerberos cache corruption
         ccache = "KEYRING:thread:mbs"
-        koji_session.krb_login(principal=principal, keytab=keytab, ctx=ctx, ccache=ccache)
+        koji_session.gssapi_login(principal=principal, keytab=keytab, ccache=ccache)
     elif authtype == "ssl":
         koji_session.ssl_login(
             os.path.expanduser(koji_config.cert), None, os.path.expanduser(koji_config.serverca)

tests/test_builder/test_content_generator.py

@@ -140,7 +140,7 @@ class TestBuild:
             assert new_mmd.get_module_name().endswith("-devel")
 
         # Ensure an anonymous Koji session works
-        koji_session.krb_login.assert_not_called()
+        koji_session.gssapi_login.assert_not_called()
 
     @patch("koji.ClientSession")
     @patch("subprocess.Popen")
@@ -187,7 +187,7 @@ class TestBuild:
         assert expected_output == ret
 
         # Anonymous koji session should work well.
-        koji_session.krb_login.assert_not_called()
+        koji_session.gssapi_login.assert_not_called()
 
     def test_prepare_file_directory(self):
         """ Test preparation of directory with output files """
@@ -221,7 +221,7 @@ class TestBuild:
         koji_session.tagBuild.assert_called_once_with(123, "nginx-0-2.10e50d06")
 
         # tagBuild requires logging into a session in advance.
-        koji_session.krb_login.assert_called_once()
+        koji_session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_tag_cg_build_fallback_to_default_tag(self, ClientSession):
@@ -239,7 +239,7 @@ class TestBuild:
         koji_session.tagBuild.assert_called_once_with(123, "nginx-0-2.10e50d06")
 
         # tagBuild requires logging into a session in advance.
-        koji_session.krb_login.assert_called_once()
+        koji_session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_tag_cg_build_no_tag_set(self, ClientSession):
@@ -253,7 +253,7 @@ class TestBuild:
 
         koji_session.tagBuild.assert_not_called()
         # tagBuild requires logging into a session in advance.
-        koji_session.krb_login.assert_called_once()
+        koji_session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_tag_cg_build_no_tag_available(self, ClientSession):
@@ -266,7 +266,7 @@ class TestBuild:
 
         koji_session.tagBuild.assert_not_called()
         # tagBuild requires logging into a session in advance.
-        koji_session.krb_login.assert_called_once()
+        koji_session.gssapi_login.assert_called_once()
 
     @patch("module_build_service.builder.KojiContentGenerator.open", create=True)
     def test_get_arch_mmd_output(self, patched_open):
@@ -425,7 +425,7 @@ class TestBuild:
                 assert rpm["license"] == "GPL"
 
         # Listing tagged RPMs does not require to log into a session
-        koji_session.krb_login.assert_not_called()
+        koji_session.gssapi_login.assert_not_called()
 
     @patch("koji.ClientSession")
     def test_koji_rpms_in_tag_empty_tag(self, ClientSession):

tests/test_builder/test_koji.py

@@ -447,7 +447,7 @@ class TestKojiBuilder:
         assert session.getTaskDescendents.mock_calls == expected_calls
 
         # getLoggedInUser requires to a logged-in session
-        session.krb_login.assert_called_once()
+        session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_get_build_weights_no_task_id(self, ClientSession):
@@ -468,7 +468,7 @@ class TestKojiBuilder:
 
         expected_calls = [mock.call(456)]
         assert session.getTaskDescendents.mock_calls == expected_calls
-        session.krb_login.assert_called_once()
+        session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_get_build_weights_no_build(self, ClientSession):
@@ -489,7 +489,7 @@ class TestKojiBuilder:
 
         expected_calls = [mock.call(456)]
         assert session.getTaskDescendents.mock_calls == expected_calls
-        session.krb_login.assert_called_once()
+        session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_get_build_weights_listBuilds_failed(self, ClientSession):
@@ -508,7 +508,7 @@ class TestKojiBuilder:
                 packageID=2, userID=123, state=1, queryOpts={"limit": 1, "order": "-build_id"}),
         ]
         assert session.listBuilds.mock_calls == expected_calls
-        session.krb_login.assert_called_once()
+        session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_get_build_weights_getPackageID_failed(self, ClientSession):
@@ -523,7 +523,7 @@ class TestKojiBuilder:
         expected_calls = [mock.call("httpd"), mock.call("apr")]
         assert session.getPackageID.mock_calls == expected_calls
 
-        session.krb_login.assert_called_once()
+        session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_get_build_weights_getLoggedInUser_failed(self, ClientSession):
@@ -531,7 +531,7 @@ class TestKojiBuilder:
         session.getAverageBuildDuration.return_value = None
         weights = KojiModuleBuilder.get_build_weights(["httpd", "apr"])
         assert weights == {"httpd": 1.5, "apr": 1.5}
-        session.krb_login.assert_called_once()
+        session.gssapi_login.assert_called_once()
 
     @pytest.mark.parametrize("blocklist", [False, True])
     @pytest.mark.parametrize("custom_whitelist", [False, True])
@@ -824,7 +824,7 @@ class TestKojiBuilder:
     def test_ensure_builder_use_a_logged_in_koji_session(self, ClientSession):
         module_build = module_build_service.common.models.ModuleBuild.get_by_id(db_session, 2)
         builder = KojiModuleBuilder(db_session, "owner", module_build, conf, "module-tag", [])
-        builder.koji_session.krb_login.assert_called_once()
+        builder.koji_session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_repo_from_tag(self, ClientSession):

tests/test_common/test_koji.py

@@ -12,4 +12,4 @@ def test_get_anonymous_session(mock_session):
     mbs_config = mock.Mock(koji_profile="koji", koji_config="conf/koji.conf")
     session = get_session(mbs_config, login=False)
     assert mock_session.return_value == session
-    assert mock_session.return_value.krb_login.assert_not_called
+    assert mock_session.return_value.gssapi_login.assert_not_called

tests/test_scheduler/test_poller.py

@@ -288,7 +288,7 @@ class TestPoller:
                 producer.delete_old_koji_targets()
 
             koji_session.deleteBuildTarget.assert_called_once_with(1)
-            koji_session.krb_login.assert_called_once()
+            koji_session.gssapi_login.assert_called_once()
 
     @patch("koji.ClientSession")
     def test_cant_delete_build_target_if_not_reach_delete_time(

tests/test_web/test_views.py

@@ -458,7 +458,7 @@ class TestQueryModuleBuild:
             "module-build-macros-0.1-1.testmodule_master_20170303190726.src.rpm")
         mock_session.listTags.assert_called_once_with(mock_rpm_md["build_id"])
 
-        mock_session.krb_login.assert_not_called()
+        mock_session.gssapi_login.assert_not_called()
 
     @pytest.mark.parametrize(
         "provide_test_data", [{"data_size": 1, "contexts": True}], indirect=True