Use jinja2 templates in notify test

- Merge options-tls.conf into named.conf in ns2 and ns4 and render it conditionally. Also conditionally include the additional named-tls.conf which is always rendered.
2026-05-28 04:34:54 -04:00 · 2025-12-05 17:04:08 +01:00 · 2025-12-05 17:04:08 +01:00 · 9fc446b6f5
commit 9fc446b6f5
parent 8e525f2154
13 changed files with 19 additions and 61 deletions
--- a/REUSE.toml
+++ b/REUSE.toml
@ -86,7 +86,7 @@ path = [
 	"bin/tests/system/notify/CA/index.txt",
 	"bin/tests/system/notify/CA/index.txt.attr",
 	"bin/tests/system/notify/CA/serial",
-	"bin/tests/system/notify/ns4/named.port.in",
+	"bin/tests/system/notify/ns4/named.port.j2",
 	"bin/tests/system/nsupdate/CA/CA.cfg",
 	"bin/tests/system/nsupdate/CA/README",
 	"bin/tests/system/nsupdate/CA/index.txt",
--- a/bin/tests/system/notify/ns1/named.conf.j2
+++ b/bin/tests/system/notify/ns1/named.conf.j2
--- a/bin/tests/system/notify/ns2/named-tls.conf.j2
+++ b/bin/tests/system/notify/ns2/named-tls.conf.j2
--- a/bin/tests/system/notify/ns2/named.conf.j2
+++ b/bin/tests/system/notify/ns2/named.conf.j2
@ -11,7 +11,9 @@
 * information regarding copyright ownership.
 */

+{% if FEATURE_FIPS_DH == "1" %}
 include "named-tls.conf";
+{% endif %}

 options {
 	query-source address 10.53.0.2;
@ -19,7 +21,6 @@ options {
 	notify-source-v6 fd92:7065:b8e:ffff::2;
 	transfer-source 10.53.0.2;
 	port @PORT@;
-	include "options-tls.conf";
 	pid-file "named.pid";
 	listen-on { 10.53.0.2; };
 	listen-on-v6 { none; };
@ -28,6 +29,15 @@ options {
 	notify yes;
 	startup-notify-rate 5;
 	dnssec-validation no;
+
+{% if FEATURE_FIPS_DH == "1" %}
+	tls-port @TLSPORT@;
+	listen-on tls ephemeral { 10.53.0.2; };
+	listen-on port @EXTRAPORT1@ tls tls-forward-secrecy { 10.53.0.2; };
+	listen-on port @EXTRAPORT3@ tls tls-forward-secrecy-mutual-tls { 10.53.0.2; };
+	listen-on port @EXTRAPORT4@ tls tls-expired { 10.53.0.2; };
+{% endif %}
+
 };

 key rndc_key {
--- a/bin/tests/system/notify/ns2/options-tls.conf.in
+++ b/bin/tests/system/notify/ns2/options-tls.conf.in
@ -1,18 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0.  If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-	tls-port @TLSPORT@;
-	listen-on tls ephemeral { 10.53.0.2; };
-	listen-on port @EXTRAPORT1@ tls tls-forward-secrecy { 10.53.0.2; };
-	listen-on port @EXTRAPORT3@ tls tls-forward-secrecy-mutual-tls { 10.53.0.2; };
-	listen-on port @EXTRAPORT4@ tls tls-expired { 10.53.0.2; };
--- a/bin/tests/system/notify/ns3/named-tls.conf.j2
+++ b/bin/tests/system/notify/ns3/named-tls.conf.j2
--- a/bin/tests/system/notify/ns3/named.conf.j2
+++ b/bin/tests/system/notify/ns3/named.conf.j2
@ -11,14 +11,15 @@
 * information regarding copyright ownership.
 */

+{% if FEATURE_FIPS_DH == "1" %}
 include "named-tls.conf";
+{% endif %}

 options {
 	query-source address 10.53.0.3;
 	notify-source 10.53.0.3;
 	transfer-source 10.53.0.3;
 	port @PORT@;
-	include "options-tls.conf";
 	pid-file "named.pid";
 	listen-on { 10.53.0.3; };
 	listen-on-v6 { fd92:7065:b8e:ffff::3; };
@ -27,6 +28,11 @@ options {
 	dnssec-validation no;

 	tcp-initial-timeout 150; # 15 seconds
+
+{% if FEATURE_FIPS_DH == "1" %}
+	tls-port @TLSPORT@;
+{% endif %}
+
 };

 zone "." {
--- a/bin/tests/system/notify/ns3/options-tls.conf.in
+++ b/bin/tests/system/notify/ns3/options-tls.conf.in
@ -1,14 +0,0 @@
-/*
- * Copyright (C) Internet Systems Consortium, Inc. ("ISC")
- *
- * SPDX-License-Identifier: MPL-2.0
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0.  If a copy of the MPL was not distributed with this
- * file, you can obtain one at https://mozilla.org/MPL/2.0/.
- *
- * See the COPYRIGHT file distributed with this work for additional
- * information regarding copyright ownership.
- */
-
-	tls-port @TLSPORT@;
--- a/bin/tests/system/notify/ns4/named.conf.j2
+++ b/bin/tests/system/notify/ns4/named.conf.j2
--- a/bin/tests/system/notify/ns4/named.port.j2
+++ b/bin/tests/system/notify/ns4/named.port.j2
--- a/bin/tests/system/notify/ns5/named.conf.j2
+++ b/bin/tests/system/notify/ns5/named.conf.j2
--- a/bin/tests/system/notify/setup.sh
+++ b/bin/tests/system/notify/setup.sh
@ -13,29 +13,5 @@

 . ../conf.sh

-copy_setports ns1/named.conf.in ns1/named.conf
-if $FEATURETEST --have-fips-dh; then
-  copy_setports ns2/named-tls.conf.in ns2/named-tls.conf
-  copy_setports ns2/options-tls.conf.in ns2/options-tls.conf
-  copy_setports ns2/named.conf.in ns2/named.conf
-else
-  cp /dev/null ns2/named-tls.conf
-  cp /dev/null ns2/options-tls.conf
-  copy_setports ns2/named.conf.in ns2/named.conf
-fi
-if $FEATURETEST --have-fips-dh; then
-  copy_setports ns3/named-tls.conf.in ns3/named-tls.conf
-  copy_setports ns3/options-tls.conf.in ns3/options-tls.conf
-  copy_setports ns3/named.conf.in ns3/named.conf
-else
-  cp /dev/null ns3/named-tls.conf
-  cp /dev/null ns3/options-tls.conf
-  copy_setports ns3/named.conf.in ns3/named.conf
-fi
-copy_setports ns4/named.conf.in ns4/named.conf
-copy_setports ns5/named.conf.in ns5/named.conf
-
-copy_setports ns4/named.port.in ns4/named.port
-
 cp -f ns2/example1.db ns2/example.db
 cp -f ns2/generic.db ns2/x21.db
--- a/bin/tests/system/notify/tests_sh_notify.py
+++ b/bin/tests/system/notify/tests_sh_notify.py
@ -17,11 +17,9 @@ pytestmark = pytest.mark.extra_artifacts(
        "dig.out.*",
        "ns2/example.db",
        "ns2/named-tls.conf",
-        "ns2/options-tls.conf",
        "ns2/x21.db*",
        "ns3/example.bk",
        "ns3/named-tls.conf",
-        "ns3/options-tls.conf",
        "ns4/named.port",
        "ns4/x21.bk",
        "ns4/x21.bk.jnl",