e2e: add modification to test encrypted PVC with rbd controller

Signed-off-by: Rakshith R <rar@redhat.com>
(cherry picked from commit 2f995eada2)
This commit is contained in:
Rakshith R 2021-08-02 16:42:05 +05:30 committed by mergify[bot]
parent f97c3f901d
commit 0593071dac
4 changed files with 81 additions and 22 deletions

View File

@ -2375,6 +2375,54 @@ var _ = Describe("RBD", func() {
}
})
By("validate the functionality of controller with encryption and thick-provisioning", func() {
err := deleteResource(rbdExamplePath + "storageclass.yaml")
if err != nil {
e2elog.Failf("failed to delete storageclass : %v", err)
}
scParams := map[string]string{
"encrypted": "true",
"encryptionKMSID": "user-secrets-metadata-test",
"thickProvision": "true",
}
// PVC creation namespace where secret will be created
namespace := f.UniqueName
// create user Secret
err = retryKubectlFile(namespace, kubectlCreate, vaultExamplePath+"user-secret.yaml", deployTimeout)
if err != nil {
e2elog.Failf("failed to create user Secret: %v", err)
}
err = validateController(f,
pvcPath, appPath, rbdExamplePath+"storageclass.yaml",
nil,
scParams)
if err != nil {
e2elog.Failf("failed to validate controller : %v", err)
}
// validate created backend rbd images
validateRBDImageCount(f, 0, defaultRBDPool)
// delete user secret
err = retryKubectlFile(
namespace,
kubectlDelete,
vaultExamplePath+"user-secret.yaml",
deployTimeout,
"--ignore-not-found=true")
if err != nil {
e2elog.Failf("failed to delete user Secret: %v", err)
}
err = createRBDStorageClass(f.ClientSet, f, defaultSCName, nil, nil, deletePolicy)
if err != nil {
e2elog.Failf("failed to create storageclass : %v", err)
}
})
By("validate stale images in trash", func() {
err := waitToRemoveImagesFromTrash(f, defaultRBDPool, deployTimeout)
if err != nil {

View File

@ -761,6 +761,15 @@ func checkPVCCSIJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeCl
return nil
}
// deleteJournalInfoInPool deletes all omap data regarding pvc.
func deleteJournalInfoInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
if err := deletePVCImageJournalInPool(f, pvc, pool); err != nil {
return err
}
return deletePVCCSIJournalInPool(f, pvc, pool)
}
func deletePVCImageJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
if err != nil {

View File

@ -3,6 +3,7 @@ package e2e
import (
"context"
"fmt"
"strconv"
"strings"
v1 "k8s.io/api/core/v1"
@ -123,7 +124,7 @@ func validateRBDStaticPV(f *framework.Framework, appPath string, isBlock, checkI
opt["imageFeatures"] = "layering"
}
opt["pool"] = defaultRBDPool
opt["staticVolume"] = "true"
opt["staticVolume"] = strconv.FormatBool(true)
if radosNamespace != "" {
opt["radosNamespace"] = radosNamespace
}
@ -279,7 +280,7 @@ func validateCephFsStaticPV(f *framework.Framework, appPath, scPath string) erro
opt["clusterID"] = fsID
opt["fsName"] = fsName
opt["staticVolume"] = "true"
opt["staticVolume"] = strconv.FormatBool(true)
opt["rootPath"] = rootPath
pv := getStaticPV(pvName, pvName, "4Gi", secretName, cephCSINamespace, sc, "cephfs.csi.ceph.com", false, opt)
_, err = c.CoreV1().PersistentVolumes().Create(context.TODO(), pv, metav1.CreateOptions{})

View File

@ -8,6 +8,7 @@ import (
"fmt"
"io/ioutil"
"regexp"
"strconv"
"strings"
"sync"
"time"
@ -1065,10 +1066,7 @@ func validateController(
if err != nil {
return fmt.Errorf("failed to load PVC: %w", err)
}
resizePvc, err := loadPVC(pvcPath)
if err != nil {
return fmt.Errorf("failed to load PVC: %w", err)
}
resizePvc := pvc.DeepCopy()
resizePvc.Namespace = f.UniqueName
pvc.Spec.Resources.Requests[v1.ResourceStorage] = resource.MustParse(size)
@ -1093,11 +1091,7 @@ func validateController(
return fmt.Errorf("failed to create storageclass: %w", err)
}
// delete omap data
err = deletePVCImageJournalInPool(f, pvc, poolName)
if err != nil {
return err
}
err = deletePVCCSIJournalInPool(f, pvc, poolName)
err = deleteJournalInfoInPool(f, pvc, poolName)
if err != nil {
return err
}
@ -1130,23 +1124,30 @@ func validateController(
if err != nil {
return err
}
// resize PVC
err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout)
if err != nil {
return err
}
if *pvc.Spec.VolumeMode == v1.PersistentVolumeFilesystem {
err = checkDirSize(app, f, &opt, expandSize)
if scParams["encrypted"] == strconv.FormatBool(true) {
// check encryption
err = isEncryptedPVC(f, resizePvc, app)
if err != nil {
return err
}
}
if *pvc.Spec.VolumeMode == v1.PersistentVolumeBlock {
err = checkDeviceSize(app, f, &opt, expandSize)
} else {
// resize PVC
err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout)
if err != nil {
return err
}
switch *pvc.Spec.VolumeMode {
case v1.PersistentVolumeFilesystem:
err = checkDirSize(app, f, &opt, expandSize)
if err != nil {
return err
}
case v1.PersistentVolumeBlock:
err = checkDeviceSize(app, f, &opt, expandSize)
if err != nil {
return err
}
}
}
// delete pvc and storageclass
err = deletePVCAndApp("", f, resizePvc, app)