mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-27 08:40:23 +00:00
e2e: add modification to test encrypted PVC with rbd controller
Signed-off-by: Rakshith R <rar@redhat.com>
(cherry picked from commit 2f995eada2
)
This commit is contained in:
parent
f97c3f901d
commit
0593071dac
48
e2e/rbd.go
48
e2e/rbd.go
@ -2375,6 +2375,54 @@ var _ = Describe("RBD", func() {
|
|||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
By("validate the functionality of controller with encryption and thick-provisioning", func() {
|
||||||
|
err := deleteResource(rbdExamplePath + "storageclass.yaml")
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to delete storageclass : %v", err)
|
||||||
|
}
|
||||||
|
scParams := map[string]string{
|
||||||
|
"encrypted": "true",
|
||||||
|
"encryptionKMSID": "user-secrets-metadata-test",
|
||||||
|
"thickProvision": "true",
|
||||||
|
}
|
||||||
|
|
||||||
|
// PVC creation namespace where secret will be created
|
||||||
|
namespace := f.UniqueName
|
||||||
|
|
||||||
|
// create user Secret
|
||||||
|
err = retryKubectlFile(namespace, kubectlCreate, vaultExamplePath+"user-secret.yaml", deployTimeout)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to create user Secret: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = validateController(f,
|
||||||
|
pvcPath, appPath, rbdExamplePath+"storageclass.yaml",
|
||||||
|
nil,
|
||||||
|
scParams)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to validate controller : %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// validate created backend rbd images
|
||||||
|
validateRBDImageCount(f, 0, defaultRBDPool)
|
||||||
|
|
||||||
|
// delete user secret
|
||||||
|
err = retryKubectlFile(
|
||||||
|
namespace,
|
||||||
|
kubectlDelete,
|
||||||
|
vaultExamplePath+"user-secret.yaml",
|
||||||
|
deployTimeout,
|
||||||
|
"--ignore-not-found=true")
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to delete user Secret: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = createRBDStorageClass(f.ClientSet, f, defaultSCName, nil, nil, deletePolicy)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to create storageclass : %v", err)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
By("validate stale images in trash", func() {
|
By("validate stale images in trash", func() {
|
||||||
err := waitToRemoveImagesFromTrash(f, defaultRBDPool, deployTimeout)
|
err := waitToRemoveImagesFromTrash(f, defaultRBDPool, deployTimeout)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -761,6 +761,15 @@ func checkPVCCSIJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeCl
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// deleteJournalInfoInPool deletes all omap data regarding pvc.
|
||||||
|
func deleteJournalInfoInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
|
||||||
|
if err := deletePVCImageJournalInPool(f, pvc, pool); err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
return deletePVCCSIJournalInPool(f, pvc, pool)
|
||||||
|
}
|
||||||
|
|
||||||
func deletePVCImageJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
|
func deletePVCImageJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
|
||||||
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
|
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -3,6 +3,7 @@ package e2e
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
v1 "k8s.io/api/core/v1"
|
v1 "k8s.io/api/core/v1"
|
||||||
@ -123,7 +124,7 @@ func validateRBDStaticPV(f *framework.Framework, appPath string, isBlock, checkI
|
|||||||
opt["imageFeatures"] = "layering"
|
opt["imageFeatures"] = "layering"
|
||||||
}
|
}
|
||||||
opt["pool"] = defaultRBDPool
|
opt["pool"] = defaultRBDPool
|
||||||
opt["staticVolume"] = "true"
|
opt["staticVolume"] = strconv.FormatBool(true)
|
||||||
if radosNamespace != "" {
|
if radosNamespace != "" {
|
||||||
opt["radosNamespace"] = radosNamespace
|
opt["radosNamespace"] = radosNamespace
|
||||||
}
|
}
|
||||||
@ -279,7 +280,7 @@ func validateCephFsStaticPV(f *framework.Framework, appPath, scPath string) erro
|
|||||||
|
|
||||||
opt["clusterID"] = fsID
|
opt["clusterID"] = fsID
|
||||||
opt["fsName"] = fsName
|
opt["fsName"] = fsName
|
||||||
opt["staticVolume"] = "true"
|
opt["staticVolume"] = strconv.FormatBool(true)
|
||||||
opt["rootPath"] = rootPath
|
opt["rootPath"] = rootPath
|
||||||
pv := getStaticPV(pvName, pvName, "4Gi", secretName, cephCSINamespace, sc, "cephfs.csi.ceph.com", false, opt)
|
pv := getStaticPV(pvName, pvName, "4Gi", secretName, cephCSINamespace, sc, "cephfs.csi.ceph.com", false, opt)
|
||||||
_, err = c.CoreV1().PersistentVolumes().Create(context.TODO(), pv, metav1.CreateOptions{})
|
_, err = c.CoreV1().PersistentVolumes().Create(context.TODO(), pv, metav1.CreateOptions{})
|
||||||
|
27
e2e/utils.go
27
e2e/utils.go
@ -8,6 +8,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"regexp"
|
"regexp"
|
||||||
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
"time"
|
"time"
|
||||||
@ -1065,10 +1066,7 @@ func validateController(
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return fmt.Errorf("failed to load PVC: %w", err)
|
return fmt.Errorf("failed to load PVC: %w", err)
|
||||||
}
|
}
|
||||||
resizePvc, err := loadPVC(pvcPath)
|
resizePvc := pvc.DeepCopy()
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("failed to load PVC: %w", err)
|
|
||||||
}
|
|
||||||
resizePvc.Namespace = f.UniqueName
|
resizePvc.Namespace = f.UniqueName
|
||||||
|
|
||||||
pvc.Spec.Resources.Requests[v1.ResourceStorage] = resource.MustParse(size)
|
pvc.Spec.Resources.Requests[v1.ResourceStorage] = resource.MustParse(size)
|
||||||
@ -1093,11 +1091,7 @@ func validateController(
|
|||||||
return fmt.Errorf("failed to create storageclass: %w", err)
|
return fmt.Errorf("failed to create storageclass: %w", err)
|
||||||
}
|
}
|
||||||
// delete omap data
|
// delete omap data
|
||||||
err = deletePVCImageJournalInPool(f, pvc, poolName)
|
err = deleteJournalInfoInPool(f, pvc, poolName)
|
||||||
if err != nil {
|
|
||||||
return err
|
|
||||||
}
|
|
||||||
err = deletePVCCSIJournalInPool(f, pvc, poolName)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
@ -1130,24 +1124,31 @@ func validateController(
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
if scParams["encrypted"] == strconv.FormatBool(true) {
|
||||||
|
// check encryption
|
||||||
|
err = isEncryptedPVC(f, resizePvc, app)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
} else {
|
||||||
// resize PVC
|
// resize PVC
|
||||||
err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout)
|
err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
if *pvc.Spec.VolumeMode == v1.PersistentVolumeFilesystem {
|
switch *pvc.Spec.VolumeMode {
|
||||||
|
case v1.PersistentVolumeFilesystem:
|
||||||
err = checkDirSize(app, f, &opt, expandSize)
|
err = checkDirSize(app, f, &opt, expandSize)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
case v1.PersistentVolumeBlock:
|
||||||
|
|
||||||
if *pvc.Spec.VolumeMode == v1.PersistentVolumeBlock {
|
|
||||||
err = checkDeviceSize(app, f, &opt, expandSize)
|
err = checkDeviceSize(app, f, &opt, expandSize)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
// delete pvc and storageclass
|
// delete pvc and storageclass
|
||||||
err = deletePVCAndApp("", f, resizePvc, app)
|
err = deletePVCAndApp("", f, resizePvc, app)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
Loading…
Reference in New Issue
Block a user