e2e: add modification to test encrypted PVC with rbd controller

Signed-off-by: Rakshith R <rar@redhat.com>
(cherry picked from commit 2f995eada2)
This commit is contained in:
Rakshith R 2021-08-02 16:42:05 +05:30 committed by mergify[bot]
parent f97c3f901d
commit 0593071dac
4 changed files with 81 additions and 22 deletions

View File

@ -2375,6 +2375,54 @@ var _ = Describe("RBD", func() {
} }
}) })
By("validate the functionality of controller with encryption and thick-provisioning", func() {
err := deleteResource(rbdExamplePath + "storageclass.yaml")
if err != nil {
e2elog.Failf("failed to delete storageclass : %v", err)
}
scParams := map[string]string{
"encrypted": "true",
"encryptionKMSID": "user-secrets-metadata-test",
"thickProvision": "true",
}
// PVC creation namespace where secret will be created
namespace := f.UniqueName
// create user Secret
err = retryKubectlFile(namespace, kubectlCreate, vaultExamplePath+"user-secret.yaml", deployTimeout)
if err != nil {
e2elog.Failf("failed to create user Secret: %v", err)
}
err = validateController(f,
pvcPath, appPath, rbdExamplePath+"storageclass.yaml",
nil,
scParams)
if err != nil {
e2elog.Failf("failed to validate controller : %v", err)
}
// validate created backend rbd images
validateRBDImageCount(f, 0, defaultRBDPool)
// delete user secret
err = retryKubectlFile(
namespace,
kubectlDelete,
vaultExamplePath+"user-secret.yaml",
deployTimeout,
"--ignore-not-found=true")
if err != nil {
e2elog.Failf("failed to delete user Secret: %v", err)
}
err = createRBDStorageClass(f.ClientSet, f, defaultSCName, nil, nil, deletePolicy)
if err != nil {
e2elog.Failf("failed to create storageclass : %v", err)
}
})
By("validate stale images in trash", func() { By("validate stale images in trash", func() {
err := waitToRemoveImagesFromTrash(f, defaultRBDPool, deployTimeout) err := waitToRemoveImagesFromTrash(f, defaultRBDPool, deployTimeout)
if err != nil { if err != nil {

View File

@ -761,6 +761,15 @@ func checkPVCCSIJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeCl
return nil return nil
} }
// deleteJournalInfoInPool deletes all omap data regarding pvc.
func deleteJournalInfoInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
if err := deletePVCImageJournalInPool(f, pvc, pool); err != nil {
return err
}
return deletePVCCSIJournalInPool(f, pvc, pool)
}
func deletePVCImageJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error { func deletePVCImageJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error {
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f) imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
if err != nil { if err != nil {

View File

@ -3,6 +3,7 @@ package e2e
import ( import (
"context" "context"
"fmt" "fmt"
"strconv"
"strings" "strings"
v1 "k8s.io/api/core/v1" v1 "k8s.io/api/core/v1"
@ -123,7 +124,7 @@ func validateRBDStaticPV(f *framework.Framework, appPath string, isBlock, checkI
opt["imageFeatures"] = "layering" opt["imageFeatures"] = "layering"
} }
opt["pool"] = defaultRBDPool opt["pool"] = defaultRBDPool
opt["staticVolume"] = "true" opt["staticVolume"] = strconv.FormatBool(true)
if radosNamespace != "" { if radosNamespace != "" {
opt["radosNamespace"] = radosNamespace opt["radosNamespace"] = radosNamespace
} }
@ -279,7 +280,7 @@ func validateCephFsStaticPV(f *framework.Framework, appPath, scPath string) erro
opt["clusterID"] = fsID opt["clusterID"] = fsID
opt["fsName"] = fsName opt["fsName"] = fsName
opt["staticVolume"] = "true" opt["staticVolume"] = strconv.FormatBool(true)
opt["rootPath"] = rootPath opt["rootPath"] = rootPath
pv := getStaticPV(pvName, pvName, "4Gi", secretName, cephCSINamespace, sc, "cephfs.csi.ceph.com", false, opt) pv := getStaticPV(pvName, pvName, "4Gi", secretName, cephCSINamespace, sc, "cephfs.csi.ceph.com", false, opt)
_, err = c.CoreV1().PersistentVolumes().Create(context.TODO(), pv, metav1.CreateOptions{}) _, err = c.CoreV1().PersistentVolumes().Create(context.TODO(), pv, metav1.CreateOptions{})

View File

@ -8,6 +8,7 @@ import (
"fmt" "fmt"
"io/ioutil" "io/ioutil"
"regexp" "regexp"
"strconv"
"strings" "strings"
"sync" "sync"
"time" "time"
@ -1065,10 +1066,7 @@ func validateController(
if err != nil { if err != nil {
return fmt.Errorf("failed to load PVC: %w", err) return fmt.Errorf("failed to load PVC: %w", err)
} }
resizePvc, err := loadPVC(pvcPath) resizePvc := pvc.DeepCopy()
if err != nil {
return fmt.Errorf("failed to load PVC: %w", err)
}
resizePvc.Namespace = f.UniqueName resizePvc.Namespace = f.UniqueName
pvc.Spec.Resources.Requests[v1.ResourceStorage] = resource.MustParse(size) pvc.Spec.Resources.Requests[v1.ResourceStorage] = resource.MustParse(size)
@ -1093,11 +1091,7 @@ func validateController(
return fmt.Errorf("failed to create storageclass: %w", err) return fmt.Errorf("failed to create storageclass: %w", err)
} }
// delete omap data // delete omap data
err = deletePVCImageJournalInPool(f, pvc, poolName) err = deleteJournalInfoInPool(f, pvc, poolName)
if err != nil {
return err
}
err = deletePVCCSIJournalInPool(f, pvc, poolName)
if err != nil { if err != nil {
return err return err
} }
@ -1130,24 +1124,31 @@ func validateController(
if err != nil { if err != nil {
return err return err
} }
if scParams["encrypted"] == strconv.FormatBool(true) {
// check encryption
err = isEncryptedPVC(f, resizePvc, app)
if err != nil {
return err
}
} else {
// resize PVC // resize PVC
err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout) err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout)
if err != nil { if err != nil {
return err return err
} }
if *pvc.Spec.VolumeMode == v1.PersistentVolumeFilesystem { switch *pvc.Spec.VolumeMode {
case v1.PersistentVolumeFilesystem:
err = checkDirSize(app, f, &opt, expandSize) err = checkDirSize(app, f, &opt, expandSize)
if err != nil { if err != nil {
return err return err
} }
} case v1.PersistentVolumeBlock:
if *pvc.Spec.VolumeMode == v1.PersistentVolumeBlock {
err = checkDeviceSize(app, f, &opt, expandSize) err = checkDeviceSize(app, f, &opt, expandSize)
if err != nil { if err != nil {
return err return err
} }
} }
}
// delete pvc and storageclass // delete pvc and storageclass
err = deletePVCAndApp("", f, resizePvc, app) err = deletePVCAndApp("", f, resizePvc, app)
if err != nil { if err != nil {