e2e: Add PVC validator to ByFileAndBlockEncryption

Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
This commit is contained in:
Marcel Lauhoff 2022-08-04 18:12:33 +02:00 committed by mergify[bot]
parent 0f626b705a
commit 7db0c3bfbf
3 changed files with 17 additions and 6 deletions

View File

@ -235,10 +235,10 @@ func checkClusternameInMetadata(f *framework.Framework, ns, pool, image string)
// ByFileAndBlockEncryption wraps ginkgo's By to run the test body using file and block encryption specific validators.
func ByFileAndBlockEncryption(
text string,
callback func(validator encryptionValidateFunc, encryptionType string),
callback func(validator encryptionValidateFunc, pvcValidator validateFunc, encryptionType string),
) {
By(text+" (block)", func() { callback(validateEncryptedPVCAndAppBinding, "block") })
By(text+" (file)", func() { callback(validateEncryptedFilesystemAndAppBinding, "file") })
By(text+" (block)", func() { callback(validateEncryptedPVCAndAppBinding, isBlockEncryptedPVC, "block") })
By(text+" (file)", func() { callback(validateEncryptedFilesystemAndAppBinding, isFileEncryptedPVC, "file") })
}
var _ = Describe("RBD", func() {

View File

@ -588,14 +588,24 @@ type validateFunc func(f *framework.Framework, pvc *v1.PersistentVolumeClaim, ap
// validation of the PVC is needed.
var noPVCValidation validateFunc
func isEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
type imageValidateFunc func(f *framework.Framework, rbdImageSpec, pvName, appName string) error
func isEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod, validateFunc imageValidateFunc) error {
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
if err != nil {
return err
}
rbdImageSpec := imageSpec(defaultRBDPool, imageData.imageName)
return validateEncryptedImage(f, rbdImageSpec, imageData.pvName, app.Name)
return validateFunc(f, rbdImageSpec, imageData.pvName, app.Name)
}
func isBlockEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
return isEncryptedPVC(f, pvc, app, validateEncryptedImage)
}
func isFileEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
return isEncryptedPVC(f, pvc, app, validateEncryptedFilesystem)
}
// validateEncryptedImage verifies that the RBD image is encrypted. The

View File

@ -1025,6 +1025,7 @@ func validatePVCSnapshot(
pvcPath, appPath, snapshotPath, pvcClonePath, appClonePath string,
kms, restoreKMS kmsConfig, restoreSCName,
dataPool string, f *framework.Framework,
isEncryptedPVC validateFunc,
) {
var wg sync.WaitGroup
wgErrs := make([]error, totalCount)
@ -1448,7 +1449,7 @@ func validateController(
}
if scParams["encrypted"] == strconv.FormatBool(true) {
// check encryption
err = isEncryptedPVC(f, resizePvc, app)
err = isBlockEncryptedPVC(f, resizePvc, app)
if err != nil {
return err
}