mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-22 21:10:22 +00:00
e2e: Add PVC validator to ByFileAndBlockEncryption
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
This commit is contained in:
parent
0f626b705a
commit
7db0c3bfbf
@ -235,10 +235,10 @@ func checkClusternameInMetadata(f *framework.Framework, ns, pool, image string)
|
||||
// ByFileAndBlockEncryption wraps ginkgo's By to run the test body using file and block encryption specific validators.
|
||||
func ByFileAndBlockEncryption(
|
||||
text string,
|
||||
callback func(validator encryptionValidateFunc, encryptionType string),
|
||||
callback func(validator encryptionValidateFunc, pvcValidator validateFunc, encryptionType string),
|
||||
) {
|
||||
By(text+" (block)", func() { callback(validateEncryptedPVCAndAppBinding, "block") })
|
||||
By(text+" (file)", func() { callback(validateEncryptedFilesystemAndAppBinding, "file") })
|
||||
By(text+" (block)", func() { callback(validateEncryptedPVCAndAppBinding, isBlockEncryptedPVC, "block") })
|
||||
By(text+" (file)", func() { callback(validateEncryptedFilesystemAndAppBinding, isFileEncryptedPVC, "file") })
|
||||
}
|
||||
|
||||
var _ = Describe("RBD", func() {
|
||||
|
@ -588,14 +588,24 @@ type validateFunc func(f *framework.Framework, pvc *v1.PersistentVolumeClaim, ap
|
||||
// validation of the PVC is needed.
|
||||
var noPVCValidation validateFunc
|
||||
|
||||
func isEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
|
||||
type imageValidateFunc func(f *framework.Framework, rbdImageSpec, pvName, appName string) error
|
||||
|
||||
func isEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod, validateFunc imageValidateFunc) error {
|
||||
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
rbdImageSpec := imageSpec(defaultRBDPool, imageData.imageName)
|
||||
|
||||
return validateEncryptedImage(f, rbdImageSpec, imageData.pvName, app.Name)
|
||||
return validateFunc(f, rbdImageSpec, imageData.pvName, app.Name)
|
||||
}
|
||||
|
||||
func isBlockEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
|
||||
return isEncryptedPVC(f, pvc, app, validateEncryptedImage)
|
||||
}
|
||||
|
||||
func isFileEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
|
||||
return isEncryptedPVC(f, pvc, app, validateEncryptedFilesystem)
|
||||
}
|
||||
|
||||
// validateEncryptedImage verifies that the RBD image is encrypted. The
|
||||
|
@ -1025,6 +1025,7 @@ func validatePVCSnapshot(
|
||||
pvcPath, appPath, snapshotPath, pvcClonePath, appClonePath string,
|
||||
kms, restoreKMS kmsConfig, restoreSCName,
|
||||
dataPool string, f *framework.Framework,
|
||||
isEncryptedPVC validateFunc,
|
||||
) {
|
||||
var wg sync.WaitGroup
|
||||
wgErrs := make([]error, totalCount)
|
||||
@ -1448,7 +1449,7 @@ func validateController(
|
||||
}
|
||||
if scParams["encrypted"] == strconv.FormatBool(true) {
|
||||
// check encryption
|
||||
err = isEncryptedPVC(f, resizePvc, app)
|
||||
err = isBlockEncryptedPVC(f, resizePvc, app)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user