mirrors/ceph-csi
1
0
Fork 0
mirror of https://github.com/ceph/ceph-csi.git synced 2024-11-22 06:10:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

e2e: Add PVC validator to ByFileAndBlockEncryption

Browse Source 
Signed-off-by: Marcel Lauhoff <marcel.lauhoff@suse.com>
This commit is contained in:
Marcel Lauhoff 2022-08-04 18:12:33 +02:00 committed by mergify[bot]
parent 0f626b705a
commit 7db0c3bfbf
3 changed files with 17 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
e2e/rbd.go
View File

@ -235,10 +235,10 @@ func checkClusternameInMetadata(f *framework.Framework, ns, pool, image string)
// ByFileAndBlockEncryption wraps ginkgo's By to run the test body using file and block encryption specific validators.
func ByFileAndBlockEncryption(
text string,
callback func(validator encryptionValidateFunc, encryptionType string),
callback func(validator encryptionValidateFunc, pvcValidator validateFunc, encryptionType string),
) {
By(text+" (block)", func() { callback(validateEncryptedPVCAndAppBinding, "block") })
By(text+" (file)", func() { callback(validateEncryptedFilesystemAndAppBinding, "file") })
By(text+" (block)", func() { callback(validateEncryptedPVCAndAppBinding, isBlockEncryptedPVC, "block") })
By(text+" (file)", func() { callback(validateEncryptedFilesystemAndAppBinding, isFileEncryptedPVC, "file") })
}
var _ = Describe("RBD", func() {

14
e2e/rbd_helper.go
View File

@ -588,14 +588,24 @@ type validateFunc func(f *framework.Framework, pvc *v1.PersistentVolumeClaim, ap
// validation of the PVC is needed.
var noPVCValidation validateFunc
func isEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
type imageValidateFunc func(f *framework.Framework, rbdImageSpec, pvName, appName string) error
func isEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod, validateFunc imageValidateFunc) error {
imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f)
if err != nil {
return err
}
rbdImageSpec := imageSpec(defaultRBDPool, imageData.imageName)
return validateEncryptedImage(f, rbdImageSpec, imageData.pvName, app.Name)
return validateFunc(f, rbdImageSpec, imageData.pvName, app.Name)
}
func isBlockEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
return isEncryptedPVC(f, pvc, app, validateEncryptedImage)
}
func isFileEncryptedPVC(f *framework.Framework, pvc *v1.PersistentVolumeClaim, app *v1.Pod) error {
return isEncryptedPVC(f, pvc, app, validateEncryptedFilesystem)
}
// validateEncryptedImage verifies that the RBD image is encrypted. The

3
e2e/utils.go
View File

@ -1025,6 +1025,7 @@ func validatePVCSnapshot(
pvcPath, appPath, snapshotPath, pvcClonePath, appClonePath string,
kms, restoreKMS kmsConfig, restoreSCName,
dataPool string, f *framework.Framework,
isEncryptedPVC validateFunc,
) {
var wg sync.WaitGroup
wgErrs := make([]error, totalCount)
@ -1448,7 +1449,7 @@ func validateController(
}
if scParams["encrypted"] == strconv.FormatBool(true) {
// check encryption
err = isEncryptedPVC(f, resizePvc, app)
err = isBlockEncryptedPVC(f, resizePvc, app)
if err != nil {
return err
}