mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-12-18 02:50:30 +00:00
e2e: add testcase for thick encrypted PVC restore
Signed-off-by: Rakshith R <rar@redhat.com>
This commit is contained in:
parent
ded75eb099
commit
f60b097f5f
72
e2e/rbd.go
72
e2e/rbd.go
@ -1243,6 +1243,78 @@ var _ = Describe("RBD", func() {
|
|||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
By("Validate thick PVC restore from vaultKMS to userSecretsMetadataKMS", func() {
|
||||||
|
if !k8sVersionGreaterEquals(f.ClientSet, 1, 16) {
|
||||||
|
Skip("pvc clone is only supported from v1.16+")
|
||||||
|
}
|
||||||
|
restoreSCName := "restore-sc"
|
||||||
|
err := deleteResource(rbdExamplePath + "storageclass.yaml")
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to delete storageclass: %v", err)
|
||||||
|
}
|
||||||
|
scOpts := map[string]string{
|
||||||
|
"encrypted": "true",
|
||||||
|
"encryptionKMSID": "vault-test",
|
||||||
|
"thickProvision": "true",
|
||||||
|
}
|
||||||
|
err = createRBDStorageClass(f.ClientSet, f, defaultSCName, nil, scOpts, deletePolicy)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to create storageclass: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
scOpts = map[string]string{
|
||||||
|
"encrypted": "true",
|
||||||
|
"encryptionKMSID": "user-secrets-metadata-test",
|
||||||
|
"thickProvision": "true",
|
||||||
|
}
|
||||||
|
err = createRBDStorageClass(f.ClientSet, f, restoreSCName, nil, scOpts, deletePolicy)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to create storageclass: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// PVC creation namespace where secret will be created
|
||||||
|
namespace := f.UniqueName
|
||||||
|
|
||||||
|
// create user Secret
|
||||||
|
err = retryKubectlFile(namespace, kubectlCreate, vaultExamplePath+vaultUserSecret, deployTimeout)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to create user Secret: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
validatePVCSnapshot(1,
|
||||||
|
pvcPath, appPath, snapshotPath, pvcClonePath, appClonePath,
|
||||||
|
vaultKMS, secretsMetadataKMS,
|
||||||
|
restoreSCName, f)
|
||||||
|
|
||||||
|
// delete user secret
|
||||||
|
err = retryKubectlFile(namespace,
|
||||||
|
kubectlDelete,
|
||||||
|
vaultExamplePath+vaultUserSecret,
|
||||||
|
deployTimeout,
|
||||||
|
"--ignore-not-found=true")
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to delete user Secret: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = retryKubectlArgs(cephCSINamespace, kubectlDelete, deployTimeout, "storageclass", restoreSCName)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to delete storageclass %q: %v", restoreSCName, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
err = deleteResource(rbdExamplePath + "storageclass.yaml")
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to delete storageclass: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
// validate created backend rbd images
|
||||||
|
validateRBDImageCount(f, 0, defaultRBDPool)
|
||||||
|
|
||||||
|
err = createRBDStorageClass(f.ClientSet, f, defaultSCName, nil, nil, deletePolicy)
|
||||||
|
if err != nil {
|
||||||
|
e2elog.Failf("failed to create storageclass: %v", err)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
By("create an encrypted PVC-PVC clone and bind it to an app", func() {
|
By("create an encrypted PVC-PVC clone and bind it to an app", func() {
|
||||||
if !k8sVersionGreaterEquals(f.ClientSet, 1, 16) {
|
if !k8sVersionGreaterEquals(f.ClientSet, 1, 16) {
|
||||||
Skip("pvc clone is only supported from v1.16+")
|
Skip("pvc clone is only supported from v1.16+")
|
||||||
|
Loading…
Reference in New Issue
Block a user