From 2f995eada29d1bf6294b5e4fd85b606e07f904b4 Mon Sep 17 00:00:00 2001 From: Rakshith R Date: Mon, 2 Aug 2021 16:42:05 +0530 Subject: [PATCH] e2e: add modification to test encrypted PVC with rbd controller Signed-off-by: Rakshith R --- e2e/rbd.go | 48 +++++++++++++++++++++++++++++++++++++++++++++++ e2e/rbd_helper.go | 9 +++++++++ e2e/staticpvc.go | 5 +++-- e2e/utils.go | 41 ++++++++++++++++++++-------------------- 4 files changed, 81 insertions(+), 22 deletions(-) diff --git a/e2e/rbd.go b/e2e/rbd.go index 8e2560259..75709e32a 100644 --- a/e2e/rbd.go +++ b/e2e/rbd.go @@ -2387,6 +2387,54 @@ var _ = Describe("RBD", func() { } }) + By("validate the functionality of controller with encryption and thick-provisioning", func() { + err := deleteResource(rbdExamplePath + "storageclass.yaml") + if err != nil { + e2elog.Failf("failed to delete storageclass : %v", err) + } + scParams := map[string]string{ + "encrypted": "true", + "encryptionKMSID": "user-secrets-metadata-test", + "thickProvision": "true", + } + + // PVC creation namespace where secret will be created + namespace := f.UniqueName + + // create user Secret + err = retryKubectlFile(namespace, kubectlCreate, vaultExamplePath+"user-secret.yaml", deployTimeout) + if err != nil { + e2elog.Failf("failed to create user Secret: %v", err) + } + + err = validateController(f, + pvcPath, appPath, rbdExamplePath+"storageclass.yaml", + nil, + scParams) + if err != nil { + e2elog.Failf("failed to validate controller : %v", err) + } + + // validate created backend rbd images + validateRBDImageCount(f, 0, defaultRBDPool) + + // delete user secret + err = retryKubectlFile( + namespace, + kubectlDelete, + vaultExamplePath+"user-secret.yaml", + deployTimeout, + "--ignore-not-found=true") + if err != nil { + e2elog.Failf("failed to delete user Secret: %v", err) + } + + err = createRBDStorageClass(f.ClientSet, f, defaultSCName, nil, nil, deletePolicy) + if err != nil { + e2elog.Failf("failed to create storageclass : %v", err) + } + }) + By("validate stale images in trash", func() { err := waitToRemoveImagesFromTrash(f, defaultRBDPool, deployTimeout) if err != nil { diff --git a/e2e/rbd_helper.go b/e2e/rbd_helper.go index f7ccaa2fc..eb182c9f3 100644 --- a/e2e/rbd_helper.go +++ b/e2e/rbd_helper.go @@ -770,6 +770,15 @@ func checkPVCCSIJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeCl return nil } +// deleteJournalInfoInPool deletes all omap data regarding pvc. +func deleteJournalInfoInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error { + if err := deletePVCImageJournalInPool(f, pvc, pool); err != nil { + return err + } + + return deletePVCCSIJournalInPool(f, pvc, pool) +} + func deletePVCImageJournalInPool(f *framework.Framework, pvc *v1.PersistentVolumeClaim, pool string) error { imageData, err := getImageInfoFromPVC(pvc.Namespace, pvc.Name, f) if err != nil { diff --git a/e2e/staticpvc.go b/e2e/staticpvc.go index 33eafc887..cd631eaf2 100644 --- a/e2e/staticpvc.go +++ b/e2e/staticpvc.go @@ -3,6 +3,7 @@ package e2e import ( "context" "fmt" + "strconv" "strings" v1 "k8s.io/api/core/v1" @@ -123,7 +124,7 @@ func validateRBDStaticPV(f *framework.Framework, appPath string, isBlock, checkI opt["imageFeatures"] = "layering" } opt["pool"] = defaultRBDPool - opt["staticVolume"] = "true" + opt["staticVolume"] = strconv.FormatBool(true) if radosNamespace != "" { opt["radosNamespace"] = radosNamespace } @@ -279,7 +280,7 @@ func validateCephFsStaticPV(f *framework.Framework, appPath, scPath string) erro opt["clusterID"] = fsID opt["fsName"] = fsName - opt["staticVolume"] = "true" + opt["staticVolume"] = strconv.FormatBool(true) opt["rootPath"] = rootPath pv := getStaticPV(pvName, pvName, "4Gi", secretName, cephCSINamespace, sc, "cephfs.csi.ceph.com", false, opt) _, err = c.CoreV1().PersistentVolumes().Create(context.TODO(), pv, metav1.CreateOptions{}) diff --git a/e2e/utils.go b/e2e/utils.go index f1efac33f..adf9f2fd9 100644 --- a/e2e/utils.go +++ b/e2e/utils.go @@ -8,6 +8,7 @@ import ( "fmt" "io/ioutil" "regexp" + "strconv" "strings" "sync" "time" @@ -1091,10 +1092,7 @@ func validateController( if err != nil { return fmt.Errorf("failed to load PVC: %w", err) } - resizePvc, err := loadPVC(pvcPath) - if err != nil { - return fmt.Errorf("failed to load PVC: %w", err) - } + resizePvc := pvc.DeepCopy() resizePvc.Namespace = f.UniqueName pvc.Spec.Resources.Requests[v1.ResourceStorage] = resource.MustParse(size) @@ -1119,11 +1117,7 @@ func validateController( return fmt.Errorf("failed to create storageclass: %w", err) } // delete omap data - err = deletePVCImageJournalInPool(f, pvc, poolName) - if err != nil { - return err - } - err = deletePVCCSIJournalInPool(f, pvc, poolName) + err = deleteJournalInfoInPool(f, pvc, poolName) if err != nil { return err } @@ -1156,23 +1150,30 @@ func validateController( if err != nil { return err } - // resize PVC - err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout) - if err != nil { - return err - } - if *pvc.Spec.VolumeMode == v1.PersistentVolumeFilesystem { - err = checkDirSize(app, f, &opt, expandSize) + if scParams["encrypted"] == strconv.FormatBool(true) { + // check encryption + err = isEncryptedPVC(f, resizePvc, app) if err != nil { return err } - } - - if *pvc.Spec.VolumeMode == v1.PersistentVolumeBlock { - err = checkDeviceSize(app, f, &opt, expandSize) + } else { + // resize PVC + err = expandPVCSize(f.ClientSet, resizePvc, expandSize, deployTimeout) if err != nil { return err } + switch *pvc.Spec.VolumeMode { + case v1.PersistentVolumeFilesystem: + err = checkDirSize(app, f, &opt, expandSize) + if err != nil { + return err + } + case v1.PersistentVolumeBlock: + err = checkDeviceSize(app, f, &opt, expandSize) + if err != nil { + return err + } + } } // delete pvc and storageclass err = deletePVCAndApp("", f, resizePvc, app)