Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[yoga] Add test to check ceph keys #1190

Merged
merged 1 commit into from Mar 7, 2024
Merged

[yoga] Add test to check ceph keys #1190

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
58 changes: 58 additions & 0 deletions zaza/openstack/charm_tests/nova/tests.py
View file
Open in desktop
Expand Up @@ -19,6 +19,7 @@
import json
import logging
import os
import re
import tempfile
import unittest
import urllib
Expand Down Expand Up @@ -468,6 +469,63 @@ def test_901_pause_resume(self):
with self.pause_resume(['nova-compute']):
logging.info("Testing pause resume")

def test_904_test_ceph_keys(self):
"""Test if the ceph keys in /etc/ceph are correct."""
# only run if configured as rbd with ceph image backend
if zaza.model.get_application_config(
self.application_name)['libvirt-image-backend'].get(
'value') != 'rbd':
return

# Regex for
# [client.nova-compute]
# key = AQBm5xJl8CSnFxAACB9GVr2llNO0G8zWZuZnjQ ==
regex = re.compile(r"^\[client.(.+)\]\n\tkey = (.+)$")
key_dict = {}

# The new and correct behavior is to have
# "nova-compute-ceph-auth-<secret_uuid_first_block>" named keyring
# and one other named after the charm app. Example:
# for a charm app named "nova-compute-kvm",
# it should have both nova-compute-kvm and
# nova-compute-ceph-auth-<secret_uuid_first_block> keyrings.
# For a charm app named "nova-compute",
# it should have both nova-compute and
# nova-compute-ceph-auth-<secret_uuid_first_block> keyrings.

# Previous behaviors:
# The old behavior is to have only 1 keyring named after the charm app.

def check_keyring(key_name):
"""Check matching keyring name and different from existing ones."""
keyring_file = (
'/etc/ceph/ceph.client.{}.keyring'.format(key_name))
data = str(generic_utils.get_file_contents(
unit, keyring_file))

result = regex.findall(data)[0]

# Assert keyring file name matches intended name
self.assertEqual(2, len(result))
self.assertEqual(result[0], key_name)

# Confirm the keys are different from each other and the
# same across all units
for k, v in key_dict.items():
if k == result[0]:
self.assertEqual(v, result[1])
else:
self.assertNotEqual(v, result[1])
key_dict[result[0]] = result[1]

for unit in zaza.model.get_units(
self.application_name, model_name=self.model_name):

# old key
check_keyring(self.application_name)
# new key
check_keyring('nova-compute-ceph-auth-c91ce26f')

def test_930_check_virsh_default_network(self):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

check_keyring is referring to variable "unit" that is from global space. It should be passed into check_keyring() as an argument.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

omg yes, that slipped by, we will need to fix it in master and bobcat as well

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

actually, I just tested the logic and that coding problem does not affect the result at all

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yep no worries, can just fix on master if we get time

"""Test default virt network is not present."""
for unit in zaza.model.get_units('nova-compute',
Expand Down