-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
test: ci test for TLS objectstore #7920
Conversation
Looks like there is a CI failure related to the changes:
|
@thotz any updates? |
Not much, I trying figure out why temporary directory creation failed in the test case |
8fa41c4
to
0612c69
Compare
waitng for #8139 to merge |
cc06b20
to
8c1c99e
Compare
ab64bbb
to
dc8ad90
Compare
require.NoError(s.T(), cmdOut.Err) | ||
tlsCert, err = ioutil.ReadFile(filepath.Join(tlscertdir, ipaddr+".ca")) | ||
assert.Nil(s.T(), err) | ||
}*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here OBC
, cephobjecstoreuser
creation deletion works fine on TLS enabled RGW endpoint. But if S3api SDK I am getting certificate errors
ceph-object-controller: failed to put object in bucket. RequestError: send request failed
caused by: Put "https://10.106.25.156:80/smokebkt/rookObj1": x509: certificate is valid for 127.0.0.1, not 10.106.25.156
ceph_base_object_test.go:263:
Error Trace: ceph_base_object_test.go:263
ceph_base_object_test.go:73
ceph_smoke_test.go:134
Error: Expected nil, but got: &awserr.baseError{code:"RequestError", message:"send request failed", errs:[]error{(*url.Error)(0xc00063d5f0)}}
Test: TestCephSmokeSuite/TestObjectStorage_SmokeTest
2021-06-25 06:03:05.848703 I | integrationTest: Step 6 : Get Object from bucket
2021/06/25 06:03:05 DEBUG: Request s3/GetObject Details:
I have commented out the changes which I was trying and so for the time being change signature of GetEndPointUrl()
.
The issue I am facing the TLS cert is valid for "rook-ceph-rgw-my-store.rook-ceph" endpoint which is not accessible from test. In the test is using cluster.ip from RGW service. I cannot have this IP info until the service is up and running so I cannot pass it while creating the TLS certs.
So currently I am using S3 client with skipsecure
option so that object creation deletion etc will work. Please share your opinion
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds fine for testing purposes to not worry about a valid cert.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds good to me, agreed it's a bit of a chicken and an egg problem.
require.NoError(s.T(), cmdOut.Err) | ||
tlsCert, err = ioutil.ReadFile(filepath.Join(tlscertdir, ipaddr+".ca")) | ||
assert.Nil(s.T(), err) | ||
}*/ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sounds fine for testing purposes to not worry about a valid cert.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Waiting for this https://github.com/rook/rook/pull/7920/files#r658808974 to be addressed, otherwise LGTM.
This pull request has merge conflicts that must be resolved before it can be merged. @thotz please rebase it. https://rook.io/docs/rook/master/development-flow.html#updating-your-fork |
Extend the object store smoke test to include TLS configurations. Signed-off-by: Jiffin Tony Thottan <thottanjiffin@gmail.com>
Extend the object store smoke test to include TLS configurations.
Fixes: #7695
Signed-off-by: Jiffin Tony Thottan thottanjiffin@gmail.com
Description of your changes:
Which issue is resolved by this Pull Request:
Resolves #
Checklist:
make codegen
) has been run to update object specifications, if necessary.