arif/zaza-openstack-tests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'canonical/master' into osd-key-rotate

Browse Source
This commit is contained in:
Luciano Lo Giudice
2024-05-06 12:15:21 -03:00
parent a15832695c 0b0f8414a6
commit 091afbe0a1
2 changed files with 75 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
zaza/openstack/charm_tests/ceph/tests.py
+35 -1
View File
@@ -1753,6 +1753,20 @@ class CephMonJujuPersistent(test_utils.BaseCharmTest):
class CephMonKeyRotationTests(test_utils.BaseCharmTest):
"""Tests for the rotate-key action."""
def setUp(self):
"""Initialize key rotation test class."""
super(CephMonKeyRotationTests, self).setUp()
try:
# Workaround for ubuntu units that don't play nicely with zaza.
zaza_model.get_application('ubuntu')
self.app_states = {
'ubuntu': {
'workload-status-message': ''
}
}
except KeyError:
self.app_states = None
def _get_all_keys(self, unit, entity_filter):
cmd = 'sudo ceph auth ls'
result = zaza_model.run_on_unit(unit, cmd)
@@ -1781,7 +1795,7 @@ class CephMonKeyRotationTests(test_utils.BaseCharmTest):
action_params={'entity': entity}
)
zaza_utils.assertActionRanOK(action_obj)
zaza_model.wait_for_application_states()
zaza_model.wait_for_application_states(states=self.app_states)
new_keys = self._get_all_keys(unit, entity_filter)
self.assertNotEqual(old_keys, new_keys)
diff = new_keys - old_keys
@@ -1798,6 +1812,13 @@ class CephMonKeyRotationTests(test_utils.BaseCharmTest):
return None
return next(iter(ret))[0]
def _get_fs_client(self, unit):
ret = self._get_all_keys(unit, lambda x: (x.startswith('mds.') and
x != 'mds.ceph-fs'))
if not ret:
return None
return next(iter(ret))[0]
def test_key_rotate(self):
"""Test that rotating the keys actually changes them."""
unit = 'ceph-mon/0'
@@ -1813,3 +1834,16 @@ class CephMonKeyRotationTests(test_utils.BaseCharmTest):
logging.info('ceph-radosgw units present, but no RGW service')
except KeyError:
pass
try:
zaza_model.get_application('ceph-fs')
fs_svc = self._get_fs_client(unit)
if fs_svc is not None:
# Only wait for ceph-fs, as this model includes 'ubuntu'
# units, and those don't play nice with zaza (they don't
# set the workload-status-message correctly).
self._check_key_rotation(fs_svc, unit)
else:
logging.info('ceph-fs units present, but no MDS service')
except KeyError:
pass
zaza/openstack/charm_tests/cinder/tests.py
+40
View File
@@ -305,6 +305,46 @@ class CinderTests(test_utils.OpenStackBaseTest):
'lsblk -sn -o SIZE /dev/vdb',
privkey=privkey, verify=verify)
def test_300_apipaste_includes_audit_section(self):
"""Test api-paste.ini renders audit section when enabled."""
service_name = 'cinder'
api_paste_ini_path = f"/etc/{service_name}/api-paste.ini"
expected_content = [
"[filter:audit]",
"paste.filter_factory = keystonemiddleware.audit:filter_factory",
f"audit_map_file = /etc/{service_name}/api_audit_map.conf",
f"service_name = {service_name}"
]
set_default = {'audit-middleware': False}
set_alternate = {'audit-middleware': True}
with self.config_change(set_default, set_alternate):
try:
api_paste_content = zaza.model.file_contents(
self.lead_unit,
api_paste_ini_path,
)
except Exception as e:
self.fail("Error fetching api-paste.ini: {}".format(str(e)))
for line in expected_content:
self.assertIn(line, api_paste_content)
def test_301_apipaste_excludes_audit_section(self):
"""Test api_paste.ini does not render audit section when disabled."""
service_name = 'cinder'
section_heading = '[filter:audit]'
api_paste_ini_path = f"/etc/{service_name}/api-paste.ini"
try:
api_paste_content = zaza.model.file_contents(
self.lead_unit,
api_paste_ini_path
)
except Exception as e:
self.fail("Error fetching api-paste.ini: {}".format(str(e)))
self.assertNotIn(section_heading, api_paste_content)
@property
def services(self):
"""Return a list services for the selected OpenStack release."""