From d1a5ab463e3645ddf49818e23ccdea961721c187 Mon Sep 17 00:00:00 2001 From: Rodrigo Barbieri Date: Mon, 9 Oct 2023 11:16:50 -0300 Subject: [PATCH] Add test to check ceph keys (new) For https://review.opendev.org/897549 (cherry picked from commit 912f33e0712034648d393874f14a27cf168bf68b) (cherry picked from commit e242121880ffa1535ad5ed89036a09cc3a6806af) --- zaza/openstack/charm_tests/nova/tests.py | 58 ++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/zaza/openstack/charm_tests/nova/tests.py b/zaza/openstack/charm_tests/nova/tests.py index 34f02731c..2c0286e4c 100644 --- a/zaza/openstack/charm_tests/nova/tests.py +++ b/zaza/openstack/charm_tests/nova/tests.py @@ -19,6 +19,7 @@ import json import logging import os +import re import tempfile import tenacity import unittest @@ -470,6 +471,63 @@ def test_901_pause_resume(self): with self.pause_resume(['nova-compute']): logging.info("Testing pause resume") + def test_904_test_ceph_keys(self): + """Test if the ceph keys in /etc/ceph are correct.""" + # only run if configured as rbd with ceph image backend + if zaza.model.get_application_config( + self.application_name)['libvirt-image-backend'].get( + 'value') != 'rbd': + return + + # Regex for + # [client.nova-compute] + # key = AQBm5xJl8CSnFxAACB9GVr2llNO0G8zWZuZnjQ == + regex = re.compile(r"^\[client.(.+)\]\n\tkey = (.+)$") + key_dict = {} + + # The new and correct behavior is to have + # "nova-compute-ceph-auth-" named keyring + # and one other named after the charm app. Example: + # for a charm app named "nova-compute-kvm", + # it should have both nova-compute-kvm and + # nova-compute-ceph-auth- keyrings. + # For a charm app named "nova-compute", + # it should have both nova-compute and + # nova-compute-ceph-auth- keyrings. + + # Previous behaviors: + # The old behavior is to have only 1 keyring named after the charm app. + + def check_keyring(key_name): + """Check matching keyring name and different from existing ones.""" + keyring_file = ( + '/etc/ceph/ceph.client.{}.keyring'.format(key_name)) + data = str(generic_utils.get_file_contents( + unit, keyring_file)) + + result = regex.findall(data)[0] + + # Assert keyring file name matches intended name + self.assertEqual(2, len(result)) + self.assertEqual(result[0], key_name) + + # Confirm the keys are different from each other and the + # same across all units + for k, v in key_dict.items(): + if k == result[0]: + self.assertEqual(v, result[1]) + else: + self.assertNotEqual(v, result[1]) + key_dict[result[0]] = result[1] + + for unit in zaza.model.get_units( + self.application_name, model_name=self.model_name): + + # old key + check_keyring(self.application_name) + # new key + check_keyring('nova-compute-ceph-auth-c91ce26f') + def test_930_check_virsh_default_network(self): """Test default virt network is not present.""" for unit in zaza.model.get_units('nova-compute',