ab903f340b
Adds ephemeral-disk-encryption group to Barbican Tempest configuration options. Enables ephemeral disk encryption for Barbican Tempest tests by updating pre_test_hook.sh, which is run at the start of relevant gate tests. Adds an ephemeral disk encryption scenario test to verify the functionality of encrypted ephemeral storage. The test creates an image, boots an instance from the created image, and writes to a new file in the instance. Improper calls to encrypt the LVM ephemeral disk that is being written to will be caught with this test. Change-Id: I5f194f3c2a91263d4d34204db5cd5845197169bb
59 lines
2.0 KiB
Python
59 lines
2.0 KiB
Python
# Copyright 2016 SAP SE
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
|
|
import os
|
|
|
|
from tempest.test_discover import plugins
|
|
|
|
from barbican_tempest_plugin import config as project_config
|
|
|
|
|
|
class BarbicanTempestPlugin(plugins.TempestPlugin):
|
|
def load_tests(self):
|
|
base_path = os.path.split(os.path.dirname(
|
|
os.path.abspath(__file__)))[0]
|
|
test_dir = "barbican_tempest_plugin/tests"
|
|
full_test_dir = os.path.join(base_path, test_dir)
|
|
return full_test_dir, base_path
|
|
|
|
def register_opts(self, conf):
|
|
conf.register_opt(project_config.service_option,
|
|
group='service_available')
|
|
|
|
# Register ephemeral storage encryption options
|
|
conf.register_group(project_config.ephemeral_storage_encryption_group)
|
|
conf.register_opts(project_config.EphemeralStorageEncryptionGroup,
|
|
project_config.ephemeral_storage_encryption_group)
|
|
|
|
def get_opt_lists(self):
|
|
return [('service_available', [project_config.service_option])]
|
|
|
|
def get_service_clients(self):
|
|
v1_params = {
|
|
'name': 'secret_v1',
|
|
'service_version': 'secret.v1',
|
|
'module_path': 'barbican_tempest_plugin.services.key_manager.json',
|
|
'client_names': [
|
|
'ConsumerClient',
|
|
'ContainerClient',
|
|
'OrderClient',
|
|
'QuotaClient',
|
|
'SecretClient',
|
|
'SecretMetadataClient'
|
|
],
|
|
}
|
|
return [v1_params]
|