volume: Introduce extend attached encrypted volume tests

This change introduces an extend attached encrypted volume test
specifically using the LUKSv1 encryption format after issues were
discovered in bug #1861071. The test mostly reuses the existing test for
extending attached unencrypted volumes with some specific encryption
related logic being introduced in BaseVolumeAdminTest.

Note that while attached volume extension is not an admin only operation
the creation of the encrypted volume type is, resulting in this test
being labelled as an admin test.

A ``[compute-feature-enabled]/extend_attached_encrypted_volume``
configurable is also introduced to control when this test is ran.

Depends-On: https://review.opendev.org/706900
Related-Bug: #1861071
Change-Id: Ibf864c608656d0af906bf0859cedf9cd70b3e58f
This commit is contained in:
Lee Yarwood 2020-01-31 17:26:25 +00:00
parent 448ac79c21
commit 4bd9edbd3b
4 changed files with 78 additions and 10 deletions

View File

@ -0,0 +1,35 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import testtools
from tempest.api.volume import base
from tempest.api.volume import test_volumes_extend as extend
from tempest.common import utils
from tempest import config
from tempest.lib import decorators
CONF = config.CONF
class EncryptedVolumesExtendAttachedTest(extend.BaseVolumesExtendAttachedTest,
base.BaseVolumeAdminTest):
"""Tests extending the size of an attached encrypted volume."""
@decorators.idempotent_id('e93243ec-7c37-4b5b-a099-ebf052c13216')
@testtools.skipUnless(
CONF.volume_feature_enabled.extend_attached_encrypted_volume,
"Attached encrypted volume extend is disabled.")
@utils.services('compute')
def test_extend_attached_encrypted_volume_luksv1(self):
volume = self.create_encrypted_volume(encryption_provider="luks")
self._test_extend_attached_volume(volume)

View File

@ -299,6 +299,27 @@ class BaseVolumeAdminTest(BaseVolumeTest):
cls.addClassResourceCleanup(cls.clear_volume_type, volume_type['id'])
return volume_type
def create_encryption_type(self, type_id=None, provider=None,
key_size=None, cipher=None,
control_location=None):
if not type_id:
volume_type = self.create_volume_type()
type_id = volume_type['id']
self.admin_encryption_types_client.create_encryption_type(
type_id, provider=provider, key_size=key_size, cipher=cipher,
control_location=control_location)
def create_encrypted_volume(self, encryption_provider, key_size=256,
cipher='aes-xts-plain64',
control_location='front-end'):
volume_type = self.create_volume_type()
self.create_encryption_type(type_id=volume_type['id'],
provider=encryption_provider,
key_size=key_size,
cipher=cipher,
control_location=control_location)
return self.create_volume(volume_type=volume_type['name'])
def create_group_type(self, name=None, **kwargs):
"""Create a test group-type"""
name = name or data_utils.rand_name(

View File

@ -58,7 +58,7 @@ class VolumesExtendTest(base.BaseVolumeTest):
self.assertEqual(extend_size, resized_volume['size'])
class VolumesExtendAttachedTest(base.BaseVolumeTest):
class BaseVolumesExtendAttachedTest(base.BaseVolumeTest):
"""Tests extending the size of an attached volume."""
create_default_network = True
@ -97,14 +97,9 @@ class VolumesExtendAttachedTest(base.BaseVolumeTest):
event['finish_time']):
return event
@decorators.idempotent_id('301f5a30-1c6f-4ea0-be1a-91fd28d44354')
@testtools.skipUnless(CONF.volume_feature_enabled.extend_attached_volume,
"Attached volume extend is disabled.")
@utils.services('compute')
def test_extend_attached_volume(self):
def _test_extend_attached_volume(self, volume):
"""This is a happy path test which does the following:
* Create a volume at the configured volume_size.
* Create a server instance.
* Attach the volume to the server.
* Wait for the volume status to be "in-use".
@ -116,8 +111,6 @@ class VolumesExtendAttachedTest(base.BaseVolumeTest):
if we timeout waiting for the instance action event to show up, or
if the action on the server fails.
"""
# Create a test volume. Will be automatically cleaned up on teardown.
volume = self.create_volume()
# Create a test server. Will be automatically cleaned up on teardown.
server = self.create_server()
# Attach the volume to the server and wait for the volume status to be
@ -179,3 +172,14 @@ class VolumesExtendAttachedTest(base.BaseVolumeTest):
"%(request_id)s." %
{'result': event['result'],
'request_id': action['request_id']})
class VolumesExtendAttachedTest(BaseVolumesExtendAttachedTest):
@decorators.idempotent_id('301f5a30-1c6f-4ea0-be1a-91fd28d44354')
@testtools.skipUnless(CONF.volume_feature_enabled.extend_attached_volume,
"Attached volume extend is disabled.")
@utils.services('compute')
def test_extend_attached_volume(self):
volume = self.create_volume()
self._test_extend_attached_volume(volume)

View File

@ -985,7 +985,15 @@ VolumeFeaturesGroup = [
'which is currently attached to a server instance? This '
'depends on the 3.42 volume API microversion and the '
'2.51 compute API microversion. Also, not all volume or '
'compute backends support this operation.')
'compute backends support this operation.'),
cfg.BoolOpt('extend_attached_encrypted_volume',
default=False,
help='Does the cloud support extending the size of an '
'encrypted volume which is currently attached to a '
'server instance? This depends on the 3.42 volume API '
'microversion and the 2.51 compute API microversion. '
'Also, not all volume or compute backends support this '
'operation.')
]