Skip to content

Commit

Permalink
Add PowerScale Auth 2.0 E2E Test (#698)
Browse files Browse the repository at this point in the history
* Add Auth PowerScale endpoint

* Fix PowerScale scenarios in operator e2e

* Add port to powerscale karavi auth config

* Fix auth configuration on template files

* Update Powerscale auth secret

* Add PowerScale Auth v2 test

* Fix Auth v2 PowerScale parameters

* Add PowerScale Auth v2 scenarios

* Fix scenarios for PowerScale

* Speed up testing waits for validation

* Add Powerscale port variable

* Update parameters
  • Loading branch information
falfaroc authored Sep 27, 2024
1 parent aa48cfc commit 0888c7d
Show file tree
Hide file tree
Showing 10 changed files with 225 additions and 56 deletions.
3 changes: 2 additions & 1 deletion tests/e2e/array-info.sh
Original file line number Diff line number Diff line change
Expand Up @@ -40,11 +40,12 @@ export PSCALE_CLUSTER="Isilon-System-Name"
export PSCALE_USER="username"
export PSCALE_PASS="password"
export PSCALE_ENDPOINT="1.1.1.1"
export PSCALE_PORT="8080"
export PSCALE_AUTH_ENDPOINT="localhost"
export PSCALE_AUTH_PORT="9400"
# The following are Authorization Proxy Server specific for powerscale:
export PSCALE_POOL_V1="ifs/data/csi"
export PSCALE_POOL_V2="ifs\/data\/csi" # escape / with \
export PSCALE_POOL_V2="\/ifs\/data\/csi" # escape / with \
export PSCALE_STORAGE="powerscale"
export PSCALE_VAULT_STORAGE_PATH="storage\/powerscale" # escape / with \
export PSCALE_QUOTA="0GB"
Expand Down
1 change: 1 addition & 0 deletions tests/e2e/go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,7 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G
github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4=
github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag=
github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=
Expand Down
49 changes: 37 additions & 12 deletions tests/e2e/steps/steps_def.go
Original file line number Diff line number Diff line change
Expand Up @@ -53,9 +53,9 @@ var (
quotaLimit = "30000000"
pflexSecretMap = map[string]string{"REPLACE_USER": "PFLEX_USER", "REPLACE_PASS": "PFLEX_PASS", "REPLACE_SYSTEMID": "PFLEX_SYSTEMID", "REPLACE_ENDPOINT": "PFLEX_ENDPOINT", "REPLACE_MDM": "PFLEX_MDM", "REPLACE_POOL": "PFLEX_POOL"}
pflexAuthSecretMap = map[string]string{"REPLACE_USER": "PFLEX_USER", "REPLACE_SYSTEMID": "PFLEX_SYSTEMID", "REPLACE_ENDPOINT": "PFLEX_AUTH_ENDPOINT", "REPLACE_MDM": "PFLEX_MDM"}
pscaleSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT"}
pscaleAuthSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_PORT": "PSCALE_AUTH_PORT", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT"}
pscaleAuthSidecarMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_PORT": "PSCALE_AUTH_PORT"}
pscaleSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_PORT": "PSCALE_PORT"}
pscaleAuthSecretMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_USER": "PSCALE_USER", "REPLACE_PASS": "PSCALE_PASS", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_AUTH_PORT": "PSCALE_AUTH_PORT", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_PORT": "PSCALE_PORT"}
pscaleAuthSidecarMap = map[string]string{"REPLACE_CLUSTERNAME": "PSCALE_CLUSTER", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PSCALE_AUTH_ENDPOINT", "REPLACE_AUTH_PORT": "PSCALE_AUTH_PORT", "REPLACE_PORT": "PSCALE_PORT"}
pflexAuthSidecarMap = map[string]string{"REPLACE_USER": "PFLEX_USER", "REPLACE_PASS": "PFLEX_PASS", "REPLACE_SYSTEMID": "PFLEX_SYSTEMID", "REPLACE_ENDPOINT": "PFLEX_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PFLEX_AUTH_ENDPOINT"}
pmaxCredMap = map[string]string{"REPLACE_USER": "PMAX_USER_ENCODED", "REPLACE_PASS": "PMAX_PASS_ENCODED"}
pmaxAuthSidecarMap = map[string]string{"REPLACE_SYSTEMID": "PMAX_SYSTEMID", "REPLACE_ENDPOINT": "PMAX_ENDPOINT", "REPLACE_AUTH_ENDPOINT": "PMAX_AUTH_ENDPOINT"}
Expand All @@ -67,7 +67,7 @@ var (
pflexCrMap = map[string]string{"REPLACE_STORAGE_NAME": "PFLEX_STORAGE", "REPLACE_STORAGE_TYPE": "PFLEX_STORAGE", "REPLACE_ENDPOINT": "PFLEX_ENDPOINT", "REPLACE_SYSTEM_ID": "PFLEX_SYSTEMID", "REPLACE_VAULT_STORAGE_PATH": "PFLEX_VAULT_STORAGE_PATH", "REPLACE_ROLE_NAME": "PFLEX_ROLE", "REPLACE_QUOTA": "PFLEX_QUOTA", "REPLACE_STORAGE_POOL_PATH": "PFLEX_POOL", "REPLACE_TENANT_NAME": "PFLEX_TENANT", "REPLACE_TENANT_ROLES": "PFLEX_ROLE", "REPLACE_TENANT_VOLUME_PREFIX": "PFLEX_TENANT_PREFIX"}

// Auth V2
pscaleCrMap = map[string]string{"REPLACE_STORAGE_NAME": "PSCALE_STORAGE", "REPLACE_STORAGE_TYPE": "PSCALE_STORAGE", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_SYSTEM_ID": "PSCALE_CLUSTER", "REPLACE_VAULT_STORAGE_PATH": "PSCALE_VAULT_STORAGE_PATH", "REPLACE_ROLE_NAME": "PSCALE_ROLE", "REPLACE_QUOTA": "PSCALE_QUOTA", "REPLACE_STORAGE_POOL_PATH": "PSCALE_POOL_V2", "REPLACE_TENANT_NAME": "PSCALE_TENANT", "REPLACE_TENANT_ROLES": "PSCALE_ROLE", "REPLACE_TENANT_VOLUME_PREFIX": "PSCALE_TENANT_PREFIX"}
pscaleCrMap = map[string]string{"REPLACE_STORAGE_NAME": "PSCALE_STORAGE", "REPLACE_STORAGE_TYPE": "PSCALE_STORAGE", "REPLACE_ENDPOINT": "PSCALE_ENDPOINT", "REPLACE_SYSTEM_ID": "PSCALE_CLUSTER", "REPLACE_VAULT_STORAGE_PATH": "PSCALE_VAULT_STORAGE_PATH", "REPLACE_ROLE_NAME": "PSCALE_ROLE", "REPLACE_QUOTA": "PSCALE_QUOTA", "REPLACE_STORAGE_POOL_PATH": "PSCALE_POOL_V2", "REPLACE_TENANT_NAME": "PSCALE_TENANT", "REPLACE_TENANT_ROLES": "PSCALE_ROLE", "REPLACE_TENANT_VOLUME_PREFIX": "PSCALE_TENANT_PREFIX", "REPLACE_PORT": "PSCALE_PORT"}

pstoreSecretMap = map[string]string{"REPLACE_USER": "PSTORE_USER", "REPLACE_PASS": "PSTORE_PASS", "REPLACE_GLOBALID": "PSTORE_GLOBALID", "REPLACE_ENDPOINT": "PSTORE_ENDPOINT"}
unitySecretMap = map[string]string{"REPLACE_USER": "UNITY_USER", "REPLACE_PASS": "UNITY_PASS", "REPLACE_ARRAYID": "UNITY_ARRAYID", "REPLACE_ENDPOINT": "UNITY_ENDPOINT", "REPLACE_POOL": "UNITY_POOL", "REPLACE_NAS": "UNITY_NAS"}
Expand Down Expand Up @@ -342,7 +342,7 @@ func (step *Step) deleteCustomResource(res Resource, crNumStr string) error {
func (step *Step) validateCustomResourceStatus(res Resource, crNumStr string) error {
crNum, _ := strconv.Atoi(crNumStr)
cr := res.CustomResource[crNum-1].(csmv1.ContainerStorageModule)
time.Sleep(60 * time.Second)
time.Sleep(20 * time.Second)
found := new(csmv1.ContainerStorageModule)
err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{
Namespace: cr.Namespace,
Expand All @@ -360,13 +360,13 @@ func (step *Step) validateCustomResourceStatus(res Resource, crNumStr string) er

func (step *Step) validateDriverInstalled(res Resource, driverName string, crNumStr string) error {
crNum, _ := strconv.Atoi(crNumStr)
time.Sleep(60 * time.Second)
time.Sleep(20 * time.Second)
return checkAllRunningPods(context.TODO(), res.CustomResource[crNum-1].(csmv1.ContainerStorageModule).Namespace, step.clientSet)
}

func (step *Step) validateDriverNotInstalled(res Resource, driverName string, crNumStr string) error {
crNum, _ := strconv.Atoi(crNumStr)
time.Sleep(60 * time.Second)
time.Sleep(20 * time.Second)
return checkNoRunningPods(context.TODO(), res.CustomResource[crNum-1].(csmv1.ContainerStorageModule).Namespace, step.clientSet)
}

Expand All @@ -393,7 +393,7 @@ func (step *Step) removeNodeLabel(res Resource, label string) error {
func (step *Step) validateModuleInstalled(res Resource, module string, crNumStr string) error {
crNum, _ := strconv.Atoi(crNumStr)
cr := res.CustomResource[crNum-1].(csmv1.ContainerStorageModule)
time.Sleep(60 * time.Second)
time.Sleep(10 * time.Second)
found := new(csmv1.ContainerStorageModule)
if err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{
Namespace: cr.Namespace,
Expand Down Expand Up @@ -438,7 +438,7 @@ func (step *Step) validateModuleInstalled(res Resource, module string, crNumStr
func (step *Step) validateModuleNotInstalled(res Resource, module string, crNumStr string) error {
crNum, _ := strconv.Atoi(crNumStr)
cr := res.CustomResource[crNum-1].(csmv1.ContainerStorageModule)
time.Sleep(60 * time.Second)
time.Sleep(10 * time.Second)
found := new(csmv1.ContainerStorageModule)
if err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{
Namespace: cr.Namespace,
Expand Down Expand Up @@ -905,7 +905,7 @@ func (step *Step) runCustomTest(res Resource) error {
func (step *Step) enableModule(res Resource, module string, crNumStr string) error {
crNum, _ := strconv.Atoi(crNumStr)
cr := res.CustomResource[crNum-1].(csmv1.ContainerStorageModule)
time.Sleep(60 * time.Second)
time.Sleep(15 * time.Second)
found := new(csmv1.ContainerStorageModule)
if err := step.ctrlClient.Get(context.TODO(), client.ObjectKey{
Namespace: cr.Namespace,
Expand Down Expand Up @@ -1319,6 +1319,16 @@ func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost,
// get env variables
if os.Getenv(endpointvar) != "" {
endpoint = os.Getenv(endpointvar)

if driver == "powerscale" {
port := os.Getenv("PSCALE_PORT")
if port == "" {
fmt.Println("=== PSCALE_PORT not set, using default port 8080 ===")
port = "8080"
}

endpoint = endpoint + ":" + port
}
}
if os.Getenv(systemIdvar) != "" {
sysID = os.Getenv(systemIdvar)
Expand Down Expand Up @@ -1430,7 +1440,7 @@ func (step *Step) AuthorizationV1Resources(storageType, driver, port, proxyHost,
"generate", "token",
"--tenant", tenantName,
"--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port),
"--access-token-expiration", fmt.Sprint(10*time.Minute),
"--access-token-expiration", fmt.Sprint(2*time.Hour),
)
fmt.Println("=== Token ===\n", cmd.String())
b, err = cmd.CombinedOutput()
Expand Down Expand Up @@ -1513,7 +1523,19 @@ func (step *Step) AuthorizationV2Resources(storageType, driver, driverNamespace,
}

for key := range mapValues {
err := replaceInFile(key, os.Getenv(mapValues[key]), updatedTemplateFile)
val := os.Getenv(mapValues[key])
if driver == "powerscale" && key == "REPLACE_ENDPOINT" {
fmt.Println("Replacing PowerScale Endpoint and adding port...")

port := os.Getenv(mapValues["REPLACE_PORT"])
if port == "" {
port = "8080"
}

val = val + ":" + port
}

err := replaceInFile(key, val, updatedTemplateFile)
if err != nil {
return err
}
Expand All @@ -1527,6 +1549,9 @@ func (step *Step) AuthorizationV2Resources(storageType, driver, driverNamespace,
return fmt.Errorf("failed to create resources for %s: %v\nErrMessage:\n%s", storageType, err, string(b))
}

fmt.Println("Waiting 5 seconds before generating token.")
time.Sleep(5 * time.Second)

// Generate tenant token
fmt.Println("=== Generating token ===\n ")
cmd = exec.Command("dellctl",
Expand Down
Original file line number Diff line number Diff line change
@@ -1,18 +1,18 @@
apiVersion: csm-authorization.storage.dell.com/v1
kind: Storage
metadata:
name: "REPLACE_STORAGE_NAME"
name: REPLACE_STORAGE_NAME
spec:
type: "REPLACE_STORAGE_TYPE"
endpoint: "https://REPLACE_ENDPOINT"
systemID: "REPLACE_SYSTEM_ID"
type: REPLACE_STORAGE_TYPE
endpoint: https://REPLACE_ENDPOINT
systemID: REPLACE_SYSTEM_ID
vault:
identifier: vault0
kvEngine: secret
path: "REPLACE_VAULT_STORAGE_PATH"
path: REPLACE_VAULT_STORAGE_PATH
skipCertificateValidation: true
pollInterval: 30s
isiPath: "REPLACE_STORAGE_POOL_PATH"
isiPath: REPLACE_STORAGE_POOL_PATH
---
apiVersion: csm-authorization.storage.dell.com/v1
kind: CSMRole
Expand All @@ -23,12 +23,12 @@ metadata:
app.kubernetes.io/part-of: csm-authorization
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/created-by: csm-authorization
name: "REPLACE_ROLE_NAME"
name: REPLACE_ROLE_NAME
spec:
quota: "REPLACE_QUOTA"
systemID: "REPLACE_SYSTEM_ID"
systemType: "REPLACE_STORAGE_TYPE"
pool: "REPLACE_STORAGE_POOL_PATH"
quota: REPLACE_QUOTA
systemID: REPLACE_SYSTEM_ID
systemType: REPLACE_STORAGE_TYPE
pool: REPLACE_STORAGE_POOL_PATH
---
apiVersion: csm-authorization.storage.dell.com/v1
kind: CSMTenant
Expand All @@ -39,12 +39,12 @@ metadata:
app.kubernetes.io/part-of: csm-authorization
app.kubernetes.io/managed-by: kustomize
app.kubernetes.io/created-by: csm-authorization
name: "REPLACE_TENANT_NAME"
name: REPLACE_TENANT_NAME
spec:
# TODO(user): Add fields here
roles: "REPLACE_TENANT_ROLES"
roles: REPLACE_TENANT_ROLES
approveSdc: false
revoke: false
# This prefix is added for each new volume provisioned by the tenant.
# It should not exceed 3 characters. Example: tn1
volumePrefix: "REPLACE_TENANT_VOLUME_PREFIX"
volumePrefix: REPLACE_TENANT_VOLUME_PREFIX
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
[{
"username":"-",
"password":"-",
"intendedEndpoint":"https://REPLACE_ENDPOINT",
"endpoint":"https://REPLACE_AUTH_ENDPOINT:REPLACE_PORT",
"intendedEndpoint":"https://REPLACE_ENDPOINT:REPLACE_PORT",
"endpoint":"https://REPLACE_AUTH_ENDPOINT:REPLACE_AUTH_PORT",
"systemID": "REPLACE_CLUSTERNAME",
"insecure":true,
"isDefault":true
Expand Down
Original file line number Diff line number Diff line change
@@ -1,9 +1,11 @@
isilonClusters:
- clusterName: "REPLACE_CLUSTERNAME"
username: "REPLACE_USER"
password: "REPLACE_PASS"
username: "ignored"
password: "ignored"
isDefault: true
endpoint: "REPLACE_AUTH_ENDPOINT"
endpointPort: "REPLACE_PORT"
endpointPort: "REPLACE_AUTH_PORT"
skipCertificateValidation: true
mountEndpoint: "REPLACE_ENDPOINT"
isiPath: "/ifs/data/csi"
isiVolumePathPermissions: "0777"
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,4 @@ isilonClusters:
isDefault: true
endpoint: "REPLACE_ENDPOINT"
skipCertificateValidation: true
endpointPort: 8080
endpointPort: "REPLACE_PORT"
Loading

0 comments on commit 0888c7d

Please sign in to comment.