openstack/openstack-helm-infra
Code Issues Proposed changes

RGW: Fix helm-test pod template

Browse Source 
This PS updates the helm test driven pod template:
 * places rgw keystone conditional to correct location
 * removes unrequired roles and bindings
 * adds dependency on the rgw being running
 * corrects spelling error
 * corrects s3cmd to work with version 1.6.1

Change-Id: I665dba9fdca1d840f4d864e32f07b6185af51d25
Signed-off-by: Pete Birley <pete@port.direct>
This commit is contained in:
Pete Birley 2019-02-01 09:57:06 -06:00 committed by Pete Birley
parent 44b5c008f1
commit 0d55b9064c
3 changed files with 12 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ceph-rgw/templates/bin/_helm-tests.sh.tpl
View File

@ -54,13 +54,13 @@ function rgw_s3_bucket_validation ()
echo "function: rgw_s3_bucket_validation"
bucket=s3://rgw-test-bucket
create_bucket_output=$(s3cmd mb $bucket --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate)
create_bucket_output=$(s3cmd mb $bucket --host=$RGW_HOST --host-bucket=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-ssl)
if [ $? -eq 0 ]; then
echo "Bucket $bucket created"
echo "Hello world!" > /tmp/hello.txt
s3cmd put /tmp/hello.txt $bucket --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate
s3cmd put /tmp/hello.txt $bucket --host=$RGW_HOST --host-bucket=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-ssl
if [ $? -ne 0 ]; then
echo "Error during s3cmd execution"
exit 1
@ -68,7 +68,7 @@ function rgw_s3_bucket_validation ()
echo "File uploaded to bucket"
fi
s3cmd get s3://rgw-test-bucket/hello.txt -> /tmp/output.txt --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate
s3cmd get s3://rgw-test-bucket/hello.txt -> /tmp/output.txt --host=$RGW_HOST --host-bucket=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-ssl
if [ $? -ne 0 ]; then
echo "Error during s3cmd execution"
exit 1
@ -82,13 +82,13 @@ function rgw_s3_bucket_validation ()
echo "Content matches from downloaded file using s3cmd"
fi
s3cmd ls $bucket --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate
s3cmd ls $bucket --host=$RGW_HOST --host-bucket=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-ssl
if [ $? -ne 0 ]; then
echo "Error during s3cmd execution"
exit 1
fi
s3cmd del s3://rgw-test-bucket/hello.txt --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate
s3cmd del s3://rgw-test-bucket/hello.txt --host=$RGW_HOST --host-bucket=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-ssl
if [ $? -ne 0 ]; then
echo "Error during s3cmd execution"
exit 1
@ -96,7 +96,7 @@ function rgw_s3_bucket_validation ()
echo "File from bucket is deleted"
fi
s3cmd del --recursive --force $bucket --host=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-encrypt --no-check-certificate
s3cmd del --recursive --force $bucket --host=$RGW_HOST --host-bucket=$RGW_HOST --access_key=$S3_ADMIN_ACCESS_KEY --secret_key=$S3_ADMIN_SECRET_KEY --no-ssl
if [ $? -ne 0 ]; then
echo "Error during s3cmd execution"
exit 1
@ -118,7 +118,6 @@ fi
if [ {{ .Values.conf.rgw_s3.enabled }} == true ];
then
echo "--> S3 is enabled. Calling function to test S2 based auth "
echo "--> S3 is enabled. Calling function to test S3 based auth "
rgw_s3_bucket_validation
fi

31
ceph-rgw/templates/pod-helm-tests.yaml
View File

@ -20,35 +20,6 @@ limitations under the License.
{{- $serviceAccountName := printf "%s-%s" $envAll.Release.Name "test" }}
{{ tuple $envAll "tests" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: Role
metadata:
name: {{ $serviceAccountName }}
rules:
- apiGroups:
- ""
resources:
- pods
- pods/exec
verbs:
- "*"
- get
- list
- create
---
apiVersion: rbac.authorization.k8s.io/v1beta1
kind: RoleBinding
metadata:
name: {{ $serviceAccountName }}
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: {{ $serviceAccountName }}
subjects:
- kind: ServiceAccount
name: {{ $serviceAccountName }}
namespace: {{ $envAll.Release.Namespace }}
---
apiVersion: v1
kind: Pod
metadata:
@ -62,7 +33,6 @@ spec:
serviceAccountName: {{ $serviceAccountName }}
initContainers:
{{ tuple $envAll "tests" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 4 }}
{{ if .Values.conf.rgw_ks.enabled }}
- name: ceph-keyring-placement
{{ tuple $envAll "ceph_config_helper" | include "helm-toolkit.snippets.image" | indent 6 }}
securityContext:
@ -81,6 +51,7 @@ spec:
subPath: key
readOnly: true
containers:
{{ if .Values.conf.rgw_ks.enabled }}
- name: ceph-rgw-ks-validation
{{ tuple $envAll "ceph_config_helper" | include "helm-toolkit.snippets.image" | indent 6 }}
{{ tuple $envAll $envAll.Values.pod.resources.tests | include "helm-toolkit.snippets.kubernetes_resources" | indent 6 }}

5
ceph-rgw/values.yaml
View File

@ -359,6 +359,10 @@ dependencies:
services:
- endpoint: internal
service: ceph_object_store
tests:
services:
- endpoint: internal
service: ceph_object_store
bootstrap:
enabled: false
@ -481,7 +485,6 @@ endpoints:
mon:
default: 6789
manifests:
configmap_ceph_templates: true
configmap_bin: true