diff --git a/ocs_ci/ocs/node.py b/ocs_ci/ocs/node.py index 6a880ec5d82..0591e79a49d 100644 --- a/ocs_ci/ocs/node.py +++ b/ocs_ci/ocs/node.py @@ -2850,3 +2850,46 @@ def is_node_rack_or_zone_exist(failure_domain, node_name): """ node_obj = get_node_objs([node_name])[0] return get_node_rack_or_zone(failure_domain, node_obj) is not None + + +def list_encrypted_rbd_devices_onnode(node): + """ + Get rbd crypt devices from the node + + Args: + node: node name + + Returns: + List of encrypted osd device names + """ + node_obj = OCP(kind="node") + crypt_devices_out = node_obj.exec_oc_debug_cmd( + node=node, + cmd_list=["lsblk | grep crypt | awk '{print $1}'"], + ).split("\n") + crypt_devices = [device.strip() for device in crypt_devices_out if device != ""] + return crypt_devices + + +def verify_crypt_device_present_onnode(node, vol_handle): + """ + Find the crypt device maching for given volume handle. + + Args: + node : node name + vol_handle : volumen handle name. + + Returns: + True: if volume handle device found on the node. + False: if volume handle device not found on the node. + """ + device_list = list_encrypted_rbd_devices_onnode(node) + crypt_device = [device for device in device_list if vol_handle in device] + if not crypt_device: + log.error( + f"crypt device for volume handle {vol_handle} not present on node : {node}" + ) + return False + + log.info(f"Crypt device for volume handle {vol_handle} present on the node: {node}") + return True diff --git a/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_clone.py b/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_clone.py index 4c1dd19f590..696506ee49e 100644 --- a/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_clone.py +++ b/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_clone.py @@ -25,6 +25,7 @@ ) from ocs_ci.utility import kms from semantic_version import Version +from ocs_ci.ocs.node import verify_crypt_device_present_onnode log = logging.getLogger(__name__) @@ -164,14 +165,11 @@ def test_pvc_to_pvc_clone(self, kv_version, kms_provider, pod_factory): log.info("Checking for encrypted device and running IO on all pods") for vol_handle, pod_obj in zip(self.vol_handles, self.pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" + log.info(f"File created during IO {pod_obj.name}") pod_obj.run_io( storage_type="block", @@ -246,14 +244,10 @@ def test_pvc_to_pvc_clone(self, kv_version, kms_provider, pod_factory): ) # Verify encrypted device is present and md5sum on all pods for vol_handle, pod_obj in zip(cloned_vol_handles, cloned_pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" log.info(f"Verifying md5sum on pod {pod_obj.name}") pod.verify_data_integrity( diff --git a/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_snapshot.py b/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_snapshot.py index 47831dd33ae..246d573d5a5 100644 --- a/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_snapshot.py +++ b/tests/functional/pv/pv_encryption/test_encrypted_rbd_pvc_snapshot.py @@ -27,6 +27,7 @@ ) from ocs_ci.utility import kms from semantic_version import Version +from ocs_ci.ocs.node import verify_crypt_device_present_onnode log = logging.getLogger(__name__) @@ -173,15 +174,10 @@ def test_encrypted_rbd_block_pvc_snapshot( ) for vol_handle, pod_obj in zip(self.vol_handles, self.pod_objs): - # Verify whether encrypted device is present inside the pod - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" # Find initial md5sum pod_obj.md5sum_before_io = cal_md5sum( @@ -333,14 +329,10 @@ def test_encrypted_rbd_block_pvc_snapshot( # Verify encrypted device is present and md5sum on all pods for vol_handle, pod_obj in zip(restore_vol_handles, restore_pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" log.info(f"Verifying md5sum on pod {pod_obj.name}") verify_data_integrity( diff --git a/tests/functional/pv/pv_encryption/test_kmip_rbd_pv_encryption.py b/tests/functional/pv/pv_encryption/test_kmip_rbd_pv_encryption.py index 00aea2625b7..b4fa8f0ed1c 100644 --- a/tests/functional/pv/pv_encryption/test_kmip_rbd_pv_encryption.py +++ b/tests/functional/pv/pv_encryption/test_kmip_rbd_pv_encryption.py @@ -18,6 +18,7 @@ create_pods, ) from ocs_ci.ocs import constants +from ocs_ci.ocs.node import verify_crypt_device_present_onnode log = logging.getLogger(__name__) @@ -105,12 +106,10 @@ def test_rbd_pv_encryption_kmip( # Verify whether encrypted device is present inside the pod and run IO for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - log.error(f"Encrypted device not found in {pod_obj.name}") + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" pod_obj.run_io( storage_type="block", diff --git a/tests/functional/pv/pv_encryption/test_rbd_pv_encryption.py b/tests/functional/pv/pv_encryption/test_rbd_pv_encryption.py index c24eb7f1371..9441cd437a8 100644 --- a/tests/functional/pv/pv_encryption/test_rbd_pv_encryption.py +++ b/tests/functional/pv/pv_encryption/test_rbd_pv_encryption.py @@ -23,6 +23,7 @@ ) from ocs_ci.utility import kms from semantic_version import Version +from ocs_ci.ocs.node import verify_crypt_device_present_onnode log = logging.getLogger(__name__) @@ -163,12 +164,10 @@ def test_rbd_pv_encryption( # Verify whether encrypted device is present inside the pod and run IO for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - log.error(f"Encrypted device not found in {pod_obj.name}") + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" pod_obj.run_io( storage_type="block", diff --git a/tests/functional/pv/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py b/tests/functional/pv/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py index 5f008d09d67..86febb63858 100644 --- a/tests/functional/pv/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py +++ b/tests/functional/pv/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py @@ -23,6 +23,7 @@ ResourceNotFoundError, ) from ocs_ci.utility import kms +from ocs_ci.ocs.node import verify_crypt_device_present_onnode log = logging.getLogger(__name__) @@ -150,14 +151,10 @@ def test_rbd_pv_encryption_vaulttenantsa( # Verify whether encrypted device is present inside the pod and run IO for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" pod_obj.run_io( storage_type="block", diff --git a/tests/functional/ui/test_pv_encryption_ui.py b/tests/functional/ui/test_pv_encryption_ui.py index 7dc6c7f09d7..ddb14b87c15 100644 --- a/tests/functional/ui/test_pv_encryption_ui.py +++ b/tests/functional/ui/test_pv_encryption_ui.py @@ -31,6 +31,7 @@ from ocs_ci.utility.utils import get_vault_cli, get_ocp_version from ocs_ci.ocs import constants from ocs_ci.utility import version +from ocs_ci.ocs.node import verify_crypt_device_present_onnode logger = logging.getLogger(__name__) @@ -228,12 +229,10 @@ def test_for_encrypted_pv_ui( "Verify whether encrypted device is present inside the pod and run IO" ) for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - logger.info(f"Encrypted device found in {pod_obj.name}") - else: - logger.error(f"Encrypted device not found in {pod_obj.name}") + node = pod_obj.get_node() + assert verify_crypt_device_present_onnode( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" logger.info(f"Running FIO on Pod '{pod_obj.name}'") pod_obj.run_io(