diff --git a/ocs_ci/ocs/node.py b/ocs_ci/ocs/node.py index 8ba1d4aab8c..f9ce0a4639f 100644 --- a/ocs_ci/ocs/node.py +++ b/ocs_ci/ocs/node.py @@ -2784,3 +2784,45 @@ def is_node_rack_or_zone_exist(failure_domain, node_name): """ node_obj = get_node_objs([node_name])[0] return get_node_rack_or_zone(failure_domain, node_obj) is not None + + +def list_encrypted_rbd_devices_on_node(node): + """ + Get rbd crypt devices from the node + + Args: + node: node name + + Returns: + List of encrypted osd device names + """ + node_obj = OCP(kind="node") + crypt_devices_out = node_obj.exec_oc_debug_cmd( + node=node, + cmd_list=["lsblk | grep crypt | awk '{print $1}'"], + ).split("\n") + crypt_devices = [device.strip() for device in crypt_devices_out if device != ""] + return crypt_devices + + +def verify_crypt_device_present_on_node(node, vol_handle): + """ + Find the crypt device maching for given volume handle. + + Args: + node : node name + vol_handle : volumen handle name. + + Returns: + bool: True if volume handle device found on the node, False otherwise + """ + device_list = list_encrypted_rbd_devices_on_node(node) + crypt_device = [device for device in device_list if vol_handle in device] + if not crypt_device: + log.error( + f"crypt device for volume handle {vol_handle} not present on node : {node}" + ) + return False + + log.info(f"Crypt device for volume handle {vol_handle} present on the node: {node}") + return True diff --git a/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_clone.py b/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_clone.py index a367ea0afe9..33b45f22ece 100644 --- a/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_clone.py +++ b/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_clone.py @@ -23,6 +23,7 @@ ) from ocs_ci.utility import kms from semantic_version import Version +from ocs_ci.ocs.node import verify_crypt_device_present_on_node log = logging.getLogger(__name__) @@ -160,14 +161,11 @@ def test_pvc_to_pvc_clone(self, kv_version, kms_provider, pod_factory): log.info("Checking for encrypted device and running IO on all pods") for vol_handle, pod_obj in zip(self.vol_handles, self.pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" + log.info(f"File created during IO {pod_obj.name}") pod_obj.run_io( storage_type="block", @@ -242,14 +240,10 @@ def test_pvc_to_pvc_clone(self, kv_version, kms_provider, pod_factory): ) # Verify encrypted device is present and md5sum on all pods for vol_handle, pod_obj in zip(cloned_vol_handles, cloned_pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" log.info(f"Verifying md5sum on pod {pod_obj.name}") pod.verify_data_integrity( diff --git a/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_snapshot.py b/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_snapshot.py index 44787dfaac9..08257a20b27 100644 --- a/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_snapshot.py +++ b/tests/manage/pv_services/pv_encryption/test_encrypted_rbd_pvc_snapshot.py @@ -25,6 +25,7 @@ ) from ocs_ci.utility import kms from semantic_version import Version +from ocs_ci.ocs.node import verify_crypt_device_present_on_node log = logging.getLogger(__name__) @@ -169,15 +170,10 @@ def test_encrypted_rbd_block_pvc_snapshot( ) for vol_handle, pod_obj in zip(self.vol_handles, self.pod_objs): - # Verify whether encrypted device is present inside the pod - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" # Find initial md5sum pod_obj.md5sum_before_io = cal_md5sum( @@ -329,14 +325,10 @@ def test_encrypted_rbd_block_pvc_snapshot( # Verify encrypted device is present and md5sum on all pods for vol_handle, pod_obj in zip(restore_vol_handles, restore_pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" log.info(f"Verifying md5sum on pod {pod_obj.name}") verify_data_integrity( diff --git a/tests/manage/pv_services/pv_encryption/test_kmip_rbd_pv_encryption.py b/tests/manage/pv_services/pv_encryption/test_kmip_rbd_pv_encryption.py index bb481c4e67c..666adea5014 100644 --- a/tests/manage/pv_services/pv_encryption/test_kmip_rbd_pv_encryption.py +++ b/tests/manage/pv_services/pv_encryption/test_kmip_rbd_pv_encryption.py @@ -16,6 +16,7 @@ create_pods, ) from ocs_ci.ocs import constants +from ocs_ci.ocs.node import verify_crypt_device_present_on_node log = logging.getLogger(__name__) @@ -101,12 +102,10 @@ def test_rbd_pv_encryption_kmip( # Verify whether encrypted device is present inside the pod and run IO for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - log.error(f"Encrypted device not found in {pod_obj.name}") + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" pod_obj.run_io( storage_type="block", diff --git a/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption.py b/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption.py index 53d9935d9ef..dd9471919b1 100644 --- a/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption.py +++ b/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption.py @@ -21,6 +21,7 @@ ) from ocs_ci.utility import kms from semantic_version import Version +from ocs_ci.ocs.node import verify_crypt_device_present_on_node log = logging.getLogger(__name__) @@ -159,12 +160,10 @@ def test_rbd_pv_encryption( # Verify whether encrypted device is present inside the pod and run IO for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - log.error(f"Encrypted device not found in {pod_obj.name}") + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" pod_obj.run_io( storage_type="block", diff --git a/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py b/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py index 38fe089327d..e21deb25ef5 100644 --- a/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py +++ b/tests/manage/pv_services/pv_encryption/test_rbd_pv_encryption_vaulttenantsa.py @@ -21,6 +21,7 @@ ResourceNotFoundError, ) from ocs_ci.utility import kms +from ocs_ci.ocs.node import verify_crypt_device_present_on_node log = logging.getLogger(__name__) @@ -146,14 +147,10 @@ def test_rbd_pv_encryption_vaulttenantsa( # Verify whether encrypted device is present inside the pod and run IO for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - log.info(f"Encrypted device found in {pod_obj.name}") - else: - raise ResourceNotFoundError( - f"Encrypted device not found in {pod_obj.name}" - ) + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" pod_obj.run_io( storage_type="block", diff --git a/tests/ui/test_pv_encryption_ui.py b/tests/ui/test_pv_encryption_ui.py index e34d10cff99..c602a369b19 100644 --- a/tests/ui/test_pv_encryption_ui.py +++ b/tests/ui/test_pv_encryption_ui.py @@ -29,6 +29,7 @@ from ocs_ci.utility.utils import get_vault_cli, get_ocp_version from ocs_ci.ocs import constants from ocs_ci.utility import version +from ocs_ci.ocs.node import verify_crypt_device_present_on_node logger = logging.getLogger(__name__) @@ -225,12 +226,10 @@ def test_for_encrypted_pv_ui( "Verify whether encrypted device is present inside the pod and run IO" ) for vol_handle, pod_obj in zip(vol_handles, pod_objs): - if pod_obj.exec_sh_cmd_on_pod( - command=f"lsblk | grep {vol_handle} | grep crypt" - ): - logger.info(f"Encrypted device found in {pod_obj.name}") - else: - logger.error(f"Encrypted device not found in {pod_obj.name}") + node = pod_obj.get_node() + assert verify_crypt_device_present_on_node( + node, vol_handle + ), f"Crypt devicve {vol_handle} not found on node:{node}" logger.info(f"Running FIO on Pod '{pod_obj.name}'") pod_obj.run_io(