From d80321e6ccaee1e15b73a7212ab6c42885ec026e Mon Sep 17 00:00:00 2001 From: KillianG Date: Tue, 27 Aug 2024 11:10:53 +0200 Subject: [PATCH 01/16] Test readonly on DR site Issue: ZENKO-4871 --- tests/ctst/features/pra.feature | 3 +++ tests/ctst/steps/pra.ts | 18 +++++++++++++++++- 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/tests/ctst/features/pra.feature b/tests/ctst/features/pra.feature index a0ed703358..e9c780e8d4 100644 --- a/tests/ctst/features/pra.feature +++ b/tests/ctst/features/pra.feature @@ -20,6 +20,9 @@ Feature: PRA operations And the DR sink should be in phase "Running" Then the kafka DR volume exists + When the user tries to perform PutObject on "DR" site + Then it "should not" pass Vault authentication + # Check that objects are transitioned in the DR site Given access keys for the replicated account Then object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site diff --git a/tests/ctst/steps/pra.ts b/tests/ctst/steps/pra.ts index 8f547007f7..f2d419d2a1 100644 --- a/tests/ctst/steps/pra.ts +++ b/tests/ctst/steps/pra.ts @@ -12,7 +12,7 @@ import { restoreObject, verifyObjectLocation, } from 'steps/utils/utils'; -import { Constants, Identity, IdentityEnum, SuperAdmin, Utils } from 'cli-testing'; +import { Constants, Identity, IdentityEnum, S3, SuperAdmin, Utils } from 'cli-testing'; import { safeJsonParse } from 'common/utils'; import assert from 'assert'; @@ -274,6 +274,22 @@ Then('object {string} should {string} be {string} and have the storage class {st } }); +When('the user tries to perform PutObject on {string} site', async function (this: Zenko, site: string) { + if (site === 'DR') { + Identity.useIdentity(IdentityEnum.ACCOUNT, `${Zenko.sites['source'].accountName}-replicated`); + } else { + Identity.useIdentity(IdentityEnum.ACCOUNT, Zenko.sites['source'].accountName); + } + this.resetCommand(); + const preName = this.getSaved('accountName') || + this.parameters.AccountName || Constants.ACCOUNT_NAME; + + this.addCommandParameter({ bucket: this.getSaved('bucketName') }); + this.addCommandParameter({ key: `${Utils.randomString()}` }); + + this.setResult(await S3.putObject(this.getCommandParameters())); +}); + Then('the kafka DR volume exists', { timeout: 60000 }, async function (this: Zenko) { const volumeClaim = await getPVCFromLabel(this, 'kafka_cr', 'end2end-pra-sink-base-queue'); this.logger.debug('kafka volume claim', { volumeClaim }); From 3bb255731a0c5acc046c62c1c6ff097e28f7a1d0 Mon Sep 17 00:00:00 2001 From: KillianG Date: Tue, 27 Aug 2024 15:24:51 +0200 Subject: [PATCH 02/16] Test with assume role with web identity for data accessor Issue: ZENKO-4871 --- .github/scripts/end2end/configs/keycloak_config.json | 8 ++++++++ .github/scripts/end2end/deploy-zenko.sh | 3 ++- .github/scripts/end2end/run-e2e-ctst.sh | 4 +++- tests/ctst/features/pra.feature | 4 ++++ tests/ctst/steps/pra.ts | 5 +++++ tests/ctst/world/Zenko.ts | 8 +++++++- 6 files changed, 29 insertions(+), 3 deletions(-) diff --git a/.github/scripts/end2end/configs/keycloak_config.json b/.github/scripts/end2end/configs/keycloak_config.json index 434319ef60..e0463a7294 100644 --- a/.github/scripts/end2end/configs/keycloak_config.json +++ b/.github/scripts/end2end/configs/keycloak_config.json @@ -2,6 +2,14 @@ "realm" : "${OIDC_REALM}", "enabled" : true, "groups" : [ + { + "name": "AccountTest::DataAccessor", + "path": "/AccountTest::DataAccessor", + "attributes": {}, + "realmRoles": [], + "clientRoles": {}, + "subGroups": [] + }, { "name": "AccountTest::DataConsumer", "path": "/AccountTest::DataConsumer", diff --git a/.github/scripts/end2end/deploy-zenko.sh b/.github/scripts/end2end/deploy-zenko.sh index caaf418ebe..72ad6ea5a4 100755 --- a/.github/scripts/end2end/deploy-zenko.sh +++ b/.github/scripts/end2end/deploy-zenko.sh @@ -37,7 +37,8 @@ else fi # TODO: use kustomize -export ZENKO_ANNOTATIONS="annotations:" +export ZENKO_ANNOTATIONS="annotations: + vault.scality/data-accessor: 'true'" export ZENKO_MONGODB_ENDPOINT="data-db-mongodb-sharded.default.svc.cluster.local:27017" export ZENKO_MONGODB_CONFIG="writeConcern: 'majority' enableSharding: true" diff --git a/.github/scripts/end2end/run-e2e-ctst.sh b/.github/scripts/end2end/run-e2e-ctst.sh index 19a89a8fa5..df1b161b21 100755 --- a/.github/scripts/end2end/run-e2e-ctst.sh +++ b/.github/scripts/end2end/run-e2e-ctst.sh @@ -22,6 +22,7 @@ ADMIN_PRA_SECRET_ACCESS_KEY=$(kubectl get secret end2end-pra-management-vault-ad STORAGE_MANAGER_USER_NAME="ctst_storage_manager" STORAGE_ACCOUNT_OWNER_USER_NAME="ctst_storage_account_owner" DATA_CONSUMER_USER_NAME="ctst_data_consumer" +DATA_ACCESSOR_USER_NAME="ctst_data_accessor" VAULT_AUTH_HOST="${ZENKO_NAME}-connector-vault-auth-api.default.svc.cluster.local" ZENKO_PORT="80" KEYCLOAK_TEST_PASSWORD=${OIDC_PASSWORD} @@ -79,6 +80,7 @@ WORLD_PARAMETERS="$(jq -c <('accountName') || this.parameters.AccountName || Constants.ACCOUNT_NAME; diff --git a/tests/ctst/world/Zenko.ts b/tests/ctst/world/Zenko.ts index 903be4d802..92837e7225 100644 --- a/tests/ctst/world/Zenko.ts +++ b/tests/ctst/world/Zenko.ts @@ -37,6 +37,7 @@ export enum EntityType { STORAGE_MANAGER = 'STORAGE_MANAGER', STORAGE_ACCOUNT_OWNER = 'STORAGE_ACCOUNT_OWNER', DATA_CONSUMER = 'DATA_CONSUMER', + DATA_ACCESSOR = 'DATA_ACCESSOR', ASSUME_ROLE_USER = 'ASSUME_ROLE_USER', ASSUME_ROLE_USER_CROSS_ACCOUNT = 'ASSUME_ROLE_USER_CROSS_ACCOUNT', } @@ -66,6 +67,7 @@ export interface ZenkoWorldParameters extends ClientOptions { StorageManagerUsername: string; StorageAccountOwnerUsername: string; DataConsumerUsername: string; + DataAccessorUsername: string; ServiceUsersCredentials: string; KeycloakTestPassword: string; AzureAccountName: string; @@ -223,7 +225,7 @@ export default class Zenko extends World { * entity provided to let the test run the AWS CLI command using this particular * type of entity. * @param {ScenarioCallerType} entityType - type of entity, can be 'account', 'storage manager', - * 'storage account owner', 'data consumer' or 'iam user' + * 'storage account owner', 'data consumer', 'data accessor' or 'iam user' * @returns {undefined} */ async setupEntity(entityType: string): Promise { @@ -248,6 +250,10 @@ export default class Zenko extends World { await this.prepareARWWI(this.parameters.DataConsumerUsername || 'data_consumer', 'data-consumer-role', this.parameters.KeycloakTestPassword); break; + case EntityType.DATA_ACCESSOR: + await this.prepareARWWI(this.parameters.DataAccessorUsername || 'data_accessor', + 'data-accessor-role', this.parameters.KeycloakTestPassword); + break; case EntityType.ASSUME_ROLE_USER: await this.prepareAssumeRole(false); break; From f427570777b0ef7b352e0ea2f9450170e2d4a48b Mon Sep 17 00:00:00 2001 From: KillianG Date: Fri, 30 Aug 2024 11:55:03 +0200 Subject: [PATCH 03/16] Precise that the put object should be rejected for DATA_ACCESSOR Issue: ZENKO-4871 --- tests/ctst/features/pra.feature | 5 +---- tests/ctst/steps/pra.ts | 2 +- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/tests/ctst/features/pra.feature b/tests/ctst/features/pra.feature index 74aad33789..1c66520f4c 100644 --- a/tests/ctst/features/pra.feature +++ b/tests/ctst/features/pra.feature @@ -20,13 +20,10 @@ Feature: PRA operations And the DR sink should be in phase "Running" Then the kafka DR volume exists - When the user tries to perform PutObject on "DR" site - Then it "should not" pass Vault authentication - # Check that objects are transitioned in the DR site Given access keys for the replicated account - When the user tries to perform PutObject on "DR" site + When the DATA_ACCESSOR user tries to perform PutObject on "DR" site Then it "should not" pass Vault authentication Then object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site diff --git a/tests/ctst/steps/pra.ts b/tests/ctst/steps/pra.ts index 9882e3aa3d..b5cb1611b5 100644 --- a/tests/ctst/steps/pra.ts +++ b/tests/ctst/steps/pra.ts @@ -275,7 +275,7 @@ Then('object {string} should {string} be {string} and have the storage class {st } }); -When('the user tries to perform PutObject on {string} site', async function (this: Zenko, site: string) { +When('the DATA_ACCESSOR user tries to perform PutObject on {string} site', async function (this: Zenko, site: string) { if (site === 'DR') { Identity.useIdentity(IdentityEnum.ACCOUNT, `${Zenko.sites['source'].accountName}-replicated`); } else { From 5af4461bd0cd09ea4a5c4892f3eeb46e422afe49 Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 10:00:25 +0200 Subject: [PATCH 04/16] Remove useless annotation Issue: ZENKO-4871 --- .github/scripts/end2end/deploy-zenko.sh | 2 -- tests/ctst/steps/pra.ts | 3 --- 2 files changed, 5 deletions(-) diff --git a/.github/scripts/end2end/deploy-zenko.sh b/.github/scripts/end2end/deploy-zenko.sh index 72ad6ea5a4..b0a7855b92 100755 --- a/.github/scripts/end2end/deploy-zenko.sh +++ b/.github/scripts/end2end/deploy-zenko.sh @@ -37,8 +37,6 @@ else fi # TODO: use kustomize -export ZENKO_ANNOTATIONS="annotations: - vault.scality/data-accessor: 'true'" export ZENKO_MONGODB_ENDPOINT="data-db-mongodb-sharded.default.svc.cluster.local:27017" export ZENKO_MONGODB_CONFIG="writeConcern: 'majority' enableSharding: true" diff --git a/tests/ctst/steps/pra.ts b/tests/ctst/steps/pra.ts index b5cb1611b5..62969a064e 100644 --- a/tests/ctst/steps/pra.ts +++ b/tests/ctst/steps/pra.ts @@ -285,9 +285,6 @@ When('the DATA_ACCESSOR user tries to perform PutObject on {string} site', async this.addToSaved('accountName', Zenko.sites['source'].accountName); await this.setupEntity(EntityType.DATA_ACCESSOR); - - const preName = this.getSaved('accountName') || - this.parameters.AccountName || Constants.ACCOUNT_NAME; this.addCommandParameter({ bucket: this.getSaved('bucketName') }); this.addCommandParameter({ key: `${Utils.randomString()}` }); From 43217167d1823536df276d37c0d78783d1e7595e Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 10:34:25 +0200 Subject: [PATCH 05/16] Add base for annotation Issue: ZENKO-4871 --- .github/scripts/end2end/deploy-zenko.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/scripts/end2end/deploy-zenko.sh b/.github/scripts/end2end/deploy-zenko.sh index b0a7855b92..caaf418ebe 100755 --- a/.github/scripts/end2end/deploy-zenko.sh +++ b/.github/scripts/end2end/deploy-zenko.sh @@ -37,6 +37,7 @@ else fi # TODO: use kustomize +export ZENKO_ANNOTATIONS="annotations:" export ZENKO_MONGODB_ENDPOINT="data-db-mongodb-sharded.default.svc.cluster.local:27017" export ZENKO_MONGODB_CONFIG="writeConcern: 'majority' enableSharding: true" From 2ac5af6011b9062f2408305d868c669690567149 Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 14:36:31 +0200 Subject: [PATCH 06/16] Slightly increase kfkc interval to make dr on restore work Issue: ZENKO-4871 --- .github/scripts/end2end/configs/zenko.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/end2end/configs/zenko.yaml b/.github/scripts/end2end/configs/zenko.yaml index f18630f075..0f0c08da54 100644 --- a/.github/scripts/end2end/configs/zenko.yaml +++ b/.github/scripts/end2end/configs/zenko.yaml @@ -52,7 +52,7 @@ spec: size: 20Gi storageClassName: "standard" kafkaCleaner: - interval: 30s + interval: 1m minPartitionSizeBytes: 0Mi minBatchSize: 0 keepAtLeast: 0 From 0b93d24140ebb458d822f16f7c8f628441ed856d Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 15:24:47 +0200 Subject: [PATCH 07/16] Change step position for readonly check to gain some delay before testing Issue: ZENKO-4871 --- tests/ctst/features/pra.feature | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/ctst/features/pra.feature b/tests/ctst/features/pra.feature index 1c66520f4c..fa628fb127 100644 --- a/tests/ctst/features/pra.feature +++ b/tests/ctst/features/pra.feature @@ -23,9 +23,6 @@ Feature: PRA operations # Check that objects are transitioned in the DR site Given access keys for the replicated account - When the DATA_ACCESSOR user tries to perform PutObject on "DR" site - Then it "should not" pass Vault authentication - Then object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site And object "obj-2" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site @@ -39,6 +36,9 @@ Feature: PRA operations Then object "obj-1" should "" be "restored" and have the storage class "e2e-cold" on "Primary" site And object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site + When the DATA_ACCESSOR user tries to perform PutObject on "DR" site + Then it "should not" pass Vault authentication + # Restore on DR site When i restore object "obj2-1" for 2 days on "DR" site Then object "obj2-1" should "" be "restored" and have the storage class "e2e-cold" on "DR" site From 17c02e764e44e7d38074d3d69d1ba52e78018b23 Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 15:44:26 +0200 Subject: [PATCH 08/16] Launch ensure vault seed job to be sure data accessor role is created Issue: ZENKO-4871 --- tests/ctst/features/pra.feature | 4 +++- tests/ctst/steps/cronjobs/countItems.ts | 29 ++++++++++++++++++++----- 2 files changed, 26 insertions(+), 7 deletions(-) diff --git a/tests/ctst/features/pra.feature b/tests/ctst/features/pra.feature index fa628fb127..ec27e093c2 100644 --- a/tests/ctst/features/pra.feature +++ b/tests/ctst/features/pra.feature @@ -36,7 +36,9 @@ Feature: PRA operations Then object "obj-1" should "" be "restored" and have the storage class "e2e-cold" on "Primary" site And object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site - When the DATA_ACCESSOR user tries to perform PutObject on "DR" site + # Test the readonly + When the "EnsureVaultSeeds" cronjobs completes without error on "DR" site + And the DATA_ACCESSOR user tries to perform PutObject on "DR" site Then it "should not" pass Vault authentication # Restore on DR site diff --git a/tests/ctst/steps/cronjobs/countItems.ts b/tests/ctst/steps/cronjobs/countItems.ts index 97ca2af07b..1e78a68c42 100644 --- a/tests/ctst/steps/cronjobs/countItems.ts +++ b/tests/ctst/steps/cronjobs/countItems.ts @@ -2,12 +2,29 @@ import { When } from '@cucumber/cucumber'; import Zenko from '../../world/Zenko'; import { createJobAndWaitForCompletion } from 'steps/utils/kubernetes'; -When('the {string} cronjobs completes without error', { timeout: 1200000 }, async function (this: Zenko, job: string) { +async function runCronjob(this: Zenko, job: string, site?: string) { + let zenkoName = 'end2end'; + + if (site === 'DR') { + zenkoName += '-pra'; + } + switch (job) { - case 'CountItems': - await createJobAndWaitForCompletion(this, 'end2end-ops-count-items'); - break; - default: - throw new Error(`Unknown job: ${job}`); + case 'CountItems': + await createJobAndWaitForCompletion(this, `${zenkoName}-ops-count-items`); + break; + case 'EnsureVaultSeeds': + await createJobAndWaitForCompletion(this, `${zenkoName}-ops-vault-check-seeds`); + break; + default: + throw new Error(`Unknown job: ${job}`); } +} + +When('the {string} cronjobs completes without error', { timeout: 1200000 }, async function (this: Zenko, job: string) { + runCronjob.call(this, job); +}); + +When('the {string} cronjobs completes without error on {string} site', { timeout: 1200000 }, async function (this: Zenko, job: string, site: string) { + runCronjob.call(this, job, site); }); From 3eed17842edf49eab738c498698b13965df4a33c Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 15:56:08 +0200 Subject: [PATCH 09/16] Fix lint issue Issue: ZENKO-4871 --- tests/ctst/steps/cronjobs/countItems.ts | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/tests/ctst/steps/cronjobs/countItems.ts b/tests/ctst/steps/cronjobs/countItems.ts index 1e78a68c42..8dc6b890aa 100644 --- a/tests/ctst/steps/cronjobs/countItems.ts +++ b/tests/ctst/steps/cronjobs/countItems.ts @@ -10,21 +10,22 @@ async function runCronjob(this: Zenko, job: string, site?: string) { } switch (job) { - case 'CountItems': - await createJobAndWaitForCompletion(this, `${zenkoName}-ops-count-items`); - break; - case 'EnsureVaultSeeds': - await createJobAndWaitForCompletion(this, `${zenkoName}-ops-vault-check-seeds`); - break; - default: - throw new Error(`Unknown job: ${job}`); + case 'CountItems': + await createJobAndWaitForCompletion(this, `${zenkoName}-ops-count-items`); + break; + case 'EnsureVaultSeeds': + await createJobAndWaitForCompletion(this, `${zenkoName}-ops-vault-check-seeds`); + break; + default: + throw new Error(`Unknown job: ${job}`); } } When('the {string} cronjobs completes without error', { timeout: 1200000 }, async function (this: Zenko, job: string) { - runCronjob.call(this, job); + await runCronjob.call(this, job); }); -When('the {string} cronjobs completes without error on {string} site', { timeout: 1200000 }, async function (this: Zenko, job: string, site: string) { - runCronjob.call(this, job, site); -}); +When('the {string} cronjobs completes without error on {string} site', { timeout: 1200000 }, + async function (this: Zenko, job: string, site: string) { + await runCronjob.call(this, job, site); + }); From a198cd12880dad3e5b69deb8065f314048182923 Mon Sep 17 00:00:00 2001 From: KillianG Date: Thu, 5 Sep 2024 16:37:44 +0200 Subject: [PATCH 10/16] chore: Update step position for readonly check to delay testing Issue: ZENKO-4871 --- tests/ctst/features/pra.feature | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/ctst/features/pra.feature b/tests/ctst/features/pra.feature index ec27e093c2..bfb720b82b 100644 --- a/tests/ctst/features/pra.feature +++ b/tests/ctst/features/pra.feature @@ -37,7 +37,7 @@ Feature: PRA operations And object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site # Test the readonly - When the "EnsureVaultSeeds" cronjobs completes without error on "DR" site + When the "EnsureVaultSeeds" cronjobs completes without error on "Primary" site And the DATA_ACCESSOR user tries to perform PutObject on "DR" site Then it "should not" pass Vault authentication From 63cee3bf9c67390ace17371fc10a35dc66a67821 Mon Sep 17 00:00:00 2001 From: williamlardier Date: Fri, 6 Sep 2024 13:48:55 +0200 Subject: [PATCH 11/16] Ensure data accessor is propagated in DR site As the data accessor is seeded by vault's cronjob, it might take some time to be processed by kafka, so accessing it directly won't work. Issue: ZENKO-4871 --- tests/ctst/steps/pra.ts | 37 ++++++++++++++++++++++++------------- tests/ctst/world/Zenko.ts | 1 + 2 files changed, 25 insertions(+), 13 deletions(-) diff --git a/tests/ctst/steps/pra.ts b/tests/ctst/steps/pra.ts index 62969a064e..60b43cd580 100644 --- a/tests/ctst/steps/pra.ts +++ b/tests/ctst/steps/pra.ts @@ -275,22 +275,33 @@ Then('object {string} should {string} be {string} and have the storage class {st } }); -When('the DATA_ACCESSOR user tries to perform PutObject on {string} site', async function (this: Zenko, site: string) { - if (site === 'DR') { - Identity.useIdentity(IdentityEnum.ACCOUNT, `${Zenko.sites['source'].accountName}-replicated`); - } else { - Identity.useIdentity(IdentityEnum.ACCOUNT, Zenko.sites['source'].accountName); - } - this.resetCommand(); - this.addToSaved('accountName', Zenko.sites['source'].accountName); +When('the DATA_ACCESSOR user tries to perform PutObject on {string} site', { timeout: 5 * 60 * 1000 }, + async function (this: Zenko, site: string) { + if (site === 'DR') { + Identity.useIdentity(IdentityEnum.ACCOUNT, `${Zenko.sites['source'].accountName}-replicated`); + } else { + Identity.useIdentity(IdentityEnum.ACCOUNT, Zenko.sites['source'].accountName); + } + this.resetCommand(); + this.addToSaved('accountName', Zenko.sites['source'].accountName); - await this.setupEntity(EntityType.DATA_ACCESSOR); + // At this point, the role may take some time to be propagated + // so, tolerate up to 5m of retries + let conditionOk = false; + while (!conditionOk) { + try { + await this.setupEntity(EntityType.DATA_ACCESSOR); + conditionOk = true; + } catch (err) { + this.logger.error('Failed to setup entity', { err }); + } + } - this.addCommandParameter({ bucket: this.getSaved('bucketName') }); - this.addCommandParameter({ key: `${Utils.randomString()}` }); + this.addCommandParameter({ bucket: this.getSaved('bucketName') }); + this.addCommandParameter({ key: `${Utils.randomString()}` }); - this.setResult(await S3.putObject(this.getCommandParameters())); -}); + this.setResult(await S3.putObject(this.getCommandParameters())); + }); Then('the kafka DR volume exists', { timeout: 60000 }, async function (this: Zenko) { const volumeClaim = await getPVCFromLabel(this, 'kafka_cr', 'end2end-pra-sink-base-queue'); diff --git a/tests/ctst/world/Zenko.ts b/tests/ctst/world/Zenko.ts index 92837e7225..ddadf64a84 100644 --- a/tests/ctst/world/Zenko.ts +++ b/tests/ctst/world/Zenko.ts @@ -329,6 +329,7 @@ export default class Zenko extends World { nextMarker = GRFWIResponse.data.IsTruncated ? GRFWIResponse.data.Marker : undefined; callNumber++; + await Utils.sleep(500); } while (callNumber < 100); // Ensure we can assume at least one role From fb5da6e6a97e93ecec34f9314105e1b5f7b969f5 Mon Sep 17 00:00:00 2001 From: williamlardier Date: Fri, 6 Sep 2024 13:52:10 +0200 Subject: [PATCH 12/16] Generalize cronjob step logic Issue: ZENKO-4871 --- tests/ctst/features/pra.feature | 2 +- tests/ctst/features/quotas/CountItems.feature | 2 +- tests/ctst/steps/cronjobs/countItems.ts | 11 +---------- 3 files changed, 3 insertions(+), 12 deletions(-) diff --git a/tests/ctst/features/pra.feature b/tests/ctst/features/pra.feature index bfb720b82b..51d6bf6aaf 100644 --- a/tests/ctst/features/pra.feature +++ b/tests/ctst/features/pra.feature @@ -37,7 +37,7 @@ Feature: PRA operations And object "obj-1" should "" be "transitioned" and have the storage class "e2e-cold" on "DR" site # Test the readonly - When the "EnsureVaultSeeds" cronjobs completes without error on "Primary" site + When the "vault-check-seeds" cronjobs completes without error on "Primary" site And the DATA_ACCESSOR user tries to perform PutObject on "DR" site Then it "should not" pass Vault authentication diff --git a/tests/ctst/features/quotas/CountItems.feature b/tests/ctst/features/quotas/CountItems.feature index 954c13f90b..e009f1766a 100644 --- a/tests/ctst/features/quotas/CountItems.feature +++ b/tests/ctst/features/quotas/CountItems.feature @@ -8,5 +8,5 @@ Feature: CountItems measures the utilization metrics Scenario Outline: Countitems runs without error and compute utilization metrics Given an existing bucket "" "without" versioning, "without" ObjectLock "without" retention mode And an object "" that "exists" - When the "CountItems" cronjobs completes without error + When the "count-items" cronjobs completes without error Then the operation finished without error diff --git a/tests/ctst/steps/cronjobs/countItems.ts b/tests/ctst/steps/cronjobs/countItems.ts index 8dc6b890aa..d0221d321b 100644 --- a/tests/ctst/steps/cronjobs/countItems.ts +++ b/tests/ctst/steps/cronjobs/countItems.ts @@ -9,16 +9,7 @@ async function runCronjob(this: Zenko, job: string, site?: string) { zenkoName += '-pra'; } - switch (job) { - case 'CountItems': - await createJobAndWaitForCompletion(this, `${zenkoName}-ops-count-items`); - break; - case 'EnsureVaultSeeds': - await createJobAndWaitForCompletion(this, `${zenkoName}-ops-vault-check-seeds`); - break; - default: - throw new Error(`Unknown job: ${job}`); - } + await createJobAndWaitForCompletion(this, `${zenkoName}-ops-${job}`); } When('the {string} cronjobs completes without error', { timeout: 1200000 }, async function (this: Zenko, job: string) { From 23566de8f3076450060b0218fdd95cd1fe93f3f3 Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Fri, 6 Sep 2024 18:01:58 +0200 Subject: [PATCH 13/16] Bump cloudserver 8.8.32 Issue: ZENKO-4890 --- solution/deps.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solution/deps.yaml b/solution/deps.yaml index 2b0f0ec1eb..e74d09b3ba 100644 --- a/solution/deps.yaml +++ b/solution/deps.yaml @@ -16,7 +16,7 @@ cloudserver: sourceRegistry: ghcr.io/scality dashboard: cloudserver/cloudserver-dashboards image: cloudserver - tag: 8.8.31 + tag: 8.8.32 envsubst: CLOUDSERVER_TAG drctl: sourceRegistry: ghcr.io/scality From cf0fa9dd17b80e6c44103226ed28e522a60ce90b Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Fri, 6 Sep 2024 18:02:18 +0200 Subject: [PATCH 14/16] Release Zenko 2.6.67 Issue: ZENKO-4890 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index f75f1802f8..4d4e009ed5 100644 --- a/VERSION +++ b/VERSION @@ -1,4 +1,4 @@ -VERSION="2.6.66" +VERSION="2.6.67" VERSION_SUFFIX= From c963c1099a90b347ec3ff7ee5316bfd44d983f7d Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Fri, 6 Sep 2024 18:34:17 +0200 Subject: [PATCH 15/16] Release Zenko 2.7.63 Issue: ZENKO-4890 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 51df1f1af6..177c41eb83 100644 --- a/VERSION +++ b/VERSION @@ -1,4 +1,4 @@ -VERSION="2.7.62" +VERSION="2.7.63" VERSION_SUFFIX= From e5c7eb54e23f3cbba146b4e396d6c7586cfd1eaa Mon Sep 17 00:00:00 2001 From: Francois Ferrand Date: Fri, 6 Sep 2024 18:34:45 +0200 Subject: [PATCH 16/16] Release Zenko 2.8.43 Issue: ZENKO-4890 --- VERSION | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/VERSION b/VERSION index 2488562d43..63f633b040 100644 --- a/VERSION +++ b/VERSION @@ -1,4 +1,4 @@ -VERSION="2.8.42" +VERSION="2.8.43" VERSION_SUFFIX=