Tests: Fix type error in volume encryption unit tests

Use booleans instead of strings.

Now that more unit test code runs, a few other errors
were detected and fixed:
 - Missing --force-password arg
 - Modifying "encryption" dict's provider field was
   updating the dict also stored in the mock, causing
   mismatches in unit tests.  Don't modify this dict,
   just use/manipulate the provider arg that we need.

Change-Id: I50f426a77f389f13278a21ad7193c8bbdbd8fd7a
This commit is contained in:
Eric Harney 2024-10-22 12:45:06 -04:00
parent a357d009fa
commit cd7a4da7af
2 changed files with 15 additions and 10 deletions

View File

@ -1722,15 +1722,15 @@ class VolumeTestCase(base.BaseVolumeTestCase):
@ddt.data({'connector_class': @ddt.data({'connector_class':
os_brick.initiator.connectors.iscsi.ISCSIConnector, os_brick.initiator.connectors.iscsi.ISCSIConnector,
'rekey_supported': True, 'rekey_supported': True,
'already_encrypted': 'yes'}, 'already_encrypted': True},
{'connector_class': {'connector_class':
os_brick.initiator.connectors.iscsi.ISCSIConnector, os_brick.initiator.connectors.iscsi.ISCSIConnector,
'rekey_supported': True, 'rekey_supported': True,
'already_encrypted': 'no'}, 'already_encrypted': False},
{'connector_class': {'connector_class':
os_brick.initiator.connectors.rbd.RBDConnector, os_brick.initiator.connectors.rbd.RBDConnector,
'rekey_supported': False, 'rekey_supported': False,
'already_encrypted': 'no'}) 'already_encrypted': False})
@ddt.unpack @ddt.unpack
@mock.patch('cinder.volume.volume_utils.delete_encryption_key') @mock.patch('cinder.volume.volume_utils.delete_encryption_key')
@mock.patch('cinder.volume.flows.manager.create_volume.' @mock.patch('cinder.volume.flows.manager.create_volume.'
@ -1748,9 +1748,11 @@ class VolumeTestCase(base.BaseVolumeTestCase):
already_encrypted=None): already_encrypted=None):
# create source volume # create source volume
mock_execute.return_value = ('', '') mock_execute.return_value = ('', '')
mock_enc_metadata_get.return_value = {'cipher': 'aes-xts-plain64', mock_enc_metadata_get.return_value = {
'key_size': 256, 'cipher': 'aes-xts-plain64',
'provider': 'luks'} 'key_size': 256,
'provider': 'luks',
'encryption_key_id': fake.ENCRYPTION_KEY_ID}
mock_setup_enc_keys.return_value = ( mock_setup_enc_keys.return_value = (
'qwert', 'qwert',
'asdfg', 'asdfg',
@ -1802,7 +1804,8 @@ class VolumeTestCase(base.BaseVolumeTestCase):
src_vol, src_vol,
{'key_size': 256, {'key_size': 256,
'provider': 'luks', 'provider': 'luks',
'cipher': 'aes-xts-plain64'} 'cipher': 'aes-xts-plain64',
'encryption_key_id': fake.ENCRYPTION_KEY_ID}
) )
if already_encrypted: if already_encrypted:
mock_execute.assert_called_once_with( mock_execute.assert_called_once_with(
@ -1816,6 +1819,7 @@ class VolumeTestCase(base.BaseVolumeTestCase):
else: else:
mock_execute.assert_called_once_with( mock_execute.assert_called_once_with(
'cryptsetup', '--batch-mode', 'luksFormat', 'cryptsetup', '--batch-mode', 'luksFormat',
'--force-password',
'--type', 'luks1', '--type', 'luks1',
'--cipher', 'aes-xts-plain64', '--key-size', '256', '--cipher', 'aes-xts-plain64', '--key-size', '256',
'--key-file=-', '/some/device/thing', '--key-file=-', '/some/device/thing',

View File

@ -596,17 +596,18 @@ class CreateVolumeFromSpecTask(flow_utils.CinderTask):
# and is detected as another format. # and is detected as another format.
raise exception.Invalid() raise exception.Invalid()
if encryption['provider'] == 'luks': encryption_provider = encryption['provider']
if encryption_provider == 'luks':
# Force ambiguous "luks" provider to luks1 for # Force ambiguous "luks" provider to luks1 for
# compatibility with new versions of cryptsetup. # compatibility with new versions of cryptsetup.
encryption['provider'] = 'luks1' encryption_provider = 'luks1'
(out, err) = utils.execute( (out, err) = utils.execute(
'cryptsetup', 'cryptsetup',
'--batch-mode', '--batch-mode',
'luksFormat', 'luksFormat',
'--force-password', '--force-password',
'--type', encryption['provider'], '--type', encryption_provider,
'--cipher', encryption['cipher'], '--cipher', encryption['cipher'],
'--key-size', str(encryption['key_size']), '--key-size', str(encryption['key_size']),
'--key-file=-', '--key-file=-',