Skip to content
This repository has been archived by the owner on Jun 25, 2024. It is now read-only.

Commit

Permalink
Add cert rotation kuttl tests
Browse files Browse the repository at this point in the history
  • Loading branch information
vakwetu committed May 22, 2024
1 parent 57cf568 commit 70179c9
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: kuttl.dev/v1beta1
kind: TestStep
commands:
- command: oc delete -n openstack secrets cert-custom-tls-dns-edpm-compute-0 cert-tls-dns-ips-edpm-compute-0
31 changes: 31 additions & 0 deletions tests/kuttl/tests/dataplane-deploy-tls-test/05-assert.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
---
apiVersion: kuttl.dev/v1beta1
kind: TestAssert
commands:
- script: |
PNAME=`oc get pod -l job-name=install-certs-ovrd-certs-refresh-openstack-edpm-tls --field-selector status.phase=Succeeded -n openstack -o name`
echo $PNAME
if [ -z "$PNAME" ]; then
echo "Waiting for successful ansibleee pod"
exit 1
fi
serial1=`oc get secret cert-custom-tls-dns-edpm-compute-0 -n openstack -o json|jq -r '.data."tls.crt"'|base64 -d |openssl x509 -noout -serial`
echo "serial1:" $serial1
serial2=`oc debug $PNAME -n openstack -- cat /var/lib/openstack/certs/custom-tls-dns/edpm-compute-0.ctlplane.example.com-tls.crt |openssl x509 -noout -serial`
echo "serial2:" $serial2
if [ $serial1 != $serial2 ]; then
echo "serials for cert-custom-tls-dns-edpm-compute-0 not equal"
exit 1
fi
serial1=`oc get secret cert-tls-dns-ips-edpm-compute-0 -n openstack -o json|jq -r '.data."tls.crt"'|base64 -d |openssl x509 -noout -serial`
echo "serial1:" $serial1
serial2=`oc debug $PNAME -n openstack -- cat /var/lib/openstack/certs/tls-dns-ips/edpm-compute-0.ctlplane.example.com-tls.crt |openssl x509 -noout -serial`
echo "serial2:" $serial2
if [ $serial1 != $serial2 ]; then
echo "serials for cert-tls-dns-ips-edpm-compute-0 not equal"
exit 1
fi
exit 0
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
apiVersion: dataplane.openstack.org/v1beta1
kind: OpenStackDataPlaneDeployment
metadata:
name: certs-refresh
spec:
nodeSets:
- openstack-edpm-tls
servicesOverride:
- install-certs-ovrd
- tls-dns-ips
- custom-tls-dns

0 comments on commit 70179c9

Please sign in to comment.