Added module for volume type encription

New module to manipulate volume type encryption. Including simple CI task to verify functionality. Change-Id: I7380a5d258c3df1f9bd512aa4295868294391e31
2026-05-06 13:23:06 +00:00 · 2023-08-16 16:49:58 +02:00
parent 147ad6c452
commit 8f321eaeb2
4 changed files with 304 additions and 3 deletions
--- a/ci/roles/volume_type/defaults/main.yml
+++ b/ci/roles/volume_type/defaults/main.yml
@@ -2,8 +2,6 @@
 volume_backend_name: LVM_iSCSI
 volume_type_name: test_type
 volume_type_description: Test volume type
-volume_type_alt_name: changed_type
-volume_type_alt_description: Changed test volume type

 enc_provider_name: nova.volume.encryptors.luks.LuksEncryptor
 enc_cipher: aes-xts-plain64
--- a/ci/roles/volume_type/tasks/main.yml
+++ b/ci/roles/volume_type/tasks/main.yml
@@ -48,7 +48,7 @@
    extra_specs:
      volume_backend_name: "{{ volume_backend_name }}"
      some_spec: fake_spec
-    description: "{{ volume_type_alt_description }}"
+    description: "{{ volume_type_description }}"
    is_public: true
  register: the_result
 - name: Check volume type extra spec
@@ -74,6 +74,9 @@
 #     is_public: true
 #   register: the_result

+- name: Volume encryption tests
+  ansible.builtin.include_tasks: volume_encryption.yml
+
 - name: Delete volume type
  openstack.cloud.volume_type:
    cloud: "{{ cloud }}"
--- a/ci/roles/volume_type/tasks/volume_encryption.yml
+++ b/ci/roles/volume_type/tasks/volume_encryption.yml
@@ -0,0 +1,67 @@
+---
+- name: Test, Volume type has no encryption
+  openstack.cloud.volume_type_info:
+    cloud: "{{ cloud }}"
+    name: "{{ volume_type_name }}"
+  register: the_result
+- name: Check volume type has no encryption
+  ansible.builtin.assert:
+    that:
+      - the_result.encryption.id == None
+    success_msg: >-
+      Success: Volume type has no encryption at the moment
+
+- name: Test, create volume type encryption
+  openstack.cloud.volume_type_encryption:
+    cloud: "{{ cloud }}"
+    volume_type: "{{ volume_type_name }}"
+    state: present
+    encryption_provider: "{{ enc_provider_name }}"
+    encryption_cipher: "{{ enc_cipher }}"
+    encryption_control_location: "{{ enc_control_location }}"
+    encryption_key_size: "{{ enc_key_size }}"
+  register: the_result
+- name: Check volume type encryption
+  ansible.builtin.assert:
+    that:
+      - the_result.encryption.cipher == enc_cipher
+      - the_result.encryption.control_location == enc_control_location
+      - the_result.encryption.key_size == enc_key_size
+      - the_result.encryption.provider == enc_provider_name
+    success_msg: >-
+      Success: {{ the_result.encryption.encryption_id }}
+
+- name: Test, update volume type encryption
+  openstack.cloud.volume_type_encryption:
+    cloud: "{{ cloud }}"
+    volume_type: "{{ volume_type_name }}"
+    state: present
+    encryption_provider: "{{ enc_provider_name }}"
+    encryption_cipher: "{{ enc_cipher }}"
+    encryption_control_location: "{{ enc_control_alt_location }}"
+    encryption_key_size: "{{ enc_key_size }}"
+  register: the_result
+- name: Check volume type encryption change
+  ansible.builtin.assert:
+    that:
+      - the_result.encryption.control_location == enc_control_alt_location
+    success_msg: >-
+      New location: {{ the_result.encryption.control_location }}
+
+- name: Test, delete volume type encryption
+  openstack.cloud.volume_type_encryption:
+    cloud: "{{ cloud }}"
+    volume_type: "{{ volume_type_name }}"
+    state: absent
+  register: the_result
+- name: Get volume type details
+  openstack.cloud.volume_type_info:
+    cloud: "{{ cloud }}"
+    name: "{{ volume_type_name }}"
+  register: the_result
+- name: Check volume type has no encryption
+  ansible.builtin.assert:
+    that:
+      - the_result.encryption.id == None
+    success_msg: >-
+      Success: Volume type has no encryption