diff --git a/hadoop-ozone/dist/src/main/compose/testlib.sh b/hadoop-ozone/dist/src/main/compose/testlib.sh index 9c4c05cc129..4d3cb5c1032 100755 --- a/hadoop-ozone/dist/src/main/compose/testlib.sh +++ b/hadoop-ozone/dist/src/main/compose/testlib.sh @@ -200,7 +200,7 @@ execute_robot_test(){ # shellcheck disable=SC2068 docker-compose exec -T "$CONTAINER" mkdir -p "$RESULT_DIR_INSIDE" \ && docker-compose exec -T "$CONTAINER" robot \ - -v KEY_NAME:"${OZONE_BUCKET_KEY_NAME}" \ + -v ENCRYPTION_KEY:"${OZONE_BUCKET_KEY_NAME}" \ -v OM_HA_PARAM:"${OM_HA_PARAM}" \ -v OM_SERVICE_ID:"${OM_SERVICE_ID:-om}" \ -v OZONE_DIR:"${OZONE_DIR}" \ diff --git a/hadoop-ozone/dist/src/main/compose/xcompat/test.sh b/hadoop-ozone/dist/src/main/compose/xcompat/test.sh index 96fbc1ec45f..078d98bc22d 100755 --- a/hadoop-ozone/dist/src/main/compose/xcompat/test.sh +++ b/hadoop-ozone/dist/src/main/compose/xcompat/test.sh @@ -50,6 +50,7 @@ _kinit() { } _init() { + container=scm _kinit execute_command_in_container ${container} ozone freon ockg -n1 -t1 -p warmup } @@ -74,29 +75,21 @@ _read() { compatibility/read.robot } -test_bucket_encryption() { - _kinit - execute_robot_test ${container} -N "xcompat-cluster-${cluster_version}-client-${client_version}" -v SUFFIX:${client_version} security/bucket-encryption.robot -} - test_cross_compatibility() { echo "Starting ${cluster_version} cluster with COMPOSE_FILE=${COMPOSE_FILE}" OZONE_KEEP_RESULTS=true start_docker_env execute_command_in_container kms hadoop key create ${OZONE_BUCKET_KEY_NAME} - new_client test_bucket_encryption - container=scm _kinit - execute_command_in_container scm ozone freon ockg -n1 -t1 -p warmup + _init + new_client _write new_client _read ${current_version} for client_version in "$@"; do client="old_client_${client_version//./_}" - old_client test_bucket_encryption - old_client _write old_client _read ${client_version} diff --git a/hadoop-ozone/dist/src/main/smoketest/compatibility/read.robot b/hadoop-ozone/dist/src/main/smoketest/compatibility/read.robot index d92629014bc..0415eb54014 100644 --- a/hadoop-ozone/dist/src/main/smoketest/compatibility/read.robot +++ b/hadoop-ozone/dist/src/main/smoketest/compatibility/read.robot @@ -27,6 +27,9 @@ ${SUFFIX} ${EMPTY} Key Can Be Read Key Should Match Local File /vol1/bucket1/key-${SUFFIX} ${TESTFILE} +Encrypted Key Can Be Read + Key Should Match Local File /vol1/encrypted-${SUFFIX}/key ${TESTFILE} + Dir Can Be Listed Execute ozone fs -ls o3fs://bucket1.vol1/dir-${SUFFIX} diff --git a/hadoop-ozone/dist/src/main/smoketest/compatibility/write.robot b/hadoop-ozone/dist/src/main/smoketest/compatibility/write.robot index 1ce33d4621d..9a1ae6c75a9 100644 --- a/hadoop-ozone/dist/src/main/smoketest/compatibility/write.robot +++ b/hadoop-ozone/dist/src/main/smoketest/compatibility/write.robot @@ -24,9 +24,16 @@ Suite Setup Create Local Test File *** Variables *** ${SUFFIX} ${EMPTY} +${ENCRYPTION_KEY} key1 *** Test Cases *** +Create Encrypted Bucket + Execute ozone sh bucket create -k ${ENCRYPTION_KEY} /vol1/encrypted-${SUFFIX} + +Create Key in Encrypted Bucket + Execute ozone sh key put /vol1/encrypted-${SUFFIX}/key ${TESTFILE} + Key Can Be Written Create Key /vol1/bucket1/key-${SUFFIX} ${TESTFILE} diff --git a/hadoop-ozone/dist/src/main/smoketest/s3/commonawslib.robot b/hadoop-ozone/dist/src/main/smoketest/s3/commonawslib.robot index 44ad919555d..ac64ee36537 100644 --- a/hadoop-ozone/dist/src/main/smoketest/s3/commonawslib.robot +++ b/hadoop-ozone/dist/src/main/smoketest/s3/commonawslib.robot @@ -24,7 +24,7 @@ ${OZONE_S3_HEADER_VERSION} v4 ${OZONE_S3_SET_CREDENTIALS} true ${BUCKET} generated ${BUCKET_LAYOUT} OBJECT_STORE -${KEY_NAME} key1 +${ENCRYPTION_KEY} key1 ${OZONE_S3_TESTS_SET_UP} ${FALSE} ${OZONE_AWS_ACCESS_KEY_ID} ${EMPTY} ${OZONE_S3_ADDRESS_STYLE} path @@ -156,7 +156,7 @@ Create encrypted bucket Return From Keyword if '${SECURITY_ENABLED}' == 'false' ${exists} = Bucket Exists o3://${OM_SERVICE_ID}/s3v/encrypted Return From Keyword If ${exists} - Execute ozone sh bucket create -k ${KEY_NAME} --layout ${BUCKET_LAYOUT} o3://${OM_SERVICE_ID}/s3v/encrypted + Execute ozone sh bucket create -k ${ENCRYPTION_KEY} --layout ${BUCKET_LAYOUT} o3://${OM_SERVICE_ID}/s3v/encrypted Create link [arguments] ${bucket} diff --git a/hadoop-ozone/dist/src/main/smoketest/security/bucket-encryption.robot b/hadoop-ozone/dist/src/main/smoketest/security/bucket-encryption.robot deleted file mode 100644 index a78f94e5fa9..00000000000 --- a/hadoop-ozone/dist/src/main/smoketest/security/bucket-encryption.robot +++ /dev/null @@ -1,45 +0,0 @@ -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -*** Settings *** -Documentation Test for bucket encryption -Library BuiltIn -Library String -Resource ../commonlib.robot -Resource ../lib/os.robot -Resource ../ozone-lib/shell.robot -Suite Setup Setup Test -Test Timeout 5 minutes - -*** Variables *** -${KEY_NAME} key1 -${VOLUME} - -*** Keywords *** -Setup Test - ${volume} = Create Random Volume - Set Suite Variable ${VOLUME} ${volume} - - -*** Test Cases *** -Create Encrypted Bucket - ${output} = Execute ozone sh bucket create -k ${KEY_NAME} o3://${OM_SERVICE_ID}/${VOLUME}/encrypted-bucket - Should Not Contain ${output} INVALID_REQUEST - Bucket Exists o3://${OM_SERVICE_ID}/${VOLUME}/encrypted-bucket - -Create Key in Encrypted Bucket - ${key} = Set Variable o3://${OM_SERVICE_ID}/${VOLUME}/encrypted-bucket/passwd - ${output} = Execute ozone sh key put ${key} /etc/passwd - Key Should Match Local File ${key} /etc/passwd