diff options
Diffstat (limited to 'src/test/rgw')
| -rw-r--r-- | src/test/rgw/rgw_multi/tests.py | 24 | ||||
| -rw-r--r-- | src/test/rgw/rgw_multi/zone_cloud.py | 6 | ||||
| -rw-r--r-- | src/test/rgw/rgw_multi/zone_es.py | 6 | ||||
| -rw-r--r-- | src/test/rgw/rgw_multi/zone_rados.py | 13 |
4 files changed, 49 insertions, 0 deletions
diff --git a/src/test/rgw/rgw_multi/tests.py b/src/test/rgw/rgw_multi/tests.py index 156fac12e7f..c720423e923 100644 --- a/src/test/rgw/rgw_multi/tests.py +++ b/src/test/rgw/rgw_multi/tests.py @@ -1705,6 +1705,30 @@ def test_role_sync(): check_role_eq(source_conn, target_conn, role) +def test_role_delete_sync(): + zonegroup = realm.master_zonegroup() + zonegroup_conns = ZonegroupConns(zonegroup) + role_name = gen_role_name() + log.info('create role zone=%s name=%s', zonegroup_conns.master_zone.name, role_name) + zonegroup_conns.master_zone.create_role("", role_name, None, "") + + zonegroup_meta_checkpoint(zonegroup) + + for zone in zonegroup_conns.zones: + log.info(f'checking if zone: {zone.name} has role: {role_name}') + assert(zone.has_role(role_name)) + log.info(f'success, zone: {zone.name} has role: {role_name}') + + log.info(f"deleting role: {role_name}") + zonegroup_conns.master_zone.delete_role(role_name) + zonegroup_meta_checkpoint(zonegroup) + + for zone in zonegroup_conns.zones: + log.info(f'checking if zone: {zone.name} does not have role: {role_name}') + assert(not zone.has_role(role_name)) + log.info(f'success, zone: {zone.name} does not have role: {role_name}') + + @attr('data_sync_init') def test_bucket_full_sync_after_data_sync_init(): zonegroup = realm.master_zonegroup() diff --git a/src/test/rgw/rgw_multi/zone_cloud.py b/src/test/rgw/rgw_multi/zone_cloud.py index dd5640cf271..7c94aaa8a60 100644 --- a/src/test/rgw/rgw_multi/zone_cloud.py +++ b/src/test/rgw/rgw_multi/zone_cloud.py @@ -304,6 +304,12 @@ class CloudZone(Zone): def create_role(self, path, rolename, policy_document, tag_list): assert False + def delete_role(self, role_name): + assert False + + def has_role(self, role_name): + assert False + def get_conn(self, credentials): return self.Conn(self, credentials) diff --git a/src/test/rgw/rgw_multi/zone_es.py b/src/test/rgw/rgw_multi/zone_es.py index e98b3fdd8fa..84628b775d1 100644 --- a/src/test/rgw/rgw_multi/zone_es.py +++ b/src/test/rgw/rgw_multi/zone_es.py @@ -246,6 +246,12 @@ class ESZone(Zone): def create_role(self, path, rolename, policy_document, tag_list): assert False + def delete_role(self, role_name): + assert False + + def has_role(self, role_name): + assert False + def get_conn(self, credentials): return self.Conn(self, credentials) diff --git a/src/test/rgw/rgw_multi/zone_rados.py b/src/test/rgw/rgw_multi/zone_rados.py index ac4edd004d6..7b7fe5228cb 100644 --- a/src/test/rgw/rgw_multi/zone_rados.py +++ b/src/test/rgw/rgw_multi/zone_rados.py @@ -1,5 +1,6 @@ import logging from boto.s3.deletemarker import DeleteMarker +from boto.exception import BotoServerError from itertools import zip_longest # type: ignore @@ -127,8 +128,20 @@ class RadosZone(Zone): return True def create_role(self, path, rolename, policy_document, tag_list): + if policy_document is None: + policy_document = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":[\"arn:aws:iam:::user/testuser\"]},\"Action\":[\"sts:AssumeRole\"]}]}" return self.iam_conn.create_role(rolename, policy_document, path) + def delete_role(self, role_name): + return self.iam_conn.delete_role(role_name) + + def has_role(self, role_name): + try: + self.get_role(role_name) + except BotoServerError: + return False + return True + def get_conn(self, credentials): return self.Conn(self, credentials) |