From 00c6858ae00f3a79dc994a8d2c343d640915aadb Mon Sep 17 00:00:00 2001 From: rabi Date: Thu, 25 Dec 2025 09:27:33 +0530 Subject: [PATCH 1/2] Unify SSH key mount path format across all dataplane services Previously, the SSH key mount path differed between global services (DeployOnAllNodeSets=true) and non-global services: - Global services: /runner/env/ssh_key/ssh_key_ - Non-global services: /runner/env/ssh_key The non-global services path happened to work because ansible-runner has a built-in mechanism that looks for an SSH key at /runner/env/ssh_key and automatically loads it into ssh-agent. However, this relied on ansible-runner's implicit behavior rather than the explicit ansible_ssh_private_key_file variable set in the inventory. The inventory always sets ansible_ssh_private_key_file to /runner/env/ssh_key/ssh_key_ regardless of service type (see inventory.go line 178). This inconsistency meant non-global services were mounting the SSH key at a different path than what Ansible expected from the inventory variable, relying on ansible-runner's fallback behavior. However, there were errors in ansible logs as there were no files in /runner/env/ssh_key/ssh_key_ which was confusing to users. This change unifies the SSH key mount path to always use the format: /runner/env/ssh_key/ssh_key_ This ensures: 1. The mount path matches the ansible_ssh_private_key_file variable set in the inventory for all service types 2. Explicit and consistent SSH key configuration rather than relying on ansible-runner's implicit ssh-agent loading 3. Simplified code by removing the conditional branching 4. Consistent behavior between global and non-global services For global services, multiple SSH keys are mounted (one per nodeset) in the ssh_key folder. For non-global services, only the matching nodeset's key is mounted, but at the same path format. Assisted-by: Claude-4.5-opus Signed-off-by: rabi --- internal/dataplane/util/ansible_execution.go | 17 +-- ...enstackdataplanenodeset_controller_test.go | 8 +- .../01-assert.yaml | 130 +++++++++--------- .../02-assert.yaml | 20 +-- .../02-assert.yaml | 20 +-- .../01-assert.yaml | 130 +++++++++--------- .../02-assert.yaml | 10 +- .../04-assert.yaml | 10 +- .../06-assert.yaml | 18 +-- .../07-assert.yaml | 10 +- .../dataplane-deploy-tls-test/02-assert.yaml | 20 +-- .../dataplane-deploy-tls-test/03-assert.yaml | 20 +-- .../dataplane-extramounts/00-assert.yaml | 10 +- .../dataplane-service-config/00-assert.yaml | 10 +- .../00-assert.yaml | 10 +- .../dataplane-service-failure/00-assert.yaml | 10 +- 16 files changed, 225 insertions(+), 228 deletions(-) diff --git a/internal/dataplane/util/ansible_execution.go b/internal/dataplane/util/ansible_execution.go index 7930831a1..a5addc974 100644 --- a/internal/dataplane/util/ansible_execution.go +++ b/internal/dataplane/util/ansible_execution.go @@ -316,19 +316,14 @@ func SetAeeSSHMounts( for _, sshKeyNodeName := range sshKeys { sshKeySecret := sshKeySecrets[sshKeyNodeName] - if service.Spec.DeployOnAllNodeSets { - sshKeyName = fmt.Sprintf("ssh-key-%s", sshKeyNodeName) - sshKeyMountSubPath = fmt.Sprintf("ssh_key_%s", sshKeyNodeName) - sshKeyMountPath = fmt.Sprintf("/runner/env/ssh_key/%s", sshKeyMountSubPath) - } else { - if sshKeyNodeName != nodeSet.GetName() { - continue - } - sshKeyName = "ssh-key" - sshKeyMountSubPath = "ssh_key" - sshKeyMountPath = "/runner/env/ssh_key" + if !service.Spec.DeployOnAllNodeSets && sshKeyNodeName != nodeSet.GetName() { + continue } + sshKeyName = fmt.Sprintf("ssh-key-%s", sshKeyNodeName) + sshKeyMountSubPath = fmt.Sprintf("ssh_key_%s", sshKeyNodeName) + sshKeyMountPath = fmt.Sprintf("/runner/env/ssh_key/%s", sshKeyMountSubPath) + CreateVolume(ansibleEEMounts, sshKeyName, sshKeyMountSubPath, sshKeySecret, "ssh-privatekey") CreateVolumeMount(ansibleEEMounts, sshKeyName, sshKeyMountPath, sshKeyMountSubPath) } diff --git a/test/functional/dataplane/openstackdataplanenodeset_controller_test.go b/test/functional/dataplane/openstackdataplanenodeset_controller_test.go index b9d639098..412d46f92 100644 --- a/test/functional/dataplane/openstackdataplanenodeset_controller_test.go +++ b/test/functional/dataplane/openstackdataplanenodeset_controller_test.go @@ -1387,11 +1387,11 @@ var _ = Describe("Dataplane NodeSet Test", func() { ansibleEE := GetAnsibleee(ansibleeeName) g.Expect(ansibleEE.Spec.Template.Spec.Volumes).To(HaveLen(3)) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[0].Name).To(Equal("bootstrap-combined-ca-bundle")) - g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].Name).To(Equal("ssh-key")) + g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].Name).To(Equal("ssh-key-edpm-compute-nodeset")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].Name).To(Equal("inventory")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[0].VolumeSource.Secret.SecretName).To(Equal("combined-ca-bundle")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].VolumeSource.Secret.SecretName).To(Equal("dataplane-ansible-ssh-private-key-secret")) - g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].VolumeSource.Secret.Items[0].Path).To(Equal("ssh_key")) + g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].VolumeSource.Secret.Items[0].Path).To(Equal("ssh_key_edpm-compute-nodeset")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].VolumeSource.Secret.Items[0].Key).To(Equal("ssh-privatekey")) }, th.Timeout, th.Interval).Should(Succeed()) @@ -1455,12 +1455,12 @@ var _ = Describe("Dataplane NodeSet Test", func() { g.Expect(ansibleEE.Spec.Template.Spec.Volumes).To(HaveLen(4)) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[0].Name).To(Equal("edpm-ansible")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].Name).To(Equal("bootstrap-combined-ca-bundle")) - g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].Name).To(Equal("ssh-key")) + g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].Name).To(Equal("ssh-key-edpm-compute-nodeset")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[3].Name).To(Equal("inventory")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[0].VolumeSource.PersistentVolumeClaim.ClaimName).To(Equal("edpm-ansible")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[1].VolumeSource.Secret.SecretName).To(Equal("combined-ca-bundle")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].VolumeSource.Secret.SecretName).To(Equal("dataplane-ansible-ssh-private-key-secret")) - g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].VolumeSource.Secret.Items[0].Path).To(Equal("ssh_key")) + g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].VolumeSource.Secret.Items[0].Path).To(Equal("ssh_key_edpm-compute-nodeset")) g.Expect(ansibleEE.Spec.Template.Spec.Volumes[2].VolumeSource.Secret.Items[0].Key).To(Equal("ssh-privatekey")) }, th.Timeout, th.Interval).Should(Succeed()) diff --git a/test/kuttl/tests/dataplane-deploy-global-service-test/01-assert.yaml b/test/kuttl/tests/dataplane-deploy-global-service-test/01-assert.yaml index 87a6f287e..b92baff25 100644 --- a/test/kuttl/tests/dataplane-deploy-global-service-test/01-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-global-service-test/01-assert.yaml @@ -243,9 +243,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -256,12 +256,12 @@ spec: serviceAccountName: edpm-compute-global terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -343,9 +343,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/bootstrap name: bootstrap-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -360,12 +360,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -445,9 +445,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -458,12 +458,12 @@ spec: serviceAccountName: edpm-compute-global terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -543,9 +543,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -556,12 +556,12 @@ spec: serviceAccountName: edpm-compute-global terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -641,9 +641,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -654,12 +654,12 @@ spec: serviceAccountName: edpm-compute-global terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -757,9 +757,9 @@ spec: name: nova-combined-ca-bundle - mountPath: /var/lib/openstack/cacerts/custom-global-service name: custom-global-service-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -806,12 +806,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -891,9 +891,9 @@ spec: subPath: ovsdb-config - mountPath: /var/lib/openstack/cacerts/ovn name: ovn-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -915,12 +915,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1009,9 +1009,9 @@ spec: subPath: nova-metadata-config.json - mountPath: /var/lib/openstack/cacerts/neutron-metadata name: neutron-metadata-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1054,12 +1054,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1139,9 +1139,9 @@ spec: subPath: 10-neutron-ovn.conf - mountPath: /var/lib/openstack/cacerts/neutron-ovn name: neutron-ovn-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1163,12 +1163,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1248,9 +1248,9 @@ spec: subPath: 10-neutron-sriov.conf - mountPath: /var/lib/openstack/cacerts/neutron-sriov name: neutron-sriov-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1272,12 +1272,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1357,9 +1357,9 @@ spec: subPath: 10-neutron-dhcp.conf - mountPath: /var/lib/openstack/cacerts/neutron-dhcp name: neutron-dhcp-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1381,12 +1381,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1466,9 +1466,9 @@ spec: subPath: LibvirtPassword - mountPath: /var/lib/openstack/cacerts/libvirt name: libvirt-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1490,12 +1490,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1584,9 +1584,9 @@ spec: subPath: ssh-publickey - mountPath: /var/lib/openstack/cacerts/nova name: nova-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-global + name: ssh-key-edpm-compute-global + subPath: ssh_key_edpm-compute-global - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1629,12 +1629,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-global secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-global secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-global-service-test/02-assert.yaml b/test/kuttl/tests/dataplane-deploy-global-service-test/02-assert.yaml index 77d6379cf..b1f78f83a 100644 --- a/test/kuttl/tests/dataplane-deploy-global-service-test/02-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-global-service-test/02-assert.yaml @@ -136,9 +136,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-beta-nodeset + name: ssh-key-edpm-compute-beta-nodeset + subPath: ssh_key_edpm-compute-beta-nodeset - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -149,12 +149,12 @@ spec: serviceAccountName: edpm-compute-beta-nodeset terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-beta-nodeset secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-beta-nodeset secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -235,9 +235,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/bootstrap name: bootstrap-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-beta-nodeset + name: ssh-key-edpm-compute-beta-nodeset + subPath: ssh_key_edpm-compute-beta-nodeset - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -252,12 +252,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-beta-nodeset secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-beta-nodeset secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-multiple-secrets/02-assert.yaml b/test/kuttl/tests/dataplane-deploy-multiple-secrets/02-assert.yaml index 51bf8cff0..554345c71 100644 --- a/test/kuttl/tests/dataplane-deploy-multiple-secrets/02-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-multiple-secrets/02-assert.yaml @@ -179,9 +179,9 @@ spec: name: openstack-edpm-tls-generic-service1-default-certs-0 - mountPath: /var/lib/openstack/cacerts/generic-service1 name: generic-service1-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_openstack-edpm-tls + name: ssh-key-openstack-edpm-tls + subPath: ssh_key_openstack-edpm-tls - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -210,12 +210,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-openstack-edpm-tls secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_openstack-edpm-tls secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -300,9 +300,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/generic-service1 name: generic-service1-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_openstack-edpm-tls + name: ssh-key-openstack-edpm-tls + subPath: ssh_key_openstack-edpm-tls - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -317,12 +317,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-openstack-edpm-tls secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_openstack-edpm-tls secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-no-nodes-test/01-assert.yaml b/test/kuttl/tests/dataplane-deploy-no-nodes-test/01-assert.yaml index 484dba4b9..2bda8af19 100644 --- a/test/kuttl/tests/dataplane-deploy-no-nodes-test/01-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-no-nodes-test/01-assert.yaml @@ -132,9 +132,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -145,12 +145,12 @@ spec: serviceAccountName: edpm-compute-no-nodes terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -233,9 +233,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/bootstrap name: bootstrap-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -250,12 +250,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -337,9 +337,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -350,12 +350,12 @@ spec: serviceAccountName: edpm-compute-no-nodes terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -437,9 +437,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -450,12 +450,12 @@ spec: serviceAccountName: edpm-compute-no-nodes terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -537,9 +537,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -550,12 +550,12 @@ spec: serviceAccountName: edpm-compute-no-nodes terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -653,9 +653,9 @@ spec: name: libvirt-combined-ca-bundle - mountPath: /var/lib/openstack/cacerts/nova name: nova-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -698,12 +698,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -784,9 +784,9 @@ spec: subPath: ovsdb-config - mountPath: /var/lib/openstack/cacerts/ovn name: ovn-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -808,12 +808,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -903,9 +903,9 @@ spec: subPath: nova-metadata-config.json - mountPath: /var/lib/openstack/cacerts/neutron-metadata name: neutron-metadata-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -948,12 +948,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1034,9 +1034,9 @@ spec: subPath: 10-neutron-ovn.conf - mountPath: /var/lib/openstack/cacerts/neutron-ovn name: neutron-ovn-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1058,12 +1058,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1144,9 +1144,9 @@ spec: subPath: 10-neutron-sriov.conf - mountPath: /var/lib/openstack/cacerts/neutron-sriov name: neutron-sriov-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1168,12 +1168,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1254,9 +1254,9 @@ spec: subPath: 10-neutron-dhcp.conf - mountPath: /var/lib/openstack/cacerts/neutron-dhcp name: neutron-dhcp-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1278,12 +1278,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1364,9 +1364,9 @@ spec: subPath: LibvirtPassword - mountPath: /var/lib/openstack/cacerts/libvirt name: libvirt-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1388,12 +1388,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -1483,9 +1483,9 @@ spec: subPath: ssh-publickey - mountPath: /var/lib/openstack/cacerts/nova name: nova-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -1528,12 +1528,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-no-nodes-test/02-assert.yaml b/test/kuttl/tests/dataplane-deploy-no-nodes-test/02-assert.yaml index eacbaf227..88cb2d32f 100644 --- a/test/kuttl/tests/dataplane-deploy-no-nodes-test/02-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-no-nodes-test/02-assert.yaml @@ -74,9 +74,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -88,12 +88,12 @@ spec: serviceAccountName: edpm-compute-no-nodes terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-no-nodes-test/04-assert.yaml b/test/kuttl/tests/dataplane-deploy-no-nodes-test/04-assert.yaml index ebf9a74d2..049a87c8e 100644 --- a/test/kuttl/tests/dataplane-deploy-no-nodes-test/04-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-no-nodes-test/04-assert.yaml @@ -138,9 +138,9 @@ spec: subPath: ovsdb-config - mountPath: /var/lib/openstack/cacerts/ovn name: ovn-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -163,12 +163,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-no-nodes-test/06-assert.yaml b/test/kuttl/tests/dataplane-deploy-no-nodes-test/06-assert.yaml index 099a98eec..7cfeb3cef 100644 --- a/test/kuttl/tests/dataplane-deploy-no-nodes-test/06-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-no-nodes-test/06-assert.yaml @@ -137,8 +137,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/bootstrap name: bootstrap-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-beta-nodeset + name: ssh-key-edpm-compute-beta-nodeset + subPath: ssh_key_edpm-compute-beta-nodeset - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -154,12 +155,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-beta-nodeset secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-beta-nodeset secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -241,8 +242,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-beta-nodeset + name: ssh-key-edpm-compute-beta-nodeset + subPath: ssh_key_edpm-compute-beta-nodeset - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -254,12 +256,12 @@ spec: serviceAccountName: edpm-compute-beta-nodeset terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-beta-nodeset secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-beta-nodeset secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-no-nodes-test/07-assert.yaml b/test/kuttl/tests/dataplane-deploy-no-nodes-test/07-assert.yaml index f96e108cb..ce057fd14 100644 --- a/test/kuttl/tests/dataplane-deploy-no-nodes-test/07-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-no-nodes-test/07-assert.yaml @@ -67,9 +67,9 @@ spec: terminationMessagePath: /dev/termination-log terminationMessagePolicy: File volumeMounts: - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -83,12 +83,12 @@ spec: serviceAccountName: edpm-compute-no-nodes terminationGracePeriodSeconds: 30 volumes: - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-tls-test/02-assert.yaml b/test/kuttl/tests/dataplane-deploy-tls-test/02-assert.yaml index 3af15f179..d91df3c37 100644 --- a/test/kuttl/tests/dataplane-deploy-tls-test/02-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-tls-test/02-assert.yaml @@ -214,9 +214,9 @@ spec: name: openstack-edpm-tls-tls-dnsnames-second-certs-0 - mountPath: /var/lib/openstack/cacerts/tls-dnsnames name: tls-dnsnames-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_openstack-edpm-tls + name: ssh-key-openstack-edpm-tls + subPath: ssh_key_openstack-edpm-tls - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -247,12 +247,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-openstack-edpm-tls secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_openstack-edpm-tls secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -342,9 +342,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/tls-dnsnames name: tls-dnsnames-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_openstack-edpm-tls + name: ssh-key-openstack-edpm-tls + subPath: ssh_key_openstack-edpm-tls - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -359,12 +359,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-openstack-edpm-tls secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_openstack-edpm-tls secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-deploy-tls-test/03-assert.yaml b/test/kuttl/tests/dataplane-deploy-tls-test/03-assert.yaml index 5e1815f9f..f9769a336 100644 --- a/test/kuttl/tests/dataplane-deploy-tls-test/03-assert.yaml +++ b/test/kuttl/tests/dataplane-deploy-tls-test/03-assert.yaml @@ -215,9 +215,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/tls-dns-ips name: tls-dns-ips-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_openstack-edpm-tls + name: ssh-key-openstack-edpm-tls + subPath: ssh_key_openstack-edpm-tls - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -232,12 +232,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-openstack-edpm-tls secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_openstack-edpm-tls secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: @@ -326,9 +326,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/custom-tls-dns name: custom-tls-dns-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_openstack-edpm-tls + name: ssh-key-openstack-edpm-tls + subPath: ssh_key_openstack-edpm-tls - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -343,12 +343,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-openstack-edpm-tls secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_openstack-edpm-tls secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-extramounts/00-assert.yaml b/test/kuttl/tests/dataplane-extramounts/00-assert.yaml index 02cb482c1..9378776b4 100644 --- a/test/kuttl/tests/dataplane-extramounts/00-assert.yaml +++ b/test/kuttl/tests/dataplane-extramounts/00-assert.yaml @@ -95,9 +95,9 @@ spec: name: edpm-ansible - mountPath: /var/lib/openstack/cacerts/test-service name: test-service-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-extramounts + name: ssh-key-edpm-extramounts + subPath: ssh_key_edpm-extramounts - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -117,12 +117,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-extramounts secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-extramounts secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-service-config/00-assert.yaml b/test/kuttl/tests/dataplane-service-config/00-assert.yaml index d3737e987..02692c4ee 100644 --- a/test/kuttl/tests/dataplane-service-config/00-assert.yaml +++ b/test/kuttl/tests/dataplane-service-config/00-assert.yaml @@ -103,9 +103,9 @@ spec: subPath: 30-kuttl-service.conf - mountPath: /var/lib/openstack/cacerts/kuttl-service name: kuttl-service-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -170,12 +170,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-service-custom-image/00-assert.yaml b/test/kuttl/tests/dataplane-service-custom-image/00-assert.yaml index fd398852e..ea8adfa90 100644 --- a/test/kuttl/tests/dataplane-service-custom-image/00-assert.yaml +++ b/test/kuttl/tests/dataplane-service-custom-image/00-assert.yaml @@ -121,9 +121,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/custom-img-svc name: custom-img-svc-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-no-nodes-custom-svc + name: ssh-key-edpm-no-nodes-custom-svc + subPath: ssh_key_edpm-no-nodes-custom-svc - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -139,12 +139,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-no-nodes-custom-svc secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-no-nodes-custom-svc secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: diff --git a/test/kuttl/tests/dataplane-service-failure/00-assert.yaml b/test/kuttl/tests/dataplane-service-failure/00-assert.yaml index 580cb7b71..c7c3e05df 100644 --- a/test/kuttl/tests/dataplane-service-failure/00-assert.yaml +++ b/test/kuttl/tests/dataplane-service-failure/00-assert.yaml @@ -82,9 +82,9 @@ spec: volumeMounts: - mountPath: /var/lib/openstack/cacerts/failed-service name: failed-service-combined-ca-bundle - - mountPath: /runner/env/ssh_key - name: ssh-key - subPath: ssh_key + - mountPath: /runner/env/ssh_key/ssh_key_edpm-compute-no-nodes + name: ssh-key-edpm-compute-no-nodes + subPath: ssh_key_edpm-compute-no-nodes - mountPath: /runner/inventory/hosts name: inventory subPath: inventory @@ -100,12 +100,12 @@ spec: secret: defaultMode: 420 secretName: combined-ca-bundle - - name: ssh-key + - name: ssh-key-edpm-compute-no-nodes secret: defaultMode: 420 items: - key: ssh-privatekey - path: ssh_key + path: ssh_key_edpm-compute-no-nodes secretName: dataplane-ansible-ssh-private-key-secret - name: inventory secret: From f7a38220dcfbcb931c67cb39734cd09ae6bbf131 Mon Sep 17 00:00:00 2001 From: rabi Date: Thu, 25 Dec 2025 10:41:59 +0530 Subject: [PATCH 2/2] Fix two flaky tests that were failing intermittently due to race conditions 1. 'Failed deployment followed by completed deployment' test: - The test was creating both deployments simultaneously, causing a race where the test would try to update the status of a job that hadn't been created yet - Fixed by ensuring sequential execution: wait for the first deployment's job to fail before creating the second deployment 2. 'should not reconcile after failure' test: - The test was manually setting deployment status to 'backoff limit exceeded' without waiting for the controller to finish its initial reconciliation - Fixed by waiting for ObservedGeneration to match Generation before manually setting the failure status, ensuring the controller has completed processing Assisted-by: Claude-4.5-opus Signed-off-by: rabi --- ...tackdataplanedeployment_controller_test.go | 26 ++++++++++++++----- ...enstackdataplanenodeset_controller_test.go | 25 ++++++++++++------ 2 files changed, 36 insertions(+), 15 deletions(-) diff --git a/test/functional/dataplane/openstackdataplanedeployment_controller_test.go b/test/functional/dataplane/openstackdataplanedeployment_controller_test.go index 2c7beee27..391c8c681 100644 --- a/test/functional/dataplane/openstackdataplanedeployment_controller_test.go +++ b/test/functional/dataplane/openstackdataplanedeployment_controller_test.go @@ -1828,15 +1828,19 @@ var _ = Describe("Dataplane Deployment Test", func() { }) It("should not reconcile after failure", func() { - // Directly set the deployment status to backoff limit exceeded - // This simulates a deployment that has failed after retries + // Wait for the controller to complete initial reconciliation and reach a stable state + // by waiting for the deployment to have conditions set and be in a known state Eventually(func(g Gomega) { deployment := GetDataplaneDeployment(dataplaneDeploymentName) + g.Expect(deployment.Status.Conditions).ToNot(BeEmpty()) + // Wait for ObservedGeneration to be set, indicating controller has processed the resource + g.Expect(deployment.Status.ObservedGeneration).To(Equal(deployment.Generation)) + }, th.Timeout, th.Interval).Should(Succeed()) - // Initialize conditions if not present - if deployment.Status.Conditions == nil { - deployment.Status.Conditions = condition.Conditions{} - } + // Now manually set the deployment status to backoff limit exceeded + // This simulates a deployment that has failed after retries + Eventually(func(g Gomega) { + deployment := GetDataplaneDeployment(dataplaneDeploymentName) // Initialize NodeSetConditions if not present if deployment.Status.NodeSetConditions == nil { @@ -1852,11 +1856,19 @@ var _ = Describe("Dataplane Deployment Test", func() { "Simulated backoff limit exceeded for testing") deployment.Status.Deployed = false - deployment.Status.ObservedGeneration = deployment.Generation g.Expect(th.K8sClient.Status().Update(th.Ctx, deployment)).To(Succeed()) }, th.Timeout, th.Interval).Should(Succeed()) + // Wait for the status to stabilize - ensure the controller recognizes the failure state + Eventually(func(g Gomega) { + deployment := GetDataplaneDeployment(dataplaneDeploymentName) + deploymentCondition := deployment.Status.Conditions.Get(condition.DeploymentReadyCondition) + g.Expect(deploymentCondition).ToNot(BeNil()) + g.Expect(string(deploymentCondition.Severity)).To(Equal(string(condition.SeverityError))) + g.Expect(string(deploymentCondition.Reason)).To(Equal(string(condition.JobReasonBackoffLimitExceeded))) + }, th.Timeout, th.Interval).Should(Succeed()) + // Verify the deployment has the correct failure condition deployment := GetDataplaneDeployment(dataplaneDeploymentName) deploymentCondition := deployment.Status.Conditions.Get(condition.DeploymentReadyCondition) diff --git a/test/functional/dataplane/openstackdataplanenodeset_controller_test.go b/test/functional/dataplane/openstackdataplanenodeset_controller_test.go index 412d46f92..2cc3648d8 100644 --- a/test/functional/dataplane/openstackdataplanenodeset_controller_test.go +++ b/test/functional/dataplane/openstackdataplanenodeset_controller_test.go @@ -1734,16 +1734,11 @@ var _ = Describe("Dataplane NodeSet Test", func() { DeferCleanup(th.DeleteInstance, CreateDNSMasq(dnsMasqName, DefaultDNSMasqSpec())) DeferCleanup(th.DeleteInstance, CreateDataplaneNodeSet(testNodeSetName, nodeSetSpec)) - // Create first deployment (will fail) + // Create only the first deployment here (will fail) firstDeploymentSpec := DefaultDataPlaneDeploymentSpec() firstDeploymentSpec["nodeSets"] = []string{testNodeSetName.Name} DeferCleanup(th.DeleteInstance, CreateDataplaneDeployment(dataplaneDeploymentName, firstDeploymentSpec)) - // Create second deployment (will complete successfully) - secondDeploymentSpec := DefaultDataPlaneDeploymentSpec() - secondDeploymentSpec["nodeSets"] = []string{testNodeSetName.Name} - DeferCleanup(th.DeleteInstance, CreateDataplaneDeployment(secondDeploymentName, secondDeploymentSpec)) - CreateSSHSecret(dataplaneSSHSecretName) CreateCABundleSecret(caBundleSecretName) SimulateDNSMasqComplete(dnsMasqName) @@ -1752,7 +1747,7 @@ var _ = Describe("Dataplane NodeSet Test", func() { }) It("Should show all deployments in status and process completed deployment", func() { - // Fail the first deployment + // Wait for first AnsibleEE job to be created, then fail it Eventually(func(g Gomega) { ansibleeeName := types.NamespacedName{ Name: "bootstrap-" + dataplaneDeploymentName.Name + "-" + testNodeSetName.Name, @@ -1763,7 +1758,21 @@ var _ = Describe("Dataplane NodeSet Test", func() { g.Expect(th.K8sClient.Status().Update(th.Ctx, ansibleEE)).To(Succeed()) }, th.Timeout, th.Interval).Should(Succeed()) - // Complete the second deployment + // Wait for the first deployment to be marked as failed + Eventually(func(g Gomega) { + deployment := GetDataplaneDeployment(dataplaneDeploymentName) + g.Expect(deployment.Status.Conditions).ToNot(BeEmpty()) + readyCondition := deployment.Status.Conditions.Get(condition.ReadyCondition) + g.Expect(readyCondition).ToNot(BeNil()) + g.Expect(readyCondition.Status).To(Equal(corev1.ConditionFalse)) + }, th.Timeout, th.Interval).Should(Succeed()) + + // Now create the second deployment (will complete successfully) + secondDeploymentSpec := DefaultDataPlaneDeploymentSpec() + secondDeploymentSpec["nodeSets"] = []string{testNodeSetName.Name} + DeferCleanup(th.DeleteInstance, CreateDataplaneDeployment(secondDeploymentName, secondDeploymentSpec)) + + // Wait for second AnsibleEE job to be created, then complete it Eventually(func(g Gomega) { ansibleeeName := types.NamespacedName{ Name: "bootstrap-" + secondDeploymentName.Name + "-" + testNodeSetName.Name,