tests: add test nvme-symlink to verify GCP udev rules

Force this test to not run by default unless named specifically or `--tag confidential` is passed to `kola run`, also requires `--gcp-machinetype n2d-standard-2 --gcp-confidential-vm` It will create confidential instance on GCP with 1 nvme persistent disk and 1 local ssd disk, then check the new udev rules make effect. Based on coreos/coreos-assembler#3474 and coreos/coreos-assembler#3477. Fix coreos/fedora-coreos-tracker#1457
HuijingHei · May 22, 2023 · 6a12803 · 6a12803
1 parent 0e3d1db
commit 6a12803
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 0 deletions.
diff --git a/tests/kola/platforms/gcp/data/commonlib.sh b/tests/kola/platforms/gcp/data/commonlib.sh
@@ -0,0 +1 @@
+../../../data/commonlib.sh
diff --git a/tests/kola/platforms/gcp/nvme-symlink b/tests/kola/platforms/gcp/nvme-symlink
@@ -0,0 +1,72 @@
+#!/bin/bash
+## kola:
+##   description: Verify new GCP udev rules work well on confidential instance.
+##   additionalDisks: ["375G:interface=NVME"]
+##   platforms: gcp
+##   requiredTag: confidential
+
+# See https://issues.redhat.com/browse/OCPBUGS-7582
+# https://github.com/coreos/fedora-coreos-tracker/issues/1457
+#
+# Force this test to not run by default unless named specifically
+# or `--tag confidential` is passed to `kola run`, also requires
+# `--gcp-machinetype n2d-standard-2 --gcp-confidential-vm`
+#
+# It will create confidential instance on GCP with 1 nvme persistent disk 
+# and 1 local ssd disk, then check the new udev rules make effect.
+# Note: each local SSD is 375 GB in size, refer to https://cloud.google.com/compute/docs/disks/local-ssd
+
+set -xeuo pipefail
+
+. $KOLA_EXT_DATA/commonlib.sh
+
+# verify the instance is Confidential VM
+is_confidential_vm() {
+    local sevlog = $(dmesg | grep SEV | head)
+    if [ -n "${sevlog}" ] && echo "${sevlog}" | grep "active: AMD SEV"; then
+        ok "instance is Confidential VM"
+    else
+        fatal "instance should be Confidential VM"
+    fi
+}
+
+# check nvme device
+has_nvme() {
+    local nvme_disk=$(jq -r ".[].Subsystems[].Paths[] | select(.Name == \"${disk}\").Name" <<< "$nvme_info")
+    if [ -n "${nvme_disk}" ]; then
+        if [ ! -e "${device}" ]; then
+            fatal "instance has nvme device but no ${disk} accessible"
+        fi
+    fi
+}
+
+# check symlink
+check_symlink() {
+    local tmpfile=$(mktemp)
+    /usr/lib/udev/google_nvme_id -d "${device}" > ${tmpfile}
+    source ${tmpfile}
+    if [ ! -n "${ID_SERIAL_SHORT:-}" ]; then
+        fatal "can not get nvme ${device} ID_SERIAL_SHORT"
+    fi
+
+    local link="/dev/disk/by-id/google-${ID_SERIAL_SHORT}"
+    if ! ls -l "${link}"; then
+        fatal "can not find ${device} symlink ${link}"
+    fi
+}
+
+is_confidential_vm
+
+# check instance has 2 disks
+nvme_info=$(nvme list-subsys -o json)
+nvme_count=$(jq -r ".[].Subsystems | length" <<< "$nvme_info")
+if [ $nvme_count -ne 2 ]; then
+    fatal "instance does not have 2 disks"
+fi
+
+for disk in nvme0 nvme1; do
+    device="/dev/${disk}n1"
+    has_nvme
+    check_symlink
+    ok "Find ${device} symlink"
+done