AB#2260 Refactor disk-mapper recovery (#82)

* Refactor disk-mapper recovery * Adapt constellation recover command to use new disk-mapper recovery API * Fix Cilium connectivity on rebooting nodes (#89) * Lower CoreDNS reschedule timeout to 10 seconds (#93) Signed-off-by: Daniel Weiße <dw@edgeless.systems>
2025-05-02 22:34:56 -04:00 · 2022-09-08 14:45:27 +02:00 · 2022-09-08 14:45:27 +02:00 · 8cb155d5c5
commit 8cb155d5c5
parent a7b20b2a11
40 changed files with 1600 additions and 1130 deletions
--- a/disk-mapper/internal/systemd/systemd_test.go
+++ b/disk-mapper/internal/systemd/systemd_test.go
@ -0,0 +1,49 @@
+/*
+Copyright (c) Edgeless Systems GmbH
+
+SPDX-License-Identifier: AGPL-3.0-only
+*/
+
+package systemd
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"go.uber.org/goleak"
+)
+
+func TestMain(m *testing.M) {
+	goleak.VerifyTestMain(m)
+}
+
+func TestConfigureUnit(t *testing.T) {
+	assert := assert.New(t)
+	generator := CryptsetupUnitGenerator{}
+	got, err := generator.configureUnit("volumeName", "/encrypted/device/path", "/key/file/path", "options")
+	assert.NoError(err)
+	assert.Equal(`[Unit]
+Description=Cryptography Setup for %I
+Documentation=man:crypttab(5) man:systemd-cryptsetup-generator(8) man:systemd-cryptsetup@.service(8)
+DefaultDependencies=no
+IgnoreOnIsolate=true
+After=cryptsetup-pre.target systemd-udevd-kernel.socket
+Before=blockdev@dev-mapper-%i.target
+Wants=blockdev@dev-mapper-%i.target
+Conflicts=umount.target
+Before=cryptsetup.target
+RequiresMountsFor=/key/file/path
+BindsTo=encrypted-device-path.device
+After=encrypted-device-path.device
+Before=umount.target
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+TimeoutSec=0
+KeyringMode=shared
+OOMScoreAdjust=500
+ExecStart=/usr/lib/systemd/systemd-cryptsetup attach 'volumeName' '/encrypted/device/path' '/key/file/path' 'options'
+ExecStop=/usr/lib/systemd/systemd-cryptsetup detach 'volumeName'
+`, got)
+}