qa/rgw: configure sse-s3 in vault_transit.yaml

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 1b679e0828ce2f44a03fc8d36a43783014dfba55)

diff --git a/qa/suites/rgw/crypt/2-kms/vault_transit.yaml b/qa/suites/rgw/crypt/2-kms/vault_transit.yaml
index fe8c8409dbef9a393bb673663117a068980e23d1..4e6d27025153749d9025dc7f24e3c36d6e41d8ea 100644 (file)
--- a/qa/suites/rgw/crypt/2-kms/vault_transit.yaml
+++ b/qa/suites/rgw/crypt/2-kms/vault_transit.yaml
@@ -6,6 +6,10 @@ overrides:
         rgw crypt vault auth: token
         rgw crypt vault secret engine: transit
         rgw crypt vault prefix: /v1/transit/
+        rgw crypt sse s3 backend: vault
+        rgw crypt sse s3 vault auth: token
+        rgw crypt sse s3 vault secret engine: transit
+        rgw crypt sse s3 vault prefix: /v1/transit/
   rgw:
     client.0:
       use-vault-role: client.0

diff --git a/qa/tasks/rgw.py b/qa/tasks/rgw.py
index 3d2542981b1beabfcf6a2b6c7974a9ecd4a82899..bde82de41756c97691f5fdfae8dd3233c21fe302 100644 (file)
--- a/qa/tasks/rgw.py
+++ b/qa/tasks/rgw.py
@@ -138,9 +138,12 @@ def start_rgw(ctx, config, clients):
             ctx.cluster.only(client).run(args=['sudo', 'chmod', '600', token_path])
             ctx.cluster.only(client).run(args=['sudo', 'chown', 'ceph', token_path])
 
+            vault_addr = "{}:{}".format(*ctx.vault.endpoints[vault_role])
             rgw_cmd.extend([
-                '--rgw_crypt_vault_addr', "{}:{}".format(*ctx.vault.endpoints[vault_role]),
-                '--rgw_crypt_vault_token_file', token_path
+                '--rgw_crypt_vault_addr', vault_addr,
+                '--rgw_crypt_vault_token_file', token_path,
+                '--rgw_crypt_sse_s3_vault_addr', vault_addr,
+                '--rgw_crypt_sse_s3_vault_token_file', token_path,
             ])
         elif pykmip_role is not None:
             if not hasattr(ctx, 'pykmip'):