Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package virt-scenario for openSUSE:Factory checked in at 2023-03-24 15:21:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/virt-scenario (Old) and /work/SRC/openSUSE:Factory/.virt-scenario.new.31432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "virt-scenario" Fri Mar 24 15:21:22 2023 rev:7 rq:1074148 version:1.0.3 Changes: -------- --- /work/SRC/openSUSE:Factory/virt-scenario/virt-scenario.changes 2023-03-22 22:31:59.646601427 +0100 +++ /work/SRC/openSUSE:Factory/.virt-scenario.new.31432/virt-scenario.changes 2023-03-24 15:21:41.535285622 +0100 @@ -1,0 +2,16 @@ +Fri Mar 24 11:09:23 UTC 2023 - Antoine Ginies <agin...@suse.com> + +- version 1.0.3: + * fix buggy VM image name in XML config + * Add more information in the documentation (step by step securevm) + +------------------------------------------------------------------- +Thu Mar 23 17:02:31 UTC 2023 - Antoine Ginies <agin...@suse.com> + +- version 1.0.2: + * fix buggy vmimage option (error if not used) + * summary is displayed at the end in case of differences + * improve user password input for VM encrypted image + * some typo fixes + +------------------------------------------------------------------- Old: ---- virt-scenario-1.0.1.tar.gz New: ---- virt-scenario-1.0.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ virt-scenario.spec ++++++ --- /var/tmp/diff_new_pack.edHc5o/_old 2023-03-24 15:21:41.951287791 +0100 +++ /var/tmp/diff_new_pack.edHc5o/_new 2023-03-24 15:21:41.951287791 +0100 @@ -19,7 +19,7 @@ %define pythons python3 Name: virt-scenario -Version: 1.0.1 +Version: 1.0.3 Release: 0 Summary: Create XML guest configuration and prepare the host for a scenario License: GPL-3.0-or-later ++++++ virt-scenario-1.0.1.tar.gz -> virt-scenario-1.0.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/ChangeLog new/virt-scenario-1.0.3/ChangeLog --- old/virt-scenario-1.0.1/ChangeLog 2023-03-22 18:24:53.000000000 +0100 +++ new/virt-scenario-1.0.3/ChangeLog 2023-03-24 12:08:37.000000000 +0100 @@ -1,3 +1,88 @@ +2023-03-24 aginies <agin...@suse.com> + + sync with README.md + + +2023-03-24 aginies <agin...@suse.com> + + DISK FORMAT check should be done before source_file definition + + +2023-03-23 aginies <agin...@suse.com> + + add more info; prepare 1.0.3 + + +2023-03-23 aginies <agin...@suse.com> + + add some more info + + +2023-03-23 aginies <agin...@suse.com> + + add some more information + + +2023-03-23 aginies <agin...@suse.com> + + typo fix + + +2023-03-23 aginies <agin...@suse.com> + + improve show_how_to_use and sync main.py with current change in util and host lib + + +2023-03-23 aginies <agin...@suse.com> + + move to_report and input_password to util lib; Show to_report summary at the end + + +2023-03-23 aginies <agin...@suse.com> + + fix test on vmimage + + +2023-03-23 aginies <agin...@suse.com> + + try to fix vmimage error + + +2023-03-23 aginies <agin...@suse.com> + + sync with README.md + + +2023-03-23 aginies <agin...@suse.com> + + add missing name parameter + + +2023-03-23 aginies <agin...@suse.com> + + prepare 1.0.2 + + +2023-03-23 aginies <agin...@suse.com> + + sync with README.md + + +2023-03-23 aginies <agin...@suse.com> + + small fixes + + +2023-03-23 aginies <agin...@suse.com> + + improve layout + + +2023-03-23 aginies <agin...@suse.com> + + add an example + + 2023-03-22 aginies <agin...@suse.com> improve vmimage support diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/PKG-INFO new/virt-scenario-1.0.3/PKG-INFO --- old/virt-scenario-1.0.1/PKG-INFO 2023-03-22 18:24:53.000000000 +0100 +++ new/virt-scenario-1.0.3/PKG-INFO 2023-03-24 12:08:37.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: virt-scenario -Version: 1.0.1 +Version: 1.0.3 Summary: Virt-scenario Home-page: https://github.com/aginies/virt-scenario Author: Antoine Ginies @@ -18,6 +18,10 @@ Idea is to use multiple **templates** and concatenate them to create the expected Guest XML file. If Host need a custom setting it will also be done. + IE: setting up a secure VM is not so easy from scratch, this tool will prepare the host, + the XML guest config with secure parameter, and will deal with all the certificate, attestation + and launch measurement. In only 2 commands you can start a secure VM on an AMD SEV system! + Customization to match a specific scenario is not graved in stone. The idea is to prepare a configuration which should improved the usage compared to a basic setting. This will **NOT guarantee** that this is perfect as this higly depends on your current system. @@ -137,7 +141,7 @@ * **hvselect**: Set hypervisor for which VMs are configured * **hvlist**: List available hypervisors * **overwrite**: Force overwriting previous config - * **force_sev**: Force the extract of a localhost PDH file. This is NOT secure as this file should be stored in a secure place! Only for demo purpose + * **force_sev**: Force the extract of a localhost PDH file. This is **NOT secure** as this file should be stored in a secure place! Only for demo purpose ### Guest configuration @@ -155,7 +159,7 @@ ### Generate the XML configuration and prepare the host * **computation**: Create an XML configuration and host config to do computation VM - * **desktop**: Create an XML configuration and host config for Desktop VMU + * **desktop**: Create an XML configuration and host config for Desktop VM * **securevm**: Create an XML configuration and host config for Secure VM ### Others @@ -167,6 +171,10 @@ ## Default Settings Comparison + This settings should be better than default one. Of course this is not perfect, + or there is maybe some mistakes. Feel free to comment on this parameters or request + addition of new one. + | [Storage Settings](https://www.qemu.org/docs/master/system/qemu-block-drivers.html) | Secure VM | Computation | Desktop | | :--------------- | :---: | :---: | :---: | | preallocation | metadata | off | metadata | @@ -357,6 +365,64 @@ * metadata_data * only support 1 disk per VM + # Example with securevm (Confidential Computing) + + virt-scenario currently only support setting Virtual Machine on AMD SEV or SEV-ES system. + For more information about SUSE and SEV please refer to [SLES AMD SEV](href="https://documentation.suse.com/sles/15-SP4/single-html/SLES-amd-sev/). + + ## Prepare Your VM + + virt-scenario provides different options to configure the Virtual Machine. + In our example we will set different parameters to suit our needs, most of them + provides completion using the [TAB] key: + + ``` + name ALPOS + vcpu 4 + memory 8 + vnet default + bootdev hd + vmimage /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 + force_sev on + ``` + + This end up with a prompt like: + ``` + ---------- User Settings ---------- + Disk Path: /var/lib/libvirt/images + Main Configuration: /etc/virt-scenario/virtscenario.yaml + Hypervisor Configuration: /etc/virt-scenario/virthosts.yaml + Force SEV PDH extraction: on + Name: ALPOS + Vcpu: 4 + Memory: 8 + Boot Device: hd + Virtual Network: default + VM Image file: /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 + ``` + + ## Generate XML and prepare the host + + You are ready to run **securevm** to prepare the host system and generate the XML libvirt config: + ``` + securevm + ``` + + The generated XML file is available in **~/.local/virtscenario/ALPOS/domain.xml**. You can also find + a **config.yaml** which contains host data about this VM. In our case **attestation** will be set to + true, the host will be **localhost**. The **/etc/virt-scenario/virthosts.yaml** will be updated to + configure the correct path to the extracted PDH file (sev-cert). + + ## Launch the VM + + Launch the VM with the **virt-scenario-launch** tool: + ```shell + # virt-scenario-launch --start ALPOS + Connected to libvirtd socket; Version: 7001000 + SEV(-ES) attestation passed! + Validation successfull for domain ALPOS + ``` + # Authors Written by Antoine Ginies diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/README.md new/virt-scenario-1.0.3/README.md --- old/virt-scenario-1.0.1/README.md 2023-03-22 17:46:13.000000000 +0100 +++ new/virt-scenario-1.0.3/README.md 2023-03-23 19:28:24.000000000 +0100 @@ -10,6 +10,10 @@ Idea is to use multiple **templates** and concatenate them to create the expected Guest XML file. If Host need a custom setting it will also be done. +IE: setting up a secure VM is not so easy from scratch, this tool will prepare the host, +the XML guest config with secure parameter, and will deal with all the certificate, attestation +and launch measurement. In only 2 commands you can start a secure VM on an AMD SEV system! + Customization to match a specific scenario is not graved in stone. The idea is to prepare a configuration which should improved the usage compared to a basic setting. This will **NOT guarantee** that this is perfect as this higly depends on your current system. @@ -129,7 +133,7 @@ * **hvselect**: Set hypervisor for which VMs are configured * **hvlist**: List available hypervisors * **overwrite**: Force overwriting previous config -* **force_sev**: Force the extract of a localhost PDH file. This is NOT secure as this file should be stored in a secure place! Only for demo purpose +* **force_sev**: Force the extract of a localhost PDH file. This is **NOT secure** as this file should be stored in a secure place! Only for demo purpose ### Guest configuration @@ -147,7 +151,7 @@ ### Generate the XML configuration and prepare the host * **computation**: Create an XML configuration and host config to do computation VM -* **desktop**: Create an XML configuration and host config for Desktop VMU +* **desktop**: Create an XML configuration and host config for Desktop VM * **securevm**: Create an XML configuration and host config for Secure VM ### Others @@ -159,6 +163,10 @@ ## Default Settings Comparison +This settings should be better than default one. Of course this is not perfect, +or there is maybe some mistakes. Feel free to comment on this parameters or request +addition of new one. + | [Storage Settings](https://www.qemu.org/docs/master/system/qemu-block-drivers.html) | Secure VM | Computation | Desktop | | :--------------- | :---: | :---: | :---: | | preallocation | metadata | off | metadata | @@ -349,6 +357,64 @@ * metadata_data * only support 1 disk per VM +# Example with securevm (Confidential Computing) + +virt-scenario currently only support setting Virtual Machine on AMD SEV or SEV-ES system. +For more information about SUSE and SEV please refer to [SLES AMD SEV](href="https://documentation.suse.com/sles/15-SP4/single-html/SLES-amd-sev/). + +## Prepare Your VM + +virt-scenario provides different options to configure the Virtual Machine. +In our example we will set different parameters to suit our needs, most of them +provides completion using the [TAB] key: + +``` +name ALPOS +vcpu 4 +memory 8 +vnet default +bootdev hd +vmimage /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 +force_sev on +``` + +This end up with a prompt like: +``` +---------- User Settings ---------- +Disk Path: /var/lib/libvirt/images +Main Configuration: /etc/virt-scenario/virtscenario.yaml +Hypervisor Configuration: /etc/virt-scenario/virthosts.yaml +Force SEV PDH extraction: on +Name: ALPOS +Vcpu: 4 +Memory: 8 +Boot Device: hd +Virtual Network: default +VM Image file: /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 +``` + +## Generate XML and prepare the host + +You are ready to run **securevm** to prepare the host system and generate the XML libvirt config: +``` +securevm +``` + +The generated XML file is available in **~/.local/virtscenario/ALPOS/domain.xml**. You can also find + a **config.yaml** which contains host data about this VM. In our case **attestation** will be set to +true, the host will be **localhost**. The **/etc/virt-scenario/virthosts.yaml** will be updated to +configure the correct path to the extracted PDH file (sev-cert). + +## Launch the VM + +Launch the VM with the **virt-scenario-launch** tool: +```shell +# virt-scenario-launch --start ALPOS +Connected to libvirtd socket; Version: 7001000 +SEV(-ES) attestation passed! +Validation successfull for domain ALPOS +``` + # Authors Written by Antoine Ginies diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/man/virt-scenario.1 new/virt-scenario-1.0.3/man/virt-scenario.1 --- old/virt-scenario-1.0.1/man/virt-scenario.1 2023-03-22 17:46:23.000000000 +0100 +++ new/virt-scenario-1.0.3/man/virt-scenario.1 2023-03-24 12:08:14.000000000 +0100 @@ -32,6 +32,11 @@ create the expected Guest XML file. If Host need a custom setting it will also be done. .PP +IE: setting up a secure VM is not so easy from scratch, this tool will +prepare the host, the XML guest config with secure parameter, and will +deal with all the certificate, attestation and launch measurement. +In only 2 commands you can start a secure VM on an AMD SEV system! +.PP Customization to match a specific scenario is not graved in stone. The idea is to prepare a configuration which should improved the usage compared to a basic setting. @@ -168,7 +173,8 @@ \f[B]overwrite\f[R]: Force overwriting previous config .IP \[bu] 2 \f[B]force_sev\f[R]: Force the extract of a localhost PDH file. -This is NOT secure as this file should be stored in a secure place! +This is \f[B]NOT secure\f[R] as this file should be stored in a secure +place! Only for demo purpose .SS Guest configuration .IP \[bu] 2 @@ -197,7 +203,7 @@ computation VM .IP \[bu] 2 \f[B]desktop\f[R]: Create an XML configuration and host config for -Desktop VMU +Desktop VM .IP \[bu] 2 \f[B]securevm\f[R]: Create an XML configuration and host config for Secure VM @@ -209,6 +215,10 @@ .SH Possible Scenarios .SS Default Settings Comparison .PP +This settings should be better than default one. +Of course this is not perfect, or there is maybe some mistakes. +Feel free to comment on this parameters or request addition of new one. +.PP .TS tab(@); lw(36.1n) cw(11.3n) cw(11.3n) cw(11.3n). @@ -778,6 +788,78 @@ This is currently not changeable using the template, this needs to be adjusted in the futur (or not\&...): * console_data * channel_data * memballoon_data * rng_data * metadata_data * only support 1 disk per VM +.SH Example with securevm (Confidential Computing) +.PP +virt-scenario currently only support setting Virtual Machine on AMD SEV +or SEV-ES system. +For more information about SUSE and SEV please refer to SLES AMD SEV. +.SS Prepare Your VM +.PP +virt-scenario provides different options to configure the Virtual +Machine. +In our example we will set different parameters to suit our needs, most +of them provides completion using the [TAB] key: +.IP +.nf +\f[C] +name ALPOS +vcpu 4 +memory 8 +vnet default +bootdev hd +vmimage /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 +force_sev on +\f[R] +.fi +.PP +This end up with a prompt like: +.IP +.nf +\f[C] +---------- User Settings ---------- +Disk Path: /var/lib/libvirt/images +Main Configuration: /etc/virt-scenario/virtscenario.yaml +Hypervisor Configuration: /etc/virt-scenario/virthosts.yaml +Force SEV PDH extraction: on +Name: ALPOS +Vcpu: 4 +Memory: 8 +Boot Device: hd +Virtual Network: default +VM Image file: /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 +\f[R] +.fi +.SS Generate XML and prepare the host +.PP +You are ready to run \f[B]securevm\f[R] to prepare the host system and +generate the XML libvirt config: +.IP +.nf +\f[C] +securevm +\f[R] +.fi +.PP +The generated XML file is available in +\f[B]\[ti]/.local/virtscenario/ALPOS/domain.xml\f[R]. +You can also find a \f[B]config.yaml\f[R] which contains host data about +this VM. +In our case \f[B]attestation\f[R] will be set to true, the host will be +\f[B]localhost\f[R]. +The \f[B]/etc/virt-scenario/virthosts.yaml\f[R] will be updated to +configure the correct path to the extracted PDH file (sev-cert). +.SS Launch the VM +.PP +Launch the VM with the \f[B]virt-scenario-launch\f[R] tool: +.IP +.nf +\f[C] +# virt-scenario-launch --start ALPOS +Connected to libvirtd socket; Version: 7001000 +SEV(-ES) attestation passed! +Validation successfull for domain ALPOS +\f[R] +.fi .SH Authors .PP Written by Antoine Ginies diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/setup.py new/virt-scenario-1.0.3/setup.py --- old/virt-scenario-1.0.1/setup.py 2023-03-22 17:45:38.000000000 +0100 +++ new/virt-scenario-1.0.3/setup.py 2023-03-23 19:28:44.000000000 +0100 @@ -161,7 +161,7 @@ setuptools.setup( name="virt-scenario", - version="1.0.1", + version="1.0.3", author="Antoine Ginies", author_email="agin...@suse.com", description="Virt-scenario", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virt_scenario.egg-info/PKG-INFO new/virt-scenario-1.0.3/src/virt_scenario.egg-info/PKG-INFO --- old/virt-scenario-1.0.1/src/virt_scenario.egg-info/PKG-INFO 2023-03-22 18:24:53.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virt_scenario.egg-info/PKG-INFO 2023-03-24 12:08:37.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: virt-scenario -Version: 1.0.1 +Version: 1.0.3 Summary: Virt-scenario Home-page: https://github.com/aginies/virt-scenario Author: Antoine Ginies @@ -18,6 +18,10 @@ Idea is to use multiple **templates** and concatenate them to create the expected Guest XML file. If Host need a custom setting it will also be done. + IE: setting up a secure VM is not so easy from scratch, this tool will prepare the host, + the XML guest config with secure parameter, and will deal with all the certificate, attestation + and launch measurement. In only 2 commands you can start a secure VM on an AMD SEV system! + Customization to match a specific scenario is not graved in stone. The idea is to prepare a configuration which should improved the usage compared to a basic setting. This will **NOT guarantee** that this is perfect as this higly depends on your current system. @@ -137,7 +141,7 @@ * **hvselect**: Set hypervisor for which VMs are configured * **hvlist**: List available hypervisors * **overwrite**: Force overwriting previous config - * **force_sev**: Force the extract of a localhost PDH file. This is NOT secure as this file should be stored in a secure place! Only for demo purpose + * **force_sev**: Force the extract of a localhost PDH file. This is **NOT secure** as this file should be stored in a secure place! Only for demo purpose ### Guest configuration @@ -155,7 +159,7 @@ ### Generate the XML configuration and prepare the host * **computation**: Create an XML configuration and host config to do computation VM - * **desktop**: Create an XML configuration and host config for Desktop VMU + * **desktop**: Create an XML configuration and host config for Desktop VM * **securevm**: Create an XML configuration and host config for Secure VM ### Others @@ -167,6 +171,10 @@ ## Default Settings Comparison + This settings should be better than default one. Of course this is not perfect, + or there is maybe some mistakes. Feel free to comment on this parameters or request + addition of new one. + | [Storage Settings](https://www.qemu.org/docs/master/system/qemu-block-drivers.html) | Secure VM | Computation | Desktop | | :--------------- | :---: | :---: | :---: | | preallocation | metadata | off | metadata | @@ -357,6 +365,64 @@ * metadata_data * only support 1 disk per VM + # Example with securevm (Confidential Computing) + + virt-scenario currently only support setting Virtual Machine on AMD SEV or SEV-ES system. + For more information about SUSE and SEV please refer to [SLES AMD SEV](href="https://documentation.suse.com/sles/15-SP4/single-html/SLES-amd-sev/). + + ## Prepare Your VM + + virt-scenario provides different options to configure the Virtual Machine. + In our example we will set different parameters to suit our needs, most of them + provides completion using the [TAB] key: + + ``` + name ALPOS + vcpu 4 + memory 8 + vnet default + bootdev hd + vmimage /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 + force_sev on + ``` + + This end up with a prompt like: + ``` + ---------- User Settings ---------- + Disk Path: /var/lib/libvirt/images + Main Configuration: /etc/virt-scenario/virtscenario.yaml + Hypervisor Configuration: /etc/virt-scenario/virthosts.yaml + Force SEV PDH extraction: on + Name: ALPOS + Vcpu: 4 + Memory: 8 + Boot Device: hd + Virtual Network: default + VM Image file: /var/lib/libvirt/images/ALP-VM.x86_64-0.0.1-kvm_encrypted-Snapshot20230309.qcow2 + ``` + + ## Generate XML and prepare the host + + You are ready to run **securevm** to prepare the host system and generate the XML libvirt config: + ``` + securevm + ``` + + The generated XML file is available in **~/.local/virtscenario/ALPOS/domain.xml**. You can also find + a **config.yaml** which contains host data about this VM. In our case **attestation** will be set to + true, the host will be **localhost**. The **/etc/virt-scenario/virthosts.yaml** will be updated to + configure the correct path to the extracted PDH file (sev-cert). + + ## Launch the VM + + Launch the VM with the **virt-scenario-launch** tool: + ```shell + # virt-scenario-launch --start ALPOS + Connected to libvirtd socket; Version: 7001000 + SEV(-ES) attestation passed! + Validation successfull for domain ALPOS + ``` + # Authors Written by Antoine Ginies diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virt_scenario.egg-info/SOURCES.txt new/virt-scenario-1.0.3/src/virt_scenario.egg-info/SOURCES.txt --- old/virt-scenario-1.0.1/src/virt_scenario.egg-info/SOURCES.txt 2023-03-22 18:24:53.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virt_scenario.egg-info/SOURCES.txt 2023-03-24 12:08:37.000000000 +0100 @@ -31,7 +31,6 @@ src/virtscenario/main.py src/virtscenario/qemulist.py src/virtscenario/scenario.py -src/virtscenario/secure_launch.py src/virtscenario/sev.py src/virtscenario/template.py src/virtscenario/util.py diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virtscenario/__init__.py new/virt-scenario-1.0.3/src/virtscenario/__init__.py --- old/virt-scenario-1.0.1/src/virtscenario/__init__.py 2023-03-22 17:45:24.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virtscenario/__init__.py 2023-03-23 19:28:53.000000000 +0100 @@ -30,4 +30,4 @@ builtins.__dict__["_"] = str -__version__ = "1.0.1" +__version__ = "1.0.3" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virtscenario/configstore.py new/virt-scenario-1.0.3/src/virtscenario/configstore.py --- old/virt-scenario-1.0.1/src/virtscenario/configstore.py 2023-03-21 16:12:03.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virtscenario/configstore.py 2023-03-23 18:08:00.000000000 +0100 @@ -129,8 +129,8 @@ cfg_store = ConfigStore(config.vm_config_store) cfg_store.initialize(vm_data.name['VM_name'], hypervisor) if cfg_store.exists() and overwrite != "on": - util.print_error("VM with name {} already exists in {} directory.\nPlease set a new name and try again.\nYou can also use the option: overwirte on".format(vm_data.name['VM_name'], cfg_store.get_path())) + util.print_error("VM with name {} already exists in {} directory.\nPlease set a new name and try again.\nYou can also use the option: overwrite on".format(vm_data.name['VM_name'], cfg_store.get_path())) return None elif cfg_store.exists() and overwrite == "on": - util.print_ok("VM with name {} already exists in {} directory.\nForce mode enabled, I will overwirte files.".format(vm_data.name['VM_name'], cfg_store.get_path())) + util.print_ok("VM with name {} already exists in {} directory.\nForce mode enabled, overwriting files.".format(vm_data.name['VM_name'], cfg_store.get_path())) return cfg_store diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virtscenario/host.py new/virt-scenario-1.0.3/src/virtscenario/host.py --- old/virt-scenario-1.0.1/src/virtscenario/host.py 2023-03-22 16:50:34.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virtscenario/host.py 2023-03-23 17:40:54.000000000 +0100 @@ -374,16 +374,11 @@ else: util.print_error("There is no hugepages support on this system") -def host_end(toreport, conffile): +def host_end(): """ end of host configuration """ util.print_summary_ok("\nHost Configuration is done") - if len(toreport) != 6: - util.print_summary("\nComparison table between user and recommended settings") - util.print_warning("You are over writing scenario setting!") - print(" Overwrite are from "+conffile+"\n") - util.print_recommended(toreport) # Net data NET_DATA = { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virtscenario/main.py new/virt-scenario-1.0.3/src/virtscenario/main.py --- old/virt-scenario-1.0.1/src/virtscenario/main.py 2023-03-22 18:22:17.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virtscenario/main.py 2023-03-24 12:03:42.000000000 +0100 @@ -19,7 +19,6 @@ """ from cmd import Cmd -import getpass import os import yaml import subprocess @@ -105,13 +104,13 @@ cfg_store.store_config() util.print_summary_ok("Guest XML Configuration is done") -def show_how_to_use(filename): +def show_how_to_use(filename, vmname): """ show the virsh define command """ - util.print_summary_ok("How to use this on your system") - util.print_ok("Use the virt-scenario-launch tool\n") - util.print_ok("You can also import this config with virsh: virsh define "+filename+"\n") + util.print_summary("How to use this on your system") + util.print_ok("Use the virt-scenario-launch tool:\n") + print("virt-scenario-launch --start "+vmname+"\n") def find_ext_file(ext): """ @@ -188,7 +187,7 @@ vcpu = name = diskpath = memory = osdef = ondef = cpumode = power = watchdog = "" audio = usb = disk = features = clock = network = filename = tpm = iothreads = "" callsign = custom = security = video = controller = hugepages = toreport = "" - loader = config = fw_info = vm_config = cdrom = vnet = hostfs = "" + loader = config = fw_info = vm_config = cdrom = vnet = hostfs = vmimage = "" STORAGE_DATA = STORAGE_DATA_REC = host_filesystem = "" memory_pin = False # prompt Cmd @@ -309,7 +308,7 @@ self.listosdef.update({'boot_dev': 'cdrom'}) vmimage = self.dataprompt.get('vmimage') - if vmimage != None: + if vmimage != "": self.vmimage = vmimage machineuser = self.dataprompt.get('machine') @@ -588,7 +587,7 @@ self.STORAGE_DATA['encryption'] = self.STORAGE_DATA_REC['encryption'] # Ask for the disk password if self.vmimage is None: - password = getpass.getpass("Please enter password to encrypt the VM image: ") + password = util.input_password() self.STORAGE_DATA['password'] = password # DISKCACHE @@ -621,17 +620,6 @@ if self.STORAGE_DATA['lazy_refcounts'] == "": self.STORAGE_DATA['lazy_refcounts'] = self.STORAGE_DATA_REC['lazy_refcounts'] - # user specify an image to use - if self.vmimage is not None: - output = subprocess.check_output(["qemu-img", "info", self.vmimage]) - output = output.decode("utf-8") - format_line = [line for line in output.splitlines() if "file format:" in line][0] - image_format = format_line.split(":")[1].strip() - self.STORAGE_DATA['format'] = image_format - self.STORAGE_DATA['source_file'] = self.vmimage - else: - self.STORAGE_DATA['source_file'] = self.STORAGE_DATA['path']+"/"+self.callsign+"."+self.STORAGE_DATA['format'] - # DISK FORMAT if self.STORAGE_DATA['format'] != self.STORAGE_DATA_REC['format']: if self.STORAGE_DATA['format'] != "": @@ -643,6 +631,17 @@ if self.STORAGE_DATA['format'] == "": self.STORAGE_DATA['format'] = self.STORAGE_DATA_REC['format'] + # user specify an image to use + if self.vmimage is not None: + output = subprocess.check_output(["qemu-img", "info", self.vmimage]) + output = output.decode("utf-8") + format_line = [line for line in output.splitlines() if "file format:" in line][0] + image_format = format_line.split(":")[1].strip() + self.STORAGE_DATA['format'] = image_format + self.STORAGE_DATA['source_file'] = self.vmimage + else: + self.STORAGE_DATA['source_file'] = self.STORAGE_DATA['path']+"/"+self.callsign+"."+self.STORAGE_DATA['format'] + # Remove index in dict which are empty if nestedindex >= 1: for _count in range(1, 6): @@ -748,12 +747,13 @@ host.swappiness("0") # mq-deadline / kyber / bfq / none host.manage_ioscheduler("mq-deadline") - host.host_end(self.toreport, self.conffile) + host.host_end() if self.mode != "host" or self.mode == "both": final_step_guest(cfg_store, self) - show_how_to_use(cfg_store.get_path()+"domain.xml") + util.to_report(self.toreport, self.conffile) + show_how_to_use(cfg_store.get_path()+"domain.xml", self.callsign) def do_desktop(self, args): """ @@ -832,12 +832,13 @@ host.swappiness("35") # mq-deadline / kyber / bfq / none host.manage_ioscheduler("mq-deadline") - host.host_end(self.toreport, self.conffile) + host.host_end() if self.mode != "host" or self.mode == "both": final_step_guest(cfg_store, self) - show_how_to_use(cfg_store.get_path()+"domain.xml") + util.to_report(self.toreport, self.conffile) + show_how_to_use(cfg_store.get_path()+"domain.xml", self.callsign) def do_securevm(self, args): """ @@ -969,12 +970,13 @@ # mq-deadline / kyber / bfq / none host.manage_ioscheduler("bfq") # END of the config - host.host_end(self.toreport, self.conffile) + host.host_end() if self.mode != "host" or self.mode == "both": final_step_guest(cfg_store, self) - show_how_to_use(cfg_store.get_path()+"domain.xml") + util.to_report(self.toreport, self.conffile) + show_how_to_use(cfg_store.get_path()+"domain.xml", self.callsign) def do_name(self, args): """ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virtscenario/secure_launch.py new/virt-scenario-1.0.3/src/virtscenario/secure_launch.py --- old/virt-scenario-1.0.1/src/virtscenario/secure_launch.py 2023-02-20 12:14:58.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virtscenario/secure_launch.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,25 +0,0 @@ -#!/usr/bin/env python3 -# - -# https://libvirt.org/kbase/launch_security_sev.html#guest-attestation-for-sev-sev-es-from-a-trusted-host - -#When launching the guest, it should be set to remain in the paused state with no vCPUs running: -#$ virsh start --paused ${myvmname} - -#$ virsh domlaunchsecinfo ${myvmname} -#sev-measurement: LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp -#sev-api-major : 0 -#sev-api-minor : 24 -#sev-build-id : 15 -#sev-policy : 3 - -#The techiques required to validate the measurement reported are beyond the scope of this document. Fortunately, libvirt provides a tool that can be used to perform this validation: -# -#$ virt-qemu-sev-validate \ -# --measurement LMnv8i8N2QejezMPkscShF0cyPYCslgUoCxGWRqQuyt0Q0aUjVkH/T6NcmkwZkWp -# --api-major 0 -# --api-minor 24 -# --build-id 15 -# --policy 3 -# --tik ${myvmname}_tik.bin -# --tek ${myvmname}_tek.bin diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/virt-scenario-1.0.1/src/virtscenario/util.py new/virt-scenario-1.0.3/src/virtscenario/util.py --- old/virt-scenario-1.0.1/src/virtscenario/util.py 2023-03-22 18:13:55.000000000 +0100 +++ new/virt-scenario-1.0.3/src/virtscenario/util.py 2023-03-23 17:57:16.000000000 +0100 @@ -19,6 +19,7 @@ import subprocess import os +import getpass import shutil import yaml @@ -91,6 +92,7 @@ for number in range(1, int(total)): print("|{:^20s}|{:^30s}|{:^30s}|".format(toreport[number]["title"], toreport[number]["rec"], str(toreport[number]["set"]))) print("|----------------------------------------------------------------------------------|") + print("\n") def print_ok(text): """ @@ -108,18 +110,25 @@ def print_summary(text): """ - Print title with magenta background + Print summary with magenta background """ formated_text = esc('bg_purple')+text.upper()+esc('reset') print(formated_text) def print_summary_ok(text): """ - Print title with green background + Print summary with green background """ formated_text = esc('bg_green')+text+esc('reset')+"\n" print(formated_text) +def print_command(text): + """ + Print command with blue background + """ + formated_text = esc('bg_blue')+text+esc('reset')+"\n\n" + print(formated_text) + def print_data(data, value): """ Print the data @@ -212,3 +221,25 @@ print_error("Hypervisor "+hypervisor+" not found ....") stream.close() + +def to_report(toreport, conffile): + """ + Report diff between recommend and user settings + """ + if len(toreport) != 6: + print_summary("\nComparison table between user and recommended settings") + print_warning("You are over writing scenario setting!") + print(" Overwrite are from "+conffile+"\n") + print_recommended(toreport) + +def input_password(): + """ + check input password until this is ok + """ + while True: + password1 = getpass.getpass("Please enter a password to encrypt the VM image: ") + password2 = getpass.getpass("Confirm this password: ") + if password1 == password2: + return password1 + else: + print("Passwords do not match. Please try again.")