Hello Emily Zhang,
I'd like you to do a code review. Please visit
http://gerrit.ovirt.org/16987
to review the following change.
Change subject: engine:Trusted Compute Pools - Open Attestation integration
with oVirt engine
......................................................................
engine:Trusted Compute Pools - Open Attestation integration with oVirt engine
Detailed description: http://wiki.ovirt.org/Trusted_compute_pools
For the case that TCP not configured correctly(not configured), when user try
to create a trusted cluster, should fail it and give user a notification.
Change-Id: I03aba74d09ffe8eb580b369e07232370b3954dec
Signed-off-by: Gang Wei <[email protected]>
Signed-off-by: Emily <[email protected]>
---
M
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVdsGroupCommand.java
M
backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateVdsGroupCommand.java
M
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java
M
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/ErrorType.java
M
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/VdcBllMessages.java
M
backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/ConfigurationValues.java
M backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties
M
backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/util/ErrorMessageHelper.java
M
frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java
M
frontend/webadmin/modules/uicompat/src/main/java/org/ovirt/engine/ui/uicompat/UIConstants.java
M packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql
11 files changed, 24 insertions(+), 4 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/87/16987/1
diff --git
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVdsGroupCommand.java
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVdsGroupCommand.java
index f1b2a90..1bcc218 100644
---
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVdsGroupCommand.java
+++
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/AddVdsGroupCommand.java
@@ -182,6 +182,10 @@
result = false;
}
}
+ if (result && getVdsGroup().supportsTrustedService()&& Config.<String>
GetValue(ConfigValues.AttestationServer).equals("")) {
+
addCanDoActionMessage(VdcBllMessages.VDS_GROUP_CANNOT_DO_ACTION_ATTESTATION_SERVER_NO_CONFIGURE);
+ result = false;
+ }
return result;
}
diff --git
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateVdsGroupCommand.java
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateVdsGroupCommand.java
index 509eb09..1563218 100644
---
a/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateVdsGroupCommand.java
+++
b/backend/manager/modules/bll/src/main/java/org/ovirt/engine/core/bll/UpdateVdsGroupCommand.java
@@ -32,6 +32,8 @@
import org.ovirt.engine.core.dao.VdsStaticDAO;
import org.ovirt.engine.core.dao.network.NetworkDao;
import org.ovirt.engine.core.utils.NetworkUtils;
+import org.ovirt.engine.core.common.config.Config;
+import org.ovirt.engine.core.common.config.ConfigValues;
public class UpdateVdsGroupCommand<T extends VdsGroupOperationParameters>
extends
VdsGroupOperationCommandBase<T> implements RenamedEntityInfoProvider{
@@ -294,6 +296,10 @@
result = false;
}
}
+ if (result && getVdsGroup().supportsTrustedService() &&
Config.<String> GetValue(ConfigValues.AttestationServer).equals("")) {
+
addCanDoActionMessage(VdcBllMessages.VDS_GROUP_CANNOT_DO_ACTION_ATTESTATION_SERVER_NO_CONFIGURE);
+ result = false;
+ }
return result;
}
diff --git
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java
index f98adb4..3959a7d 100644
---
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java
+++
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/config/ConfigValues.java
@@ -1345,7 +1345,7 @@
AttestationTruststorePass(430),
@TypeConverterAttribute(String.class)
- @DefaultValueAttribute("oat-server")
+ @DefaultValueAttribute("")
AttestationServer(431),
@TypeConverterAttribute(Integer.class)
diff --git
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/ErrorType.java
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/ErrorType.java
index f26477c..8333efa 100644
---
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/ErrorType.java
+++
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/ErrorType.java
@@ -47,4 +47,6 @@
* had occured.
*/
DATA_CORRUPTION,
+
+ ATTESTATION_SERVER_ERROR,
}
diff --git
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/VdcBllMessages.java
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/VdcBllMessages.java
index 2e7083a..84e0d23 100644
---
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/VdcBllMessages.java
+++
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/errors/VdcBllMessages.java
@@ -355,6 +355,7 @@
VDS_GROUP_CANNOT_UPDATE_VDS_UP(ErrorType.CONFLICT),
VDS_GROUP_CANNOT_ADD_COMPATIBILITY_VERSION_WITH_LOWER_STORAGE_POOL(ErrorType.INCOMPATIBLE_VERSION),
VDS_GROUP_CANNOT_REMOVE_HAS_VM_POOLS(ErrorType.CONFLICT),
+
VDS_GROUP_CANNOT_DO_ACTION_ATTESTATION_SERVER_NO_CONFIGURE(ErrorType.ATTESTATION_SERVER_ERROR),
NETWORK_HOST_IS_BUSY(ErrorType.CONFLICT),
ACTION_TYPE_FAILED_NETWORK_NAME_IN_USE(ErrorType.CONFLICT),
ACTION_TYPE_FAILED_NETWORK_IN_USE(ErrorType.CONFLICT),
diff --git
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/ConfigurationValues.java
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/ConfigurationValues.java
index 0a721f2..6e7039e 100644
---
a/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/ConfigurationValues.java
+++
b/backend/manager/modules/common/src/main/java/org/ovirt/engine/core/common/queries/ConfigurationValues.java
@@ -92,7 +92,8 @@
CustomDeviceProperties(ConfigAuthType.User),
MultipleGatewaysSupported,
VirtIoScsiEnabled(ConfigAuthType.User),
- SshSoftFencingCommand
+ SshSoftFencingCommand,
+ AttestationServer
;
public static enum ConfigAuthType {
diff --git
a/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties
b/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties
index ddae8b9..a2153a9 100644
---
a/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties
+++
b/backend/manager/modules/dal/src/main/resources/bundles/AppErrors.properties
@@ -345,6 +345,7 @@
-Please upgrade your Cluster to a later Compatibility version first.
VDS_GROUP_CPU_TYPE_CANNOT_BE_NULL=Cannot add Cluster. CPU type must be
specified
VDS_GROUP_CANNOT_DO_ACTION_NAME_IN_USE=Cannot ${action} Cluster. Cluster name
is already in use.
+VDS_GROUP_CANNOT_DO_ACTION_ATTESTATION_SERVER_NO_CONFIGURE=Attestation server
should be configured correctly.
NETWORK_NAME_ALREADY_EXISTS=Cannot ${action} ${type}. Network name already
exists.
ACTION_TYPE_FAILED_NAME_ALREADY_USED=Cannot ${action} ${type}. The ${type}
name is already in use, please choose a unique name and try again.
ACTION_TYPE_FAILED_URL_INVALID=Cannot ${action} ${type}. The URL is not valid,
please enter a valid URL and try again.
diff --git
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/util/ErrorMessageHelper.java
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/util/ErrorMessageHelper.java
index b691d1fd..448df1e 100644
---
a/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/util/ErrorMessageHelper.java
+++
b/backend/manager/modules/restapi/jaxrs/src/main/java/org/ovirt/engine/api/restapi/util/ErrorMessageHelper.java
@@ -72,6 +72,8 @@
return Status.BAD_REQUEST;
case INCOMPATIBLE_VERSION:
return Status.BAD_REQUEST;
+ case ATTESTATION_SERVER_ERROR:
+ return Status.BAD_REQUEST;
default:
return Status.BAD_REQUEST;
}
diff --git
a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java
b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java
index 2c8b258..bd24e98 100644
---
a/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java
+++
b/frontend/webadmin/modules/frontend/src/main/java/org/ovirt/engine/ui/frontend/AppErrors.java
@@ -967,6 +967,9 @@
@DefaultStringValue("Cannot ${action} Cluster. Cluster name is already in
use.")
String VDS_GROUP_CANNOT_DO_ACTION_NAME_IN_USE();
+ @DefaultStringValue("Attestation server should be configured correctly.")
+ String VDS_GROUP_CANNOT_DO_ACTION_ATTESTATION_SERVER_NO_CONFIGURE();
+
@DefaultStringValue("Cannot Cannot add Cluster. CPU type must be
specified.")
String VDS_GROUP_CPU_TYPE_CANNOT_BE_NULL();
diff --git
a/frontend/webadmin/modules/uicompat/src/main/java/org/ovirt/engine/ui/uicompat/UIConstants.java
b/frontend/webadmin/modules/uicompat/src/main/java/org/ovirt/engine/ui/uicompat/UIConstants.java
index 5c67a66..3008b01 100644
---
a/frontend/webadmin/modules/uicompat/src/main/java/org/ovirt/engine/ui/uicompat/UIConstants.java
+++
b/frontend/webadmin/modules/uicompat/src/main/java/org/ovirt/engine/ui/uicompat/UIConstants.java
@@ -1926,6 +1926,6 @@
@DefaultStringValue("Host must be migratable when highly available is
selected")
String hostIsHa();
- @DefaultStringValue("Cann't switch host cluster between trust cluster and
non-trust cluster due to host existed in the cluster")
+ @DefaultStringValue("Can't switch host cluster between trust cluster and
non-trust cluster due to host existed in the cluster")
String trustedServiceDisabled();
}
diff --git a/packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql
b/packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql
index b33ac7b..204d199 100644
--- a/packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql
+++ b/packaging/dbscripts/upgrade/pre_upgrade/0000_config.sql
@@ -576,7 +576,7 @@
select
fn_db_add_config_value('AttestationTruststore','TrustStore.jks','general');
select fn_db_add_config_value('AttestationPort','8443','general');
select
fn_db_add_config_value('AttestationTruststorePass','password','general');
-select fn_db_add_config_value('AttestationServer','oat-server','general');
+select fn_db_add_config_value('AttestationServer','','general');
select fn_db_add_config_value('AttestationFirstStageSize','10','general');
------------------------------------------------------------------------------------
--
To view, visit http://gerrit.ovirt.org/16987
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I03aba74d09ffe8eb580b369e07232370b3954dec
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Gang Wei <[email protected]>
Gerrit-Reviewer: Emily Zhang <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches
