[Yahoo-eng-team] [Bug 1736336] Re: Image data stays in backend if image signature verification fails

2018-04-18 Thread OpenStack Infra 
Reviewed:  https://review.openstack.org/529083
Committed: 
https://git.openstack.org/cgit/openstack/glance/commit/?id=7c3a9c83da0b673b293131db74f6ca35613a1815
Submitter: Zuul
Branch:master

commit 7c3a9c83da0b673b293131db74f6ca35613a1815
Author: Pranali Deore 
Date:   Tue Dec 19 19:50:01 2017 +0530

Cleaning image data when image signature verification fails

While creating an image, image data stays in backend if image
signature verification fails.

After raising SignatureVerificationError exception, image status is
being set to 'killed' in DB but the image data remains as it is in
the backend.

Adding delete_from_backend() call to cleanup the data from backend when
Singature Verification fails.

Closes-Bug: #1736336
Change-Id: I2a1a7addd33050cc8845aec24479aa4d1bc26ca0


** Changed in: glance
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1736336

Title:
  Image data stays in backend if image signature verification fails

Status in Glance:
  Fix Released
Status in Glance queens series:
  Triaged

Bug description:
  If image signature verification is enabled then while creating the
  image if verfication fails then it returns vaild error, deletes image
  from the database but image data stays in the bakend forever.

  Ideally if image verfication fails then it should delete the data from
  the backend as well.

  Pre-requisites:
  1. Ensure Barbican is enabled
  2. Create Keys and Certificate (Reference  
https://etherpad.openstack.org/p/mitaka-glance-image-signing-instructions#90)
  3. Create Signature (Reference 
https://etherpad.openstack.org/p/mitaka-glance-image-signing-instructions#184) 
and note down output of 'signature_64'
  4. Create context and upload certificate using context (Reference 
https://etherpad.openstack.org/p/glance-image-signing-create-context) and note 
down output of 'cert_uuid'

  
  Steps to reproduce:
  1. Upload Image to Glance, with Signature Metadata
 img_signature_certificate_uuid = 'fb67edd2-95ef-404b-9af2-910708c6d9b7'
 img_signature_hash_method = 'SHA-256'
 img_signature_key_type = 'RSA-PSS'
 img_signature = 
'ezccBYtJEdj2gOrN09woioHwi2rDVvBsmRI0i+9EYAYdE7E6FV8jzJD9BImcq/m7Dm6yZZPkCUHz+y4HBKeYqK0+otcz921zaeqcKGBvU1t7J9AL0hEgJbWg0RY6RXqDXpsOQrrkrHuna4O+BUOp6sPwb3j2eFYbbsqW6d/obgM='
 (different which is noted in Pre-requisites section Point 4 as 'signature_64')

 $ glance image-create --property
  name=cirrosSignedImage_goodSignature --property is-public=true
  --container-format bare --disk-format qcow2 --property
  
img_signature='abcdBYtJEdj2gOrN09woioHwi2rDVvBsmRI0i+9EYAYdE7E6FV8jzJD9BImcq/m7Dm6yZZPkCUHz+y4HBKeYqK0+otcz921zaeqcKGBvU1t7J9AL0hEgJbWg0RY6RXqDXpsOQrrkrHuna4O+BUOp6sPwb3j2eFYbbsqW6d/obgM='
  --property img_signature_certificate_uuid='fb67edd2-95ef-404b-
  9af2-910708c6d9b7' --property img_signature_hash_method='SHA-256'
  --property img_signature_key_type='RSA-PSS' --file
  cirros-0.3.2-source.tar.gz

  Note:
  'img_signature' starts with 'ezcc...' but in create command I have passed as 
'abcd..'

  Actual Output:
  
++--+
  | Property   | Value  
  |
  
++--+
  | checksum   | None   
  |
  | container_format   | bare   
  |
  | created_at | 2017-12-05T07:04:38Z   
  |
  | disk_format| qcow2  
  |
  | id | 6e8bec71-2176-4bcc-a732-2f76c5ac589f   
  |
  | img_signature  | 
abcdBYtJEdj2gOrN09woioHwi2rDVvBsmRI0i+9EYAYdE7E6FV8jzJD9BImcq/m7Dm6yZZPkCUHz+y4H
 |
  || 
BKeYqK0+otcz921zaeqcKGBvU1t7J9AL0hEgJbWg0RY6RXqDXpsOQrrkrHuna4O+BUOp6sPwb3j2eFYb
 |
  || bsqW6d/obgM=   
  |
  | img_signature_certificate_uuid | fb67edd2-95ef-404b-9af2-910708c6d9b7   
  |
  | img_signature_hash_method  | SHA-256
  |
  | img_signature_key_type | RSA-PSS
  |
  | is-public

[Yahoo-eng-team] [Bug 1736336] Re: Image data stays in backend if image signature verification fails

2018-04-11 Thread Brian Rosmaita 
** Also affects: glance/queens
   Importance: Undecided
   Status: New

** Changed in: glance/queens
Milestone: None => queens-stable-2

** Changed in: glance/queens
   Importance: Undecided => High

** Changed in: glance/queens
   Status: New => Triaged

** Changed in: glance/queens
 Assignee: (unassigned) => Abhishek Kekane (abhishek-kekane)

** Tags removed: queens-backport-potential

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1736336

Title:
  Image data stays in backend if image signature verification fails

Status in Glance:
  In Progress
Status in Glance queens series:
  Triaged

Bug description:
  If image signature verification is enabled then while creating the
  image if verfication fails then it returns vaild error, deletes image
  from the database but image data stays in the bakend forever.

  Ideally if image verfication fails then it should delete the data from
  the backend as well.

  Pre-requisites:
  1. Ensure Barbican is enabled
  2. Create Keys and Certificate (Reference  
https://etherpad.openstack.org/p/mitaka-glance-image-signing-instructions#90)
  3. Create Signature (Reference 
https://etherpad.openstack.org/p/mitaka-glance-image-signing-instructions#184) 
and note down output of 'signature_64'
  4. Create context and upload certificate using context (Reference 
https://etherpad.openstack.org/p/glance-image-signing-create-context) and note 
down output of 'cert_uuid'

  
  Steps to reproduce:
  1. Upload Image to Glance, with Signature Metadata
 img_signature_certificate_uuid = 'fb67edd2-95ef-404b-9af2-910708c6d9b7'
 img_signature_hash_method = 'SHA-256'
 img_signature_key_type = 'RSA-PSS'
 img_signature = 
'ezccBYtJEdj2gOrN09woioHwi2rDVvBsmRI0i+9EYAYdE7E6FV8jzJD9BImcq/m7Dm6yZZPkCUHz+y4HBKeYqK0+otcz921zaeqcKGBvU1t7J9AL0hEgJbWg0RY6RXqDXpsOQrrkrHuna4O+BUOp6sPwb3j2eFYbbsqW6d/obgM='
 (different which is noted in Pre-requisites section Point 4 as 'signature_64')

 $ glance image-create --property
  name=cirrosSignedImage_goodSignature --property is-public=true
  --container-format bare --disk-format qcow2 --property
  
img_signature='abcdBYtJEdj2gOrN09woioHwi2rDVvBsmRI0i+9EYAYdE7E6FV8jzJD9BImcq/m7Dm6yZZPkCUHz+y4HBKeYqK0+otcz921zaeqcKGBvU1t7J9AL0hEgJbWg0RY6RXqDXpsOQrrkrHuna4O+BUOp6sPwb3j2eFYbbsqW6d/obgM='
  --property img_signature_certificate_uuid='fb67edd2-95ef-404b-
  9af2-910708c6d9b7' --property img_signature_hash_method='SHA-256'
  --property img_signature_key_type='RSA-PSS' --file
  cirros-0.3.2-source.tar.gz

  Note:
  'img_signature' starts with 'ezcc...' but in create command I have passed as 
'abcd..'

  Actual Output:
  
++--+
  | Property   | Value  
  |
  
++--+
  | checksum   | None   
  |
  | container_format   | bare   
  |
  | created_at | 2017-12-05T07:04:38Z   
  |
  | disk_format| qcow2  
  |
  | id | 6e8bec71-2176-4bcc-a732-2f76c5ac589f   
  |
  | img_signature  | 
abcdBYtJEdj2gOrN09woioHwi2rDVvBsmRI0i+9EYAYdE7E6FV8jzJD9BImcq/m7Dm6yZZPkCUHz+y4H
 |
  || 
BKeYqK0+otcz921zaeqcKGBvU1t7J9AL0hEgJbWg0RY6RXqDXpsOQrrkrHuna4O+BUOp6sPwb3j2eFYb
 |
  || bsqW6d/obgM=   
  |
  | img_signature_certificate_uuid | fb67edd2-95ef-404b-9af2-910708c6d9b7   
  |
  | img_signature_hash_method  | SHA-256
  |
  | img_signature_key_type | RSA-PSS
  |
  | is-public  | true   
  |
  | min_disk   | 0  
  |
  | min_ram| 0  
  |
  | name   | cirrosSignedImage_goodSignature
  |
  | owner  | 4f186fe25c934eeb95186fd0c5afda49