From 20f480ba526218be1e2abca614ee45823e3e8d8a Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 9 Jun 2017 18:37:12 +0900 Subject: [PATCH 01/55] Adding parameter for authentication method. --- model/model.pb.go | 201 ++++++++++++++++++++++-------------- proto/model.proto | 6 ++ registry/bindata_assetfs.go | 10 +- schema/vm/lxc.json | 11 ++ 4 files changed, 144 insertions(+), 84 deletions(-) diff --git a/model/model.pb.go b/model/model.pb.go index c3d4a795..80e5764c 100644 --- a/model/model.pb.go +++ b/model/model.pb.go @@ -1,6 +1,5 @@ -// Code generated by protoc-gen-go. +// Code generated by protoc-gen-go. DO NOT EDIT. // source: model.proto -// DO NOT EDIT! /* Package model is a generated protocol buffer package. @@ -115,6 +114,29 @@ func (x FailureMessage_ErrorType) String() string { } func (FailureMessage_ErrorType) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{2, 0} } +type LxcTemplate_AuthenticationType int32 + +const ( + LxcTemplate_NONE LxcTemplate_AuthenticationType = 0 + LxcTemplate_PUB_KEY LxcTemplate_AuthenticationType = 1 +) + +var LxcTemplate_AuthenticationType_name = map[int32]string{ + 0: "NONE", + 1: "PUB_KEY", +} +var LxcTemplate_AuthenticationType_value = map[string]int32{ + "NONE": 0, + "PUB_KEY": 1, +} + +func (x LxcTemplate_AuthenticationType) String() string { + return proto.EnumName(LxcTemplate_AuthenticationType_name, int32(x)) +} +func (LxcTemplate_AuthenticationType) EnumDescriptor() ([]byte, []int) { + return fileDescriptor0, []int{5, 0} +} + type NullTemplate_CrashStage int32 const ( @@ -430,14 +452,16 @@ func (*NoneTemplate) ProtoMessage() {} func (*NoneTemplate) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} } type LxcTemplate struct { - Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` - MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` - MinVcpu int32 `protobuf:"varint,3,opt,name=min_vcpu" json:"min_vcpu,omitempty"` - MinMemoryGb int32 `protobuf:"varint,4,opt,name=min_memory_gb" json:"min_memory_gb,omitempty"` - LxcImage *LxcTemplate_Image `protobuf:"bytes,5,opt,name=lxc_image" json:"lxc_image,omitempty"` - Interfaces []*LxcTemplate_Interface `protobuf:"bytes,6,rep,name=interfaces" json:"interfaces,omitempty"` - LxcTemplate *LxcTemplate_Template `protobuf:"bytes,7,opt,name=lxc_template" json:"lxc_template,omitempty"` - NodeGroups []string `protobuf:"bytes,8,rep,name=node_groups" json:"node_groups,omitempty"` + Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` + MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` + MinVcpu int32 `protobuf:"varint,3,opt,name=min_vcpu" json:"min_vcpu,omitempty"` + MinMemoryGb int32 `protobuf:"varint,4,opt,name=min_memory_gb" json:"min_memory_gb,omitempty"` + LxcImage *LxcTemplate_Image `protobuf:"bytes,5,opt,name=lxc_image" json:"lxc_image,omitempty"` + Interfaces []*LxcTemplate_Interface `protobuf:"bytes,6,rep,name=interfaces" json:"interfaces,omitempty"` + LxcTemplate *LxcTemplate_Template `protobuf:"bytes,7,opt,name=lxc_template" json:"lxc_template,omitempty"` + NodeGroups []string `protobuf:"bytes,8,rep,name=node_groups" json:"node_groups,omitempty"` + AuthenticationType LxcTemplate_AuthenticationType `protobuf:"varint,9,opt,name=authentication_type,enum=model.LxcTemplate_AuthenticationType" json:"authentication_type,omitempty"` + SshPublicKey string `protobuf:"bytes,10,opt,name=ssh_public_key" json:"ssh_public_key,omitempty"` } func (m *LxcTemplate) Reset() { *m = LxcTemplate{} } @@ -501,6 +525,20 @@ func (m *LxcTemplate) GetNodeGroups() []string { return nil } +func (m *LxcTemplate) GetAuthenticationType() LxcTemplate_AuthenticationType { + if m != nil { + return m.AuthenticationType + } + return LxcTemplate_NONE +} + +func (m *LxcTemplate) GetSshPublicKey() string { + if m != nil { + return m.SshPublicKey + } + return "" +} + type LxcTemplate_Image struct { DownloadUrl string `protobuf:"bytes,1,opt,name=download_url" json:"download_url,omitempty"` ChksumType string `protobuf:"bytes,2,opt,name=chksum_type" json:"chksum_type,omitempty"` @@ -743,79 +781,84 @@ func init() { proto.RegisterType((*NullTemplate)(nil), "model.NullTemplate") proto.RegisterEnum("model.InstanceState_State", InstanceState_State_name, InstanceState_State_value) proto.RegisterEnum("model.FailureMessage_ErrorType", FailureMessage_ErrorType_name, FailureMessage_ErrorType_value) + proto.RegisterEnum("model.LxcTemplate_AuthenticationType", LxcTemplate_AuthenticationType_name, LxcTemplate_AuthenticationType_value) proto.RegisterEnum("model.NullTemplate_CrashStage", NullTemplate_CrashStage_name, NullTemplate_CrashStage_value) } func init() { proto.RegisterFile("model.proto", fileDescriptor0) } var fileDescriptor0 = []byte{ - // 1084 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0x6d, 0x8f, 0xdb, 0x44, - 0x10, 0xbe, 0x24, 0x76, 0x62, 0x4f, 0x5e, 0x6a, 0x96, 0x52, 0x59, 0xa1, 0xb4, 0x51, 0x84, 0xc4, - 0x09, 0xa4, 0x04, 0x1d, 0x55, 0x91, 0xa0, 0x02, 0xee, 0x1a, 0xb7, 0x8d, 0xd4, 0x26, 0xc7, 0x26, - 0x27, 0x04, 0x5f, 0xac, 0x8d, 0xbd, 0xe7, 0x58, 0xe7, 0x37, 0xad, 0xed, 0x90, 0xfb, 0x0f, 0x7c, - 0x43, 0xea, 0x5f, 0xe0, 0x07, 0x02, 0xfd, 0x8c, 0x76, 0xd7, 0x4e, 0x9c, 0x36, 0x48, 0xbc, 0x7c, - 0xca, 0x3e, 0xcf, 0x3e, 0x33, 0x3b, 0x33, 0x3b, 0x9e, 0x0d, 0xb4, 0xc3, 0xd8, 0xa5, 0xc1, 0x28, - 0x61, 0x71, 0x16, 0x23, 0x55, 0x80, 0xfe, 0xd7, 0x9e, 0x9f, 0xad, 0xf3, 0xd5, 0xc8, 0x89, 0xc3, - 0xb1, 0x17, 0x07, 0x24, 0xf2, 0xc6, 0x62, 0x7f, 0x95, 0x5f, 0x8f, 0x93, 0xec, 0x36, 0xa1, 0xe9, - 0x38, 0xf3, 0x43, 0x9a, 0x66, 0x24, 0x4c, 0xf6, 0x2b, 0xe9, 0x63, 0xf8, 0x6b, 0x1d, 0xb4, 0x69, - 0x94, 0x66, 0x24, 0x72, 0x28, 0xea, 0x41, 0xdd, 0x77, 0xcd, 0xda, 0xa0, 0x76, 0xaa, 0xe3, 0xba, - 0xef, 0xa2, 0x3e, 0x68, 0x69, 0x40, 0x36, 0xd4, 0xf6, 0x5d, 0xb3, 0x2e, 0xd8, 0x1d, 0x46, 0x8f, - 0x00, 0x02, 0x92, 0x66, 0x76, 0x9a, 0x91, 0x8c, 0x9a, 0xca, 0xa0, 0x76, 0xda, 0x3e, 0xbb, 0x3b, - 0x92, 0xe1, 0x95, 0x0e, 0x17, 0x7c, 0x0f, 0x57, 0x74, 0xe8, 0x2b, 0x00, 0x87, 0x51, 0x92, 0x51, - 0xd7, 0x26, 0x99, 0xa9, 0x0a, 0xab, 0xfe, 0xc8, 0x8b, 0x63, 0x2f, 0xa0, 0xa3, 0x32, 0xea, 0xd1, - 0xb2, 0x0c, 0x12, 0x57, 0xd4, 0xe8, 0x33, 0xd0, 0x32, 0x1a, 0x26, 0x01, 0x3f, 0xaf, 0x29, 0x2c, - 0xef, 0x14, 0xe7, 0x2d, 0x0b, 0x1a, 0xef, 0x04, 0xe8, 0x09, 0xf4, 0xf8, 0x6f, 0x9a, 0xd9, 0xd7, - 0xc4, 0x0f, 0x72, 0x46, 0xcd, 0x96, 0x30, 0xf9, 0xa0, 0x30, 0x79, 0x26, 0xd9, 0x57, 0x34, 0x4d, - 0x89, 0x47, 0x71, 0x57, 0x8a, 0x0b, 0x76, 0xf8, 0xba, 0x0e, 0xdd, 0x83, 0x24, 0xd0, 0xe7, 0xa0, - 0xca, 0x4c, 0x79, 0x75, 0x7a, 0x67, 0xfd, 0x63, 0x99, 0x8e, 0x64, 0xbe, 0xea, 0xb1, 0x54, 0xeb, - 0xff, 0x26, 0xd5, 0xe1, 0xeb, 0x1a, 0xa8, 0xf2, 0xdc, 0x1e, 0x00, 0xb6, 0x9e, 0x4f, 0x17, 0x4b, - 0x0b, 0x5b, 0x13, 0xe3, 0x04, 0x01, 0x34, 0xbf, 0xbf, 0xb2, 0xae, 0xac, 0x89, 0x51, 0x43, 0x1d, - 0xd0, 0x16, 0xcb, 0x73, 0xbc, 0x9c, 0xce, 0x9e, 0x1b, 0x75, 0xd4, 0x86, 0x16, 0xbe, 0x9a, 0xcd, - 0x38, 0x68, 0xc8, 0xad, 0xf9, 0xe5, 0x25, 0x47, 0x0a, 0xdf, 0x12, 0xc8, 0x9a, 0x18, 0x2a, 0xea, - 0x82, 0x8e, 0xad, 0x8b, 0xf9, 0x5c, 0x98, 0x35, 0x91, 0x01, 0x9d, 0xc5, 0x8b, 0xab, 0x25, 0x47, - 0x93, 0xf9, 0x0f, 0x33, 0xa3, 0xc5, 0x8f, 0x5c, 0x5a, 0xf8, 0xd5, 0x74, 0x76, 0xbe, 0xb4, 0x26, - 0x86, 0xc6, 0x8f, 0x7c, 0x76, 0x3e, 0x7d, 0x69, 0x4d, 0x0c, 0x7d, 0xf8, 0x7b, 0x0d, 0x7a, 0x87, - 0xa5, 0x43, 0xdf, 0x00, 0x50, 0xc6, 0x62, 0x66, 0xf3, 0x56, 0x2b, 0xca, 0xf3, 0xf0, 0x68, 0x95, - 0x47, 0x16, 0xd7, 0x2d, 0x6f, 0x13, 0x8a, 0x75, 0x5a, 0x2e, 0xd1, 0x97, 0xa0, 0xf3, 0x2b, 0xfa, - 0xa7, 0x65, 0xd2, 0xa4, 0xf8, 0x3c, 0x1b, 0xae, 0x41, 0xdf, 0x39, 0x44, 0x77, 0xa0, 0x2d, 0x83, - 0xb4, 0x79, 0x6a, 0xc6, 0x09, 0xcf, 0xab, 0x20, 0x44, 0x8d, 0x8c, 0x5a, 0x45, 0xc2, 0x8b, 0x61, - 0xd4, 0xd1, 0x7b, 0xd0, 0x2d, 0x08, 0x59, 0x10, 0xa3, 0x81, 0xee, 0x82, 0x51, 0x50, 0xbb, 0x12, - 0x18, 0x0a, 0xcf, 0x5a, 0x2b, 0x7b, 0x0c, 0x0d, 0xa1, 0x53, 0x76, 0x99, 0x9d, 0x33, 0xbf, 0xf8, - 0x5c, 0x0e, 0x38, 0xf4, 0x29, 0x28, 0x51, 0x1c, 0x51, 0xf3, 0x8f, 0x86, 0xc8, 0xe7, 0xfd, 0xa2, - 0x1c, 0xb3, 0x38, 0xa2, 0xa5, 0x9f, 0x17, 0x27, 0x58, 0x68, 0xd0, 0x27, 0xd0, 0x08, 0xb6, 0x8e, - 0xf9, 0xa7, 0x94, 0xa2, 0x42, 0xfa, 0x72, 0xeb, 0x54, 0x94, 0x5c, 0x21, 0x9c, 0xe6, 0x41, 0x60, - 0xbe, 0x79, 0xcb, 0x69, 0x1e, 0x04, 0x07, 0x4e, 0xf3, 0x20, 0xf8, 0x3f, 0xcd, 0x77, 0xd1, 0x04, - 0x65, 0x9a, 0xd1, 0x70, 0xd8, 0x83, 0x4e, 0x35, 0xe0, 0xe1, 0x6f, 0x2d, 0x68, 0x57, 0xc2, 0x42, - 0x08, 0x94, 0x8d, 0x93, 0xe4, 0xa2, 0x00, 0x2a, 0x16, 0x6b, 0x74, 0x1f, 0xf4, 0x90, 0x86, 0x31, - 0xbb, 0xb5, 0xbd, 0x95, 0x38, 0x56, 0xc5, 0x7b, 0x82, 0xcf, 0x93, 0xd0, 0x8f, 0x6c, 0x61, 0xd5, - 0x10, 0x9b, 0x3b, 0x8c, 0x3e, 0x86, 0x2e, 0x5f, 0xef, 0xad, 0x15, 0x21, 0x38, 0x24, 0xd1, 0x63, - 0xd0, 0x83, 0xad, 0x63, 0xfb, 0x21, 0xf1, 0x68, 0x31, 0x3e, 0xcc, 0x77, 0x2b, 0x36, 0x9a, 0xf2, - 0x7d, 0xbc, 0x97, 0xa2, 0x27, 0x00, 0x7e, 0x94, 0x51, 0x76, 0x4d, 0x1c, 0x9a, 0x9a, 0xcd, 0x41, - 0xe3, 0xb4, 0x7d, 0x76, 0xff, 0x98, 0x61, 0x29, 0xc2, 0x15, 0x3d, 0xfa, 0x16, 0x3a, 0xdc, 0xd5, - 0x6e, 0xfa, 0xc8, 0x51, 0xf2, 0xe1, 0x11, 0xfb, 0xdd, 0x24, 0x3a, 0x30, 0x40, 0x03, 0x68, 0x47, - 0xb1, 0x4b, 0x6d, 0x8f, 0xc5, 0x79, 0x92, 0x9a, 0xda, 0xa0, 0x71, 0xaa, 0xe3, 0x2a, 0xd5, 0xa7, - 0xa0, 0x8a, 0xa0, 0x79, 0x7b, 0xb9, 0xf1, 0xcf, 0x51, 0x10, 0x13, 0xd7, 0xce, 0x59, 0x50, 0xb6, - 0x57, 0x95, 0xe3, 0xee, 0x9c, 0xf5, 0x4d, 0x9a, 0x87, 0xf2, 0x9b, 0x93, 0xa3, 0xb9, 0x4a, 0xa1, - 0x7b, 0xd0, 0x94, 0x50, 0xd4, 0x59, 0xc7, 0x05, 0xea, 0x5f, 0x81, 0xbe, 0x4b, 0x91, 0x5f, 0xe0, - 0xee, 0x9b, 0xd5, 0xb1, 0x58, 0x23, 0x13, 0x5a, 0x21, 0x71, 0x88, 0xeb, 0xb2, 0xc2, 0x6d, 0x09, - 0xf9, 0xe5, 0xf9, 0xc9, 0xe6, 0x91, 0xd8, 0x92, 0x4e, 0x77, 0xb8, 0xff, 0x4b, 0xa3, 0xf2, 0x81, - 0xf4, 0x2b, 0x73, 0x5a, 0xba, 0xde, 0x8f, 0x65, 0x13, 0x5a, 0x2b, 0xe2, 0xdc, 0xd0, 0xc8, 0x2d, - 0xba, 0xa3, 0x84, 0x3c, 0x62, 0xd7, 0x4f, 0x33, 0x16, 0x97, 0x11, 0x4b, 0xc4, 0x2d, 0x18, 0x0d, - 0x28, 0x49, 0xe5, 0x23, 0xa3, 0xe3, 0x12, 0xf2, 0xf0, 0x09, 0x73, 0xd6, 0xa2, 0x0d, 0x74, 0x2c, - 0xd6, 0x5c, 0xbd, 0x21, 0xcc, 0x27, 0x51, 0x26, 0x9e, 0x08, 0x1d, 0x97, 0x90, 0xfb, 0x4f, 0x29, - 0xdb, 0x50, 0x26, 0x6e, 0x4f, 0xc7, 0x05, 0xe2, 0xfc, 0x0d, 0xbd, 0xe5, 0x2f, 0x9c, 0x26, 0x79, - 0x89, 0xd0, 0x03, 0x00, 0xbe, 0x2a, 0x6c, 0x74, 0xb1, 0x57, 0x61, 0xd0, 0x63, 0xb8, 0xe7, 0xfa, - 0x29, 0x59, 0x05, 0xd4, 0xf6, 0x12, 0xcf, 0xde, 0x90, 0xc0, 0x77, 0x49, 0xe6, 0xc7, 0x91, 0x09, - 0x83, 0xda, 0xa9, 0x86, 0xff, 0x66, 0x97, 0xdf, 0xdd, 0x75, 0x90, 0xa7, 0x6b, 0xdb, 0x21, 0xce, - 0x9a, 0x9a, 0x6d, 0x21, 0xae, 0x52, 0x42, 0x11, 0x33, 0x87, 0x16, 0x8a, 0x4e, 0xa1, 0xd8, 0x53, - 0x3c, 0x36, 0xba, 0xcd, 0x18, 0xb1, 0x09, 0xf3, 0x52, 0xb3, 0x2b, 0xba, 0xa9, 0xc2, 0x0c, 0xdf, - 0xd4, 0xa0, 0x53, 0x1d, 0x0b, 0xff, 0xe1, 0x53, 0xfd, 0x0e, 0xda, 0x0e, 0x23, 0xe9, 0x9a, 0xbf, - 0xdb, 0x1e, 0x15, 0x77, 0xd2, 0x3b, 0x7b, 0x70, 0x64, 0xe4, 0x8c, 0x9e, 0x72, 0xd9, 0x82, 0xab, - 0x70, 0xd5, 0xe4, 0xed, 0x9e, 0x57, 0xde, 0xe9, 0xf9, 0xe1, 0x25, 0xc0, 0xde, 0x18, 0x69, 0xa0, - 0xcc, 0xe6, 0x33, 0xcb, 0x38, 0x41, 0x3a, 0xa8, 0xe5, 0xcc, 0xd6, 0x40, 0x29, 0x86, 0x35, 0x40, - 0xf3, 0x29, 0xb6, 0xf8, 0x3c, 0x6e, 0xf0, 0xf7, 0x6c, 0x62, 0x2d, 0x96, 0x78, 0xfe, 0xa3, 0xa1, - 0xf0, 0x8d, 0x62, 0x7c, 0xab, 0x17, 0x0f, 0x7f, 0xfa, 0xa8, 0xf2, 0x67, 0x88, 0x6c, 0xd3, 0xf5, - 0x38, 0x4e, 0x68, 0xb4, 0x71, 0x9d, 0xb1, 0x88, 0x7c, 0xd5, 0x14, 0xb3, 0xef, 0x8b, 0xbf, 0x02, - 0x00, 0x00, 0xff, 0xff, 0x37, 0x32, 0x06, 0xfc, 0x48, 0x09, 0x00, 0x00, + // 1150 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0xdb, 0x6e, 0xdb, 0x46, + 0x13, 0xb6, 0x8e, 0x26, 0x47, 0x87, 0xf0, 0xdf, 0xe4, 0x0f, 0x08, 0x35, 0x4d, 0x0c, 0xa1, 0x07, + 0xa3, 0x01, 0xa4, 0xc2, 0x0d, 0x52, 0xa0, 0x0d, 0xda, 0xda, 0x11, 0x93, 0x08, 0x4d, 0x24, 0x77, + 0x25, 0x21, 0x48, 0x6f, 0x88, 0x15, 0xb9, 0xa6, 0x08, 0xf3, 0x04, 0xee, 0x52, 0xb5, 0xdf, 0xa1, + 0x77, 0x05, 0xf2, 0x66, 0x7d, 0x92, 0xb6, 0xb9, 0x2e, 0x76, 0x97, 0x94, 0xa8, 0x58, 0x05, 0x7a, + 0xb8, 0xd2, 0xce, 0x37, 0xdf, 0xcc, 0xce, 0x0c, 0x67, 0x67, 0x04, 0xad, 0x30, 0x76, 0x69, 0x30, + 0x48, 0xd2, 0x98, 0xc7, 0xa8, 0x21, 0x85, 0xde, 0xd7, 0x9e, 0xcf, 0x57, 0xd9, 0x72, 0xe0, 0xc4, + 0xe1, 0xd0, 0x8b, 0x03, 0x12, 0x79, 0x43, 0xa9, 0x5f, 0x66, 0x17, 0xc3, 0x84, 0x5f, 0x27, 0x94, + 0x0d, 0xb9, 0x1f, 0x52, 0xc6, 0x49, 0x98, 0x6c, 0x4f, 0xca, 0x47, 0xff, 0x97, 0x2a, 0x68, 0xe3, + 0x88, 0x71, 0x12, 0x39, 0x14, 0x75, 0xa1, 0xea, 0xbb, 0x66, 0xe5, 0xa8, 0x72, 0xac, 0xe3, 0xaa, + 0xef, 0xa2, 0x1e, 0x68, 0x2c, 0x20, 0x6b, 0x6a, 0xfb, 0xae, 0x59, 0x95, 0xe8, 0x46, 0x46, 0x8f, + 0x00, 0x02, 0xc2, 0xb8, 0xcd, 0x38, 0xe1, 0xd4, 0xac, 0x1f, 0x55, 0x8e, 0x5b, 0x27, 0x77, 0x06, + 0x2a, 0xbc, 0xc2, 0xe1, 0x4c, 0xe8, 0x70, 0x89, 0x87, 0xbe, 0x02, 0x70, 0x52, 0x4a, 0x38, 0x75, + 0x6d, 0xc2, 0xcd, 0x86, 0xb4, 0xea, 0x0d, 0xbc, 0x38, 0xf6, 0x02, 0x3a, 0x28, 0xa2, 0x1e, 0xcc, + 0x8b, 0x20, 0x71, 0x89, 0x8d, 0x1e, 0x82, 0xc6, 0x69, 0x98, 0x04, 0xe2, 0xbe, 0xa6, 0xb4, 0xbc, + 0x95, 0xdf, 0x37, 0xcf, 0x61, 0xbc, 0x21, 0xa0, 0x27, 0xd0, 0x15, 0xbf, 0x8c, 0xdb, 0x17, 0xc4, + 0x0f, 0xb2, 0x94, 0x9a, 0x87, 0xd2, 0xe4, 0xff, 0xb9, 0xc9, 0x33, 0x85, 0xbe, 0xa2, 0x8c, 0x11, + 0x8f, 0xe2, 0x8e, 0x22, 0xe7, 0x68, 0xff, 0x6d, 0x15, 0x3a, 0x3b, 0x49, 0xa0, 0xcf, 0xa1, 0xa1, + 0x32, 0x15, 0xd5, 0xe9, 0x9e, 0xf4, 0xf6, 0x65, 0x3a, 0x50, 0xf9, 0x36, 0xf6, 0xa5, 0x5a, 0xfd, + 0x27, 0xa9, 0xf6, 0xdf, 0x56, 0xa0, 0xa1, 0xee, 0xed, 0x02, 0x60, 0xeb, 0xf9, 0x78, 0x36, 0xb7, + 0xb0, 0x35, 0x32, 0x0e, 0x10, 0x40, 0xf3, 0x87, 0x85, 0xb5, 0xb0, 0x46, 0x46, 0x05, 0xb5, 0x41, + 0x9b, 0xcd, 0x4f, 0xf1, 0x7c, 0x3c, 0x79, 0x6e, 0x54, 0x51, 0x0b, 0x0e, 0xf1, 0x62, 0x32, 0x11, + 0x42, 0x4d, 0xa9, 0xa6, 0xe7, 0xe7, 0x42, 0xaa, 0x0b, 0x95, 0x94, 0xac, 0x91, 0xd1, 0x40, 0x1d, + 0xd0, 0xb1, 0x75, 0x36, 0x9d, 0x4a, 0xb3, 0x26, 0x32, 0xa0, 0x3d, 0x7b, 0xb1, 0x98, 0x0b, 0x69, + 0x34, 0x7d, 0x3d, 0x31, 0x0e, 0xc5, 0x95, 0x73, 0x0b, 0xbf, 0x1a, 0x4f, 0x4e, 0xe7, 0xd6, 0xc8, + 0xd0, 0xc4, 0x95, 0xcf, 0x4e, 0xc7, 0x2f, 0xad, 0x91, 0xa1, 0xf7, 0x7f, 0xab, 0x40, 0x77, 0xb7, + 0x74, 0xe8, 0x1b, 0x00, 0x9a, 0xa6, 0x71, 0x6a, 0x8b, 0x56, 0xcb, 0xcb, 0xf3, 0x60, 0x6f, 0x95, + 0x07, 0x96, 0xe0, 0xcd, 0xaf, 0x13, 0x8a, 0x75, 0x5a, 0x1c, 0xd1, 0x97, 0xa0, 0x8b, 0x4f, 0xf4, + 0x77, 0xcb, 0xa4, 0x29, 0xf2, 0x29, 0xef, 0xaf, 0x40, 0xdf, 0x38, 0x44, 0xb7, 0xa0, 0xa5, 0x82, + 0xb4, 0x45, 0x6a, 0xc6, 0x81, 0xc8, 0x2b, 0x07, 0x64, 0x8d, 0x8c, 0x4a, 0x89, 0x22, 0x8a, 0x61, + 0x54, 0xd1, 0xff, 0xa0, 0x93, 0x03, 0xaa, 0x20, 0x46, 0x0d, 0xdd, 0x01, 0x23, 0x87, 0x36, 0x25, + 0x30, 0xea, 0x22, 0x6b, 0xad, 0xe8, 0x31, 0xd4, 0x87, 0x76, 0xd1, 0x65, 0x76, 0x96, 0xfa, 0xf9, + 0x73, 0xd9, 0xc1, 0xd0, 0x67, 0x50, 0x8f, 0xe2, 0x88, 0x9a, 0xbf, 0xd7, 0x64, 0x3e, 0xb7, 0xf3, + 0x72, 0x4c, 0xe2, 0x88, 0x16, 0x7e, 0x5e, 0x1c, 0x60, 0xc9, 0x41, 0x9f, 0x42, 0x2d, 0xb8, 0x72, + 0xcc, 0x3f, 0x14, 0x15, 0xe5, 0xd4, 0x97, 0x57, 0x4e, 0x89, 0x29, 0x18, 0xd2, 0x69, 0x16, 0x04, + 0xe6, 0xbb, 0xf7, 0x9c, 0x66, 0x41, 0xb0, 0xe3, 0x34, 0x0b, 0x82, 0xff, 0xd2, 0x7c, 0x67, 0x4d, + 0xa8, 0x8f, 0x39, 0x0d, 0xfb, 0x5d, 0x68, 0x97, 0x03, 0xee, 0xff, 0xaa, 0x41, 0xab, 0x14, 0x16, + 0x42, 0x50, 0x5f, 0x3b, 0x49, 0x26, 0x0b, 0xd0, 0xc0, 0xf2, 0x8c, 0xee, 0x81, 0x1e, 0xd2, 0x30, + 0x4e, 0xaf, 0x6d, 0x6f, 0x29, 0xaf, 0x6d, 0xe0, 0x2d, 0x20, 0xe6, 0x49, 0xe8, 0x47, 0xb6, 0xb4, + 0xaa, 0x49, 0xe5, 0x46, 0x46, 0x1f, 0x41, 0x47, 0x9c, 0xb7, 0xd6, 0x75, 0x49, 0xd8, 0x05, 0xd1, + 0x63, 0xd0, 0x83, 0x2b, 0xc7, 0xf6, 0x43, 0xe2, 0xd1, 0x7c, 0x7c, 0x98, 0x37, 0x2b, 0x36, 0x18, + 0x0b, 0x3d, 0xde, 0x52, 0xd1, 0x13, 0x00, 0x3f, 0xe2, 0x34, 0xbd, 0x20, 0x0e, 0x65, 0x66, 0xf3, + 0xa8, 0x76, 0xdc, 0x3a, 0xb9, 0xb7, 0xcf, 0xb0, 0x20, 0xe1, 0x12, 0x1f, 0x7d, 0x0b, 0x6d, 0xe1, + 0x6a, 0x33, 0x7d, 0xd4, 0x28, 0xf9, 0x60, 0x8f, 0xfd, 0x66, 0x12, 0xed, 0x18, 0xa0, 0x23, 0x68, + 0x45, 0xb1, 0x4b, 0x6d, 0x2f, 0x8d, 0xb3, 0x84, 0x99, 0xda, 0x51, 0xed, 0x58, 0xc7, 0x65, 0x08, + 0xbd, 0x86, 0xdb, 0x24, 0xe3, 0x2b, 0x1a, 0x71, 0xdf, 0x21, 0xdc, 0x8f, 0x23, 0xf5, 0x9c, 0x74, + 0xf9, 0x9c, 0x3e, 0xde, 0x73, 0xd3, 0xe9, 0x0e, 0x5b, 0x3e, 0xaa, 0x7d, 0x1e, 0xd0, 0x27, 0xd0, + 0x65, 0x6c, 0x65, 0x27, 0xd9, 0x32, 0xf0, 0x1d, 0xfb, 0x92, 0x5e, 0x9b, 0x20, 0x1b, 0xf6, 0x3d, + 0xb4, 0x47, 0xa1, 0x21, 0xab, 0x26, 0xfa, 0xdb, 0x8d, 0x7f, 0x8a, 0x82, 0x98, 0xb8, 0x76, 0x96, + 0x06, 0x45, 0x7f, 0x97, 0x31, 0x91, 0x8f, 0xb3, 0xba, 0x64, 0x59, 0xa8, 0xa2, 0x54, 0xbb, 0xa1, + 0x0c, 0xa1, 0xbb, 0xd0, 0x54, 0xa2, 0xfc, 0xd0, 0x3a, 0xce, 0xa5, 0xde, 0x02, 0xf4, 0x4d, 0x8d, + 0x45, 0x07, 0x6d, 0x86, 0x86, 0x8e, 0xe5, 0x19, 0x99, 0x70, 0x18, 0x12, 0x87, 0xb8, 0x6e, 0x9a, + 0xbb, 0x2d, 0x44, 0xd1, 0x3d, 0x7e, 0xb2, 0x7e, 0x24, 0x55, 0xca, 0xe9, 0x46, 0xee, 0xfd, 0x5c, + 0x2b, 0xbd, 0xd0, 0x5e, 0x69, 0x51, 0x28, 0xd7, 0xdb, 0xbd, 0x60, 0xc2, 0xe1, 0x92, 0x38, 0x97, + 0x34, 0x72, 0xf3, 0xf6, 0x2c, 0x44, 0x11, 0xb1, 0xeb, 0x33, 0x9e, 0xc6, 0x45, 0xc4, 0x4a, 0x12, + 0x16, 0x29, 0x0d, 0x28, 0x61, 0x6a, 0xcb, 0xe9, 0xb8, 0x10, 0x45, 0xf8, 0x24, 0x75, 0x56, 0xb2, + 0x0f, 0x75, 0x2c, 0xcf, 0x82, 0xbd, 0x26, 0xa9, 0x4f, 0x22, 0x2e, 0x77, 0x94, 0x8e, 0x0b, 0x51, + 0xf8, 0x67, 0x34, 0x5d, 0xd3, 0x54, 0xb6, 0x8f, 0x8e, 0x73, 0x49, 0xe0, 0x97, 0xf4, 0x5a, 0xac, + 0x58, 0x4d, 0xe1, 0x4a, 0x42, 0xf7, 0x01, 0xc4, 0x29, 0xb7, 0xd1, 0xa5, 0xae, 0x84, 0xa0, 0xc7, + 0x70, 0xd7, 0xf5, 0x19, 0x59, 0x06, 0xd4, 0xf6, 0x12, 0xcf, 0x5e, 0x93, 0xc0, 0x77, 0xe5, 0x77, + 0x97, 0x1f, 0x58, 0xc3, 0x7f, 0xa1, 0x15, 0xdf, 0xee, 0x22, 0xc8, 0xd8, 0xca, 0x76, 0x88, 0xb3, + 0xa2, 0x66, 0x4b, 0x92, 0xcb, 0x90, 0x64, 0xc4, 0xa9, 0x43, 0x73, 0x46, 0x3b, 0x67, 0x6c, 0x21, + 0x11, 0x1b, 0xbd, 0xe2, 0x29, 0xb1, 0x49, 0xea, 0x31, 0xb3, 0x23, 0xdb, 0xb9, 0x84, 0xf4, 0x1f, + 0x02, 0xba, 0xd9, 0x9f, 0x48, 0x83, 0xfa, 0x64, 0x3a, 0xb1, 0x8c, 0x03, 0xb1, 0x90, 0xce, 0x17, + 0x67, 0xf6, 0xf7, 0xd6, 0x1b, 0xa3, 0xd2, 0x7f, 0x57, 0x81, 0x76, 0x79, 0x88, 0xfd, 0x8b, 0xc1, + 0xf2, 0x1d, 0xb4, 0x9c, 0x94, 0xb0, 0x95, 0xf8, 0x97, 0xe1, 0x51, 0xf9, 0x01, 0xbb, 0x27, 0xf7, + 0xf7, 0x0c, 0xc8, 0xc1, 0x53, 0x41, 0x9b, 0x09, 0x16, 0x2e, 0x9b, 0xbc, 0xff, 0x42, 0xeb, 0x37, + 0x5e, 0x68, 0xff, 0x1c, 0x60, 0x6b, 0x5c, 0xca, 0x45, 0x87, 0x46, 0xb1, 0x61, 0x34, 0xa8, 0xe7, + 0xab, 0x05, 0xa0, 0xf9, 0x14, 0x5b, 0x62, 0x7b, 0xd4, 0x44, 0xb2, 0x23, 0x6b, 0x36, 0xc7, 0xd3, + 0x37, 0x46, 0x5d, 0x28, 0xf2, 0x65, 0xd3, 0x38, 0x7b, 0xf0, 0xe3, 0x87, 0xa5, 0xbf, 0x6e, 0xe4, + 0x8a, 0xad, 0x86, 0x71, 0x42, 0xa3, 0xb5, 0xeb, 0x0c, 0x65, 0xe4, 0xcb, 0xa6, 0x9c, 0xd4, 0x5f, + 0xfc, 0x19, 0x00, 0x00, 0xff, 0xff, 0x70, 0x43, 0xb7, 0x01, 0xf6, 0x09, 0x00, 0x00, } diff --git a/proto/model.proto b/proto/model.proto index c72333e8..afa23818 100644 --- a/proto/model.proto +++ b/proto/model.proto @@ -117,6 +117,12 @@ message LxcTemplate { } Template lxc_template = 7 [json_name="lxc_template"]; repeated string node_groups = 8 [json_name="node_groups"]; + enum AuthenticationType { + NONE = 0; + PUB_KEY = 1; + } + AuthenticationType authentication_type = 9 [json_name="authentication_type"]; + string ssh_public_key = 10 [json_name="ssh_public_key"]; } message NullTemplate { diff --git a/registry/bindata_assetfs.go b/registry/bindata_assetfs.go index 1ea7dc09..c31cbc8e 100644 --- a/registry/bindata_assetfs.go +++ b/registry/bindata_assetfs.go @@ -87,7 +87,7 @@ func schemaNoneJson() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/none.json", size: 404, mode: os.FileMode(420), modTime: time.Unix(1495216653, 0)} + info := bindataFileInfo{name: "schema/none.json", size: 404, mode: os.FileMode(420), modTime: time.Unix(1494577553, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -107,12 +107,12 @@ func schemaV1Json() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/v1.json", size: 668, mode: os.FileMode(420), modTime: time.Unix(1495216653, 0)} + info := bindataFileInfo{name: "schema/v1.json", size: 668, mode: os.FileMode(420), modTime: time.Unix(1494577553, 0)} a := &asset{bytes: bytes, info: info} return a, nil } -var _schemaVmLxcJson = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xcc\x56\xcd\x6e\xdb\x3c\x10\xbc\xeb\x29\x08\x25\xb7\xcf\xfe\x94\x14\xb9\xd4\xb7\xa2\x45\x81\x9e\x5a\x14\x45\x2f\x81\x2a\x50\xd4\x4a\x66\x2a\xfe\x64\x49\xba\x36\x0c\xbd\x7b\x41\x5b\xb6\xfe\x13\xa7\x4e\x82\x1c\x0c\x58\xb3\xdc\xd9\x25\x77\x34\xd4\x36\x20\x24\xbc\x34\x6c\x09\x82\x86\x0b\x12\x2e\xad\xd5\x8b\x28\xba\x33\x4a\xce\xf7\xe8\xff\x0a\x8b\x28\x43\x9a\xdb\xf9\xd5\x4d\xb4\xc7\x2e\xc2\x99\xcf\xcb\xc0\x30\xe4\xda\x72\x25\x7d\xee\x57\x0d\xf2\xe7\xa7\x8f\xe4\x3b\x18\xe5\x90\x01\xf9\x01\x42\x97\xd4\xc2\x82\xac\x44\x54\xae\xd9\x3e\xcb\x6e\x34\xf8\xe5\x2a\xbd\x03\x66\xf7\x18\xc2\xbd\xe3\x08\x59\xb8\x20\xb7\x01\x21\x87\x55\x01\x21\xf1\x2e\xae\x51\x69\x40\xcb\xc1\x84\x0b\xb2\xdd\xaf\x48\x98\x12\x02\xa4\x3d\x22\x2d\x6e\x63\x91\xcb\x22\xdc\xc1\xd5\x2c\x68\xc7\x8e\x6b\x41\x3a\x71\xac\xb7\x43\xea\x2e\x6b\x20\xee\x64\x0b\x2e\x93\x15\xd3\x6e\xac\x1a\x97\x16\x0a\xc0\x70\x76\x08\x64\x90\x53\x57\xfa\xce\xae\x07\x24\x02\x84\xc2\x4d\x52\xa4\x67\x31\x9d\xdf\xca\xb3\xb4\x21\x55\x06\x49\x81\xca\x69\x33\xc6\x43\x11\xe9\xa6\x61\x71\x92\xdf\x3b\xf8\x62\x41\xf8\xd5\x16\x1d\x1c\x43\xbc\x06\x9b\x69\x6c\xfb\xc3\xac\x46\xe7\xe2\x5b\xc5\x9c\x32\x38\xa5\x81\x43\x95\x6d\x33\xf3\x11\x35\xd6\x91\x81\x26\xdb\x19\x47\x20\x6e\x65\x8c\xa8\xb4\x5b\xa5\x8d\x0d\xd5\x3a\xeb\x46\x07\xfa\x3c\xa8\x14\xec\xb2\xb7\x76\x37\x09\x09\x43\x14\x84\xb6\x9b\x21\xbc\x2a\xa9\x1c\xa2\x82\xb2\xf1\x80\x5e\x6e\x4c\xd8\x01\xe3\xd6\x53\xd5\x5e\xef\x49\x68\x96\xe1\x53\x37\xab\xa9\xb5\x80\x3b\x1b\xf9\x75\x7b\x35\x7f\x4f\xe7\xf9\x87\xf9\xe7\x78\xfb\xae\x6a\x9e\x16\xf1\x7f\x97\xe1\x64\x61\xae\x57\x37\xff\x52\x39\x57\x28\xa8\xdd\xa9\x5e\xaf\x6e\x3a\xfc\x41\xff\x5f\xd5\x91\x5e\xb9\x66\x89\xad\x2d\x6e\x4c\x7c\x3d\x49\xf9\x97\x88\x4b\xee\xdd\xb2\xa7\xc1\x94\x1a\x3e\x4a\xf5\x10\x1d\x79\x50\x71\xe3\xfe\x38\x75\x24\x9d\x70\xd5\x3b\x20\x84\x12\xa8\x19\xca\xf7\x89\x34\x14\xd9\xf2\x7c\x8e\x62\xb8\xd1\xc7\x38\x1e\x9e\xe8\x71\x3a\x82\xae\xbf\xb5\x4f\xf3\xba\x89\x70\x39\x11\x99\x38\xfe\x30\x53\x7f\x64\xa9\x68\xf6\x94\x51\x4e\xd8\x8d\x67\xe3\xc6\xa2\xea\xeb\xf6\x30\x96\x16\x1a\xbf\xba\x36\xea\xd6\xde\x86\xc2\x56\x14\x39\x3d\x7f\x4f\x6f\x4c\xa8\xad\xfb\xc5\x77\x56\x72\xe9\xd6\x7d\x5d\x5d\x22\xe4\x9e\xf6\x22\x6a\x86\x1e\xb5\xed\x29\x6a\x79\x4f\xd4\xb3\x9b\xd1\x52\xa9\x33\x9b\x54\xbd\x42\x21\x06\xd2\xaa\xc1\x7d\xf9\xfc\x75\x32\x48\x39\x95\x2f\x5f\x27\x87\x4c\x21\x7d\xf9\x3a\x2e\x75\xd2\xba\x17\xaa\x33\x79\xdd\x71\x41\x8b\x93\xee\xba\x29\x67\x9c\x30\x9e\xc9\x17\xa3\x33\xc2\xda\x55\x13\x87\xe5\x23\xf9\x1d\x23\x6c\x6e\x78\x87\x7c\x42\x85\x4b\x60\xbf\x8d\x13\xc9\xc8\x87\xda\x49\xbd\x1d\x08\x4e\xce\x1d\xdc\x3f\xa3\xfe\xdf\xdd\x73\xf7\x03\x38\xf0\xbf\x2a\xf8\x1b\x00\x00\xff\xff\xe7\x65\x42\x4c\xc2\x0d\x00\x00") +var _schemaVmLxcJson = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xcc\x57\x4b\x6f\x9b\x40\x10\xbe\xf3\x2b\x10\xc9\xad\x76\x49\xaa\x5c\xea\x5b\xd5\xaa\x52\x4f\xad\xaa\xaa\x97\x88\xa2\x65\x19\x60\x13\xf6\x91\x7d\xb8\x46\x16\xff\xbd\x5a\x8c\xcd\x6b\x49\x9c\x3a\x8e\x72\xb0\x64\xbe\x99\xf9\x66\x76\xe7\x63\x76\xd9\x7a\xbe\x1f\x5c\x2a\x5c\x00\x45\xc1\xca\x0f\x0a\xad\xc5\x2a\x0c\xef\x14\x67\xcb\x1d\xfa\x9e\xcb\x3c\x4c\x25\xca\xf4\xf2\xea\x26\xdc\x61\x17\xc1\xc2\xc6\xa5\xa0\xb0\x24\x42\x13\xce\x6c\xec\x77\x01\xec\xf7\x97\xcf\xfe\x4f\x50\xdc\x48\x0c\xfe\x2f\xa0\xa2\x44\x1a\x56\xfe\x9a\x86\xe5\x06\xef\xa2\x74\x25\xc0\xba\xf3\xe4\x0e\xb0\xde\x61\x12\x1e\x0c\x91\x90\x06\x2b\xff\xd6\xf3\xfd\xbd\x97\xe7\xfb\x51\x63\x17\x92\x0b\x90\x9a\x80\x0a\x56\xfe\x76\xe7\x11\x63\x4e\x29\x30\x7d\x40\x7a\xdc\x4a\x4b\xc2\xf2\xa0\x81\xeb\x85\xd7\xb7\x1d\x7c\x81\x19\x7a\xc8\xd7\x20\x6d\x95\x2d\x10\x0d\xa2\x29\x61\xf1\x1a\x0b\xe3\xca\x46\x98\x86\x1c\x64\xb0\xd8\x1b\x52\xc8\x90\x29\x6d\x65\xd7\x13\x12\x0a\x94\xcb\x2a\xce\x93\x93\x98\x4e\x2f\xe5\x45\xca\x60\x3c\x85\x38\x97\xdc\x08\xe5\xe2\x41\x52\xa2\xaa\x63\x31\x8c\x3c\x18\xf8\xa6\x81\x5a\x6f\x2d\x0d\x1c\x4c\xa4\x05\xbb\x6e\x6c\xc7\xcd\xac\x9d\x7d\xb1\xa5\xca\x0c\x61\x38\xa6\x80\x7d\x96\x6d\xd7\x73\x87\x1a\x5b\xcb\x44\x93\xfd\x88\x03\x10\xf5\x22\x1c\x2a\x1d\x66\xe9\x63\x53\xb5\x2e\x86\xd6\x89\x3e\xf7\x2a\x05\x5d\x8c\x7c\x9b\x4e\x30\x98\xa2\x40\x85\xae\xa6\xf0\xba\x44\x6c\x8a\x52\x84\xdd\x06\x51\x54\x2a\x18\x80\x51\xef\xa9\xee\xfb\x5b\x12\x94\xa6\xf2\xb9\x8b\x15\x48\x6b\x90\xcd\x18\xf9\x73\x7b\xb5\xfc\x88\x96\xd9\xa7\xe5\xd7\x68\xfb\xa1\xee\x9e\x56\xd1\xbb\xcb\x60\x36\x31\x11\xeb\x9b\xff\xc9\x9c\x71\x49\x91\x6e\x54\x2f\xd6\x37\x03\x7e\x6f\xfc\xaf\x1e\x48\xaf\xdc\xe0\x58\xb7\x23\xce\x25\xbe\x91\xa4\xec\x4b\x44\x18\xb1\xd3\x72\xa4\xc1\x04\x29\xe2\xa4\x7a\x8c\xce\x7f\x54\x71\xee\xf9\x38\xb7\x25\x03\x73\x3d\xda\x20\x09\x25\x20\x35\x95\xef\x33\x69\x90\xc4\xc5\xe9\x1c\xf9\x74\xa1\x4f\x71\x3c\xde\xd1\x43\x77\x28\xda\xfc\xe8\xef\xe6\x75\x67\x21\x6c\xc6\x32\xb3\xfd\x41\xca\xff\xb2\x92\xa3\xf4\x39\xad\x9c\x19\x37\x96\x8d\x28\x2d\xf9\x58\xb7\xfb\xb6\xf4\xd0\xe8\xd5\xb5\xd1\x96\xf6\x36\x14\xb6\x46\x92\xa0\xd3\xd7\xf4\xc6\x84\xda\x3b\x5f\x6c\x65\x25\x61\x66\x33\xd6\xd5\xa5\x84\xcc\xd2\x5e\x84\x5d\xd3\xc3\xfe\x78\x0a\x7b\xb3\x27\x1c\x8d\x1b\x67\xaa\xc4\xa8\x2a\xe1\xaf\x90\x08\x03\xd3\x7c\x72\x5e\xbe\x7c\x9e\x14\x12\x82\xd8\xf9\xf3\x64\x90\x72\x89\xce\x9f\xc7\x24\x86\x69\x73\xa6\x3c\xb3\xc7\x1d\xa1\x28\x3f\xea\xac\x9b\x9b\x8c\x33\x83\x67\xf6\xc5\x18\xb4\xb0\x9d\xaa\xb1\x91\xe5\x13\xf1\x83\x41\xd8\x9d\xf0\x46\x92\x19\x15\x16\x80\xef\x95\xa1\xb1\xe3\xa2\x76\x54\x6d\x7b\x82\xa3\x63\x27\xe7\x8f\x73\xfe\x0f\xd7\xec\xbc\x00\x23\xa3\x0b\x60\x9a\x60\x64\x9b\x3a\x5e\xc0\xdc\xc6\xf4\x6e\xf4\xc3\xab\xa3\xe3\xb3\x68\x74\xb5\x0c\x84\x49\xe2\x7b\xa8\xdc\xe5\x28\x55\xc4\xc2\x24\x25\xc1\x8d\xcf\x53\xdf\x66\x9e\xfd\xd5\xde\xbf\x00\x00\x00\xff\xff\x45\x38\x91\x7a\x87\x0e\x00\x00") func schemaVmLxcJsonBytes() ([]byte, error) { return bindataRead( @@ -127,7 +127,7 @@ func schemaVmLxcJson() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/vm/lxc.json", size: 3522, mode: os.FileMode(420), modTime: time.Unix(1495534488, 0)} + info := bindataFileInfo{name: "schema/vm/lxc.json", size: 3719, mode: os.FileMode(420), modTime: time.Unix(1496999662, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -147,7 +147,7 @@ func schemaVmNullJson() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/vm/null.json", size: 930, mode: os.FileMode(420), modTime: time.Unix(1495534663, 0)} + info := bindataFileInfo{name: "schema/vm/null.json", size: 930, mode: os.FileMode(420), modTime: time.Unix(1496380643, 0)} a := &asset{bytes: bytes, info: info} return a, nil } diff --git a/schema/vm/lxc.json b/schema/vm/lxc.json index c6cfde62..cfb1bd20 100644 --- a/schema/vm/lxc.json +++ b/schema/vm/lxc.json @@ -158,6 +158,17 @@ "required": [ "download_url" ] + }, + "authentication_type": { + "type": "string", + "default": "none", + "enum": [ + "none", + "pub_key" + ] + }, + "ssh_public_key": { + "type": "string" } } } From 67629e3dab9bc7e3bb76bd710226a316f61926ab Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 9 Jun 2017 18:39:05 +0900 Subject: [PATCH 02/55] Adding CI test code for authentication parameters. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 9f436a59..2c37a356 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -23,3 +23,14 @@ func TestCmdConsole_ShowOption(t *testing.T) { RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) } + +func TestCmdConsole_Authentication(t *testing.T) { + stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"none"}`) + instance_id := strings.TrimSpace(stdout.String()) + + WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) + + + RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) + WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) +} From e9ce98c6e8541d7643bb04e3f0b392ca96b8b47c Mon Sep 17 00:00:00 2001 From: itouri Date: Sat, 17 Jun 2017 01:25:40 +0900 Subject: [PATCH 03/55] Add function that validate ssh_public_key of vm/lxc template parameter --- api/executor/executor.pb.go | 3 +- api/v1.pb.go | 3 +- handlers/vm/lxc/lxc.go | 51 +++++++++++++++++++++++++++++++++ handlers/vm/lxc/lxc_test.go | 57 +++++++++++++++++++++++++++++++++++++ model/cluster.pb.go | 3 +- vendor/vendor.json | 10 +++---- 6 files changed, 116 insertions(+), 11 deletions(-) diff --git a/api/executor/executor.pb.go b/api/executor/executor.pb.go index 3d1d7f8f..8e655839 100644 --- a/api/executor/executor.pb.go +++ b/api/executor/executor.pb.go @@ -1,6 +1,5 @@ -// Code generated by protoc-gen-go. +// Code generated by protoc-gen-go. DO NOT EDIT. // source: executor.proto -// DO NOT EDIT! /* Package executor is a generated protocol buffer package. diff --git a/api/v1.pb.go b/api/v1.pb.go index 32b75a20..cacb0aae 100644 --- a/api/v1.pb.go +++ b/api/v1.pb.go @@ -1,6 +1,5 @@ -// Code generated by protoc-gen-go. +// Code generated by protoc-gen-go. DO NOT EDIT. // source: v1.proto -// DO NOT EDIT! /* Package api is a generated protocol buffer package. diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index 458966d4..d89fa18f 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -5,12 +5,15 @@ import ( "flag" "fmt" "io" + "strings" "github.com/axsh/openvdc/handlers" "github.com/axsh/openvdc/handlers/vm" "github.com/axsh/openvdc/model" "github.com/golang/protobuf/proto" "github.com/pkg/errors" + "golang.org/x/crypto/ssh" + "io/ioutil" ) func init() { @@ -55,9 +58,57 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") } + switch (tmpl.AuthenticationType) { + case model.LxcTemplate_NONE: + case model.LxcTemplate_PUB_KEY: + if (tmpl.SshPublicKey == "") { + return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") + } + key, err := ioutil.ReadFile(tmpl.SshPublicKey) + if err != nil { + return nil, handlers.ErrInvalidTemplate(h, "unable to read ssh_public_key key") + } + + isValidate := validatePublicKey(key) + if !isValidate { + return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") + } + + default: + return nil, handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter" + tmpl.AuthenticationType.String()) + } + return tmpl, nil } +func validatePublicKey (key []byte)(bool){ + // Check that the key is in RFC4253 binary format. + _, err := ssh.ParsePublicKey(key) + if err == nil { + return true + } + + keyStr := string(key[:]); + // Check that the key is in OpenSSH format. + keyNames := []string{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ssh-ed25519"} + firstStr := strings.Fields(keyStr) + for _, name := range keyNames { + if firstStr[0] == name { + return true + } + } + + // Check that the key is in SECSH format. + keyNames = []string{"SSH2 ", "RSA", ""} + for _, name := range keyNames { + if ( strings.Contains(keyStr, "---- BEGIN " + name + "PUBLIC KEY ----") && + strings.Contains(keyStr, "---- END " + name + "PUBLIC KEY ----")) { + return true + } + } + return false +} + func (h *LxcHandler) SetTemplateItem(t *model.Template, m model.ResourceTemplate) { t.Item = &model.Template_Lxc{ Lxc: m.(*model.LxcTemplate), diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index dc49ee1c..2565db0b 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -37,6 +37,40 @@ const jsonLxcTemplate1 = `{ } }` +const jsonLxcTemplate2 = `{ + "type": "vm/lxc", + "lxc_template": { + "download": { + "distro": "ubuntu", + "release": "xenial" + } + }, + "authentication_type":0 +}` + +const jsonLxcTemplate3 = `{ + "type": "vm/lxc", + "lxc_template": { + "download": { + "distro": "ubuntu", + "release": "xenial" + } + }, + "authentication_type":1, + "ssh_public_key":"" +}` + +const jsonLxcTemplate4 = `{ + "type": "vm/lxc", + "lxc_template": { + "download": { + "distro": "ubuntu", + "release": "xenial" + } + }, + "authentication_type":1 +}` + func TestLxcHandler_ParseTemplate(t *testing.T) { assert := assert.New(t) h := &LxcHandler{} @@ -53,4 +87,27 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { modellxc = m.(*model.LxcTemplate) assert.Nil(modellxc.GetLxcImage()) assert.NotNil(modellxc.GetLxcTemplate()) + assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") + + m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate2).Bytes()) + assert.NoError(err) + assert.IsType((*model.LxcTemplate)(nil), m) + modellxc = m.(*model.LxcTemplate) + assert.Nil(modellxc.GetLxcImage()) + assert.NotNil(modellxc.GetLxcTemplate()) + assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") + + //m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) + //assert.NoError(err) + //assert.IsType((*model.LxcTemplate)(nil), m) + //modellxc = m.(*model.LxcTemplate) + //assert.Nil(modellxc.GetLxcImage()) + //assert.NotNil(modellxc.GetLxcTemplate()) + //assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") + //assert.NotEmpty(modellxc.SshPublicKey) + + m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate4).Bytes()) + // assert.EqualError(err,"ssh_public_key is not set") } + + diff --git a/model/cluster.pb.go b/model/cluster.pb.go index 07693c70..0843d8c6 100644 --- a/model/cluster.pb.go +++ b/model/cluster.pb.go @@ -1,6 +1,5 @@ -// Code generated by protoc-gen-go. +// Code generated by protoc-gen-go. DO NOT EDIT. // source: cluster.proto -// DO NOT EDIT! package model diff --git a/vendor/vendor.json b/vendor/vendor.json index 1965e9ea..37da402f 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -214,7 +214,7 @@ "revisionTime": "2013-11-06T22:25:44Z" }, { - "checksumSHA1": "eIjJhEqZZmQwt++0jlQhbIhAcH4=", + "checksumSHA1": "Cdsm9pkjn7WC0TP2KKPDSApiQKQ=", "path": "github.com/kr/pty", "revision": "ce7fa45920dc37a92de8377972e52bc55ffa8d57", "revisionTime": "2016-07-16T20:46:20Z" @@ -461,7 +461,7 @@ "revisionTime": "2016-09-25T22:06:09Z" }, { - "checksumSHA1": "MR10lNwh25urwTtpm+YxwQOASVM=", + "checksumSHA1": "O14StIX7nfDHAE3E9JKalGcag9I=", "path": "github.com/ulikunitz/xz", "revision": "3807218c9f4ed05861fa9eb75b8fb8afd3325a34", "revisionTime": "2017-02-15T20:57:12Z" @@ -575,7 +575,7 @@ "revisionTime": "2016-10-26T17:59:44Z" }, { - "checksumSHA1": "uTQtOqR0ePMMcvuvAIksiIZxhqU=", + "checksumSHA1": "Xhsm+TevJogC8U4sG6FO+czBMps=", "path": "golang.org/x/sys/unix", "revision": "d75a52659825e75fff6158388dddc6a5b04f9ba5", "revisionTime": "2016-12-14T18:38:57Z" @@ -587,7 +587,7 @@ "revisionTime": "2016-12-29T11:00:09Z" }, { - "checksumSHA1": "Vircurgvsnt4k26havmxPM67PUA=", + "checksumSHA1": "ZKCa+wAQGqlSqljoSFqx9pOOaW8=", "path": "golang.org/x/text/unicode/norm", "revision": "44f4f658a783b0cee41fe0a23b8fc91d9c120558", "revisionTime": "2016-12-29T11:00:09Z" @@ -671,5 +671,5 @@ "revisionTime": "2016-09-28T15:37:09Z" } ], - "rootPath": "/github.com/axsh/openvdc" + "rootPath": "github.com/axsh/openvdc" } From e56737c37ec25e06a4d59dc0f7e6bdf6331b1da0 Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 24 Jul 2017 17:02:18 +0900 Subject: [PATCH 04/55] Modify lxc.go to can convert authentication_type and ssh_public_key parameter of LxcTemplate from json to protocol buffer. --- handlers/vm/lxc/lxc.go | 75 +++++++++++++++++++++++++------------ handlers/vm/lxc/lxc_test.go | 24 ++++++------ 2 files changed, 62 insertions(+), 37 deletions(-) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index d89fa18f..da37de5f 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -3,8 +3,8 @@ package lxc import ( "encoding/json" "flag" - "fmt" "io" + "io/ioutil" "strings" "github.com/axsh/openvdc/handlers" @@ -13,7 +13,6 @@ import ( "github.com/golang/protobuf/proto" "github.com/pkg/errors" "golang.org/x/crypto/ssh" - "io/ioutil" ) func init() { @@ -26,42 +25,70 @@ type LxcHandler struct { func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { tmpl := &model.LxcTemplate{} - if err := json.Unmarshal(in, tmpl); err != nil { - return nil, err + + type Download struct { + Distro string `json:"distro,omitempty"` + Release string `json:"release,omitempty"` + } + + type LxcTemplate struct { + Download Download `json:"download,omitempty"` + } + + type LxcImage struct { + DownloadUrl string `json:"download_url,omitempty"` + ChksumType string `json:"chksum_type,omitempty"` + Chksum string `json:"chksum,omitempty"` } + // if err := json.Unmarshal(in, tmpl); err != nil { + // return nil, err + // } + // Parse "lxc_template" section if exists. var json_template struct { - Template map[string]json.RawMessage `json:"lxc_template,omitempty"` + LxcTemplate LxcTemplate `json:"lxc_template,omitempty"` + LxcImage LxcImage `json:"lxc_image,omitempty"` + AuthenticationType string `json:"authentication_type,omitempty"` } if err := json.Unmarshal(in, &json_template); err != nil { return nil, err } - if json_template.Template != nil { - if len(json_template.Template) != 1 { - return nil, fmt.Errorf("lxc_template section must contain one JSON object") + // return nil, errors.Errorf("!!!!%v", string(in[:])) + if json_template.AuthenticationType != "" { + format, ok := model.LxcTemplate_AuthenticationType_value[strings.ToUpper(json_template.AuthenticationType)] + if !ok { + return nil, errors.Errorf("Unknown value at format: %s", json_template.AuthenticationType) + } + tmpl.AuthenticationType = model.LxcTemplate_AuthenticationType(format) + + // Remove authentication_type field + tmp := make(map[string]interface{}) + var err error + if err = json.Unmarshal(in, &tmp); err != nil { + return nil, errors.Wrap(err, "Failed json.Unmarshal") } - // Take only head item - for k, raw := range json_template.Template { - tmpl.LxcTemplate = &model.LxcTemplate_Template{ - Template: k, - } - if err := json.Unmarshal(raw, tmpl.LxcTemplate); err != nil { - return nil, err - } - break + delete(tmp, "authentication_type") + // var err error + in, err = json.Marshal(tmp) + if err != nil { + return nil, errors.Wrap(err, "Failed json.Marshal") } } + if err := json.Unmarshal(in, tmpl); err != nil { + return nil, errors.Wrap(err, "Failed json.Unmarshal for model.LxcTemplate") + } + // Validation if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") } - switch (tmpl.AuthenticationType) { + switch tmpl.AuthenticationType { case model.LxcTemplate_NONE: case model.LxcTemplate_PUB_KEY: - if (tmpl.SshPublicKey == "") { + if tmpl.SshPublicKey == "" { return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") } key, err := ioutil.ReadFile(tmpl.SshPublicKey) @@ -75,20 +102,20 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, } default: - return nil, handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter" + tmpl.AuthenticationType.String()) + return nil, handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter"+tmpl.AuthenticationType.String()) } return tmpl, nil } -func validatePublicKey (key []byte)(bool){ +func validatePublicKey(key []byte) bool { // Check that the key is in RFC4253 binary format. _, err := ssh.ParsePublicKey(key) if err == nil { return true } - keyStr := string(key[:]); + keyStr := string(key[:]) // Check that the key is in OpenSSH format. keyNames := []string{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ssh-ed25519"} firstStr := strings.Fields(keyStr) @@ -101,8 +128,8 @@ func validatePublicKey (key []byte)(bool){ // Check that the key is in SECSH format. keyNames = []string{"SSH2 ", "RSA", ""} for _, name := range keyNames { - if ( strings.Contains(keyStr, "---- BEGIN " + name + "PUBLIC KEY ----") && - strings.Contains(keyStr, "---- END " + name + "PUBLIC KEY ----")) { + if strings.Contains(keyStr, "---- BEGIN "+name+"PUBLIC KEY ----") && + strings.Contains(keyStr, "---- END "+name+"PUBLIC KEY ----") { return true } } diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index 2565db0b..94aa539e 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -45,7 +45,7 @@ const jsonLxcTemplate2 = `{ "release": "xenial" } }, - "authentication_type":0 + "authentication_type":"none" }` const jsonLxcTemplate3 = `{ @@ -56,8 +56,8 @@ const jsonLxcTemplate3 = `{ "release": "xenial" } }, - "authentication_type":1, - "ssh_public_key":"" + "authentication_type":"pub_key", + "ssh_public_key":"./ssh/rsa_pub" }` const jsonLxcTemplate4 = `{ @@ -97,17 +97,15 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.NotNil(modellxc.GetLxcTemplate()) assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") - //m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) - //assert.NoError(err) - //assert.IsType((*model.LxcTemplate)(nil), m) - //modellxc = m.(*model.LxcTemplate) - //assert.Nil(modellxc.GetLxcImage()) - //assert.NotNil(modellxc.GetLxcTemplate()) - //assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") - //assert.NotEmpty(modellxc.SshPublicKey) + // m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) + // assert.NoError(err) + // assert.IsType((*model.LxcTemplate)(nil), m) + // modellxc = m.(*model.LxcTemplate) + // assert.Nil(modellxc.GetLxcImage()) + // assert.NotNil(modellxc.GetLxcTemplate()) + // assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") + // assert.NotEmpty(modellxc.SshPublicKey) m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate4).Bytes()) // assert.EqualError(err,"ssh_public_key is not set") } - - From b72ff816e03c7ae9df61974b79255fd95d0bd321 Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 24 Jul 2017 19:01:58 +0900 Subject: [PATCH 05/55] Remove processing read file of ssh public key. --- .vscode/settings.json | 3 ++- handlers/vm/lxc/lxc.go | 7 +------ handlers/vm/lxc/lxc_test.go | 23 ++++++++++++----------- 3 files changed, 15 insertions(+), 18 deletions(-) diff --git a/.vscode/settings.json b/.vscode/settings.json index f24392e1..f37d5a83 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -12,7 +12,8 @@ "json.schemas": [ { "fileMatch": [ - "/templates/**/*.json" + "/templates/**/*.json", + "/ci/citest/acceptance-test/tests/fixtures/**/*.json" ], "url": "./schema/v1.json" } diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index da37de5f..684b9bfd 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -4,7 +4,6 @@ import ( "encoding/json" "flag" "io" - "io/ioutil" "strings" "github.com/axsh/openvdc/handlers" @@ -91,12 +90,8 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, if tmpl.SshPublicKey == "" { return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") } - key, err := ioutil.ReadFile(tmpl.SshPublicKey) - if err != nil { - return nil, handlers.ErrInvalidTemplate(h, "unable to read ssh_public_key key") - } - isValidate := validatePublicKey(key) + isValidate := validatePublicKey([]byte(tmpl.SshPublicKey)) if !isValidate { return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") } diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index 94aa539e..120cb259 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -57,7 +57,7 @@ const jsonLxcTemplate3 = `{ } }, "authentication_type":"pub_key", - "ssh_public_key":"./ssh/rsa_pub" + "ssh_public_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJNCHA2x1bX1S3vmudlHEYDalDfUfeXn/Ca/l4V9phaGA6R4R+MPYkkA4opctEOeUot5rZDhnXGIOmIxvZdfsaZf7ib0zUTSF9iO3H3KeP9jm0DauxbfFVufa6EqJHKzX9sR9hnMQTFenac/bXlfwJVjt6Xz4gGCvfQ2tY4zJPCy4C/tGjZfsD+dya2UVqWp7Sg0I3+iuvREGoeT/9ayKoOj/j8DXbKchjspm3JHcsgp5lTDxrnfiWgV1HrKeWhiKPaNKY70TJHDhsaUL7CLbtT/RHogRkbPAaiBdm5wxdvC37ziflsgsLX9cRpFNuBD3xeckRX2+QsKzGLa8Wp1T1XRdcekoVLCT6RBcx1hbawrxBb3M2PrKXMkbTg96TlrAIMtbpM1oMV5NhWJFe3Y6nET+6Z5j4TBuv3HN69FlGlWcl/+TNppuk3iJC/fAMOmxNyuhA1U6k/s0od3MbagPXmso9YkH9fhtuDaerv23hf7m68oDaz2nK/zfK47Bn+06tjpznR0XFwYK4Bhp2UCoXOFshBkHbpqnZupPcLd/dHSRDfXgOKTfptGvGAz7vwINXBAhPEc0G9GGnha0RTRct3hkrkUqkLS/0d05UXxeS6VyB0CJpDtdU8CXc5wyas+oelUYLOOdeCPnsYMIOGILrxBFD23GIQ6l9UWPseDc3Yw==" }` const jsonLxcTemplate4 = `{ @@ -68,7 +68,8 @@ const jsonLxcTemplate4 = `{ "release": "xenial" } }, - "authentication_type":1 + "authentication_type":"pub_key", + "ssh_public_key":"./ssh/radf" }` func TestLxcHandler_ParseTemplate(t *testing.T) { @@ -97,15 +98,15 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.NotNil(modellxc.GetLxcTemplate()) assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") - // m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) - // assert.NoError(err) - // assert.IsType((*model.LxcTemplate)(nil), m) - // modellxc = m.(*model.LxcTemplate) - // assert.Nil(modellxc.GetLxcImage()) - // assert.NotNil(modellxc.GetLxcTemplate()) - // assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") - // assert.NotEmpty(modellxc.SshPublicKey) + m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) + assert.NoError(err) + assert.IsType((*model.LxcTemplate)(nil), m) + modellxc = m.(*model.LxcTemplate) + assert.Nil(modellxc.GetLxcImage()) + assert.NotNil(modellxc.GetLxcTemplate()) + assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") + assert.NotEmpty(modellxc.SshPublicKey) m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate4).Bytes()) - // assert.EqualError(err,"ssh_public_key is not set") + assert.Error(err) } From 73986022ef90bfc4e931c45275f9e2087b933d8b Mon Sep 17 00:00:00 2001 From: itouri Date: Tue, 1 Aug 2017 14:58:00 +0900 Subject: [PATCH 06/55] Adding lxc_auth_ssh.json --- .../tests/fixtures/lxc_auth_ssh.json | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 ci/citest/acceptance-test/tests/fixtures/lxc_auth_ssh.json diff --git a/ci/citest/acceptance-test/tests/fixtures/lxc_auth_ssh.json b/ci/citest/acceptance-test/tests/fixtures/lxc_auth_ssh.json new file mode 100644 index 00000000..c3c03220 --- /dev/null +++ b/ci/citest/acceptance-test/tests/fixtures/lxc_auth_ssh.json @@ -0,0 +1,14 @@ +{ + "title": "CentOS7", + "template": { + "type": "vm/lxc", + "lxc_template": { + "openvdc": { + "distro": "centos", + "release": "7" + } + }, + "authentication_type": "none" + } +} + From 7d92ca6132b3fd7dc3cbe4e71a6af675a65323dc Mon Sep 17 00:00:00 2001 From: itouri Date: Tue, 1 Aug 2017 17:02:13 +0900 Subject: [PATCH 07/55] Change MergeJSON to use common function of ParseTemplate. --- handlers/vm/lxc/lxc.go | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index f11d5bdd..309b4ab4 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -22,7 +22,7 @@ type LxcHandler struct { vm.Base } -func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { +func (h *LxcHandler) ParseTemplateJSON(in json.RawMessage, cmdJson bool) (model.ResourceTemplate, error) { tmpl := &model.LxcTemplate{} type Download struct { @@ -79,9 +79,11 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, return nil, errors.Wrap(err, "Failed json.Unmarshal for model.LxcTemplate") } - // Validation - if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { - return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") + if !cmdJson { + // Validation + if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { + return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") + } } switch tmpl.AuthenticationType { @@ -103,6 +105,14 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, return tmpl, nil } +func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { + tmpl, err := h.ParseTemplateJSON(in, false) + if err != nil { + return nil, err + } + return tmpl, nil +} + func validatePublicKey(key []byte) bool { // Check that the key is in RFC4253 binary format. _, err := ssh.ParsePublicKey(key) @@ -181,7 +191,11 @@ func (h *LxcHandler) MergeJSON(dst model.ResourceTemplate, in json.RawMessage) e // if err := json.Unmarshal(in, minput); err != nil { // return errors.WithStack(err) // } - tmpl, _ := h.ParseTemplate(in) + tmpl, err := h.ParseTemplateJSON(in, true) + if err != nil { + return err + } + minput, ok := tmpl.(*model.LxcTemplate) if !ok { return handlers.ErrMergeDstType(new(model.LxcTemplate), tmpl) From dc86ac57f185c22896f4446919ab1eed132e4272 Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 3 Aug 2017 16:13:54 +0900 Subject: [PATCH 08/55] Modify validation process of LxcTemplate. --- handlers/vm/lxc/lxc.go | 67 +++++++++++++++++++------------------ handlers/vm/lxc/lxc_test.go | 38 ++++++++++++++++++++- 2 files changed, 71 insertions(+), 34 deletions(-) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index 309b4ab4..024ecb41 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -3,6 +3,7 @@ package lxc import ( "encoding/json" "flag" + "fmt" "io" "strings" @@ -22,7 +23,7 @@ type LxcHandler struct { vm.Base } -func (h *LxcHandler) ParseTemplateJSON(in json.RawMessage, cmdJson bool) (model.ResourceTemplate, error) { +func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { tmpl := &model.LxcTemplate{} type Download struct { @@ -40,10 +41,6 @@ func (h *LxcHandler) ParseTemplateJSON(in json.RawMessage, cmdJson bool) (model. Chksum string `json:"chksum,omitempty"` } - // if err := json.Unmarshal(in, tmpl); err != nil { - // return nil, err - // } - // Parse "lxc_template" section if exists. var json_template struct { LxcTemplate LxcTemplate `json:"lxc_template,omitempty"` @@ -53,7 +50,6 @@ func (h *LxcHandler) ParseTemplateJSON(in json.RawMessage, cmdJson bool) (model. if err := json.Unmarshal(in, &json_template); err != nil { return nil, err } - // return nil, errors.Errorf("!!!!%v", string(in[:])) if json_template.AuthenticationType != "" { format, ok := model.LxcTemplate_AuthenticationType_value[strings.ToUpper(json_template.AuthenticationType)] if !ok { @@ -69,21 +65,45 @@ func (h *LxcHandler) ParseTemplateJSON(in json.RawMessage, cmdJson bool) (model. } delete(tmp, "authentication_type") // var err error + + //json_template.AuthenticationType = "" in, err = json.Marshal(tmp) + if err != nil { return nil, errors.Wrap(err, "Failed json.Marshal") } } if err := json.Unmarshal(in, tmpl); err != nil { - return nil, errors.Wrap(err, "Failed json.Unmarshal for model.LxcTemplate") + return nil, err + } + + var template struct { + Template map[string]json.RawMessage `json:"lxc_template,omitempty"` } - if !cmdJson { - // Validation - if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { - return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") + if err := json.Unmarshal(in, &template); err != nil { + return nil, err + } + if template.Template != nil { + if len(template.Template) != 1 { + return nil, fmt.Errorf("lxc_template section must contain one JSON object") } + // Take only head item + for k, raw := range template.Template { + tmpl.LxcTemplate = &model.LxcTemplate_Template{ + Template: k, + } + if err := json.Unmarshal(raw, tmpl.LxcTemplate); err != nil { + return nil, err + } + break + } + } + + // Validation + if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { + return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") } switch tmpl.AuthenticationType { @@ -101,15 +121,6 @@ func (h *LxcHandler) ParseTemplateJSON(in json.RawMessage, cmdJson bool) (model. default: return nil, handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter"+tmpl.AuthenticationType.String()) } - - return tmpl, nil -} - -func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { - tmpl, err := h.ParseTemplateJSON(in, false) - if err != nil { - return nil, err - } return tmpl, nil } @@ -187,20 +198,10 @@ func (h *LxcHandler) MergeJSON(dst model.ResourceTemplate, in json.RawMessage) e if !ok { return handlers.ErrMergeDstType(new(model.LxcTemplate), dst) } - // minput := &model.LxcTemplate{} - // if err := json.Unmarshal(in, minput); err != nil { - // return errors.WithStack(err) - // } - tmpl, err := h.ParseTemplateJSON(in, true) - if err != nil { - return err - } - - minput, ok := tmpl.(*model.LxcTemplate) - if !ok { - return handlers.ErrMergeDstType(new(model.LxcTemplate), tmpl) + minput := &model.LxcTemplate{} + if err := json.Unmarshal(in, minput); err != nil { + return errors.WithStack(err) } - // Prevent Image & Template attributes from overwriting. minput.LxcImage = nil minput.LxcTemplate = nil diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index 120cb259..130760c8 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -57,7 +57,7 @@ const jsonLxcTemplate3 = `{ } }, "authentication_type":"pub_key", - "ssh_public_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJNCHA2x1bX1S3vmudlHEYDalDfUfeXn/Ca/l4V9phaGA6R4R+MPYkkA4opctEOeUot5rZDhnXGIOmIxvZdfsaZf7ib0zUTSF9iO3H3KeP9jm0DauxbfFVufa6EqJHKzX9sR9hnMQTFenac/bXlfwJVjt6Xz4gGCvfQ2tY4zJPCy4C/tGjZfsD+dya2UVqWp7Sg0I3+iuvREGoeT/9ayKoOj/j8DXbKchjspm3JHcsgp5lTDxrnfiWgV1HrKeWhiKPaNKY70TJHDhsaUL7CLbtT/RHogRkbPAaiBdm5wxdvC37ziflsgsLX9cRpFNuBD3xeckRX2+QsKzGLa8Wp1T1XRdcekoVLCT6RBcx1hbawrxBb3M2PrKXMkbTg96TlrAIMtbpM1oMV5NhWJFe3Y6nET+6Z5j4TBuv3HN69FlGlWcl/+TNppuk3iJC/fAMOmxNyuhA1U6k/s0od3MbagPXmso9YkH9fhtuDaerv23hf7m68oDaz2nK/zfK47Bn+06tjpznR0XFwYK4Bhp2UCoXOFshBkHbpqnZupPcLd/dHSRDfXgOKTfptGvGAz7vwINXBAhPEc0G9GGnha0RTRct3hkrkUqkLS/0d05UXxeS6VyB0CJpDtdU8CXc5wyas+oelUYLOOdeCPnsYMIOGILrxBFD23GIQ6l9UWPseDc3Yw==" + "ssh_public_key":"ssh-rsa AAAA" }` const jsonLxcTemplate4 = `{ @@ -72,6 +72,20 @@ const jsonLxcTemplate4 = `{ "ssh_public_key":"./ssh/radf" }` +const jsonLxcTemplate5 = `{ + "type": "vm/lxc", + "lxc_template": { + "download": { + "distro": "ubuntu", + "release": "xenial" + } + }, + "authentication_type":"pub_key", + "ssh_public_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJNCHA2x1bX1S3vmudlHEYDalDfUfeXn/Ca/l4V9phaGA6R4R+MPYkkA4opctEOeUot5rZDhnXGIOmIxvZdfsaZf7ib0zUTSF9iO3H3KeP9jm0DauxbfFVufa6EqJHKzX9sR9hnMQTFenac/bXlfwJVjt6Xz4gGCvfQ2tY4zJPCy4C/tGjZfsD+dya2UVqWp7Sg0I3+iuvREGoeT/9ayKoOj/j8DXbKchjspm3JHcsgp5lTDxrnfiWgV1HrKeWhiKPaNKY70TJHDhsaUL7CLbtT/RHogRkbPAaiBdm5wxdvC37ziflsgsLX9cRpFNuBD3xeckRX2+QsKzGLa8Wp1T1XRdcekoVLCT6RBcx1hbawrxBb3M2PrKXMkbTg96TlrAIMtbpM1oMV5NhWJFe3Y6nET+6Z5j4TBuv3HN69FlGlWcl/+TNppuk3iJC/fAMOmxNyuhA1U6k/s0od3MbagPXmso9YkH9fhtuDaerv23hf7m68oDaz2nK/zfK47Bn+06tjpznR0XFwYK4Bhp2UCoXOFshBkHbpqnZupPcLd/dHSRDfXgOKTfptGvGAz7vwINXBAhPEc0G9GGnha0RTRct3hkrkUqkLS/0d05UXxeS6VyB0CJpDtdU8CXc5wyas+oelUYLOOdeCPnsYMIOGILrxBFD23GIQ6l9UWPseDc3Yw==" +}` + +const margeJson1 = `{"authentication_type":"none"}` + func TestLxcHandler_ParseTemplate(t *testing.T) { assert := assert.New(t) h := &LxcHandler{} @@ -80,6 +94,7 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.IsType((*model.LxcTemplate)(nil), m) modellxc := m.(*model.LxcTemplate) assert.NotNil(modellxc.GetLxcImage()) + assert.Equal(modellxc.GetLxcImage().DownloadUrl, "http://example.com/") assert.Nil(modellxc.GetLxcTemplate()) m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate1).Bytes()) @@ -88,6 +103,9 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { modellxc = m.(*model.LxcTemplate) assert.Nil(modellxc.GetLxcImage()) assert.NotNil(modellxc.GetLxcTemplate()) + assert.Equal(modellxc.GetLxcTemplate().Template, "download") + assert.Equal(modellxc.GetLxcTemplate().Distro, "ubuntu") + assert.Equal(modellxc.GetLxcTemplate().Release, "xenial") assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate2).Bytes()) @@ -96,6 +114,9 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { modellxc = m.(*model.LxcTemplate) assert.Nil(modellxc.GetLxcImage()) assert.NotNil(modellxc.GetLxcTemplate()) + assert.Equal(modellxc.GetLxcTemplate().Template, "download") + assert.Equal(modellxc.GetLxcTemplate().Distro, "ubuntu") + assert.Equal(modellxc.GetLxcTemplate().Release, "xenial") assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) @@ -104,9 +125,24 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { modellxc = m.(*model.LxcTemplate) assert.Nil(modellxc.GetLxcImage()) assert.NotNil(modellxc.GetLxcTemplate()) + assert.Equal(modellxc.GetLxcTemplate().Template, "download") + assert.Equal(modellxc.GetLxcTemplate().Distro, "ubuntu") + assert.Equal(modellxc.GetLxcTemplate().Release, "xenial") assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") assert.NotEmpty(modellxc.SshPublicKey) m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate4).Bytes()) assert.Error(err) } + +func TestLxcHandler_MargeJSON(t *testing.T) { + assert := assert.New(t) + h := &LxcHandler{} + lxcTmpl := &model.LxcTemplate{} + var dest model.ResourceTemplate = lxcTmpl + + //dest = model.LxcTemplate{} + err := h.MergeJSON(dest, bytes.NewBufferString(jsonLxcImage1).Bytes()) // instance_id := strings.TrimSpace(stdout.String()) + assert.Nil(err) + assert.IsType((*model.LxcTemplate)(nil), dest) +} From 8714d1820a79ae05a837fb60046afdc14f6fa110 Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 3 Aug 2017 17:17:01 +0900 Subject: [PATCH 09/55] Divided validation authentication_type functions into common functions. --- handlers/vm/lxc/lxc.go | 134 ++++++++++++++++++------------------ handlers/vm/lxc/lxc_test.go | 22 ++++-- 2 files changed, 86 insertions(+), 70 deletions(-) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index 024ecb41..a84f21cc 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -7,12 +7,13 @@ import ( "io" "strings" + "golang.org/x/crypto/ssh" + "github.com/axsh/openvdc/handlers" "github.com/axsh/openvdc/handlers/vm" "github.com/axsh/openvdc/model" "github.com/golang/protobuf/proto" "github.com/pkg/errors" - "golang.org/x/crypto/ssh" ) func init() { @@ -23,37 +24,18 @@ type LxcHandler struct { vm.Base } -func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { - tmpl := &model.LxcTemplate{} - - type Download struct { - Distro string `json:"distro,omitempty"` - Release string `json:"release,omitempty"` - } - - type LxcTemplate struct { - Download Download `json:"download,omitempty"` - } - - type LxcImage struct { - DownloadUrl string `json:"download_url,omitempty"` - ChksumType string `json:"chksum_type,omitempty"` - Chksum string `json:"chksum,omitempty"` - } - - // Parse "lxc_template" section if exists. +func (h *LxcHandler) validateAuthenticationType(in json.RawMessage, tmpl model.LxcTemplate) (json.RawMessage, *model.LxcTemplate, error) { var json_template struct { - LxcTemplate LxcTemplate `json:"lxc_template,omitempty"` - LxcImage LxcImage `json:"lxc_image,omitempty"` - AuthenticationType string `json:"authentication_type,omitempty"` + AuthenticationType string `json:"authentication_type,omitempty"` } + if err := json.Unmarshal(in, &json_template); err != nil { - return nil, err + return nil, &tmpl, err } if json_template.AuthenticationType != "" { format, ok := model.LxcTemplate_AuthenticationType_value[strings.ToUpper(json_template.AuthenticationType)] if !ok { - return nil, errors.Errorf("Unknown value at format: %s", json_template.AuthenticationType) + return nil, &tmpl, errors.Errorf("Unknown value at format: %s", json_template.AuthenticationType) } tmpl.AuthenticationType = model.LxcTemplate_AuthenticationType(format) @@ -61,67 +43,38 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, tmp := make(map[string]interface{}) var err error if err = json.Unmarshal(in, &tmp); err != nil { - return nil, errors.Wrap(err, "Failed json.Unmarshal") + return nil, &tmpl, errors.Wrap(err, "Failed json.Unmarshal") } delete(tmp, "authentication_type") - // var err error - - //json_template.AuthenticationType = "" in, err = json.Marshal(tmp) - if err != nil { - return nil, errors.Wrap(err, "Failed json.Marshal") + return nil, &tmpl, errors.Wrap(err, "Failed json.Marshal") } } - if err := json.Unmarshal(in, tmpl); err != nil { - return nil, err - } - - var template struct { - Template map[string]json.RawMessage `json:"lxc_template,omitempty"` - } - - if err := json.Unmarshal(in, &template); err != nil { - return nil, err - } - if template.Template != nil { - if len(template.Template) != 1 { - return nil, fmt.Errorf("lxc_template section must contain one JSON object") - } - // Take only head item - for k, raw := range template.Template { - tmpl.LxcTemplate = &model.LxcTemplate_Template{ - Template: k, - } - if err := json.Unmarshal(raw, tmpl.LxcTemplate); err != nil { - return nil, err - } - break - } - } - - // Validation - if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { - return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") + if err := json.Unmarshal(in, &tmpl); err != nil { + return nil, &tmpl, err } + return in, &tmpl, nil +} +func (h *LxcHandler) validatePublicKey(tmpl model.LxcTemplate) error { switch tmpl.AuthenticationType { case model.LxcTemplate_NONE: case model.LxcTemplate_PUB_KEY: if tmpl.SshPublicKey == "" { - return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") + return handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") } isValidate := validatePublicKey([]byte(tmpl.SshPublicKey)) if !isValidate { - return nil, handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") + return handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") } default: - return nil, handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter"+tmpl.AuthenticationType.String()) + return handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter"+tmpl.AuthenticationType.String()) } - return tmpl, nil + return nil } func validatePublicKey(key []byte) bool { @@ -152,6 +105,48 @@ func validatePublicKey(key []byte) bool { return false } +func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { + var template struct { + Template map[string]json.RawMessage `json:"lxc_template,omitempty"` + } + tmpl := &model.LxcTemplate{} + in, tmpl, err := h.validateAuthenticationType(in, *tmpl) + if err != nil { + return nil, err + } + + if err := json.Unmarshal(in, &template); err != nil { + return nil, err + } + if template.Template != nil { + if len(template.Template) != 1 { + return nil, fmt.Errorf("lxc_template section must contain one JSON object") + } + // Take only head item + for k, raw := range template.Template { + tmpl.LxcTemplate = &model.LxcTemplate_Template{ + Template: k, + } + if err := json.Unmarshal(raw, tmpl.LxcTemplate); err != nil { + return nil, err + } + break + } + } + + // Validation + if tmpl.GetLxcImage() == nil && tmpl.GetLxcTemplate() == nil { + return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") + } + + err = h.validatePublicKey(*tmpl) + if err != nil { + return nil, err + } + + return tmpl, nil +} + func (h *LxcHandler) SetTemplateItem(t *model.Template, m model.ResourceTemplate) { t.Item = &model.Template_Lxc{ Lxc: m.(*model.LxcTemplate), @@ -199,9 +194,16 @@ func (h *LxcHandler) MergeJSON(dst model.ResourceTemplate, in json.RawMessage) e return handlers.ErrMergeDstType(new(model.LxcTemplate), dst) } minput := &model.LxcTemplate{} - if err := json.Unmarshal(in, minput); err != nil { + in, minput, err := h.validateAuthenticationType(in, *minput) + if err != nil { return errors.WithStack(err) } + + err = h.validatePublicKey(*minput) + if err != nil { + return err + } + // Prevent Image & Template attributes from overwriting. minput.LxcImage = nil minput.LxcTemplate = nil diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index 130760c8..e3a42dbb 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -85,6 +85,8 @@ const jsonLxcTemplate5 = `{ }` const margeJson1 = `{"authentication_type":"none"}` +const margeJson2 = `{"authentication_type":"pub_key","ssh_public_key":"ssh-rsa AAAA"}` +const margeJson3 = `{"authentication_type":"pub_key","ssh_public_key":""}` func TestLxcHandler_ParseTemplate(t *testing.T) { assert := assert.New(t) @@ -138,11 +140,23 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { func TestLxcHandler_MargeJSON(t *testing.T) { assert := assert.New(t) h := &LxcHandler{} - lxcTmpl := &model.LxcTemplate{} - var dest model.ResourceTemplate = lxcTmpl + var dest model.ResourceTemplate = &model.LxcTemplate{} - //dest = model.LxcTemplate{} - err := h.MergeJSON(dest, bytes.NewBufferString(jsonLxcImage1).Bytes()) // instance_id := strings.TrimSpace(stdout.String()) + err := h.MergeJSON(dest, bytes.NewBufferString(margeJson1).Bytes()) // instance_id := strings.TrimSpace(stdout.String()) + d := dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) + assert.Equal(d.AuthenticationType, model.LxcTemplate_NONE) + + dest = &model.LxcTemplate{} + err = h.MergeJSON(dest, bytes.NewBufferString(margeJson2).Bytes()) + d = dest.(*model.LxcTemplate) + assert.Nil(err) + assert.IsType((*model.LxcTemplate)(nil), dest) + assert.Equal(d.AuthenticationType, model.LxcTemplate_PUB_KEY) + + dest = &model.LxcTemplate{} + err = h.MergeJSON(dest, bytes.NewBufferString(margeJson3).Bytes()) + d = dest.(*model.LxcTemplate) + assert.EqualError(err, "Invalid template vm/lxc: ssh_public_key is not set") } From 11a63f7959dfb82d0b544afa6c621b1d450bcecb Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 10 Aug 2017 15:05:44 +0900 Subject: [PATCH 10/55] Modify that common the validation to the authentication_type and ssh_pub_key of the VM template. --- handlers/vm/base.go | 89 +++++++++++ handlers/vm/lxc/lxc.go | 102 ++---------- handlers/vm/lxc/lxc_test.go | 25 +-- handlers/vm/qemu/qemu.go | 19 +++ handlers/vm/qemu/qemu_test.go | 75 ++++++++- model/model.pb.go | 285 +++++++++++++++++++--------------- model/resource_templates.go | 8 +- proto/model.proto | 13 +- registry/bindata_assetfs.go | 23 ++- schema/vm/qemu.json | 11 ++ 10 files changed, 398 insertions(+), 252 deletions(-) diff --git a/handlers/vm/base.go b/handlers/vm/base.go index a69c60cd..7a882b9e 100644 --- a/handlers/vm/base.go +++ b/handlers/vm/base.go @@ -1,5 +1,16 @@ package vm +import ( + "encoding/json" + "strings" + + "golang.org/x/crypto/ssh" + + "github.com/axsh/openvdc/handlers" + "github.com/axsh/openvdc/model" + "github.com/pkg/errors" +) + type Base struct { } @@ -12,6 +23,84 @@ var SupportedAPICalls = []string{ "/api.Instance/Log", } +func (*Base) ValidateAuthenticationType(in json.RawMessage) (json.RawMessage, model.AuthenticationType, error) { + var json_template struct { + AuthenticationType string `json:"authentication_type,omitempty"` + } + + if err := json.Unmarshal(in, &json_template); err != nil { + return nil, 0, err + } + var ret model.AuthenticationType + if json_template.AuthenticationType != "" { + format, ok := model.AuthenticationType_value[strings.ToUpper(json_template.AuthenticationType)] + if !ok { + return nil, 0, errors.Errorf("Unknown value at format: %s", json_template.AuthenticationType) + } + ret = model.AuthenticationType(format) + + // Remove authentication_type field + tmp := make(map[string]interface{}) + var err error + if err = json.Unmarshal(in, &tmp); err != nil { + return nil, 0, errors.Wrap(err, "Failed json.Unmarshal") + } + delete(tmp, "authentication_type") + in, err = json.Marshal(tmp) + if err != nil { + return nil, 0, errors.Wrap(err, "Failed json.Marshal") + } + } + return in, ret, nil +} + +func (*Base) ValidatePublicKey(h handlers.ResourceHandler, authType model.AuthenticationType, sshPubKey string) error { + switch authType { + case model.AuthenticationType_NONE: + case model.AuthenticationType_PUB_KEY: + if sshPubKey == "" { + return handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") + } + + isValidate := validatePublicKey([]byte(sshPubKey)) + if !isValidate { + return handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") + } + + default: + return handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter"+authType.String()) + } + return nil +} + +func validatePublicKey(key []byte) bool { + // Check that the key is in RFC4253 binary format. + _, err := ssh.ParsePublicKey(key) + if err == nil { + return true + } + + keyStr := string(key[:]) + // Check that the key is in OpenSSH format. + keyNames := []string{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ssh-ed25519"} + firstStr := strings.Fields(keyStr) + for _, name := range keyNames { + if firstStr[0] == name { + return true + } + } + + // Check that the key is in SECSH format. + keyNames = []string{"SSH2 ", "RSA", ""} + for _, name := range keyNames { + if strings.Contains(keyStr, "---- BEGIN "+name+"PUBLIC KEY ----") && + strings.Contains(keyStr, "---- END "+name+"PUBLIC KEY ----") { + return true + } + } + return false +} + func (*Base) IsSupportAPI(method string) bool { for _, m := range SupportedAPICalls { if m == method { diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index a84f21cc..61a2a10f 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -5,9 +5,6 @@ import ( "flag" "fmt" "io" - "strings" - - "golang.org/x/crypto/ssh" "github.com/axsh/openvdc/handlers" "github.com/axsh/openvdc/handlers/vm" @@ -24,96 +21,20 @@ type LxcHandler struct { vm.Base } -func (h *LxcHandler) validateAuthenticationType(in json.RawMessage, tmpl model.LxcTemplate) (json.RawMessage, *model.LxcTemplate, error) { - var json_template struct { - AuthenticationType string `json:"authentication_type,omitempty"` - } - - if err := json.Unmarshal(in, &json_template); err != nil { - return nil, &tmpl, err - } - if json_template.AuthenticationType != "" { - format, ok := model.LxcTemplate_AuthenticationType_value[strings.ToUpper(json_template.AuthenticationType)] - if !ok { - return nil, &tmpl, errors.Errorf("Unknown value at format: %s", json_template.AuthenticationType) - } - tmpl.AuthenticationType = model.LxcTemplate_AuthenticationType(format) - - // Remove authentication_type field - tmp := make(map[string]interface{}) - var err error - if err = json.Unmarshal(in, &tmp); err != nil { - return nil, &tmpl, errors.Wrap(err, "Failed json.Unmarshal") - } - delete(tmp, "authentication_type") - in, err = json.Marshal(tmp) - if err != nil { - return nil, &tmpl, errors.Wrap(err, "Failed json.Marshal") - } - } - - if err := json.Unmarshal(in, &tmpl); err != nil { - return nil, &tmpl, err - } - return in, &tmpl, nil -} - -func (h *LxcHandler) validatePublicKey(tmpl model.LxcTemplate) error { - switch tmpl.AuthenticationType { - case model.LxcTemplate_NONE: - case model.LxcTemplate_PUB_KEY: - if tmpl.SshPublicKey == "" { - return handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") - } - - isValidate := validatePublicKey([]byte(tmpl.SshPublicKey)) - if !isValidate { - return handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") - } - - default: - return handlers.ErrInvalidTemplate(h, "Unknown authentication_type parameter"+tmpl.AuthenticationType.String()) - } - return nil -} - -func validatePublicKey(key []byte) bool { - // Check that the key is in RFC4253 binary format. - _, err := ssh.ParsePublicKey(key) - if err == nil { - return true - } - - keyStr := string(key[:]) - // Check that the key is in OpenSSH format. - keyNames := []string{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ssh-ed25519"} - firstStr := strings.Fields(keyStr) - for _, name := range keyNames { - if firstStr[0] == name { - return true - } - } - - // Check that the key is in SECSH format. - keyNames = []string{"SSH2 ", "RSA", ""} - for _, name := range keyNames { - if strings.Contains(keyStr, "---- BEGIN "+name+"PUBLIC KEY ----") && - strings.Contains(keyStr, "---- END "+name+"PUBLIC KEY ----") { - return true - } - } - return false -} - func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, error) { var template struct { Template map[string]json.RawMessage `json:"lxc_template,omitempty"` } tmpl := &model.LxcTemplate{} - in, tmpl, err := h.validateAuthenticationType(in, *tmpl) + in, authType, err := h.Base.ValidateAuthenticationType(in) if err != nil { return nil, err } + tmpl.AuthenticationType = authType + + if err := json.Unmarshal(in, tmpl); err != nil { + return nil, err + } if err := json.Unmarshal(in, &template); err != nil { return nil, err @@ -139,7 +60,7 @@ func (h *LxcHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, return nil, handlers.ErrInvalidTemplate(h, "lxc_image or lxc_template must exist") } - err = h.validatePublicKey(*tmpl) + err = h.Base.ValidatePublicKey(h, tmpl.AuthenticationType, tmpl.SshPublicKey) if err != nil { return nil, err } @@ -194,12 +115,17 @@ func (h *LxcHandler) MergeJSON(dst model.ResourceTemplate, in json.RawMessage) e return handlers.ErrMergeDstType(new(model.LxcTemplate), dst) } minput := &model.LxcTemplate{} - in, minput, err := h.validateAuthenticationType(in, *minput) + in, authType, err := h.Base.ValidateAuthenticationType(in) if err != nil { return errors.WithStack(err) } + minput.AuthenticationType = authType + + if err := json.Unmarshal(in, minput); err != nil { + return errors.WithStack(err) + } - err = h.validatePublicKey(*minput) + err = h.Base.ValidatePublicKey(h, minput.AuthenticationType, minput.SshPublicKey) if err != nil { return err } diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index e3a42dbb..fa99bebd 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -72,18 +72,6 @@ const jsonLxcTemplate4 = `{ "ssh_public_key":"./ssh/radf" }` -const jsonLxcTemplate5 = `{ - "type": "vm/lxc", - "lxc_template": { - "download": { - "distro": "ubuntu", - "release": "xenial" - } - }, - "authentication_type":"pub_key", - "ssh_public_key":"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJNCHA2x1bX1S3vmudlHEYDalDfUfeXn/Ca/l4V9phaGA6R4R+MPYkkA4opctEOeUot5rZDhnXGIOmIxvZdfsaZf7ib0zUTSF9iO3H3KeP9jm0DauxbfFVufa6EqJHKzX9sR9hnMQTFenac/bXlfwJVjt6Xz4gGCvfQ2tY4zJPCy4C/tGjZfsD+dya2UVqWp7Sg0I3+iuvREGoeT/9ayKoOj/j8DXbKchjspm3JHcsgp5lTDxrnfiWgV1HrKeWhiKPaNKY70TJHDhsaUL7CLbtT/RHogRkbPAaiBdm5wxdvC37ziflsgsLX9cRpFNuBD3xeckRX2+QsKzGLa8Wp1T1XRdcekoVLCT6RBcx1hbawrxBb3M2PrKXMkbTg96TlrAIMtbpM1oMV5NhWJFe3Y6nET+6Z5j4TBuv3HN69FlGlWcl/+TNppuk3iJC/fAMOmxNyuhA1U6k/s0od3MbagPXmso9YkH9fhtuDaerv23hf7m68oDaz2nK/zfK47Bn+06tjpznR0XFwYK4Bhp2UCoXOFshBkHbpqnZupPcLd/dHSRDfXgOKTfptGvGAz7vwINXBAhPEc0G9GGnha0RTRct3hkrkUqkLS/0d05UXxeS6VyB0CJpDtdU8CXc5wyas+oelUYLOOdeCPnsYMIOGILrxBFD23GIQ6l9UWPseDc3Yw==" -}` - const margeJson1 = `{"authentication_type":"none"}` const margeJson2 = `{"authentication_type":"pub_key","ssh_public_key":"ssh-rsa AAAA"}` const margeJson3 = `{"authentication_type":"pub_key","ssh_public_key":""}` @@ -108,7 +96,7 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.Equal(modellxc.GetLxcTemplate().Template, "download") assert.Equal(modellxc.GetLxcTemplate().Distro, "ubuntu") assert.Equal(modellxc.GetLxcTemplate().Release, "xenial") - assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") + assert.Equal(model.AuthenticationType_NONE, modellxc.AuthenticationType, "none") m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate2).Bytes()) assert.NoError(err) @@ -119,7 +107,7 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.Equal(modellxc.GetLxcTemplate().Template, "download") assert.Equal(modellxc.GetLxcTemplate().Distro, "ubuntu") assert.Equal(modellxc.GetLxcTemplate().Release, "xenial") - assert.Equal(model.LxcTemplate_NONE, modellxc.AuthenticationType, "none") + assert.Equal(model.AuthenticationType_NONE, modellxc.AuthenticationType, "none") m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate3).Bytes()) assert.NoError(err) @@ -130,11 +118,11 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.Equal(modellxc.GetLxcTemplate().Template, "download") assert.Equal(modellxc.GetLxcTemplate().Distro, "ubuntu") assert.Equal(modellxc.GetLxcTemplate().Release, "xenial") - assert.Equal(model.LxcTemplate_PUB_KEY, modellxc.AuthenticationType, "pub_key") + assert.Equal(model.AuthenticationType_PUB_KEY, modellxc.AuthenticationType, "pub_key") assert.NotEmpty(modellxc.SshPublicKey) m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate4).Bytes()) - assert.Error(err) + assert.EqualError(err, "Invalid template vm/lxc: ssh_public_key is invalid") } func TestLxcHandler_MargeJSON(t *testing.T) { @@ -146,14 +134,15 @@ func TestLxcHandler_MargeJSON(t *testing.T) { d := dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) - assert.Equal(d.AuthenticationType, model.LxcTemplate_NONE) + assert.Equal(d.AuthenticationType, model.AuthenticationType_NONE) dest = &model.LxcTemplate{} err = h.MergeJSON(dest, bytes.NewBufferString(margeJson2).Bytes()) d = dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) - assert.Equal(d.AuthenticationType, model.LxcTemplate_PUB_KEY) + assert.Equal(d.AuthenticationType, model.AuthenticationType_PUB_KEY) + assert.Equal(d.SshPublicKey, "ssh-rsa AAAA") dest = &model.LxcTemplate{} err = h.MergeJSON(dest, bytes.NewBufferString(margeJson3).Bytes()) diff --git a/handlers/vm/qemu/qemu.go b/handlers/vm/qemu/qemu.go index 68e70fb3..46ea9b82 100644 --- a/handlers/vm/qemu/qemu.go +++ b/handlers/vm/qemu/qemu.go @@ -57,6 +57,12 @@ func (h *QemuHandler) ParseTemplate(in json.RawMessage) (model.ResourceTemplate, } } + in, authType, err := h.Base.ValidateAuthenticationType(in) + if err != nil { + return nil, err + } + tmpl.AuthenticationType = authType + if err := json.Unmarshal(in, tmpl); err != nil { return nil, errors.Wrap(err, "Failed json.Unmarshal for model.QemuTemplate") } @@ -119,10 +125,23 @@ func (h *QemuHandler) MergeJSON(dst model.ResourceTemplate, in json.RawMessage) if !ok { return handlers.ErrMergeDstType(new(model.QemuTemplate), dst) } + minput := &model.QemuTemplate{} + in, authType, err := h.Base.ValidateAuthenticationType(in) + if err != nil { + return errors.WithStack(err) + } + minput.AuthenticationType = authType + if err := json.Unmarshal(in, minput); err != nil { return errors.WithStack(err) } + + err = h.Base.ValidatePublicKey(h, minput.AuthenticationType, minput.SshPublicKey) + if err != nil { + return err + } + // Prevent Image & Template attributes from overwriting. minput.QemuImage = nil proto.Merge(mdst, minput) diff --git a/handlers/vm/qemu/qemu_test.go b/handlers/vm/qemu/qemu_test.go index acf93138..c4b8fd08 100644 --- a/handlers/vm/qemu/qemu_test.go +++ b/handlers/vm/qemu/qemu_test.go @@ -20,7 +20,7 @@ func TestTypes(t *testing.T) { assert.Implements((*handlers.CLIHandler)(nil), &QemuHandler{}) } -const jsonQemuImage = `{ +const jsonQemuImage1 = `{ "type": "vm/qemu", "qemu_image": { "download_url": "http://example.com/", @@ -28,14 +28,85 @@ const jsonQemuImage = `{ } }` +const jsonQemuImage2 = `{ + "type": "vm/qemu", + "qemu_image": { + "download_url": "http://example.com/", + "format": "raw" + }, + "authentication_type":"pub_key", + "ssh_public_key":"ssh-rsa AAAA" +}` + +const jsonQemuImage3 = `{ + "type": "vm/qemu", + "qemu_image": { + "download_url": "http://example.com/", + "format": "raw" + }, + "authentication_type":"none", + "ssh_public_key":"ssh-rsa AAAA" +}` + +const margeJson1 = `{"authentication_type":"none"}` +const margeJson2 = `{"authentication_type":"pub_key","ssh_public_key":"ssh-rsa AAAA"}` +const margeJson3 = `{"authentication_type":"pub_key","ssh_public_key":""}` + func TestQemuHandler_ParseTemplate(t *testing.T) { assert := assert.New(t) h := &QemuHandler{} - m, err := h.ParseTemplate(bytes.NewBufferString(jsonQemuImage).Bytes()) + m, err := h.ParseTemplate(bytes.NewBufferString(jsonQemuImage1).Bytes()) assert.NoError(err) assert.IsType((*model.QemuTemplate)(nil), m) modelqemu := m.(*model.QemuTemplate) assert.NotNil(modelqemu.GetQemuImage()) assert.Equal(modelqemu.GetQemuImage().GetDownloadUrl(), "http://example.com/") assert.Equal(modelqemu.GetQemuImage().GetFormat().String(), "RAW") + assert.Equal(model.AuthenticationType_NONE, modelqemu.AuthenticationType, "none") + + // Testing authentication_type and ssh_pub_key + m, err = h.ParseTemplate(bytes.NewBufferString(jsonQemuImage2).Bytes()) + assert.NoError(err) + assert.IsType((*model.QemuTemplate)(nil), m) + modelqemu = m.(*model.QemuTemplate) + assert.NotNil(modelqemu.GetQemuImage()) + assert.Equal(modelqemu.GetQemuImage().GetDownloadUrl(), "http://example.com/") + assert.Equal(modelqemu.GetQemuImage().GetFormat().String(), "RAW") + assert.Equal(model.AuthenticationType_PUB_KEY, modelqemu.AuthenticationType, "pub_key") + assert.Equal(modelqemu.SshPublicKey, "ssh-rsa AAAA") + + m, err = h.ParseTemplate(bytes.NewBufferString(jsonQemuImage3).Bytes()) + assert.NoError(err) + assert.IsType((*model.QemuTemplate)(nil), m) + modelqemu = m.(*model.QemuTemplate) + assert.NotNil(modelqemu.GetQemuImage()) + assert.Equal(modelqemu.GetQemuImage().GetDownloadUrl(), "http://example.com/") + assert.Equal(modelqemu.GetQemuImage().GetFormat().String(), "RAW") + assert.Equal(model.AuthenticationType_PUB_KEY, modelqemu.AuthenticationType, "pub_key") + assert.Equal(modelqemu.SshPublicKey, "ssh-rsa AAAA") +} + +func TestQemuHandler_MargeJSON(t *testing.T) { + assert := assert.New(t) + h := &QemuHandler{} + var dest model.ResourceTemplate = &model.QemuTemplate{} + + err := h.MergeJSON(dest, bytes.NewBufferString(margeJson1).Bytes()) // instance_id := strings.TrimSpace(stdout.String()) + d := dest.(*model.QemuTemplate) + assert.Nil(err) + assert.IsType((*model.QemuTemplate)(nil), dest) + assert.Equal(d.AuthenticationType, model.AuthenticationType_NONE) + + dest = &model.QemuTemplate{} + err = h.MergeJSON(dest, bytes.NewBufferString(margeJson2).Bytes()) + d = dest.(*model.QemuTemplate) + assert.Nil(err) + assert.IsType((*model.QemuTemplate)(nil), dest) + assert.Equal(d.AuthenticationType, model.AuthenticationType_PUB_KEY) + assert.Equal(d.SshPublicKey, "ssh-rsa AAAA") + + dest = &model.QemuTemplate{} + err = h.MergeJSON(dest, bytes.NewBufferString(margeJson3).Bytes()) + d = dest.(*model.QemuTemplate) + assert.EqualError(err, "Invalid template vm/qemu: ssh_public_key is not set") } diff --git a/model/model.pb.go b/model/model.pb.go index 2cf4e08d..7b7d5a58 100644 --- a/model/model.pb.go +++ b/model/model.pb.go @@ -40,6 +40,27 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.ProtoPackageIsVersion2 // please upgrade the proto package +type AuthenticationType int32 + +const ( + AuthenticationType_NONE AuthenticationType = 0 + AuthenticationType_PUB_KEY AuthenticationType = 1 +) + +var AuthenticationType_name = map[int32]string{ + 0: "NONE", + 1: "PUB_KEY", +} +var AuthenticationType_value = map[string]int32{ + "NONE": 0, + "PUB_KEY": 1, +} + +func (x AuthenticationType) String() string { + return proto.EnumName(AuthenticationType_name, int32(x)) +} +func (AuthenticationType) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{0} } + type InstanceState_State int32 const ( @@ -115,29 +136,6 @@ func (x FailureMessage_ErrorType) String() string { } func (FailureMessage_ErrorType) EnumDescriptor() ([]byte, []int) { return fileDescriptor0, []int{2, 0} } -type LxcTemplate_AuthenticationType int32 - -const ( - LxcTemplate_NONE LxcTemplate_AuthenticationType = 0 - LxcTemplate_PUB_KEY LxcTemplate_AuthenticationType = 1 -) - -var LxcTemplate_AuthenticationType_name = map[int32]string{ - 0: "NONE", - 1: "PUB_KEY", -} -var LxcTemplate_AuthenticationType_value = map[string]int32{ - "NONE": 0, - "PUB_KEY": 1, -} - -func (x LxcTemplate_AuthenticationType) String() string { - return proto.EnumName(LxcTemplate_AuthenticationType_name, int32(x)) -} -func (LxcTemplate_AuthenticationType) EnumDescriptor() ([]byte, []int) { - return fileDescriptor0, []int{5, 0} -} - type QemuTemplate_Image_Format int32 const ( @@ -507,16 +505,16 @@ func (*NoneTemplate) ProtoMessage() {} func (*NoneTemplate) Descriptor() ([]byte, []int) { return fileDescriptor0, []int{4} } type LxcTemplate struct { - Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` - MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` - MinVcpu int32 `protobuf:"varint,3,opt,name=min_vcpu" json:"min_vcpu,omitempty"` - MinMemoryGb int32 `protobuf:"varint,4,opt,name=min_memory_gb" json:"min_memory_gb,omitempty"` - LxcImage *LxcTemplate_Image `protobuf:"bytes,5,opt,name=lxc_image" json:"lxc_image,omitempty"` - Interfaces []*LxcTemplate_Interface `protobuf:"bytes,6,rep,name=interfaces" json:"interfaces,omitempty"` - LxcTemplate *LxcTemplate_Template `protobuf:"bytes,7,opt,name=lxc_template" json:"lxc_template,omitempty"` - NodeGroups []string `protobuf:"bytes,8,rep,name=node_groups" json:"node_groups,omitempty"` - AuthenticationType LxcTemplate_AuthenticationType `protobuf:"varint,9,opt,name=authentication_type,enum=model.LxcTemplate_AuthenticationType" json:"authentication_type,omitempty"` - SshPublicKey string `protobuf:"bytes,10,opt,name=ssh_public_key" json:"ssh_public_key,omitempty"` + Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` + MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` + MinVcpu int32 `protobuf:"varint,3,opt,name=min_vcpu" json:"min_vcpu,omitempty"` + MinMemoryGb int32 `protobuf:"varint,4,opt,name=min_memory_gb" json:"min_memory_gb,omitempty"` + LxcImage *LxcTemplate_Image `protobuf:"bytes,5,opt,name=lxc_image" json:"lxc_image,omitempty"` + Interfaces []*LxcTemplate_Interface `protobuf:"bytes,6,rep,name=interfaces" json:"interfaces,omitempty"` + LxcTemplate *LxcTemplate_Template `protobuf:"bytes,7,opt,name=lxc_template" json:"lxc_template,omitempty"` + NodeGroups []string `protobuf:"bytes,8,rep,name=node_groups" json:"node_groups,omitempty"` + AuthenticationType AuthenticationType `protobuf:"varint,9,opt,name=authentication_type,enum=model.AuthenticationType" json:"authentication_type,omitempty"` + SshPublicKey string `protobuf:"bytes,10,opt,name=ssh_public_key" json:"ssh_public_key,omitempty"` } func (m *LxcTemplate) Reset() { *m = LxcTemplate{} } @@ -580,11 +578,11 @@ func (m *LxcTemplate) GetNodeGroups() []string { return nil } -func (m *LxcTemplate) GetAuthenticationType() LxcTemplate_AuthenticationType { +func (m *LxcTemplate) GetAuthenticationType() AuthenticationType { if m != nil { return m.AuthenticationType } - return LxcTemplate_NONE + return AuthenticationType_NONE } func (m *LxcTemplate) GetSshPublicKey() string { @@ -784,14 +782,16 @@ func (m *LxcTemplate_Template) GetExtraArgs() []string { } type QemuTemplate struct { - Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` - MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` - MinVcpu int32 `protobuf:"varint,3,opt,name=min_vcpu" json:"min_vcpu,omitempty"` - MinMemoryGb int32 `protobuf:"varint,4,opt,name=min_memory_gb" json:"min_memory_gb,omitempty"` - QemuImage *QemuTemplate_Image `protobuf:"bytes,5,opt,name=qemu_image" json:"qemu_image,omitempty"` - UseKvm bool `protobuf:"varint,6,opt,name=use_kvm" json:"use_kvm,omitempty"` - Interfaces []*QemuTemplate_Interface `protobuf:"bytes,7,rep,name=interfaces" json:"interfaces,omitempty"` - NodeGroups []string `protobuf:"bytes,8,rep,name=node_groups" json:"node_groups,omitempty"` + Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` + MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` + MinVcpu int32 `protobuf:"varint,3,opt,name=min_vcpu" json:"min_vcpu,omitempty"` + MinMemoryGb int32 `protobuf:"varint,4,opt,name=min_memory_gb" json:"min_memory_gb,omitempty"` + QemuImage *QemuTemplate_Image `protobuf:"bytes,5,opt,name=qemu_image" json:"qemu_image,omitempty"` + UseKvm bool `protobuf:"varint,6,opt,name=use_kvm" json:"use_kvm,omitempty"` + Interfaces []*QemuTemplate_Interface `protobuf:"bytes,7,rep,name=interfaces" json:"interfaces,omitempty"` + NodeGroups []string `protobuf:"bytes,8,rep,name=node_groups" json:"node_groups,omitempty"` + AuthenticationType AuthenticationType `protobuf:"varint,9,opt,name=authentication_type,enum=model.AuthenticationType" json:"authentication_type,omitempty"` + SshPublicKey string `protobuf:"bytes,10,opt,name=ssh_public_key" json:"ssh_public_key,omitempty"` } func (m *QemuTemplate) Reset() { *m = QemuTemplate{} } @@ -855,6 +855,20 @@ func (m *QemuTemplate) GetNodeGroups() []string { return nil } +func (m *QemuTemplate) GetAuthenticationType() AuthenticationType { + if m != nil { + return m.AuthenticationType + } + return AuthenticationType_NONE +} + +func (m *QemuTemplate) GetSshPublicKey() string { + if m != nil { + return m.SshPublicKey + } + return "" +} + type QemuTemplate_Image struct { DownloadUrl string `protobuf:"bytes,1,opt,name=download_url" json:"download_url,omitempty"` ChksumType string `protobuf:"bytes,2,opt,name=chksum_type" json:"chksum_type,omitempty"` @@ -928,10 +942,12 @@ func (m *QemuTemplate_Interface) GetIpv4Addr() string { } type NullTemplate struct { - Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` - MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` - CrashStage NullTemplate_CrashStage `protobuf:"varint,3,opt,name=crash_stage,enum=model.NullTemplate_CrashStage" json:"crash_stage,omitempty"` - NodeGroups []string `protobuf:"bytes,4,rep,name=node_groups" json:"node_groups,omitempty"` + Vcpu int32 `protobuf:"varint,1,opt,name=vcpu" json:"vcpu,omitempty"` + MemoryGb int32 `protobuf:"varint,2,opt,name=memory_gb" json:"memory_gb,omitempty"` + CrashStage NullTemplate_CrashStage `protobuf:"varint,3,opt,name=crash_stage,enum=model.NullTemplate_CrashStage" json:"crash_stage,omitempty"` + NodeGroups []string `protobuf:"bytes,4,rep,name=node_groups" json:"node_groups,omitempty"` + AuthenticationType AuthenticationType `protobuf:"varint,5,opt,name=authentication_type,enum=model.AuthenticationType" json:"authentication_type,omitempty"` + SshPublicKey string `protobuf:"bytes,6,opt,name=ssh_public_key" json:"ssh_public_key,omitempty"` } func (m *NullTemplate) Reset() { *m = NullTemplate{} } @@ -967,6 +983,20 @@ func (m *NullTemplate) GetNodeGroups() []string { return nil } +func (m *NullTemplate) GetAuthenticationType() AuthenticationType { + if m != nil { + return m.AuthenticationType + } + return AuthenticationType_NONE +} + +func (m *NullTemplate) GetSshPublicKey() string { + if m != nil { + return m.SshPublicKey + } + return "" +} + func init() { proto.RegisterType((*Instance)(nil), "model.Instance") proto.RegisterType((*InstanceState)(nil), "model.InstanceState") @@ -981,9 +1011,9 @@ func init() { proto.RegisterType((*QemuTemplate_Image)(nil), "model.QemuTemplate.Image") proto.RegisterType((*QemuTemplate_Interface)(nil), "model.QemuTemplate.Interface") proto.RegisterType((*NullTemplate)(nil), "model.NullTemplate") + proto.RegisterEnum("model.AuthenticationType", AuthenticationType_name, AuthenticationType_value) proto.RegisterEnum("model.InstanceState_State", InstanceState_State_name, InstanceState_State_value) proto.RegisterEnum("model.FailureMessage_ErrorType", FailureMessage_ErrorType_name, FailureMessage_ErrorType_value) - proto.RegisterEnum("model.LxcTemplate_AuthenticationType", LxcTemplate_AuthenticationType_name, LxcTemplate_AuthenticationType_value) proto.RegisterEnum("model.QemuTemplate_Image_Format", QemuTemplate_Image_Format_name, QemuTemplate_Image_Format_value) proto.RegisterEnum("model.NullTemplate_CrashStage", NullTemplate_CrashStage_name, NullTemplate_CrashStage_value) } @@ -991,81 +1021,86 @@ func init() { func init() { proto.RegisterFile("model.proto", fileDescriptor0) } var fileDescriptor0 = []byte{ - // 1215 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x09, 0x6e, 0x88, 0x02, 0xff, 0xc4, 0x56, 0xdb, 0x8e, 0xe3, 0x44, - 0x13, 0x9e, 0x24, 0x4e, 0x62, 0x57, 0x0e, 0xeb, 0xbf, 0xff, 0x65, 0x65, 0xc2, 0x1e, 0x22, 0x0b, - 0x89, 0x11, 0x48, 0x09, 0x0a, 0xab, 0xe5, 0xb4, 0x1c, 0x66, 0x26, 0x9e, 0xdd, 0x48, 0xbb, 0xc9, - 0x4c, 0x27, 0xa3, 0x11, 0xdc, 0x58, 0x1d, 0xbb, 0xc7, 0xb1, 0xc6, 0x87, 0xe0, 0x43, 0x98, 0x79, - 0x07, 0xee, 0x90, 0xf6, 0x96, 0x4b, 0x9e, 0x82, 0x67, 0xe0, 0x61, 0x80, 0xe5, 0x16, 0x75, 0xb7, - 0x9d, 0x38, 0xbb, 0x59, 0x71, 0x12, 0x70, 0xe5, 0xae, 0xaf, 0xbf, 0xaa, 0xae, 0xaa, 0xae, 0x2a, - 0x37, 0x34, 0xfc, 0xd0, 0xa6, 0x5e, 0x6f, 0x19, 0x85, 0x49, 0x88, 0xaa, 0x5c, 0xe8, 0x7c, 0xec, - 0xb8, 0xc9, 0x22, 0x9d, 0xf7, 0xac, 0xd0, 0xef, 0x3b, 0xa1, 0x47, 0x02, 0xa7, 0xcf, 0xf7, 0xe7, - 0xe9, 0x45, 0x7f, 0x99, 0x5c, 0x2f, 0x69, 0xdc, 0x4f, 0x5c, 0x9f, 0xc6, 0x09, 0xf1, 0x97, 0x9b, - 0x95, 0xb0, 0xa1, 0x7f, 0x5b, 0x06, 0x79, 0x14, 0xc4, 0x09, 0x09, 0x2c, 0x8a, 0xda, 0x50, 0x76, - 0x6d, 0xad, 0xd4, 0x2d, 0xed, 0x2b, 0xb8, 0xec, 0xda, 0xa8, 0x03, 0x72, 0xec, 0x91, 0x15, 0x35, - 0x5d, 0x5b, 0x2b, 0x73, 0x74, 0x2d, 0xa3, 0xfb, 0x00, 0x1e, 0x89, 0x13, 0x33, 0x4e, 0x48, 0x42, - 0x35, 0xa9, 0x5b, 0xda, 0x6f, 0x0c, 0x6e, 0xf6, 0x84, 0x7b, 0xb9, 0xc1, 0x29, 0xdb, 0xc3, 0x05, - 0x1e, 0xfa, 0x08, 0xc0, 0x8a, 0x28, 0x49, 0xa8, 0x6d, 0x92, 0x44, 0xab, 0x72, 0xad, 0x4e, 0xcf, - 0x09, 0x43, 0xc7, 0xa3, 0xbd, 0xdc, 0xeb, 0xde, 0x2c, 0x77, 0x12, 0x17, 0xd8, 0xe8, 0x1d, 0x90, - 0x13, 0xea, 0x2f, 0x3d, 0x76, 0x5e, 0x8d, 0x6b, 0xde, 0xc8, 0xce, 0x9b, 0x65, 0x30, 0x5e, 0x13, - 0xd0, 0x43, 0x68, 0xb3, 0x6f, 0x9c, 0x98, 0x17, 0xc4, 0xf5, 0xd2, 0x88, 0x6a, 0x75, 0xae, 0xf2, - 0x5a, 0xa6, 0x72, 0x2c, 0xd0, 0xa7, 0x34, 0x8e, 0x89, 0x43, 0x71, 0x4b, 0x90, 0x33, 0x54, 0x7f, - 0x56, 0x86, 0xd6, 0x56, 0x10, 0xe8, 0x5d, 0xa8, 0x8a, 0x48, 0x59, 0x76, 0xda, 0x83, 0xce, 0xae, - 0x48, 0x7b, 0x22, 0xde, 0xea, 0xae, 0x50, 0xcb, 0x7f, 0x26, 0x54, 0xfd, 0x59, 0x09, 0xaa, 0xe2, - 0xdc, 0x36, 0x00, 0x36, 0x1e, 0x8d, 0xa6, 0x33, 0x03, 0x1b, 0x43, 0x75, 0x0f, 0x01, 0xd4, 0x4e, - 0xcf, 0x8c, 0x33, 0x63, 0xa8, 0x96, 0x50, 0x13, 0xe4, 0xe9, 0xec, 0x00, 0xcf, 0x46, 0xe3, 0x47, - 0x6a, 0x19, 0x35, 0xa0, 0x8e, 0xcf, 0xc6, 0x63, 0x26, 0x54, 0xc4, 0xd6, 0xe4, 0xe4, 0x84, 0x49, - 0x12, 0xdb, 0xe2, 0x92, 0x31, 0x54, 0xab, 0xa8, 0x05, 0x0a, 0x36, 0x0e, 0x27, 0x13, 0xae, 0x56, - 0x43, 0x2a, 0x34, 0xa7, 0x8f, 0xcf, 0x66, 0x4c, 0x1a, 0x4e, 0xce, 0xc7, 0x6a, 0x9d, 0x1d, 0x39, - 0x33, 0xf0, 0xd3, 0xd1, 0xf8, 0x60, 0x66, 0x0c, 0x55, 0x99, 0x1d, 0x79, 0x7c, 0x30, 0x7a, 0x62, - 0x0c, 0x55, 0x45, 0xff, 0xa9, 0x04, 0xed, 0xed, 0xd4, 0xa1, 0x4f, 0x01, 0x68, 0x14, 0x85, 0x91, - 0xc9, 0x4a, 0x2d, 0x4b, 0xcf, 0xbd, 0x9d, 0x59, 0xee, 0x19, 0x8c, 0x37, 0xbb, 0x5e, 0x52, 0xac, - 0xd0, 0x7c, 0x89, 0xde, 0x07, 0x85, 0x5d, 0xd1, 0x1f, 0x4d, 0x93, 0x2c, 0xc8, 0x07, 0x89, 0xbe, - 0x00, 0x65, 0x6d, 0x10, 0xdd, 0x80, 0x86, 0x70, 0xd2, 0x64, 0xa1, 0xa9, 0x7b, 0x2c, 0xae, 0x0c, - 0xe0, 0x39, 0x52, 0x4b, 0x05, 0x0a, 0x4b, 0x86, 0x5a, 0x46, 0xff, 0x83, 0x56, 0x06, 0x88, 0x84, - 0xa8, 0x15, 0x74, 0x13, 0xd4, 0x0c, 0x5a, 0xa7, 0x40, 0x95, 0xf4, 0xef, 0xca, 0x20, 0xe7, 0x35, - 0x86, 0x74, 0x68, 0xe6, 0x55, 0x66, 0xa6, 0x91, 0x9b, 0xb5, 0xcb, 0x16, 0x86, 0xde, 0x06, 0x29, - 0x08, 0x03, 0xaa, 0xfd, 0x5c, 0xe1, 0xf1, 0xfc, 0x3f, 0x4b, 0xc7, 0x38, 0x0c, 0x68, 0x6e, 0xe7, - 0xf1, 0x1e, 0xe6, 0x1c, 0xf4, 0x16, 0x54, 0xbc, 0x2b, 0x4b, 0xfb, 0x45, 0x50, 0x51, 0x46, 0x7d, - 0x72, 0x65, 0x15, 0x98, 0x8c, 0xc1, 0x8d, 0xa6, 0x9e, 0xa7, 0x3d, 0x7f, 0xc1, 0x68, 0xea, 0x79, - 0x5b, 0x46, 0x53, 0xcf, 0x63, 0xdc, 0xaf, 0xa8, 0x9f, 0x6a, 0xbf, 0x6e, 0x73, 0x4f, 0xa9, 0x9f, - 0x16, 0xb9, 0x8c, 0xf3, 0x77, 0x0a, 0xf5, 0xb0, 0x06, 0xd2, 0x28, 0xa1, 0xbe, 0xde, 0x86, 0x66, - 0x31, 0x38, 0xfd, 0xfb, 0x3a, 0x34, 0x0a, 0x21, 0x20, 0x04, 0xd2, 0xca, 0x5a, 0xa6, 0x3c, 0x59, - 0x55, 0xcc, 0xd7, 0xe8, 0x36, 0x28, 0x3e, 0xf5, 0xc3, 0xe8, 0xda, 0x74, 0xe6, 0xfc, 0xd8, 0x2a, - 0xde, 0x00, 0x6c, 0xf6, 0xf8, 0x6e, 0x60, 0x72, 0xad, 0x0a, 0xdf, 0x5c, 0xcb, 0xe8, 0x4d, 0x68, - 0xb1, 0xf5, 0x46, 0x5b, 0xe2, 0x84, 0x6d, 0x10, 0x3d, 0x00, 0xc5, 0xbb, 0xb2, 0x4c, 0xd7, 0x27, - 0x0e, 0xcd, 0x46, 0x8d, 0xf6, 0x72, 0x76, 0x7b, 0x23, 0xb6, 0x8f, 0x37, 0x54, 0xf4, 0x10, 0xc0, - 0x0d, 0x12, 0x1a, 0x5d, 0x10, 0x8b, 0xc6, 0x5a, 0xad, 0x5b, 0xd9, 0x6f, 0x0c, 0x6e, 0xef, 0x52, - 0xcc, 0x49, 0xb8, 0xc0, 0x47, 0x9f, 0x41, 0x93, 0x99, 0x5a, 0x4f, 0x2a, 0x31, 0x76, 0xde, 0xd8, - 0xa1, 0xbf, 0x9e, 0x5a, 0x5b, 0x0a, 0xa8, 0x0b, 0x8d, 0x20, 0xb4, 0xa9, 0xe9, 0x44, 0x61, 0xba, - 0x8c, 0x35, 0xb9, 0x5b, 0xd9, 0x57, 0x70, 0x11, 0xea, 0x50, 0xa8, 0x72, 0xa7, 0x59, 0x29, 0xda, - 0xe1, 0xd7, 0x81, 0x17, 0x12, 0xdb, 0x4c, 0x23, 0x2f, 0x2f, 0xc5, 0x22, 0xc6, 0xcc, 0x59, 0x8b, - 0xcb, 0x38, 0xf5, 0x45, 0x7f, 0x8a, 0x31, 0x5e, 0x84, 0xd0, 0x2d, 0xa8, 0x09, 0x91, 0xe7, 0x59, - 0xc1, 0x99, 0xd4, 0x39, 0x03, 0x65, 0x1d, 0x22, 0xbb, 0xc0, 0x75, 0x7f, 0x2b, 0x98, 0xaf, 0x91, - 0x06, 0x75, 0x9f, 0x58, 0xc4, 0xb6, 0xa3, 0xcc, 0x6c, 0x2e, 0xb2, 0xcb, 0x73, 0x97, 0xab, 0xfb, - 0x7c, 0x4b, 0x18, 0x5d, 0xcb, 0x9d, 0x6f, 0x2a, 0x85, 0x66, 0xea, 0x14, 0x66, 0xba, 0x30, 0xbd, - 0x19, 0xe1, 0x1a, 0xd4, 0xe7, 0xc4, 0xba, 0xa4, 0x81, 0x9d, 0x55, 0x47, 0x2e, 0x32, 0x8f, 0x6d, - 0x37, 0x4e, 0xa2, 0x30, 0xf7, 0x58, 0x48, 0x4c, 0x23, 0xa2, 0x1e, 0x25, 0xb1, 0xf8, 0x21, 0x29, - 0x38, 0x17, 0x99, 0xfb, 0x24, 0xb2, 0x16, 0xbc, 0x0c, 0x14, 0xcc, 0xd7, 0x8c, 0xbd, 0x22, 0x91, - 0x4b, 0x82, 0x84, 0xff, 0x4e, 0x14, 0x9c, 0x8b, 0xcc, 0x7e, 0x4c, 0xa3, 0x15, 0x8d, 0xf8, 0xed, - 0x29, 0x38, 0x93, 0x18, 0x7e, 0x49, 0xaf, 0xd9, 0xdf, 0x50, 0x16, 0xb8, 0x90, 0xd0, 0x5d, 0x00, - 0xb6, 0xca, 0x74, 0x14, 0xbe, 0x57, 0x40, 0xd0, 0x03, 0xb8, 0x65, 0xbb, 0x31, 0x99, 0x7b, 0xd4, - 0x74, 0x96, 0x8e, 0xb9, 0x22, 0x9e, 0x6b, 0x93, 0xc4, 0x0d, 0x03, 0x0d, 0xba, 0xa5, 0x7d, 0x19, - 0xbf, 0x62, 0x97, 0xdd, 0xdd, 0x85, 0x97, 0xc6, 0x0b, 0xd3, 0x22, 0xd6, 0x82, 0x6a, 0x0d, 0x4e, - 0x2e, 0x42, 0x9c, 0x11, 0x46, 0x16, 0xcd, 0x18, 0xcd, 0x8c, 0xb1, 0x81, 0x98, 0x6f, 0xf4, 0x2a, - 0x89, 0x88, 0x49, 0x22, 0x27, 0xd6, 0x5a, 0xbc, 0x9a, 0x0a, 0x88, 0xfe, 0xa3, 0x04, 0xcd, 0xe2, - 0x58, 0xf8, 0x4f, 0x5a, 0xf5, 0x43, 0x00, 0x36, 0x8a, 0xb6, 0x7a, 0xf5, 0xf5, 0x1d, 0x33, 0x2b, - 0x6b, 0xd6, 0x02, 0x99, 0xdd, 0x62, 0x1a, 0x53, 0xf3, 0x72, 0xe5, 0xf3, 0x5b, 0x94, 0x71, 0x2e, - 0xa2, 0x4f, 0xb6, 0xfa, 0xb8, 0xce, 0xfb, 0xf8, 0xce, 0x4e, 0xa3, 0x3b, 0x1b, 0xf9, 0xf7, 0xfb, - 0xf0, 0x87, 0xd2, 0xbf, 0xd2, 0x88, 0xe8, 0x03, 0xa8, 0x5d, 0x84, 0x91, 0x4f, 0x12, 0x9e, 0xbc, - 0xf6, 0xa0, 0xfb, 0xca, 0xcc, 0xf4, 0x8e, 0x39, 0x0f, 0x67, 0x7c, 0xfd, 0x36, 0xd4, 0x04, 0x82, - 0xea, 0x50, 0xc1, 0x07, 0xe7, 0xea, 0x1e, 0x52, 0xa0, 0x7a, 0x7a, 0x34, 0x39, 0x1f, 0xa8, 0xa5, - 0x7f, 0xa8, 0xc1, 0xf5, 0xe7, 0x25, 0x68, 0x16, 0x7f, 0x4a, 0x7f, 0xa1, 0xa2, 0x3e, 0x87, 0x86, - 0x15, 0x91, 0x78, 0xc1, 0x5e, 0x8d, 0x0e, 0xe5, 0x27, 0xb4, 0x07, 0x77, 0x77, 0xfc, 0xf0, 0x7a, - 0x47, 0x8c, 0x36, 0x65, 0x2c, 0x5c, 0x54, 0x79, 0xf1, 0xf6, 0xa4, 0x97, 0x6e, 0x4f, 0x3f, 0x01, - 0xd8, 0x28, 0x23, 0x19, 0xa4, 0xf1, 0x64, 0x6c, 0x88, 0x04, 0xe5, 0x2f, 0x06, 0x19, 0xa4, 0xec, - 0xa9, 0x00, 0x50, 0x3b, 0xc2, 0x06, 0x7b, 0x0d, 0x54, 0xd8, 0x6b, 0x6a, 0x68, 0x4c, 0x67, 0x78, - 0xf2, 0x85, 0x2a, 0xb1, 0x8d, 0xec, 0xf1, 0x50, 0x3d, 0xbc, 0xf7, 0xe5, 0x9d, 0xc2, 0x53, 0x9c, - 0x5c, 0xc5, 0x8b, 0x7e, 0xb8, 0xa4, 0xc1, 0xca, 0xb6, 0xfa, 0xdc, 0xf3, 0x79, 0x8d, 0xff, 0x4d, - 0xdf, 0xfb, 0x2d, 0x00, 0x00, 0xff, 0xff, 0xf5, 0x13, 0xa2, 0x80, 0xc6, 0x0b, 0x00, 0x00, + // 1289 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xcc, 0x57, 0x49, 0x6f, 0xdb, 0xc6, + 0x17, 0xb7, 0x16, 0x4a, 0xe4, 0x93, 0xac, 0xf0, 0x3f, 0xc9, 0x3f, 0x60, 0xd4, 0x2c, 0x06, 0x51, + 0xb4, 0x46, 0x02, 0xc8, 0x85, 0x1b, 0xa4, 0x5b, 0xba, 0xd8, 0x11, 0x93, 0x08, 0x49, 0x24, 0x67, + 0x2c, 0x23, 0x48, 0x2f, 0xc4, 0x88, 0x1c, 0x53, 0x84, 0xb9, 0xa8, 0x5c, 0x54, 0xfb, 0x3b, 0xf4, + 0x56, 0x20, 0xa7, 0x02, 0xfd, 0x24, 0xbd, 0xf5, 0xdb, 0xf4, 0xd8, 0xed, 0x5a, 0xcc, 0x42, 0x89, + 0x72, 0x14, 0x20, 0xdd, 0x7b, 0x12, 0xdf, 0x6f, 0x7e, 0xef, 0xcd, 0xdb, 0xe6, 0xcd, 0x08, 0x5a, + 0x61, 0xec, 0xd2, 0xa0, 0x37, 0x4b, 0xe2, 0x2c, 0x46, 0x0a, 0x17, 0xba, 0x1f, 0x79, 0x7e, 0x36, + 0xcd, 0x27, 0x3d, 0x27, 0x0e, 0x77, 0xbc, 0x38, 0x20, 0x91, 0xb7, 0xc3, 0xd7, 0x27, 0xf9, 0xf1, + 0xce, 0x2c, 0x3b, 0x9b, 0xd1, 0x74, 0x27, 0xf3, 0x43, 0x9a, 0x66, 0x24, 0x9c, 0x2d, 0xbf, 0x84, + 0x0d, 0xf3, 0xeb, 0x2a, 0xa8, 0x83, 0x28, 0xcd, 0x48, 0xe4, 0x50, 0xd4, 0x81, 0xaa, 0xef, 0x1a, + 0x95, 0xad, 0xca, 0xb6, 0x86, 0xab, 0xbe, 0x8b, 0xba, 0xa0, 0xa6, 0x01, 0x99, 0x53, 0xdb, 0x77, + 0x8d, 0x2a, 0x47, 0x17, 0x32, 0xba, 0x0d, 0x10, 0x90, 0x34, 0xb3, 0xd3, 0x8c, 0x64, 0xd4, 0xa8, + 0x6f, 0x55, 0xb6, 0x5b, 0xbb, 0x97, 0x7a, 0xc2, 0xbd, 0xc2, 0xe0, 0x21, 0x5b, 0xc3, 0x25, 0x1e, + 0xfa, 0x10, 0xc0, 0x49, 0x28, 0xc9, 0xa8, 0x6b, 0x93, 0xcc, 0x50, 0xb8, 0x56, 0xb7, 0xe7, 0xc5, + 0xb1, 0x17, 0xd0, 0x5e, 0xe1, 0x75, 0x6f, 0x5c, 0x38, 0x89, 0x4b, 0x6c, 0x74, 0x0b, 0xd4, 0x8c, + 0x86, 0xb3, 0x80, 0xed, 0xd7, 0xe0, 0x9a, 0x17, 0xe4, 0x7e, 0x63, 0x09, 0xe3, 0x05, 0x01, 0xdd, + 0x85, 0x0e, 0xfb, 0x4d, 0x33, 0xfb, 0x98, 0xf8, 0x41, 0x9e, 0x50, 0xa3, 0xc9, 0x55, 0xfe, 0x2f, + 0x55, 0xee, 0x0b, 0xf4, 0x09, 0x4d, 0x53, 0xe2, 0x51, 0xbc, 0x29, 0xc8, 0x12, 0x35, 0x5f, 0x54, + 0x61, 0x73, 0x25, 0x08, 0xf4, 0x0e, 0x28, 0x22, 0x52, 0x96, 0x9d, 0xce, 0x6e, 0x77, 0x5d, 0xa4, + 0x3d, 0x11, 0xaf, 0xb2, 0x2e, 0xd4, 0xea, 0xef, 0x09, 0xd5, 0x7c, 0x51, 0x01, 0x45, 0xec, 0xdb, + 0x01, 0xc0, 0xd6, 0x83, 0xc1, 0xe1, 0xd8, 0xc2, 0x56, 0x5f, 0xdf, 0x40, 0x00, 0x8d, 0xa7, 0x47, + 0xd6, 0x91, 0xd5, 0xd7, 0x2b, 0xa8, 0x0d, 0xea, 0xe1, 0x78, 0x0f, 0x8f, 0x07, 0xc3, 0x07, 0x7a, + 0x15, 0xb5, 0xa0, 0x89, 0x8f, 0x86, 0x43, 0x26, 0xd4, 0xc4, 0xd2, 0xe8, 0xe0, 0x80, 0x49, 0x75, + 0xb6, 0xc4, 0x25, 0xab, 0xaf, 0x2b, 0x68, 0x13, 0x34, 0x6c, 0xed, 0x8f, 0x46, 0x5c, 0xad, 0x81, + 0x74, 0x68, 0x1f, 0x3e, 0x3c, 0x1a, 0x33, 0xa9, 0x3f, 0x7a, 0x36, 0xd4, 0x9b, 0x6c, 0xcb, 0xb1, + 0x85, 0x9f, 0x0c, 0x86, 0x7b, 0x63, 0xab, 0xaf, 0xab, 0x6c, 0xcb, 0xfb, 0x7b, 0x83, 0xc7, 0x56, + 0x5f, 0xd7, 0xcc, 0x1f, 0x2b, 0xd0, 0x59, 0x4d, 0x1d, 0xfa, 0x04, 0x80, 0x26, 0x49, 0x9c, 0xd8, + 0xac, 0xd5, 0x64, 0x7a, 0x6e, 0xac, 0xcd, 0x72, 0xcf, 0x62, 0xbc, 0xf1, 0xd9, 0x8c, 0x62, 0x8d, + 0x16, 0x9f, 0xe8, 0x3d, 0xd0, 0x58, 0x89, 0x5e, 0x37, 0x4d, 0xaa, 0x20, 0xef, 0x65, 0xe6, 0x14, + 0xb4, 0x85, 0x41, 0x74, 0x01, 0x5a, 0xc2, 0x49, 0x9b, 0x85, 0xa6, 0x6f, 0xb0, 0xb8, 0x24, 0xc0, + 0x73, 0xa4, 0x57, 0x4a, 0x14, 0x96, 0x0c, 0xbd, 0x8a, 0xfe, 0x07, 0x9b, 0x12, 0x10, 0x09, 0xd1, + 0x6b, 0xe8, 0x12, 0xe8, 0x12, 0x5a, 0xa4, 0x40, 0xaf, 0x9b, 0xdf, 0x56, 0x41, 0x2d, 0x7a, 0x0c, + 0x99, 0xd0, 0x2e, 0xba, 0xcc, 0xce, 0x13, 0x5f, 0x1e, 0x97, 0x15, 0x0c, 0xdd, 0x84, 0x7a, 0x14, + 0x47, 0xd4, 0xf8, 0xa9, 0xc6, 0xe3, 0xb9, 0x28, 0xd3, 0x31, 0x8c, 0x23, 0x5a, 0xd8, 0x79, 0xb8, + 0x81, 0x39, 0x07, 0xbd, 0x0d, 0xb5, 0xe0, 0xd4, 0x31, 0x7e, 0x16, 0x54, 0x24, 0xa9, 0x8f, 0x4f, + 0x9d, 0x12, 0x93, 0x31, 0xb8, 0xd1, 0x3c, 0x08, 0x8c, 0x5f, 0xce, 0x19, 0xcd, 0x83, 0x60, 0xc5, + 0x68, 0x1e, 0x04, 0x8c, 0xfb, 0x05, 0x0d, 0x73, 0xe3, 0xd7, 0x55, 0xee, 0x53, 0x1a, 0xe6, 0x65, + 0x2e, 0xe3, 0xfc, 0x99, 0x46, 0xdd, 0x6f, 0x40, 0x7d, 0x90, 0xd1, 0xd0, 0xec, 0x40, 0xbb, 0x1c, + 0x9c, 0xf9, 0x8d, 0x0a, 0xad, 0x52, 0x08, 0x08, 0x41, 0x7d, 0xee, 0xcc, 0x72, 0x9e, 0x2c, 0x05, + 0xf3, 0x6f, 0x74, 0x15, 0xb4, 0x90, 0x86, 0x71, 0x72, 0x66, 0x7b, 0x13, 0xbe, 0xad, 0x82, 0x97, + 0x00, 0x9b, 0x3d, 0xa1, 0x1f, 0xd9, 0x5c, 0xab, 0xc6, 0x17, 0x17, 0x32, 0x7a, 0x13, 0x36, 0xd9, + 0xf7, 0x52, 0xbb, 0xce, 0x09, 0xab, 0x20, 0xba, 0x03, 0x5a, 0x70, 0xea, 0xd8, 0x7e, 0x48, 0x3c, + 0x2a, 0x47, 0x8d, 0xf1, 0x72, 0x76, 0x7b, 0x03, 0xb6, 0x8e, 0x97, 0x54, 0x74, 0x17, 0xc0, 0x8f, + 0x32, 0x9a, 0x1c, 0x13, 0x87, 0xa6, 0x46, 0x63, 0xab, 0xb6, 0xdd, 0xda, 0xbd, 0xba, 0x4e, 0xb1, + 0x20, 0xe1, 0x12, 0x1f, 0x7d, 0x0a, 0x6d, 0x66, 0x6a, 0x31, 0xa9, 0xc4, 0xd8, 0x79, 0x63, 0x8d, + 0xfe, 0x62, 0x6a, 0xad, 0x28, 0xa0, 0x2d, 0x68, 0x45, 0xb1, 0x4b, 0x6d, 0x2f, 0x89, 0xf3, 0x59, + 0x6a, 0xa8, 0x5b, 0xb5, 0x6d, 0x0d, 0x97, 0x21, 0xf4, 0x08, 0x2e, 0x92, 0x3c, 0x9b, 0xd2, 0x28, + 0xf3, 0x1d, 0x92, 0xf9, 0x71, 0x24, 0x8e, 0x9e, 0xc6, 0x8f, 0xde, 0x15, 0xb9, 0xd3, 0xde, 0x0a, + 0x83, 0x1f, 0xba, 0x75, 0x5a, 0xe8, 0x2d, 0xe8, 0xa4, 0xe9, 0xd4, 0x9e, 0xe5, 0x93, 0xc0, 0x77, + 0xec, 0x13, 0x7a, 0x66, 0x00, 0x6f, 0xe8, 0x73, 0x68, 0x97, 0x82, 0xc2, 0x33, 0xc5, 0xfa, 0xdf, + 0x8d, 0xbf, 0x8c, 0x82, 0x98, 0xb8, 0x76, 0x9e, 0x04, 0x45, 0xff, 0x97, 0x31, 0x16, 0x83, 0x33, + 0x3d, 0x49, 0xf3, 0x50, 0x78, 0x26, 0xee, 0x8e, 0x32, 0x84, 0x2e, 0x43, 0x43, 0x88, 0xbc, 0xb8, + 0x1a, 0x96, 0x52, 0xf7, 0x08, 0xb4, 0x45, 0x5e, 0x59, 0xd7, 0x2c, 0x86, 0x8a, 0x86, 0xf9, 0x37, + 0x32, 0xa0, 0x19, 0x12, 0x87, 0xb8, 0x6e, 0x22, 0xcd, 0x16, 0x22, 0xeb, 0x18, 0x7f, 0x36, 0xbf, + 0xcd, 0x97, 0x84, 0xd1, 0x85, 0xdc, 0xfd, 0xaa, 0x56, 0x3a, 0xc1, 0xdd, 0xd2, 0x45, 0x22, 0x4c, + 0x2f, 0xef, 0x0d, 0x03, 0x9a, 0x13, 0xe2, 0x9c, 0xd0, 0xc8, 0x95, 0x2d, 0x59, 0x88, 0xcc, 0x63, + 0xd7, 0x4f, 0xb3, 0x24, 0x2e, 0x3c, 0x16, 0x12, 0xd3, 0x48, 0x68, 0x40, 0x49, 0x2a, 0x6e, 0x41, + 0x0d, 0x17, 0x22, 0x73, 0x9f, 0x24, 0xce, 0x94, 0xf7, 0x9e, 0x86, 0xf9, 0x37, 0x63, 0xcf, 0x49, + 0xe2, 0x93, 0x28, 0xe3, 0x77, 0x98, 0x86, 0x0b, 0x91, 0xd9, 0x4f, 0x69, 0x32, 0xa7, 0x09, 0x6f, + 0x19, 0x0d, 0x4b, 0x89, 0xe1, 0x27, 0xf4, 0x8c, 0x5d, 0xc1, 0xaa, 0xc0, 0x85, 0x84, 0xae, 0x03, + 0xb0, 0x2f, 0xa9, 0xa3, 0xf1, 0xb5, 0x12, 0x82, 0xee, 0xc0, 0x65, 0xd7, 0x4f, 0xc9, 0x24, 0xa0, + 0xb6, 0x37, 0xf3, 0xec, 0x39, 0x09, 0x7c, 0x97, 0xd7, 0x9d, 0x17, 0x58, 0xc5, 0xaf, 0x58, 0x65, + 0xb5, 0x3b, 0x0e, 0xf2, 0x74, 0x6a, 0x3b, 0xc4, 0x99, 0x52, 0xa3, 0xc5, 0xc9, 0x65, 0x88, 0x33, + 0xe2, 0xc4, 0xa1, 0x92, 0xd1, 0x96, 0x8c, 0x25, 0xc4, 0x7c, 0xa3, 0xa7, 0x59, 0x42, 0x6c, 0x92, + 0x78, 0xa9, 0xb1, 0xc9, 0x5b, 0xb8, 0x84, 0x98, 0xdf, 0x2b, 0xd0, 0x2e, 0xcf, 0xa2, 0x7f, 0x65, + 0x3e, 0x7c, 0x00, 0xc0, 0xe6, 0xdf, 0xca, 0x80, 0xb8, 0xb2, 0x66, 0x50, 0xca, 0x09, 0x51, 0x22, + 0xb3, 0x2a, 0xe6, 0x29, 0xb5, 0x4f, 0xe6, 0x21, 0xaf, 0xa2, 0x8a, 0x0b, 0x11, 0x7d, 0xbc, 0x32, + 0x3c, 0x9a, 0x7c, 0x78, 0x5c, 0x5b, 0x6b, 0x74, 0xed, 0xf4, 0xf8, 0x8f, 0x1e, 0xfe, 0xef, 0x2a, + 0xff, 0xc8, 0xe9, 0x47, 0xef, 0x43, 0xe3, 0x38, 0x4e, 0x42, 0x92, 0xf1, 0x8a, 0x75, 0x76, 0xb7, + 0x5e, 0x59, 0x8e, 0xde, 0x7d, 0xce, 0xc3, 0x92, 0x6f, 0x5e, 0x85, 0x86, 0x40, 0x50, 0x13, 0x6a, + 0x78, 0xef, 0x99, 0xbe, 0x81, 0x34, 0x50, 0x9e, 0xde, 0x1b, 0x3d, 0xdb, 0xd5, 0x2b, 0x7f, 0xd3, + 0x54, 0x31, 0x7f, 0xa8, 0x42, 0xbb, 0x7c, 0xfd, 0xfe, 0x81, 0x36, 0xfe, 0x0c, 0x5a, 0x4e, 0x42, + 0xd2, 0x29, 0x7b, 0x1f, 0x7b, 0x94, 0xef, 0xd0, 0xd9, 0xbd, 0xbe, 0xe6, 0x6a, 0xef, 0xdd, 0x63, + 0xb4, 0x43, 0xc6, 0xc2, 0x65, 0x95, 0xf3, 0x2d, 0x53, 0x7f, 0xed, 0x96, 0x51, 0xfe, 0xa2, 0x96, + 0x69, 0xac, 0x6b, 0x19, 0xf3, 0x00, 0x60, 0xe9, 0x31, 0x52, 0xa1, 0x3e, 0x1c, 0x0d, 0x2d, 0x51, + 0x95, 0xe2, 0x41, 0xa6, 0x42, 0x5d, 0xbe, 0xc4, 0x00, 0x1a, 0xf7, 0xb0, 0xc5, 0x1e, 0x5b, 0x35, + 0xf6, 0x58, 0xed, 0x5b, 0x87, 0x63, 0x3c, 0x7a, 0xae, 0xd7, 0xd9, 0x82, 0x7c, 0x9b, 0x29, 0x37, + 0x6f, 0x01, 0x7a, 0xd9, 0xc9, 0x92, 0xe5, 0x16, 0x34, 0x0f, 0x8e, 0xf6, 0xed, 0x47, 0xd6, 0x73, + 0xbd, 0xb2, 0x7f, 0xe3, 0xf3, 0x6b, 0xa5, 0xbf, 0x45, 0xe4, 0x34, 0x9d, 0xee, 0xc4, 0x33, 0x1a, + 0xcd, 0x5d, 0x67, 0x87, 0xc7, 0x3b, 0x69, 0xf0, 0x97, 0xcd, 0xbb, 0xbf, 0x05, 0x00, 0x00, 0xff, + 0xff, 0x73, 0x30, 0xa6, 0xda, 0x52, 0x0d, 0x00, 0x00, } diff --git a/model/resource_templates.go b/model/resource_templates.go index 89e990f0..1db42376 100644 --- a/model/resource_templates.go +++ b/model/resource_templates.go @@ -15,8 +15,8 @@ func (*NoneTemplate) isResourceTemplateKind() {} func (*NoneTemplate) ResourceName() string { return "none" } func (*LxcTemplate) isResourceTemplateKind() {} func (*LxcTemplate) ResourceName() string { return "vm/lxc" } -func (*QemuTemplate) isResourceTemplateKind() {} -func (*QemuTemplate) ResourceName() string { return "vm/qemu" } +func (*QemuTemplate) isResourceTemplateKind() {} +func (*QemuTemplate) ResourceName() string { return "vm/qemu" } func (*NullTemplate) isResourceTemplateKind() {} func (*NullTemplate) ResourceName() string { return "vm/null" } @@ -30,10 +30,12 @@ type InstanceResource interface { GetVcpu() int32 GetMemoryGb() int32 GetNodeGroups() []string + GetAuthenticationType() AuthenticationType + GetSshPublicKey() string } func (*LxcTemplate) isInstanceResourceKind() {} -func (*QemuTemplate) isInstanceResourceKind() {} +func (*QemuTemplate) isInstanceResourceKind() {} func (*NullTemplate) isInstanceResourceKind() {} // ResourceTemplate resolves the assigned object type of diff --git a/proto/model.proto b/proto/model.proto index f08e9614..e0ddcc4a 100644 --- a/proto/model.proto +++ b/proto/model.proto @@ -16,6 +16,11 @@ message Instance { FailureMessage latest_failure = 7; } +enum AuthenticationType { + NONE = 0; + PUB_KEY = 1; +} + message InstanceState { enum State { REGISTERED = 0; @@ -118,10 +123,6 @@ message LxcTemplate { } Template lxc_template = 7 [json_name="lxc_template"]; repeated string node_groups = 8 [json_name="node_groups"]; - enum AuthenticationType { - NONE = 0; - PUB_KEY = 1; - } AuthenticationType authentication_type = 9 [json_name="authentication_type"]; string ssh_public_key = 10 [json_name="ssh_public_key"]; } @@ -151,6 +152,8 @@ message QemuTemplate { bool use_kvm = 6 [json_name="use_kvm"]; repeated Interface interfaces = 7; repeated string node_groups = 8 [json_name="node_groups"]; + AuthenticationType authentication_type = 9 [json_name="authentication_type"]; + string ssh_public_key = 10 [json_name="ssh_public_key"]; } message NullTemplate { @@ -166,4 +169,6 @@ message NullTemplate { } CrashStage crash_stage = 3 [json_name="crash_stage"]; repeated string node_groups = 4 [json_name="node_groups"]; + AuthenticationType authentication_type = 5 [json_name="authentication_type"]; + string ssh_public_key = 6 [json_name="ssh_public_key"]; } diff --git a/registry/bindata_assetfs.go b/registry/bindata_assetfs.go index c7b72e6d..72015305 100644 --- a/registry/bindata_assetfs.go +++ b/registry/bindata_assetfs.go @@ -10,6 +10,7 @@ package registry import ( + "github.com/elazarl/go-bindata-assetfs" "bytes" "compress/gzip" "fmt" @@ -19,8 +20,6 @@ import ( "path/filepath" "strings" "time" - - "github.com/elazarl/go-bindata-assetfs" ) func bindataRead(data []byte, name string) ([]byte, error) { @@ -109,7 +108,7 @@ func schemaV1Json() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/v1.json", size: 725, mode: os.FileMode(420), modTime: time.Unix(1500457433, 0)} + info := bindataFileInfo{name: "schema/v1.json", size: 725, mode: os.FileMode(420), modTime: time.Unix(1499405207, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -129,7 +128,7 @@ func schemaVmLxcJson() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/vm/lxc.json", size: 3719, mode: os.FileMode(420), modTime: time.Unix(1499405184, 0)} + info := bindataFileInfo{name: "schema/vm/lxc.json", size: 3719, mode: os.FileMode(420), modTime: time.Unix(1501567174, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -154,7 +153,7 @@ func schemaVmNullJson() (*asset, error) { return a, nil } -var _schemaVmQemuJson = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x54\xcd\x8e\x9b\x3c\x14\xdd\xf3\x14\x96\xbf\xd9\x7d\x49\x33\x1d\x65\x53\x76\x55\xab\x4a\x5d\x55\xaa\xaa\x6e\x46\x14\x39\xe6\x42\x3c\x83\x7f\x72\x6d\x13\x45\x11\xef\x5e\x41\x02\x31\xc1\xa3\xa6\x33\xdd\xc1\xb9\x7f\xe7\x72\x0e\xf7\x98\x10\x42\xef\x2c\xdf\x82\x64\x34\x25\x74\xeb\x9c\x49\x57\xab\x27\xab\xd5\xf2\x84\xbe\xd3\x58\xad\x0a\x64\xa5\x5b\xde\xaf\x57\x27\xec\x3f\xba\xe8\xea\x0a\xb0\x1c\x85\x71\x42\xab\xae\xf6\x9b\x01\xf5\xf3\xf3\x27\xf2\x1d\xac\xf6\xc8\x81\xfc\x00\x69\x6a\xe6\x20\x25\x8d\x5c\xed\x40\xfa\x53\x99\x3b\x18\xe8\xf2\xf5\xe6\x09\xb8\x3b\x61\x08\x3b\x2f\x10\x0a\x9a\x92\xc7\x84\x90\x21\x2b\x21\x24\xeb\xe3\x06\xb5\x01\x74\x02\x2c\x4d\xc9\xf1\x94\x91\x73\x2d\x25\x28\x37\x22\x41\x6f\xeb\x50\xa8\x8a\xf6\x70\xbb\x48\xc2\xd8\x98\x0b\xca\xcb\x71\x5e\x8f\x0c\x34\xcf\x48\x36\x29\x97\x42\xe5\x0d\x37\x3e\x36\x4e\x28\x07\x15\x20\x5d\x0c\x81\x02\x4a\xe6\xeb\x8e\xda\xfb\x59\x13\x09\x52\xe3\x21\xaf\x36\x6f\xea\xf4\x76\x2a\xff\x84\x86\xd2\x05\xe4\x15\x6a\x6f\x6c\xac\x0f\x43\x64\x87\x4b\x17\xaf\xc4\xce\xc3\x57\x07\xb2\xcb\x76\xe8\x61\x0c\x89\x33\x78\x91\xe3\x78\xad\x66\x1b\xd5\xa5\xa3\x8a\x25\xe3\x70\x0b\x81\x61\xca\xf1\x22\x7a\xc4\x8e\xe7\xc8\xcc\x94\x61\xc5\x08\x64\x41\x45\xc4\xa6\xd3\x29\x21\x36\xb7\xeb\x62\x1a\x9d\x19\x74\xb0\x29\xb8\xed\x55\x6e\xaf\x84\x82\x39\x0a\xd2\xb8\xc3\x1c\x6e\x6a\xa6\xe6\xa8\x64\x3c\x1e\x30\xdb\x83\xa5\x13\x30\x0b\xde\xda\x30\xbf\x6b\xc2\x8a\x02\xff\x76\x59\xc3\x9c\x03\xec\x0f\xc9\xaf\xc7\xfb\xe5\x07\xb6\x2c\x3f\x2e\xbf\x64\xc7\x87\xf6\xf2\x96\x66\xff\xdf\xd1\x17\x07\x0b\xd3\xac\x5f\x33\xb9\xd4\x28\x99\xeb\x5d\x6f\x9a\xf5\xa4\x7f\x72\xfd\xd4\x4e\xac\xd7\x1d\x8b\x5c\x48\x56\x41\xcc\x7a\x57\x86\x7a\xc9\x1c\xb1\x3b\x16\x63\x9d\x44\xb6\xa6\x85\xde\xab\x5a\xb3\x22\xf7\x58\xff\xa1\x7e\xf2\xad\x2e\x3b\x7b\x14\xf1\xd6\x7c\x0b\xfc\xd9\x7a\x99\x47\xac\x7b\x13\xb7\xa1\xc1\x6b\x6a\x47\x7e\x37\x6f\x14\xfd\x59\x28\xb2\xfd\xb5\xdc\x3b\xae\xf7\x0f\xa1\xca\xd9\x5c\xe5\x51\xb3\xe8\x09\x98\x7e\xf5\x39\xeb\xe8\x99\xf2\x16\xf2\xe7\x46\xc6\x8c\xb2\xd1\xba\x86\xe0\xb7\x0b\x8e\x6d\xc9\x6a\x0b\xc9\xc0\xad\x4d\xda\xe4\x77\x00\x00\x00\xff\xff\x0e\xae\x27\x8a\xb2\x07\x00\x00") +var _schemaVmQemuJson = []byte("\x1f\x8b\x08\x00\x00\x00\x00\x00\x00\xff\xac\x55\x4d\x8f\x9b\x30\x10\xbd\xf3\x2b\x2c\x77\x6f\x4d\x9a\xed\x6a\x2f\xe5\x56\xb5\xaa\xd4\x53\xa5\xaa\xea\x65\x45\x91\x63\x06\xf0\x06\x7f\xc4\x1f\x44\x28\xe2\xbf\x57\x90\x40\x0c\x38\xda\x74\xb7\x87\x48\xe1\xcd\xcc\x9b\x31\xef\x31\x3e\x46\x08\xe1\x3b\x43\x4b\xe0\x04\xc7\x08\x97\xd6\xaa\x78\xb3\x79\x36\x52\xac\x4f\xe8\x07\xa9\x8b\x4d\xa6\x49\x6e\xd7\xf7\x8f\x9b\x13\xf6\x0e\xaf\xba\xba\x0c\x0c\xd5\x4c\x59\x26\x45\x57\xfb\x43\x81\xf8\xfd\xf5\x0b\xfa\x09\x46\x3a\x4d\x01\xfd\x02\xae\x2a\x62\x21\x46\x35\xdf\xec\x81\xbb\x53\x99\x6d\x14\x74\xf9\x72\xfb\x0c\xd4\x9e\x30\x0d\x7b\xc7\x34\x64\x38\x46\x4f\x11\x42\x43\x56\x84\x50\xd2\xc7\x95\x96\x0a\xb4\x65\x60\x70\x8c\x8e\xa7\x8c\x94\x4a\xce\x41\xd8\x11\xf1\xb8\x8d\xd5\x4c\x14\xb8\x87\xdb\x55\xe4\xc7\xc6\x5c\x10\x8e\x8f\xfd\x7a\x64\x18\xf3\x8c\x24\x93\x72\xce\x44\x5a\x53\xe5\x42\xed\x98\xb0\x50\x80\xc6\xab\x21\x90\x41\x4e\x5c\xd5\x8d\xf6\x71\x41\xc2\x81\x4b\xdd\xa4\xc5\xf6\x4d\x4c\x6f\x1f\xe5\xbf\x8c\x21\x64\x06\x69\xa1\xa5\x53\x26\xc4\x43\xb4\x26\xcd\x85\xc5\x09\xb6\x77\xf0\xdd\x02\xef\xb2\xad\x76\x30\x86\xd8\x19\xbc\xc8\x71\x9c\xab\xd9\x06\x75\xe9\x46\xd5\x39\xa1\x70\xcb\x00\x43\x97\xe3\x45\xf4\x80\x1d\xcf\x91\x85\x29\xfd\x8a\x11\x48\xbc\x8a\x80\x4d\xa7\x5d\x7c\x6c\x69\xd7\xd5\x34\xba\x30\xe8\x60\x53\xb0\xe5\x2c\xb7\x57\x42\xc0\x12\x05\xae\x6c\xb3\x84\xeb\x8a\x88\x25\xca\x09\x0d\x07\x54\xd9\x18\x3c\x01\x13\xef\xa9\xf5\xf3\x3b\x12\x92\x65\xfa\x5f\x0f\xab\x88\xb5\xa0\xfb\x45\xf2\xe7\xe9\x7e\xfd\x89\xac\xf3\xcf\xeb\x6f\xc9\xf1\xa1\xbd\x3c\xc5\xc9\xfb\x3b\x7c\xb5\x31\x53\xf5\xe3\x6b\x3a\xe7\x52\x73\x62\x7b\xd7\xab\xfa\x71\xc2\x1f\xcd\xff\xb5\x13\xeb\x75\xcb\x22\x65\x9c\x14\x10\xb2\xde\xcc\x50\xd7\xcc\x11\xda\x63\xa1\xa9\xa3\xc0\xa9\x71\x26\x0f\xa2\x92\x24\x4b\x9d\xae\x5e\xa8\x9f\xbc\xab\xcb\x99\x9d\x66\x61\x6a\x5a\x02\xdd\x19\xc7\xd3\x80\x75\x6f\x9a\x6d\x20\x78\x4d\xed\x38\xdf\xcd\x27\x0a\x7e\x2c\x58\x93\xc3\x5c\xee\x3d\x95\x87\x07\x5f\xe5\x64\xa9\xf2\xa8\x59\x70\x05\x4c\xdf\xfa\x72\xea\xe0\x9a\x72\x06\xd2\x5d\xcd\x43\x46\xd9\x4a\x59\x81\xf7\xd9\x79\xcb\x36\x27\x95\x81\x09\x0f\x71\xb6\x04\x61\x19\x25\xdd\xbd\x3b\x17\xe7\xda\x2b\xf2\x28\xa7\x8b\x22\x70\x0b\xce\x16\x09\x56\x6e\x9b\xee\xa0\x09\x1f\xcb\x98\x32\x55\x6e\x5b\x31\xda\xe7\xbc\x74\x15\x47\xdd\xaf\x8d\xfe\x06\x00\x00\xff\xff\x59\x0d\x1e\x70\x77\x08\x00\x00") func schemaVmQemuJsonBytes() ([]byte, error) { return bindataRead( @@ -169,7 +168,7 @@ func schemaVmQemuJson() (*asset, error) { return nil, err } - info := bindataFileInfo{name: "schema/vm/qemu.json", size: 1970, mode: os.FileMode(420), modTime: time.Unix(1500457433, 0)} + info := bindataFileInfo{name: "schema/vm/qemu.json", size: 2167, mode: os.FileMode(420), modTime: time.Unix(1502257163, 0)} a := &asset{bytes: bytes, info: info} return a, nil } @@ -226,9 +225,9 @@ func AssetNames() []string { // _bindata is a table, holding each asset generator, mapped to its name. var _bindata = map[string]func() (*asset, error){ - "schema/none.json": schemaNoneJson, - "schema/v1.json": schemaV1Json, - "schema/vm/lxc.json": schemaVmLxcJson, + "schema/none.json": schemaNoneJson, + "schema/v1.json": schemaV1Json, + "schema/vm/lxc.json": schemaVmLxcJson, "schema/vm/null.json": schemaVmNullJson, "schema/vm/qemu.json": schemaVmQemuJson, } @@ -272,13 +271,12 @@ type bintree struct { Func func() (*asset, error) Children map[string]*bintree } - var _bintree = &bintree{nil, map[string]*bintree{ "schema": &bintree{nil, map[string]*bintree{ "none.json": &bintree{schemaNoneJson, map[string]*bintree{}}, - "v1.json": &bintree{schemaV1Json, map[string]*bintree{}}, + "v1.json": &bintree{schemaV1Json, map[string]*bintree{}}, "vm": &bintree{nil, map[string]*bintree{ - "lxc.json": &bintree{schemaVmLxcJson, map[string]*bintree{}}, + "lxc.json": &bintree{schemaVmLxcJson, map[string]*bintree{}}, "null.json": &bintree{schemaVmNullJson, map[string]*bintree{}}, "qemu.json": &bintree{schemaVmQemuJson, map[string]*bintree{}}, }}, @@ -332,6 +330,7 @@ func _filePath(dir, name string) string { return filepath.Join(append([]string{dir}, strings.Split(cannonicalName, "/")...)...) } + func assetFS() *assetfs.AssetFS { assetInfo := func(path string) (os.FileInfo, error) { return os.Stat(path) diff --git a/schema/vm/qemu.json b/schema/vm/qemu.json index 9a4897cd..2deda682 100644 --- a/schema/vm/qemu.json +++ b/schema/vm/qemu.json @@ -99,6 +99,17 @@ "use_kvm": { "type": "boolean", "default": false + }, + "authentication_type": { + "type": "string", + "default": "none", + "enum": [ + "none", + "pub_key" + ] + }, + "ssh_public_key": { + "type": "string" } } } From 186568bcf7e0836086d9298f286d366679c0b073 Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 10 Aug 2017 15:11:53 +0900 Subject: [PATCH 11/55] Modify Qemu test contents --- handlers/vm/qemu/qemu_test.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/handlers/vm/qemu/qemu_test.go b/handlers/vm/qemu/qemu_test.go index c4b8fd08..4a954ec6 100644 --- a/handlers/vm/qemu/qemu_test.go +++ b/handlers/vm/qemu/qemu_test.go @@ -82,8 +82,7 @@ func TestQemuHandler_ParseTemplate(t *testing.T) { assert.NotNil(modelqemu.GetQemuImage()) assert.Equal(modelqemu.GetQemuImage().GetDownloadUrl(), "http://example.com/") assert.Equal(modelqemu.GetQemuImage().GetFormat().String(), "RAW") - assert.Equal(model.AuthenticationType_PUB_KEY, modelqemu.AuthenticationType, "pub_key") - assert.Equal(modelqemu.SshPublicKey, "ssh-rsa AAAA") + assert.Equal(model.AuthenticationType_NONE, modelqemu.AuthenticationType, "none") } func TestQemuHandler_MargeJSON(t *testing.T) { From da2d78106075a28f759726eeb5fff2706e7cd695 Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 10 Aug 2017 17:12:26 +0900 Subject: [PATCH 12/55] Made SSH server to can authentication with public key. --- cmd/openvdc-executor/sshd.go | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index 81c58356..c614e42d 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -6,6 +6,7 @@ import ( "io" "io/ioutil" "net" + "strings" log "github.com/Sirupsen/logrus" "github.com/axsh/openvdc/hypervisor" @@ -25,6 +26,32 @@ type SSHServer struct { func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) *SSHServer { config := &ssh.ServerConfig{ NoClientAuth: true, + PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) { + instanceID := conn.User() + + inst, err := model.Instances(ctx).FindByID(instanceID) + if err != nil { + log.WithError(err).Errorf("Unknown instance: %s", instanceID) + // conn.Close() + return nil, err + } + instResource := inst.ResourceTemplate().(model.InstanceResource) + + authType := instResource.GetAuthenticationType() + switch authType { + case model.AuthenticationType_NONE: + return nil, nil + case model.AuthenticationType_PUB_KEY: + zkPubKey := strings.TrimSpace(instResource.GetSshPublicKey()) + clientPubkey := strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))) + + if zkPubKey != clientPubkey { + log.Errorf("Private key mismatch with database public key") + return nil, fmt.Errorf("Private key mismatch with database public key") + } + } + return nil, fmt.Errorf("Unknown AuthenticationType") + }, } return &SSHServer{ From e6e0984215563d629be44e08db63c18ffbf9cabb Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 21 Aug 2017 18:12:29 +0900 Subject: [PATCH 13/55] Add authentication_type and ssh_public_key to MergeArgs() as parameters. --- handlers/vm/lxc/lxc.go | 9 +++++++++ handlers/vm/lxc/lxc_test.go | 28 ++++++++++++++++++++++++++++ handlers/vm/qemu/qemu.go | 8 ++++++++ handlers/vm/qemu/qemu_test.go | 29 +++++++++++++++++++++++++++++ 4 files changed, 74 insertions(+) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index 61a2a10f..74d4d516 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -5,6 +5,7 @@ import ( "flag" "fmt" "io" + "strings" "github.com/axsh/openvdc/handlers" "github.com/axsh/openvdc/handlers/vm" @@ -95,13 +96,21 @@ func (h *LxcHandler) MergeArgs(dst model.ResourceTemplate, args []string) error flags := flag.NewFlagSet("lxc template", flag.ContinueOnError) var vcpu, mem int + var authType, sshPubkey string flags.IntVar(&vcpu, "vcpu", int(mdst.MinVcpu), "") flags.IntVar(&mem, "memory_gb", int(mdst.MinMemoryGb), "") + defAuth := model.AuthenticationType_name[int32(mdst.AuthenticationType)] + flags.StringVar(&authType, "authentication_type", defAuth, "") + flags.StringVar(&sshPubkey, "ssh_public_key", mdst.SshPublicKey, "") if err := flags.Parse(args); err != nil { return err } mdst.Vcpu = int32(vcpu) mdst.MemoryGb = int32(mem) + format := model.AuthenticationType_value[strings.ToUpper(authType)] + mdst.AuthenticationType = model.AuthenticationType(format) + sshPubkey = strings.Replace(sshPubkey, "\"", "", -1) + mdst.SshPublicKey = sshPubkey return nil } diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index fa99bebd..6f8b99ff 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -125,6 +125,34 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.EqualError(err, "Invalid template vm/lxc: ssh_public_key is invalid") } +func TestLxcHandler_MergeArgs(t *testing.T) { + assert := assert.New(t) + h := &LxcHandler{} + var dest model.ResourceTemplate = &model.LxcTemplate{} + args := []string{`--authentication_type="none"`} + err := h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + d := dest.(*model.LxcTemplate) + assert.Nil(err) + assert.IsType((*model.LxcTemplate)(nil), dest) + assert.Equal(model.AuthenticationType_NONE, d.AuthenticationType) + + dest = &model.LxcTemplate{} + args = []string{"--vcpu=2"} + err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + d = dest.(*model.LxcTemplate) + assert.Nil(err) + assert.IsType((*model.LxcTemplate)(nil), dest) + assert.Equal(2, int(d.GetVcpu())) + + dest = &model.LxcTemplate{} + args = []string{`--authentication_type=pub_key`, `--ssh_public_key="ssh-rsa AAAA"`} + err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + d = dest.(*model.LxcTemplate) + assert.Nil(err) + assert.IsType((*model.LxcTemplate)(nil), dest) + assert.Equal(model.AuthenticationType_PUB_KEY, d.AuthenticationType) + assert.Equal("ssh-rsa AAAA", d.SshPublicKey) +} func TestLxcHandler_MargeJSON(t *testing.T) { assert := assert.New(t) h := &LxcHandler{} diff --git a/handlers/vm/qemu/qemu.go b/handlers/vm/qemu/qemu.go index 46ea9b82..1c868167 100644 --- a/handlers/vm/qemu/qemu.go +++ b/handlers/vm/qemu/qemu.go @@ -106,13 +106,21 @@ func (h *QemuHandler) MergeArgs(dst model.ResourceTemplate, args []string) error flags := flag.NewFlagSet("qemu template", flag.ContinueOnError) var vcpu, mem int + var authType, sshPubkey string flags.IntVar(&vcpu, "vcpu", int(mdst.MinVcpu), "") flags.IntVar(&mem, "memory_gb", int(mdst.MinMemoryGb), "") + defAuth := model.AuthenticationType_name[int32(mdst.AuthenticationType)] + flags.StringVar(&authType, "authentication_type", defAuth, "") + flags.StringVar(&sshPubkey, "ssh_public_key", mdst.SshPublicKey, "") if err := flags.Parse(args); err != nil { return err } mdst.Vcpu = int32(vcpu) mdst.MemoryGb = int32(mem) + format := model.AuthenticationType_value[strings.ToUpper(authType)] + mdst.AuthenticationType = model.AuthenticationType(format) + sshPubkey = strings.Replace(sshPubkey, "\"", "", -1) + mdst.SshPublicKey = sshPubkey return nil } diff --git a/handlers/vm/qemu/qemu_test.go b/handlers/vm/qemu/qemu_test.go index 4a954ec6..dce01a1a 100644 --- a/handlers/vm/qemu/qemu_test.go +++ b/handlers/vm/qemu/qemu_test.go @@ -85,6 +85,35 @@ func TestQemuHandler_ParseTemplate(t *testing.T) { assert.Equal(model.AuthenticationType_NONE, modelqemu.AuthenticationType, "none") } +func TestQemuHandler_MergeArgs(t *testing.T) { + assert := assert.New(t) + h := &QemuHandler{} + var dest model.ResourceTemplate = &model.QemuTemplate{} + args := []string{`--authentication_type="none"`} + err := h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + d := dest.(*model.QemuTemplate) + assert.Nil(err) + assert.IsType((*model.QemuTemplate)(nil), dest) + assert.Equal(model.AuthenticationType_NONE, d.AuthenticationType) + + dest = &model.QemuTemplate{} + args = []string{"--vcpu=2"} + err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + d = dest.(*model.QemuTemplate) + assert.Nil(err) + assert.IsType((*model.QemuTemplate)(nil), dest) + assert.Equal(2, int(d.GetVcpu())) + + dest = &model.QemuTemplate{} + args = []string{`--authentication_type=pub_key`, `--ssh_public_key="ssh-rsa AAAA"`} + err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + d = dest.(*model.QemuTemplate) + assert.Nil(err) + assert.IsType((*model.QemuTemplate)(nil), dest) + assert.Equal(model.AuthenticationType_PUB_KEY, d.AuthenticationType) + assert.Equal("ssh-rsa AAAA", d.SshPublicKey) +} + func TestQemuHandler_MargeJSON(t *testing.T) { assert := assert.New(t) h := &QemuHandler{} From 2de4fcc9177df036241304486434261b0d066001 Mon Sep 17 00:00:00 2001 From: itouri Date: Tue, 22 Aug 2017 15:54:01 +0900 Subject: [PATCH 14/55] Changed the return type of validatePublicKey([]byte) to error. and changed the part supporting SECSH format to comment. --- handlers/vm/base.go | 38 ++++++++++++++++++------------------- handlers/vm/lxc/lxc_test.go | 2 +- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/handlers/vm/base.go b/handlers/vm/base.go index 7a882b9e..7258b1f8 100644 --- a/handlers/vm/base.go +++ b/handlers/vm/base.go @@ -62,9 +62,9 @@ func (*Base) ValidatePublicKey(h handlers.ResourceHandler, authType model.Authen return handlers.ErrInvalidTemplate(h, "ssh_public_key is not set") } - isValidate := validatePublicKey([]byte(sshPubKey)) - if !isValidate { - return handlers.ErrInvalidTemplate(h, "ssh_public_key is invalid") + err := validatePublicKey([]byte(sshPubKey)) + if err != nil { + return handlers.ErrInvalidTemplate(h, err.Error()) } default: @@ -73,32 +73,32 @@ func (*Base) ValidatePublicKey(h handlers.ResourceHandler, authType model.Authen return nil } -func validatePublicKey(key []byte) bool { - // Check that the key is in RFC4253 binary format. - _, err := ssh.ParsePublicKey(key) - if err == nil { - return true - } - +func validatePublicKey(key []byte) error { keyStr := string(key[:]) // Check that the key is in OpenSSH format. keyNames := []string{"ssh-rsa", "ssh-dss", "ecdsa-sha2-nistp256", "ssh-ed25519"} firstStr := strings.Fields(keyStr) for _, name := range keyNames { if firstStr[0] == name { - return true + return nil } } - // Check that the key is in SECSH format. - keyNames = []string{"SSH2 ", "RSA", ""} - for _, name := range keyNames { - if strings.Contains(keyStr, "---- BEGIN "+name+"PUBLIC KEY ----") && - strings.Contains(keyStr, "---- END "+name+"PUBLIC KEY ----") { - return true - } + // // Check that the key is in SECSH format. + // keyNames = []string{"SSH2 ", "RSA", ""} + // for _, name := range keyNames { + // if strings.Contains(keyStr, "---- BEGIN "+name+"PUBLIC KEY ----") && + // strings.Contains(keyStr, "---- END "+name+"PUBLIC KEY ----") { + // return nil + // } + // } + + // Check that the key is in RFC4253 binary format. + _, err := ssh.ParsePublicKey(key) + if err != nil { + return err } - return false + return nil } func (*Base) IsSupportAPI(method string) bool { diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index 6f8b99ff..743955f6 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -122,7 +122,7 @@ func TestLxcHandler_ParseTemplate(t *testing.T) { assert.NotEmpty(modellxc.SshPublicKey) m, err = h.ParseTemplate(bytes.NewBufferString(jsonLxcTemplate4).Bytes()) - assert.EqualError(err, "Invalid template vm/lxc: ssh_public_key is invalid") + assert.Error(err) } func TestLxcHandler_MergeArgs(t *testing.T) { From f7b44e91ca61c6dc5f60a8944a8130ac1c3d4fae Mon Sep 17 00:00:00 2001 From: itouri Date: Tue, 22 Aug 2017 16:09:39 +0900 Subject: [PATCH 15/55] Modify the SSH server to authenticate the client. --- cmd/openvdc-executor/sshd.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index c614e42d..5f3bf14c 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -25,7 +25,7 @@ type SSHServer struct { func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) *SSHServer { config := &ssh.ServerConfig{ - NoClientAuth: true, + NoClientAuth: false, PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) { instanceID := conn.User() From eb79945700a4bd23962a5084d13133c889687552 Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 23 Aug 2017 17:08:33 +0900 Subject: [PATCH 16/55] Delete extra line of code about authentification. --- cmd/openvdc-executor/sshd.go | 1 - 1 file changed, 1 deletion(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index 5f3bf14c..76909e64 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -25,7 +25,6 @@ type SSHServer struct { func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) *SSHServer { config := &ssh.ServerConfig{ - NoClientAuth: false, PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) { instanceID := conn.User() From 751952113d5d9efe14d7e769aeab63c8772685ff Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 24 Aug 2017 18:23:22 +0900 Subject: [PATCH 17/55] Adding parameter of Auth to ClientConfig --- cmd/openvdc/cmd/console.go | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index 5873f620..bda371f3 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -3,9 +3,11 @@ package cmd import ( "fmt" "io" + "io/ioutil" "net" "os" "strings" + "time" log "github.com/Sirupsen/logrus" "github.com/axsh/openvdc/cmd/openvdc/cmd/console" @@ -19,8 +21,11 @@ import ( "google.golang.org/grpc" ) +var indentityFile string + func init() { consoleCmd.Flags().Bool("show", false, "Show console information") + consoleCmd.Flags().StringVarP(&indentityFile, "identity_file", "i", "", "Selects a file from which the identity (private key) for public key authentication is read") } var consoleCmd = &cobra.Command{ @@ -71,6 +76,29 @@ var consoleCmd = &cobra.Command{ fmt.Println("") return nil } + + config := &ssh.ClientConfig{ + Timeout: 5 * time.Second, + } + + // Parse and set indetifyFifle + if indentityFile != "" { + key, err := ioutil.ReadFile(indentityFile) + if err != nil { + log.Fatalf("unable to read private key: %v", err) + } + + // Create the Signer for this private key. + signer, err := ssh.ParsePrivateKey(key) + if err != nil { + log.Fatalf("unable to parse private key: %v", err) + } + + config.Auth = []ssh.AuthMethod{ + ssh.PublicKeys(signer), + } + } + sshcon := console.NewSshConsole(instanceID, nil) var err error if len(execArgs) > 0 { From fdc200ea9ce7c20320384687e977f2c78ba0491f Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 24 Aug 2017 18:49:27 +0900 Subject: [PATCH 18/55] Modify arg that is passed to NewSshConsole --- cmd/openvdc/cmd/console.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index bda371f3..fd179336 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -99,7 +99,7 @@ var consoleCmd = &cobra.Command{ } } - sshcon := console.NewSshConsole(instanceID, nil) + sshcon := console.NewSshConsole(instanceID, config) var err error if len(execArgs) > 0 { err = sshcon.Exec(res.GetAddress(), execArgs) From 3171355dfbfb9b24830276842727ab3bd8f568d1 Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 24 Aug 2017 19:27:26 +0900 Subject: [PATCH 19/55] Delete if section of parse and set indentifyFile --- cmd/openvdc/cmd/console.go | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index fd179336..a85242fd 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -82,25 +82,23 @@ var consoleCmd = &cobra.Command{ } // Parse and set indetifyFifle - if indentityFile != "" { - key, err := ioutil.ReadFile(indentityFile) - if err != nil { - log.Fatalf("unable to read private key: %v", err) - } + key, err := ioutil.ReadFile(indentityFile) + if err != nil { + log.Fatalf("unable to read private key: %v", err) + } - // Create the Signer for this private key. - signer, err := ssh.ParsePrivateKey(key) - if err != nil { - log.Fatalf("unable to parse private key: %v", err) - } + // Create the Signer for this private key. + signer, err := ssh.ParsePrivateKey(key) + if err != nil { + log.Fatalf("unable to parse private key: %v", err) + } - config.Auth = []ssh.AuthMethod{ - ssh.PublicKeys(signer), - } + config.Auth = []ssh.AuthMethod{ + ssh.PublicKeys(signer), } sshcon := console.NewSshConsole(instanceID, config) - var err error + if len(execArgs) > 0 { err = sshcon.Exec(res.GetAddress(), execArgs) } else { From 187827d9969fc514a9741c14d4473e379b51459e Mon Sep 17 00:00:00 2001 From: itouri Date: Thu, 24 Aug 2017 19:57:05 +0900 Subject: [PATCH 20/55] Modify ssh.ClientConfig and PublicKeyCallback --- cmd/openvdc-executor/sshd.go | 5 ++++- cmd/openvdc/cmd/console.go | 40 +++++++++++++++++++++--------------- 2 files changed, 28 insertions(+), 17 deletions(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index 76909e64..b6f23767 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -42,7 +42,10 @@ func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) * return nil, nil case model.AuthenticationType_PUB_KEY: zkPubKey := strings.TrimSpace(instResource.GetSshPublicKey()) - clientPubkey := strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))) + var clientPubkey string + if key != nil { + clientPubkey = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))) + } if zkPubKey != clientPubkey { log.Errorf("Private key mismatch with database public key") diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index a85242fd..b37f9336 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -25,7 +25,7 @@ var indentityFile string func init() { consoleCmd.Flags().Bool("show", false, "Show console information") - consoleCmd.Flags().StringVarP(&indentityFile, "identity_file", "i", "", "Selects a file from which the identity (private key) for public key authentication is read") + consoleCmd.Flags().StringVarP(&indentityFile, "identity-file", "i", "", "Selects a file from which the identity (private key) for public key authentication is read") } var consoleCmd = &cobra.Command{ @@ -51,6 +51,10 @@ var consoleCmd = &cobra.Command{ } var res *api.ConsoleReply + + info, _ := cmd.Flags().GetBool("show") + fmt.Printf("show is %v", info) + err := util.RemoteCall(func(conn *grpc.ClientConn) error { ic := api.NewInstanceClient(conn) var err error @@ -61,7 +65,8 @@ var consoleCmd = &cobra.Command{ log.WithError(err).Fatal("Failed request to Instance.Console API") } - info, err := cmd.Flags().GetBool("show") + // info, err := cmd.Flags().GetBool("show") + // fmt.Printf("show is %v", info) switch res.Type { case model.Console_SSH: if info { @@ -77,28 +82,31 @@ var consoleCmd = &cobra.Command{ return nil } - config := &ssh.ClientConfig{ - Timeout: 5 * time.Second, - } + var signer ssh.Signer // Parse and set indetifyFifle - key, err := ioutil.ReadFile(indentityFile) - if err != nil { - log.Fatalf("unable to read private key: %v", err) - } + if indentityFile != "" { + key, err := ioutil.ReadFile(indentityFile) + if err != nil { + log.Fatalf("unable to read private key: %v", err) + } - // Create the Signer for this private key. - signer, err := ssh.ParsePrivateKey(key) - if err != nil { - log.Fatalf("unable to parse private key: %v", err) + // Create the Signer for this private key. + signer, err = ssh.ParsePrivateKey(key) + if err != nil { + log.Fatalf("unable to parse private key: %v", err) + } } - config.Auth = []ssh.AuthMethod{ - ssh.PublicKeys(signer), + config := &ssh.ClientConfig{ + Timeout: 5 * time.Second, + Auth: []ssh.AuthMethod{ + ssh.PublicKeys(signer), + }, } sshcon := console.NewSshConsole(instanceID, config) - + var err error if len(execArgs) > 0 { err = sshcon.Exec(res.GetAddress(), execArgs) } else { From 065295b865c2a30380901c553fd31499e55fa98d Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 25 Aug 2017 16:34:31 +0900 Subject: [PATCH 21/55] Modify authenticate process. --- cmd/openvdc-executor/sshd.go | 29 ++++++++++++++++++++++------- cmd/openvdc/cmd/console.go | 26 ++++++++++++++++---------- 2 files changed, 38 insertions(+), 17 deletions(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index b6f23767..8b71bbf2 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -23,19 +23,34 @@ type SSHServer struct { ctx context.Context } +func getInstResource(ctx context.Context, userID string) (model.InstanceResource, error) { + inst, err := model.Instances(ctx).FindByID(userID) + if err != nil { + log.WithError(err).Errorf("Unknown instance: %s", userID) + // conn.Close() + return nil, err + } + instResource := inst.ResourceTemplate().(model.InstanceResource) + return instResource, nil +} + func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) *SSHServer { config := &ssh.ServerConfig{ + PasswordCallback: func(conn ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) { + instResource, err := getInstResource(ctx, conn.User()) + if err != nil { + return nil, err + } + if instResource.GetSshPublicKey() != "" { + return nil, fmt.Errorf("%s is setted public key", conn.User()) + } + return nil, nil + }, PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) { - instanceID := conn.User() - - inst, err := model.Instances(ctx).FindByID(instanceID) + instResource, err := getInstResource(ctx, conn.User()) if err != nil { - log.WithError(err).Errorf("Unknown instance: %s", instanceID) - // conn.Close() return nil, err } - instResource := inst.ResourceTemplate().(model.InstanceResource) - authType := instResource.GetAuthenticationType() switch authType { case model.AuthenticationType_NONE: diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index b37f9336..3c7d0784 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -82,8 +82,7 @@ var consoleCmd = &cobra.Command{ return nil } - var signer ssh.Signer - + var config *ssh.ClientConfig // Parse and set indetifyFifle if indentityFile != "" { key, err := ioutil.ReadFile(indentityFile) @@ -92,21 +91,28 @@ var consoleCmd = &cobra.Command{ } // Create the Signer for this private key. - signer, err = ssh.ParsePrivateKey(key) + signer, err := ssh.ParsePrivateKey(key) if err != nil { log.Fatalf("unable to parse private key: %v", err) } - } - config := &ssh.ClientConfig{ - Timeout: 5 * time.Second, - Auth: []ssh.AuthMethod{ - ssh.PublicKeys(signer), - }, + config = &ssh.ClientConfig{ + Timeout: 5 * time.Second, + Auth: []ssh.AuthMethod{ + ssh.PublicKeys(signer), + }, + } + } else { + config = &ssh.ClientConfig{ + Timeout: 5 * time.Second, + Auth: []ssh.AuthMethod{ + ssh.Password(""), + }, + } } sshcon := console.NewSshConsole(instanceID, config) - var err error + // var err error if len(execArgs) > 0 { err = sshcon.Exec(res.GetAddress(), execArgs) } else { From 9d4d667de1b86cf5c5525a8da24daa89e675fabd Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 28 Aug 2017 15:25:17 +0900 Subject: [PATCH 22/55] Removed old comment and extra code. --- cmd/openvdc/cmd/console.go | 32 +++++++++----------------------- handlers/vm/base.go | 9 --------- 2 files changed, 9 insertions(+), 32 deletions(-) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index 3c7d0784..49405857 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -52,9 +52,6 @@ var consoleCmd = &cobra.Command{ var res *api.ConsoleReply - info, _ := cmd.Flags().GetBool("show") - fmt.Printf("show is %v", info) - err := util.RemoteCall(func(conn *grpc.ClientConn) error { ic := api.NewInstanceClient(conn) var err error @@ -65,8 +62,6 @@ var consoleCmd = &cobra.Command{ log.WithError(err).Fatal("Failed request to Instance.Console API") } - // info, err := cmd.Flags().GetBool("show") - // fmt.Printf("show is %v", info) switch res.Type { case model.Console_SSH: if info { @@ -82,33 +77,24 @@ var consoleCmd = &cobra.Command{ return nil } - var config *ssh.ClientConfig - // Parse and set indetifyFifle - if indentityFile != "" { + var config = &ssh.ClientConfig{ + Timeout: 5 * time.Second, + } + + if indentityFile == "" { + config.Auth = []ssh.AuthMethod{ssh.Password("")} + } else { + // Parse and set indetifyFifle key, err := ioutil.ReadFile(indentityFile) if err != nil { log.Fatalf("unable to read private key: %v", err) } - // Create the Signer for this private key. signer, err := ssh.ParsePrivateKey(key) if err != nil { log.Fatalf("unable to parse private key: %v", err) } - - config = &ssh.ClientConfig{ - Timeout: 5 * time.Second, - Auth: []ssh.AuthMethod{ - ssh.PublicKeys(signer), - }, - } - } else { - config = &ssh.ClientConfig{ - Timeout: 5 * time.Second, - Auth: []ssh.AuthMethod{ - ssh.Password(""), - }, - } + config.Auth = []ssh.AuthMethod{ssh.PublicKeys(signer)} } sshcon := console.NewSshConsole(instanceID, config) diff --git a/handlers/vm/base.go b/handlers/vm/base.go index 7258b1f8..ad76eb0b 100644 --- a/handlers/vm/base.go +++ b/handlers/vm/base.go @@ -84,15 +84,6 @@ func validatePublicKey(key []byte) error { } } - // // Check that the key is in SECSH format. - // keyNames = []string{"SSH2 ", "RSA", ""} - // for _, name := range keyNames { - // if strings.Contains(keyStr, "---- BEGIN "+name+"PUBLIC KEY ----") && - // strings.Contains(keyStr, "---- END "+name+"PUBLIC KEY ----") { - // return nil - // } - // } - // Check that the key is in RFC4253 binary format. _, err := ssh.ParsePublicKey(key) if err != nil { From 088e8f510ba54c0c3472cc0caa56f917526f76da Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 28 Aug 2017 17:31:37 +0900 Subject: [PATCH 23/55] Delete extra comment. --- handlers/vm/lxc/lxc_test.go | 8 ++++---- handlers/vm/qemu/qemu_test.go | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/handlers/vm/lxc/lxc_test.go b/handlers/vm/lxc/lxc_test.go index 743955f6..786609c4 100644 --- a/handlers/vm/lxc/lxc_test.go +++ b/handlers/vm/lxc/lxc_test.go @@ -130,7 +130,7 @@ func TestLxcHandler_MergeArgs(t *testing.T) { h := &LxcHandler{} var dest model.ResourceTemplate = &model.LxcTemplate{} args := []string{`--authentication_type="none"`} - err := h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + err := h.MergeArgs(dest, args) d := dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) @@ -138,7 +138,7 @@ func TestLxcHandler_MergeArgs(t *testing.T) { dest = &model.LxcTemplate{} args = []string{"--vcpu=2"} - err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + err = h.MergeArgs(dest, args) d = dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) @@ -146,7 +146,7 @@ func TestLxcHandler_MergeArgs(t *testing.T) { dest = &model.LxcTemplate{} args = []string{`--authentication_type=pub_key`, `--ssh_public_key="ssh-rsa AAAA"`} - err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + err = h.MergeArgs(dest, args) d = dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) @@ -158,7 +158,7 @@ func TestLxcHandler_MargeJSON(t *testing.T) { h := &LxcHandler{} var dest model.ResourceTemplate = &model.LxcTemplate{} - err := h.MergeJSON(dest, bytes.NewBufferString(margeJson1).Bytes()) // instance_id := strings.TrimSpace(stdout.String()) + err := h.MergeJSON(dest, bytes.NewBufferString(margeJson1).Bytes()) d := dest.(*model.LxcTemplate) assert.Nil(err) assert.IsType((*model.LxcTemplate)(nil), dest) diff --git a/handlers/vm/qemu/qemu_test.go b/handlers/vm/qemu/qemu_test.go index dce01a1a..fa54b28f 100644 --- a/handlers/vm/qemu/qemu_test.go +++ b/handlers/vm/qemu/qemu_test.go @@ -90,7 +90,7 @@ func TestQemuHandler_MergeArgs(t *testing.T) { h := &QemuHandler{} var dest model.ResourceTemplate = &model.QemuTemplate{} args := []string{`--authentication_type="none"`} - err := h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + err := h.MergeArgs(dest, args) d := dest.(*model.QemuTemplate) assert.Nil(err) assert.IsType((*model.QemuTemplate)(nil), dest) @@ -98,7 +98,7 @@ func TestQemuHandler_MergeArgs(t *testing.T) { dest = &model.QemuTemplate{} args = []string{"--vcpu=2"} - err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + err = h.MergeArgs(dest, args) d = dest.(*model.QemuTemplate) assert.Nil(err) assert.IsType((*model.QemuTemplate)(nil), dest) @@ -106,7 +106,7 @@ func TestQemuHandler_MergeArgs(t *testing.T) { dest = &model.QemuTemplate{} args = []string{`--authentication_type=pub_key`, `--ssh_public_key="ssh-rsa AAAA"`} - err = h.MergeArgs(dest, args) // instance_id := strings.TrimSpace(stdout.String()) + err = h.MergeArgs(dest, args) d = dest.(*model.QemuTemplate) assert.Nil(err) assert.IsType((*model.QemuTemplate)(nil), dest) @@ -119,7 +119,7 @@ func TestQemuHandler_MargeJSON(t *testing.T) { h := &QemuHandler{} var dest model.ResourceTemplate = &model.QemuTemplate{} - err := h.MergeJSON(dest, bytes.NewBufferString(margeJson1).Bytes()) // instance_id := strings.TrimSpace(stdout.String()) + err := h.MergeJSON(dest, bytes.NewBufferString(margeJson1).Bytes()) d := dest.(*model.QemuTemplate) assert.Nil(err) assert.IsType((*model.QemuTemplate)(nil), dest) From 9a565bd9ed4a33f2b2bf121a20cf199f4de0b934 Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 28 Aug 2017 17:32:22 +0900 Subject: [PATCH 24/55] Add console with public key test to cmd_console_test. --- .../acceptance-test/tests/cmd_console_test.go | 33 ++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 12115980..0216015d 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -4,6 +4,7 @@ package tests import ( "fmt" + "io/ioutil" "strings" "testing" "time" @@ -21,7 +22,15 @@ func runConsoleCmd(instance_id string, t *testing.T) { RunCmdAndExpectFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -- false", instance_id)) } -func TestCmdConsole_Authentication(t *testing.T) { +func runConsoleCmdWithPrivatekey(instance_id string, private_key_path string, t *testing.T) { + RunCmd("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) + RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) + RunCmdAndReportFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s ls", instance_id, private_key_path)) + RunCmdAndReportFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s -- ls", instance_id, private_key_path)) + RunCmdAndExpectFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s -- false", instance_id, private_key_path)) +} + +func TestCmdConsole_AuthenticationNone(t *testing.T) { stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"none"}`) instance_id := strings.TrimSpace(stdout.String()) @@ -41,6 +50,28 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) } +func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { + // Make key pair by ssh-keygen + private_key_path := "./testRsa" + RunCmd("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) + + // Read public key + data, err := ioutil.ReadFile(private_key_path + ".pub") + if err != nil { + t.Fatalf("Can not read public key: %s\n", err.Error()) + } + public_key := string(data) + stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"pub_key","ssh_public_key":"`+public_key+`"}`) + + // runConsole() + instance_id := strings.TrimSpace(stdout.String()) + WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) + runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) + //vrunConsoleCmdPiped(instance_id, t) + RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) + WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) +} + func TestQEMUCmdConsole_ShowOption(t *testing.T) { stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/qemu_ga") instance_id := strings.TrimSpace(stdout.String()) From 76a563c42235a85b9d80e17b267c1aa52605b254 Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 28 Aug 2017 17:38:57 +0900 Subject: [PATCH 25/55] Fix deleting variable of info. --- cmd/openvdc/cmd/console.go | 1 + 1 file changed, 1 insertion(+) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index 49405857..f30935be 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -62,6 +62,7 @@ var consoleCmd = &cobra.Command{ log.WithError(err).Fatal("Failed request to Instance.Console API") } + info, _ := cmd.Flags().GetBool("show") switch res.Type { case model.Console_SSH: if info { From c47e3570514526bb89ff035a3b469d204bb0a06d Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 28 Aug 2017 20:05:18 +0900 Subject: [PATCH 26/55] Modify test command. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 0216015d..83294adf 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -5,6 +5,7 @@ package tests import ( "fmt" "io/ioutil" + "os/exec" "strings" "testing" "time" @@ -53,7 +54,7 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // Make key pair by ssh-keygen private_key_path := "./testRsa" - RunCmd("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) + exec.Command("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) // Read public key data, err := ioutil.ReadFile(private_key_path + ".pub") From 1329d57b53e6172b48596e84b5df6b5a44a42a6d Mon Sep 17 00:00:00 2001 From: itouri Date: Mon, 28 Aug 2017 20:54:45 +0900 Subject: [PATCH 27/55] Add if process that using api.ConsoleReply. --- api/instance_service.go | 3 ++ .../acceptance-test/tests/cmd_console_test.go | 40 +++++++++---------- cmd/openvdc/cmd/console.go | 30 ++++++++------ proto/v1.proto | 1 + 4 files changed, 40 insertions(+), 34 deletions(-) diff --git a/api/instance_service.go b/api/instance_service.go index 2d0a96d3..70e2adbd 100644 --- a/api/instance_service.go +++ b/api/instance_service.go @@ -244,11 +244,14 @@ func (s *InstanceAPI) Console(ctx context.Context, in *ConsoleRequest) (*Console log.WithError(err).WithField("instance_id", in.GetInstanceId()).Error("Failed to find the instance") return nil, err } + instResource := inst.ResourceTemplate().(model.InstanceResource) + authType := instResource.GetAuthenticationType() return &ConsoleReply{ InstanceId: instanceID, Type: node.Console.Type, Address: node.Console.BindAddr, + AuthType: authType, }, nil } diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 83294adf..b364a31e 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -4,8 +4,6 @@ package tests import ( "fmt" - "io/ioutil" - "os/exec" "strings" "testing" "time" @@ -51,27 +49,27 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) } -func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { - // Make key pair by ssh-keygen - private_key_path := "./testRsa" - exec.Command("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) +// func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { +// // Make key pair by ssh-keygen +// private_key_path := "./testRsa" +// exec.Command("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) - // Read public key - data, err := ioutil.ReadFile(private_key_path + ".pub") - if err != nil { - t.Fatalf("Can not read public key: %s\n", err.Error()) - } - public_key := string(data) - stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"pub_key","ssh_public_key":"`+public_key+`"}`) +// // Read public key +// data, err := ioutil.ReadFile(private_key_path + ".pub") +// if err != nil { +// t.Fatalf("Can not read public key: %s\n", err.Error()) +// } +// public_key := string(data) +// stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"pub_key","ssh_public_key":"`+public_key+`"}`) - // runConsole() - instance_id := strings.TrimSpace(stdout.String()) - WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) - runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) - //vrunConsoleCmdPiped(instance_id, t) - RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) - WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) -} +// // runConsole() +// instance_id := strings.TrimSpace(stdout.String()) +// WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) +// runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) +// //vrunConsoleCmdPiped(instance_id, t) +// RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) +// WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) +// } func TestQEMUCmdConsole_ShowOption(t *testing.T) { stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/qemu_ga") diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index f30935be..00eb536f 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -82,24 +82,28 @@ var consoleCmd = &cobra.Command{ Timeout: 5 * time.Second, } - if indentityFile == "" { + switch res.AuthType { + case model.AuthenticationType_NONE: config.Auth = []ssh.AuthMethod{ssh.Password("")} - } else { - // Parse and set indetifyFifle - key, err := ioutil.ReadFile(indentityFile) - if err != nil { - log.Fatalf("unable to read private key: %v", err) - } - // Create the Signer for this private key. - signer, err := ssh.ParsePrivateKey(key) - if err != nil { - log.Fatalf("unable to parse private key: %v", err) + case model.AuthenticationType_PUB_KEY: + if indentityFile == "" { + log.Fatalf("Required private key but not setted") + } else { + // Parse and set indetifyFifle + key, err := ioutil.ReadFile(indentityFile) + if err != nil { + log.Fatalf("unable to read private key: %v", err) + } + // Create the Signer for this private key. + signer, err := ssh.ParsePrivateKey(key) + if err != nil { + log.Fatalf("unable to parse private key: %v", err) + } + config.Auth = []ssh.AuthMethod{ssh.PublicKeys(signer)} } - config.Auth = []ssh.AuthMethod{ssh.PublicKeys(signer)} } sshcon := console.NewSshConsole(instanceID, config) - // var err error if len(execArgs) > 0 { err = sshcon.Exec(res.GetAddress(), execArgs) } else { diff --git a/proto/v1.proto b/proto/v1.proto index f6ddc180..be88dad4 100644 --- a/proto/v1.proto +++ b/proto/v1.proto @@ -67,6 +67,7 @@ message ConsoleReply { string instance_id = 1 [json_name="instance_id"]; model.Console.Transport type = 2; string address = 3; + model.AuthenticationType authType = 4; } message CreateRequest{ From de2b220cb24502265856bb7eea021f2e702214de Mon Sep 17 00:00:00 2001 From: itouri Date: Tue, 29 Aug 2017 10:08:16 +0900 Subject: [PATCH 28/55] Add forggten folder. --- api/v1.pb.go | 144 +++++++++++++++++++++++++++------------------------ 1 file changed, 77 insertions(+), 67 deletions(-) diff --git a/api/v1.pb.go b/api/v1.pb.go index cacb0aae..72093acf 100644 --- a/api/v1.pb.go +++ b/api/v1.pb.go @@ -249,6 +249,7 @@ type ConsoleReply struct { InstanceId string `protobuf:"bytes,1,opt,name=instance_id" json:"instance_id,omitempty"` Type model1.Console_Transport `protobuf:"varint,2,opt,name=type,enum=model.Console_Transport" json:"type,omitempty"` Address string `protobuf:"bytes,3,opt,name=address" json:"address,omitempty"` + AuthType model.AuthenticationType `protobuf:"varint,4,opt,name=authType,enum=model.AuthenticationType" json:"authType,omitempty"` } func (m *ConsoleReply) Reset() { *m = ConsoleReply{} } @@ -277,6 +278,13 @@ func (m *ConsoleReply) GetAddress() string { return "" } +func (m *ConsoleReply) GetAuthType() model.AuthenticationType { + if m != nil { + return m.AuthType + } + return model.AuthenticationType_NONE +} + type CreateRequest struct { // string resource_id = 1; // Obsolete Template *model.Template `protobuf:"bytes,2,opt,name=template" json:"template,omitempty"` @@ -1401,71 +1409,73 @@ var _Instance_serviceDesc = grpc.ServiceDesc{ func init() { proto.RegisterFile("v1.proto", fileDescriptor0) } var fileDescriptor0 = []byte{ - // 1048 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdb, 0x6e, 0xdb, 0x46, - 0x10, 0x95, 0x48, 0x89, 0x96, 0x46, 0x96, 0x2c, 0xaf, 0x5d, 0x5b, 0x65, 0x51, 0xd4, 0x21, 0x8a, - 0xc6, 0x48, 0x1c, 0x4a, 0x51, 0x8a, 0x5e, 0x92, 0x16, 0x41, 0x64, 0x37, 0x88, 0x50, 0x23, 0x6d, - 0xd7, 0x7a, 0xea, 0x4b, 0xb0, 0x96, 0xd6, 0x14, 0x0b, 0x8a, 0xcb, 0x92, 0x4b, 0x37, 0x7a, 0xec, - 0x27, 0xf5, 0x43, 0xfa, 0x31, 0xfd, 0x83, 0x82, 0x7b, 0xa1, 0x48, 0x47, 0x06, 0xd8, 0xbe, 0x08, - 0x9c, 0xd9, 0x39, 0xe7, 0xec, 0xce, 0xce, 0xce, 0x08, 0x5a, 0xb7, 0x4f, 0xdd, 0x28, 0x66, 0x9c, - 0x21, 0x93, 0x44, 0xbe, 0xdd, 0x59, 0xb1, 0x05, 0x0d, 0xa4, 0xc7, 0xee, 0xce, 0x83, 0x34, 0xe1, - 0x34, 0x56, 0xe6, 0x0b, 0xcf, 0xe7, 0xcb, 0xf4, 0xda, 0x9d, 0xb3, 0xd5, 0xd0, 0x63, 0x01, 0x09, - 0xbd, 0xa1, 0x58, 0xb8, 0x4e, 0x6f, 0x86, 0x11, 0x5f, 0x47, 0x34, 0x19, 0x72, 0x7f, 0x45, 0x13, - 0x4e, 0x56, 0xd1, 0xe6, 0x4b, 0x82, 0x9d, 0x97, 0xd0, 0x3e, 0x67, 0x61, 0xc2, 0x02, 0x3a, 0x0d, - 0x51, 0x1f, 0xcc, 0xeb, 0xf4, 0x66, 0x50, 0x3f, 0xa9, 0x9f, 0xb6, 0x71, 0xf6, 0x89, 0x4e, 0xa0, - 0xe3, 0x87, 0x09, 0x27, 0xe1, 0x9c, 0xbe, 0xf3, 0x17, 0x03, 0x43, 0xac, 0x14, 0x5d, 0xce, 0x6f, - 0x00, 0x8a, 0xe0, 0xa7, 0x94, 0xa3, 0x87, 0x60, 0xcc, 0x97, 0x82, 0xa0, 0x37, 0x3e, 0x76, 0x49, - 0xe4, 0xbb, 0x9b, 0x45, 0xf7, 0x7c, 0x49, 0xc2, 0x90, 0x06, 0xd8, 0x98, 0x2f, 0xb5, 0x94, 0x91, - 0x4b, 0x39, 0x0f, 0x60, 0x47, 0x05, 0x20, 0x00, 0x2b, 0xe1, 0x0b, 0x96, 0xf2, 0x7e, 0x4d, 0x7d, - 0xd3, 0x38, 0xee, 0xd7, 0x9d, 0x33, 0x68, 0xe1, 0x34, 0xc4, 0x34, 0x0a, 0xd6, 0x77, 0x77, 0x56, - 0xff, 0x70, 0x67, 0x43, 0xe8, 0x5c, 0x71, 0x16, 0x61, 0xfa, 0x7b, 0x4a, 0x13, 0x5e, 0x01, 0xf0, - 0x04, 0xda, 0x12, 0x50, 0x8d, 0x7f, 0x0c, 0xbd, 0x0b, 0x9a, 0xf0, 0x98, 0xad, 0xab, 0x4b, 0x8c, - 0x60, 0x37, 0xc7, 0x54, 0x56, 0x51, 0x29, 0xac, 0xae, 0xf2, 0x1e, 0x76, 0x73, 0x4c, 0x25, 0x15, - 0x74, 0x06, 0x8d, 0xac, 0x52, 0xc4, 0x7d, 0xf4, 0xc6, 0x03, 0x57, 0x96, 0x9b, 0x22, 0x71, 0x67, - 0x31, 0x09, 0x93, 0x88, 0xc5, 0x1c, 0x8b, 0x28, 0x34, 0x80, 0x1d, 0xb2, 0x58, 0xc4, 0x34, 0x49, - 0x06, 0xa6, 0xe0, 0xd2, 0xa6, 0xf3, 0x1d, 0x74, 0xcf, 0x63, 0x4a, 0x78, 0xbe, 0xd9, 0xc7, 0xd0, - 0xe2, 0x74, 0x15, 0x05, 0x84, 0x4b, 0xf2, 0xce, 0x78, 0x4f, 0x91, 0xcf, 0x94, 0x1b, 0xe7, 0x01, - 0xd9, 0x8d, 0x69, 0x74, 0xb5, 0xe4, 0x8c, 0x60, 0xf7, 0x8a, 0x93, 0x98, 0x57, 0x4f, 0x8d, 0x0b, - 0xa0, 0x10, 0xd5, 0x14, 0x9e, 0x42, 0x17, 0xd3, 0x6b, 0xc6, 0xfe, 0x83, 0xc4, 0x10, 0x3a, 0x1a, - 0x52, 0x4d, 0x63, 0x02, 0xfb, 0x53, 0x65, 0x4e, 0x2f, 0xb4, 0x4e, 0x1f, 0x8c, 0xe9, 0x85, 0x8c, - 0x7e, 0x53, 0xc3, 0xc6, 0xf4, 0x02, 0x1d, 0x42, 0xe3, 0x2d, 0x59, 0xc9, 0x34, 0x66, 0x3e, 0x61, - 0x4d, 0x9a, 0x60, 0xfe, 0x48, 0xd7, 0xce, 0x25, 0x74, 0x35, 0x87, 0x94, 0xed, 0x6d, 0xf0, 0x02, - 0xfd, 0x18, 0x5a, 0x5a, 0xf3, 0xce, 0x45, 0xe4, 0xb8, 0x3c, 0xc0, 0xf9, 0xd3, 0x80, 0x03, 0xed, - 0xbe, 0xf4, 0x93, 0xfc, 0xf0, 0xdf, 0x40, 0x23, 0x22, 0x1e, 0x15, 0xb4, 0x9d, 0xf1, 0xe7, 0xe2, - 0x81, 0x6f, 0x89, 0x73, 0x7f, 0x26, 0x9e, 0xae, 0x00, 0x2c, 0x10, 0xe8, 0x6b, 0xb0, 0x6e, 0xfc, - 0x80, 0xd3, 0x58, 0x89, 0x7f, 0x76, 0x2f, 0xf6, 0xb5, 0x08, 0xc3, 0x2a, 0xdc, 0x7e, 0x01, 0x9d, - 0x02, 0x1b, 0x3a, 0x02, 0x8b, 0xdd, 0xdc, 0x24, 0x94, 0x8b, 0x3d, 0x34, 0xb1, 0xb2, 0xd0, 0x21, - 0x34, 0x03, 0x7f, 0xe5, 0x73, 0x41, 0xdf, 0xc4, 0xd2, 0xb0, 0x9f, 0x83, 0x25, 0xe9, 0xd0, 0x08, - 0x9a, 0x09, 0xcf, 0x8a, 0x50, 0xf6, 0x26, 0xfb, 0xce, 0xd9, 0xaf, 0xb2, 0x35, 0x57, 0xfc, 0x62, - 0x19, 0xe8, 0xfc, 0x65, 0x6c, 0xae, 0x45, 0xee, 0x2f, 0x4b, 0xeb, 0x97, 0xa5, 0x0c, 0x9c, 0x6c, - 0x39, 0x45, 0x14, 0xac, 0xd5, 0xf9, 0xa3, 0x60, 0xad, 0x4e, 0xff, 0x3d, 0x34, 0x7d, 0x4e, 0x57, - 0xc9, 0xc0, 0x38, 0x31, 0x4f, 0x3b, 0xe3, 0x87, 0xf7, 0xc0, 0x8a, 0x9e, 0x29, 0xa7, 0x2b, 0x2c, - 0x51, 0xf6, 0x2f, 0xd0, 0xce, 0x19, 0xb3, 0x93, 0x72, 0xc6, 0x49, 0xa0, 0x12, 0x20, 0x8d, 0xec, - 0x49, 0xce, 0xd3, 0x38, 0xa6, 0xa1, 0xce, 0x80, 0x36, 0x37, 0x99, 0x31, 0x8b, 0x99, 0x99, 0x41, - 0xff, 0xae, 0x5a, 0x56, 0x32, 0x79, 0x81, 0x1a, 0xfe, 0x62, 0x93, 0x33, 0xa3, 0x6a, 0xce, 0x2e, - 0x00, 0xe5, 0xac, 0xcc, 0xd3, 0x77, 0xe6, 0x82, 0x35, 0x23, 0xb1, 0xa7, 0xee, 0xac, 0x33, 0x3e, - 0x2a, 0x1d, 0x3f, 0x2f, 0x79, 0xac, 0xa2, 0x9c, 0x2f, 0x0a, 0x7b, 0xcb, 0x58, 0xb2, 0x53, 0x23, - 0x68, 0x5c, 0xfa, 0x61, 0x96, 0x77, 0xf3, 0xb4, 0x8d, 0xc5, 0xb7, 0xf3, 0x1a, 0x0e, 0x75, 0xdc, - 0x0f, 0xb7, 0x34, 0xe4, 0xff, 0x57, 0xef, 0x9f, 0xfa, 0x66, 0xdb, 0x8a, 0x28, 0x93, 0x7c, 0x05, - 0x40, 0x33, 0xeb, 0x9d, 0xe8, 0x8c, 0xb2, 0x6e, 0x1e, 0x94, 0xa8, 0x36, 0xc1, 0xae, 0xf8, 0x9c, - 0xad, 0x23, 0x8a, 0x0b, 0x20, 0xf4, 0x15, 0xb4, 0xa4, 0x45, 0xb8, 0xaa, 0x7b, 0xdb, 0xf5, 0x18, - 0xf3, 0x02, 0xea, 0xea, 0x11, 0xed, 0xce, 0xf4, 0x44, 0xc6, 0x79, 0x2c, 0x3a, 0xd3, 0x99, 0x37, - 0x05, 0xe8, 0x70, 0x5b, 0xe6, 0xdf, 0xd4, 0x74, 0xd6, 0x1f, 0x41, 0x3b, 0x97, 0x47, 0x5d, 0x65, - 0xbc, 0x65, 0x21, 0xed, 0xd7, 0x50, 0x0f, 0x40, 0x98, 0x02, 0xd2, 0xaf, 0x4f, 0x2c, 0x68, 0x4c, - 0xd8, 0x62, 0x3d, 0x9e, 0xc0, 0x9e, 0x66, 0x53, 0x5d, 0x1e, 0x0d, 0xc1, 0x7a, 0xc5, 0x39, 0x99, - 0x2f, 0x51, 0xaf, 0x38, 0xb9, 0xa7, 0xa1, 0xbd, 0x77, 0x67, 0x92, 0x3b, 0xb5, 0xd3, 0xfa, 0xa8, - 0x3e, 0xfe, 0xbb, 0x01, 0x2d, 0x4d, 0x82, 0x46, 0x60, 0xc9, 0xde, 0x8d, 0x90, 0x8c, 0x2e, 0x8e, - 0x01, 0xbb, 0x5f, 0xf2, 0x45, 0xc1, 0xda, 0xa9, 0xa1, 0x27, 0xd0, 0x14, 0xad, 0x18, 0xed, 0x8b, - 0xc5, 0x62, 0x23, 0x57, 0x8a, 0x9b, 0x4e, 0xed, 0xd4, 0xd0, 0x23, 0x30, 0x71, 0x1a, 0x6e, 0x65, - 0xef, 0x0a, 0x9f, 0xfe, 0x6b, 0x20, 0x62, 0x1b, 0xd9, 0x24, 0x47, 0x7d, 0x45, 0x93, 0xff, 0x0b, - 0xb0, 0x7b, 0x05, 0x8f, 0x8c, 0x7d, 0x06, 0x3b, 0x6a, 0x24, 0xa3, 0x03, 0xb1, 0x58, 0x1e, 0xea, - 0xf6, 0x7e, 0xd9, 0x29, 0x41, 0x23, 0xb0, 0x64, 0x8f, 0x57, 0xfb, 0x29, 0xcd, 0x08, 0x75, 0xda, - 0xc2, 0x10, 0x90, 0x32, 0x3a, 0xd1, 0x07, 0xc5, 0x74, 0x96, 0x65, 0x8a, 0x63, 0xdb, 0xa9, 0x65, - 0xdd, 0xe6, 0x6a, 0xc9, 0xfe, 0x40, 0xf7, 0x54, 0xb0, 0x8d, 0x4a, 0x7e, 0x8d, 0x7a, 0x9e, 0xbd, - 0x95, 0x84, 0xa3, 0xc1, 0x7d, 0x3d, 0xd6, 0x3e, 0xda, 0xde, 0x80, 0x9c, 0x1a, 0xfa, 0x16, 0xcc, - 0x4b, 0xe6, 0xa1, 0xe3, 0x72, 0x40, 0xfe, 0x96, 0xed, 0x8f, 0x3e, 0x5c, 0x10, 0xc0, 0x51, 0x1d, - 0xbd, 0x84, 0xa6, 0x28, 0x35, 0xf4, 0xf1, 0xb6, 0x47, 0x22, 0xe1, 0xc7, 0xf7, 0xbc, 0x9f, 0x8c, - 0x60, 0xf2, 0xe9, 0xaf, 0x9f, 0x14, 0xfe, 0xca, 0x92, 0xf7, 0xc9, 0x72, 0xc8, 0x22, 0x1a, 0xde, - 0x2e, 0xe6, 0x43, 0x12, 0xf9, 0xd7, 0x96, 0x78, 0x32, 0xcf, 0xfe, 0x0d, 0x00, 0x00, 0xff, 0xff, - 0xed, 0x7c, 0xc9, 0xf5, 0x1b, 0x0b, 0x00, 0x00, + // 1077 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0x9c, 0x56, 0xdd, 0x6e, 0xdb, 0x36, + 0x14, 0xb6, 0xe5, 0x9f, 0xd8, 0xc7, 0xb1, 0xe3, 0x30, 0x59, 0xe2, 0x6a, 0x18, 0x96, 0x0a, 0xc3, + 0x1a, 0xb4, 0xa9, 0xec, 0xba, 0xfb, 0x6d, 0x37, 0x14, 0x71, 0xb2, 0xa2, 0xc6, 0x82, 0x6e, 0x63, + 0x7c, 0xb5, 0x9b, 0x82, 0xb1, 0x19, 0x5b, 0x83, 0x2c, 0x6a, 0x12, 0x95, 0xcd, 0x97, 0x7b, 0xa2, + 0x61, 0x0f, 0xb2, 0x87, 0xd9, 0x1b, 0x0c, 0xfc, 0x93, 0xa5, 0xd4, 0x06, 0xb4, 0xdd, 0x08, 0x3a, + 0x87, 0xe7, 0xfb, 0x3e, 0xf2, 0xf0, 0xf0, 0x90, 0xd0, 0xb8, 0x7b, 0xe6, 0x86, 0x11, 0xe3, 0x0c, + 0x55, 0x48, 0xe8, 0xd9, 0xad, 0x25, 0x9b, 0x51, 0x5f, 0x79, 0xec, 0xf6, 0xd4, 0x4f, 0x62, 0x4e, + 0x23, 0x6d, 0xbe, 0x9c, 0x7b, 0x7c, 0x91, 0xdc, 0xb8, 0x53, 0xb6, 0xec, 0xcf, 0x99, 0x4f, 0x82, + 0x79, 0x5f, 0x0e, 0xdc, 0x24, 0xb7, 0xfd, 0x90, 0xaf, 0x42, 0x1a, 0xf7, 0xb9, 0xb7, 0xa4, 0x31, + 0x27, 0xcb, 0x70, 0xfd, 0xa7, 0xc0, 0xce, 0x2b, 0x68, 0x5e, 0xb0, 0x20, 0x66, 0x3e, 0x1d, 0x07, + 0xa8, 0x0b, 0x95, 0x9b, 0xe4, 0xb6, 0x57, 0x3e, 0x29, 0x9f, 0x36, 0xb1, 0xf8, 0x45, 0x27, 0xd0, + 0xf2, 0x82, 0x98, 0x93, 0x60, 0x4a, 0xdf, 0x79, 0xb3, 0x9e, 0x25, 0x47, 0xb2, 0x2e, 0xe7, 0x17, + 0x00, 0x4d, 0xf0, 0x43, 0xc2, 0xd1, 0x23, 0xb0, 0xa6, 0x0b, 0x49, 0xd0, 0x19, 0x1e, 0xbb, 0x24, + 0xf4, 0xdc, 0xf5, 0xa0, 0x7b, 0xb1, 0x20, 0x41, 0x40, 0x7d, 0x6c, 0x4d, 0x17, 0x46, 0xca, 0x4a, + 0xa5, 0x9c, 0x87, 0xb0, 0xa3, 0x03, 0x10, 0x40, 0x3d, 0xe6, 0x33, 0x96, 0xf0, 0x6e, 0x49, 0xff, + 0xd3, 0x28, 0xea, 0x96, 0x9d, 0x33, 0x68, 0xe0, 0x24, 0xc0, 0x34, 0xf4, 0x57, 0xf7, 0x67, 0x56, + 0x7e, 0x7f, 0x66, 0x7d, 0x68, 0x5d, 0x73, 0x16, 0x62, 0xfa, 0x6b, 0x42, 0x63, 0x5e, 0x00, 0xf0, + 0x14, 0x9a, 0x0a, 0x50, 0x8c, 0x7f, 0x08, 0x9d, 0x4b, 0x1a, 0xf3, 0x88, 0xad, 0x8a, 0x4b, 0x0c, + 0x60, 0x37, 0xc5, 0x14, 0x56, 0xd1, 0x29, 0x2c, 0xae, 0xf2, 0x67, 0x19, 0x76, 0x53, 0x50, 0x21, + 0x19, 0x74, 0x06, 0x55, 0x51, 0x2a, 0x72, 0x43, 0x3a, 0xc3, 0x9e, 0xab, 0xea, 0x4d, 0x93, 0xb8, + 0x93, 0x88, 0x04, 0x71, 0xc8, 0x22, 0x8e, 0x65, 0x14, 0xea, 0xc1, 0x0e, 0x99, 0xcd, 0x22, 0x1a, + 0xc7, 0xbd, 0x8a, 0xe4, 0x32, 0x26, 0xfa, 0x1c, 0x1a, 0x24, 0xe1, 0x8b, 0x89, 0xe0, 0xaa, 0x4a, + 0xae, 0x07, 0x9a, 0xeb, 0x3c, 0xe1, 0x0b, 0x1a, 0x70, 0x6f, 0x4a, 0xb8, 0xc7, 0x02, 0x11, 0x80, + 0xd3, 0x50, 0xe7, 0x1b, 0x68, 0x5f, 0x44, 0x94, 0xf0, 0x74, 0x91, 0x4f, 0xa0, 0xc1, 0xe9, 0x32, + 0xf4, 0x09, 0x57, 0x73, 0x6a, 0x0d, 0xf7, 0x34, 0xcf, 0x44, 0xbb, 0x71, 0x1a, 0x20, 0x76, 0xda, + 0xa0, 0x8b, 0x25, 0x75, 0x00, 0xbb, 0xd7, 0x9c, 0x44, 0xbc, 0x78, 0x4a, 0x5d, 0x00, 0x8d, 0x28, + 0xa6, 0xf0, 0x0c, 0xda, 0x98, 0xde, 0x30, 0xf6, 0x1f, 0x24, 0xfa, 0xd0, 0x32, 0x90, 0x62, 0x1a, + 0x23, 0xd8, 0x1f, 0x6b, 0x73, 0x7c, 0x69, 0x74, 0xba, 0x60, 0x8d, 0x2f, 0x55, 0xf4, 0x9b, 0x12, + 0xb6, 0xc6, 0x97, 0xe8, 0x10, 0xaa, 0x6f, 0xc9, 0x52, 0xa5, 0x51, 0xf8, 0xa4, 0x35, 0xaa, 0x41, + 0xe5, 0x7b, 0xba, 0x72, 0xae, 0xa0, 0x6d, 0x38, 0x94, 0x6c, 0x67, 0x8d, 0x97, 0xe8, 0x27, 0xd0, + 0x30, 0x9a, 0xf7, 0x36, 0x22, 0xc5, 0xa5, 0x01, 0xce, 0x1f, 0x16, 0x1c, 0x18, 0xf7, 0x95, 0x17, + 0xa7, 0x8b, 0xff, 0x0a, 0xaa, 0x21, 0x99, 0x53, 0x49, 0xdb, 0x1a, 0x7e, 0x22, 0x1b, 0xc3, 0x86, + 0x38, 0xf7, 0x47, 0x32, 0x37, 0x15, 0x80, 0x25, 0x02, 0x7d, 0x09, 0xf5, 0x5b, 0xcf, 0xe7, 0x34, + 0xd2, 0xe2, 0x1f, 0x6f, 0xc5, 0xbe, 0x96, 0x61, 0x58, 0x87, 0xdb, 0x2f, 0xa1, 0x95, 0x61, 0x43, + 0x47, 0x50, 0x67, 0xb7, 0xb7, 0x31, 0xe5, 0x72, 0x0e, 0x35, 0xac, 0x2d, 0x74, 0x08, 0x35, 0xdf, + 0x5b, 0x7a, 0x5c, 0xd2, 0xd7, 0xb0, 0x32, 0xec, 0x17, 0x50, 0x57, 0x74, 0x68, 0x00, 0xb5, 0x98, + 0x8b, 0x22, 0x54, 0x3d, 0xcd, 0xbe, 0xb7, 0xf6, 0x6b, 0x31, 0xe6, 0xca, 0x2f, 0x56, 0x81, 0xce, + 0x5f, 0xd6, 0x7a, 0x5b, 0xd4, 0xfc, 0x44, 0x5a, 0x3f, 0xcb, 0x65, 0xe0, 0x64, 0xc3, 0x2a, 0x42, + 0x7f, 0xa5, 0xd7, 0x1f, 0xfa, 0x2b, 0xbd, 0xfa, 0x6f, 0xa1, 0xe6, 0x71, 0xba, 0x8c, 0x7b, 0xd6, + 0x49, 0xe5, 0xb4, 0x35, 0x7c, 0xb4, 0x05, 0x96, 0xf5, 0x8c, 0x39, 0x5d, 0x62, 0x85, 0xb2, 0x7f, + 0x82, 0x66, 0xca, 0x28, 0x56, 0xca, 0x19, 0x27, 0xbe, 0x4e, 0x80, 0x32, 0xc4, 0x49, 0x9e, 0x26, + 0x51, 0x44, 0x03, 0x93, 0x01, 0x63, 0xae, 0x33, 0x53, 0xc9, 0x66, 0x66, 0x02, 0xdd, 0xfb, 0x6a, + 0xa2, 0x64, 0xd2, 0x02, 0xb5, 0xbc, 0xd9, 0x3a, 0x67, 0x56, 0xd1, 0x9c, 0x5d, 0x02, 0x4a, 0x59, + 0xd9, 0xdc, 0xec, 0x99, 0x0b, 0xf5, 0x09, 0x89, 0xe6, 0x7a, 0xcf, 0x5a, 0xc3, 0xa3, 0xdc, 0xf2, + 0xd3, 0x92, 0xc7, 0x3a, 0xca, 0xf9, 0x34, 0x33, 0x37, 0xc1, 0x22, 0x56, 0x8d, 0xa0, 0x7a, 0xe5, + 0x05, 0x22, 0xef, 0x95, 0xd3, 0x26, 0x96, 0xff, 0xce, 0x6b, 0x38, 0x34, 0x71, 0xdf, 0xdd, 0xd1, + 0x80, 0xff, 0x5f, 0xbd, 0x7f, 0xca, 0xeb, 0x69, 0x6b, 0x22, 0x21, 0x79, 0x0e, 0x40, 0x85, 0xf5, + 0x4e, 0x36, 0x54, 0x55, 0x37, 0x0f, 0x73, 0x54, 0xeb, 0x60, 0x57, 0xfe, 0xca, 0x66, 0x98, 0x01, + 0xa1, 0x2f, 0xa0, 0xa1, 0x2c, 0xc2, 0x75, 0xdd, 0xdb, 0xee, 0x9c, 0xb1, 0xb9, 0x4f, 0x5d, 0x73, + 0xb5, 0xbb, 0x13, 0x73, 0x93, 0xe3, 0x34, 0x16, 0x9d, 0x99, 0xcc, 0x57, 0x24, 0xe8, 0x70, 0x53, + 0xe6, 0xdf, 0x94, 0x4c, 0xd6, 0x1f, 0x43, 0x33, 0x95, 0x47, 0x6d, 0x6d, 0xbc, 0x65, 0x01, 0xed, + 0x96, 0x50, 0x07, 0x40, 0x9a, 0x12, 0xd2, 0x2d, 0x8f, 0xea, 0x50, 0x1d, 0xb1, 0xd9, 0x6a, 0x38, + 0x82, 0x3d, 0xc3, 0xa6, 0x2f, 0x07, 0xd4, 0x87, 0xfa, 0x39, 0xe7, 0x64, 0xba, 0x40, 0x9d, 0xec, + 0x8d, 0x3f, 0x0e, 0xec, 0xbd, 0x7b, 0x2f, 0x00, 0xa7, 0x74, 0x5a, 0x1e, 0x94, 0x87, 0x7f, 0x57, + 0xa1, 0x61, 0x48, 0xd0, 0x00, 0xea, 0xaa, 0x77, 0x23, 0xa4, 0xa2, 0xb3, 0xd7, 0x80, 0xdd, 0xcd, + 0xf9, 0x42, 0x7f, 0xe5, 0x94, 0xd0, 0x53, 0xa8, 0xc9, 0x56, 0x8c, 0xf6, 0xe5, 0x60, 0xb6, 0x91, + 0x6b, 0xc5, 0x75, 0xa7, 0x76, 0x4a, 0xe8, 0x31, 0x54, 0x70, 0x12, 0x6c, 0x64, 0x6f, 0x4b, 0x9f, + 0x79, 0x52, 0xc8, 0xd8, 0xaa, 0x78, 0x01, 0xa0, 0xae, 0xa6, 0x49, 0x5f, 0x0f, 0x76, 0x27, 0xe3, + 0x51, 0xb1, 0xcf, 0x61, 0x47, 0x5f, 0xe5, 0xe8, 0x40, 0x0e, 0xe6, 0x1f, 0x03, 0xf6, 0x7e, 0xde, + 0xa9, 0x40, 0x03, 0xa8, 0xab, 0x1e, 0xaf, 0xe7, 0x93, 0xbb, 0x23, 0xf4, 0x6a, 0x33, 0x97, 0x80, + 0x92, 0x31, 0x89, 0x3e, 0xc8, 0xa6, 0x33, 0x2f, 0x93, 0xbd, 0xed, 0x9d, 0x92, 0xe8, 0x36, 0xd7, + 0x0b, 0xf6, 0x1b, 0xda, 0x52, 0xc1, 0x36, 0xca, 0xf9, 0x0d, 0xea, 0x85, 0x38, 0x2b, 0x31, 0x47, + 0xbd, 0x6d, 0x3d, 0xd6, 0x3e, 0xda, 0xdc, 0x80, 0x9c, 0x12, 0xfa, 0x1a, 0x2a, 0x57, 0x6c, 0x8e, + 0x8e, 0xf3, 0x01, 0xe9, 0x59, 0xb6, 0x3f, 0x78, 0x7f, 0x40, 0x02, 0x07, 0x65, 0xf4, 0x0a, 0x6a, + 0xb2, 0xd4, 0xd0, 0x83, 0x4d, 0x87, 0x44, 0xc1, 0x8f, 0xb7, 0x9c, 0x1f, 0x41, 0x30, 0xfa, 0xe8, + 0xe7, 0x0f, 0x33, 0x4f, 0x60, 0xf2, 0x7b, 0xbc, 0xe8, 0xb3, 0x90, 0x06, 0x77, 0xb3, 0x69, 0x9f, + 0x84, 0xde, 0x4d, 0x5d, 0x1e, 0x99, 0xe7, 0xff, 0x06, 0x00, 0x00, 0xff, 0xff, 0x9d, 0x71, 0x4d, + 0xf5, 0x53, 0x0b, 0x00, 0x00, } From b58666913b350f0bb5fd2657f304d6f35c3f5296 Mon Sep 17 00:00:00 2001 From: itouri Date: Tue, 29 Aug 2017 11:52:34 +0900 Subject: [PATCH 29/55] Add authentication type test. --- .../acceptance-test/tests/cmd_console_test.go | 45 +++++++++++-------- 1 file changed, 26 insertions(+), 19 deletions(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index b364a31e..0710d9b8 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -4,6 +4,7 @@ package tests import ( "fmt" + "io/ioutil" "strings" "testing" "time" @@ -49,27 +50,33 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) } -// func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { -// // Make key pair by ssh-keygen -// private_key_path := "./testRsa" -// exec.Command("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) +func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { + // Make key pair by ssh-keygen + private_key_path := "./testRsa" + _, stderr, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path) + if stderr != nil { + t.Fatalf("stderr: %s", stderr) + } + if err != nil { + t.Fatalf("err: %s", err) + } -// // Read public key -// data, err := ioutil.ReadFile(private_key_path + ".pub") -// if err != nil { -// t.Fatalf("Can not read public key: %s\n", err.Error()) -// } -// public_key := string(data) -// stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"pub_key","ssh_public_key":"`+public_key+`"}`) + // Read public key + data, err := ioutil.ReadFile(private_key_path + ".pub") + if err != nil { + t.Fatalf("Can not read public key: %s\n", err.Error()) + } + public_key := string(data) + stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"pub_key","ssh_public_key":"`+public_key+`"}`) -// // runConsole() -// instance_id := strings.TrimSpace(stdout.String()) -// WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) -// runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) -// //vrunConsoleCmdPiped(instance_id, t) -// RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) -// WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) -// } + // runConsole() + instance_id := strings.TrimSpace(stdout.String()) + WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) + runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) + //vrunConsoleCmdPiped(instance_id, t) + RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) + WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) +} func TestQEMUCmdConsole_ShowOption(t *testing.T) { stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/qemu_ga") From 8d3282db282cf4ed078db586c9a25a57f381f492 Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 30 Aug 2017 15:03:08 +0900 Subject: [PATCH 30/55] Modify args of RunCmd. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 0710d9b8..43bdc0ab 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -53,7 +53,7 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // Make key pair by ssh-keygen private_key_path := "./testRsa" - _, stderr, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path) + _, stderr, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path, "-C", "", "-N", "") if stderr != nil { t.Fatalf("stderr: %s", stderr) } From b88f0052ff1c527a9ee56dcbe37af6b19d03c08c Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 30 Aug 2017 15:38:52 +0900 Subject: [PATCH 31/55] Modify test code. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 43bdc0ab..4335537e 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -53,10 +53,7 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // Make key pair by ssh-keygen private_key_path := "./testRsa" - _, stderr, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path, "-C", "", "-N", "") - if stderr != nil { - t.Fatalf("stderr: %s", stderr) - } + _, _, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path, "-C", "", "-N", "") if err != nil { t.Fatalf("err: %s", err) } From 8fd82e0e7331eedaf7a8eed968e80e62340fbdb7 Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 30 Aug 2017 16:16:30 +0900 Subject: [PATCH 32/55] Add trimming \n from public_key. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 4335537e..8ea26f12 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -63,7 +63,7 @@ func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { if err != nil { t.Fatalf("Can not read public key: %s\n", err.Error()) } - public_key := string(data) + public_key := strings.Replace(string(data), "\n", "", -1) stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"pub_key","ssh_public_key":"`+public_key+`"}`) // runConsole() From 08c9355d6141685699bf15668dd119887b4fd287 Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 30 Aug 2017 17:24:51 +0900 Subject: [PATCH 33/55] Delete extra code. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 8ea26f12..d812c5e4 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -23,7 +23,6 @@ func runConsoleCmd(instance_id string, t *testing.T) { } func runConsoleCmdWithPrivatekey(instance_id string, private_key_path string, t *testing.T) { - RunCmd("ssh-keygen", "-t", "rsa", "-C", `""`, "-N", `""`, "-f", private_key_path) RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) RunCmdAndReportFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s ls", instance_id, private_key_path)) RunCmdAndReportFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s -- ls", instance_id, private_key_path)) From 819e63902c2ae44e4e9362faed56c00e7c4769a9 Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 30 Aug 2017 17:32:34 +0900 Subject: [PATCH 34/55] Modify if process. --- cmd/openvdc-executor/sshd.go | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index 8b71bbf2..c837f9f4 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -62,7 +62,9 @@ func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) * clientPubkey = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))) } - if zkPubKey != clientPubkey { + if zkPubKey == clientPubkey { + return nil, nil + } else { log.Errorf("Private key mismatch with database public key") return nil, fmt.Errorf("Private key mismatch with database public key") } From 4de652d78c5852b6e24e0d6329580dc8407dae4a Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 30 Aug 2017 17:35:15 +0900 Subject: [PATCH 35/55] =?UTF-8?q?Modify=20logic=20of=20authType=E2=80=99s?= =?UTF-8?q?=20switch.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- cmd/openvdc-executor/sshd.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index c837f9f4..6c6f3e7d 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -68,8 +68,9 @@ func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) * log.Errorf("Private key mismatch with database public key") return nil, fmt.Errorf("Private key mismatch with database public key") } + default: + return nil, fmt.Errorf("Unknown AuthenticationType") } - return nil, fmt.Errorf("Unknown AuthenticationType") }, } From a0ba12b2c9d4d28cba422104469d2d739961cde4 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 1 Sep 2017 15:46:35 +0900 Subject: [PATCH 36/55] Adding show option test to TestCmdConsole_AuthenticationNone. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index d812c5e4..72a9891b 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -29,12 +29,12 @@ func runConsoleCmdWithPrivatekey(instance_id string, private_key_path string, t RunCmdAndExpectFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s -- false", instance_id, private_key_path)) } -func TestCmdConsole_AuthenticationNone(t *testing.T) { +func TestCmdConsole_ShowOptionAuthenticationNone(t *testing.T) { stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"none"}`) instance_id := strings.TrimSpace(stdout.String()) - WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) - + runConsoleCmd(instance_id, t) + runConsoleCmdPiped(instance_id, t) RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) } From fe940a5bd16d85477cb59a32aa60646f33968eeb Mon Sep 17 00:00:00 2001 From: Masahiro Fujiwara Date: Fri, 15 Sep 2017 09:49:12 +0900 Subject: [PATCH 37/55] Upgrade golang.org/x/crypto/ssh --- vendor/vendor.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/vendor/vendor.json b/vendor/vendor.json index c16cbaac..de5afaf3 100644 --- a/vendor/vendor.json +++ b/vendor/vendor.json @@ -521,16 +521,16 @@ "revisionTime": "2016-10-31T15:37:30Z" }, { - "checksumSHA1": "LlElMHeTC34ng8eHzjvtUhAgrr8=", + "checksumSHA1": "U8Hfwou4jfW3wHPoIuz8Oi4KxTc=", "path": "golang.org/x/crypto/ssh", - "revision": "9477e0b78b9ac3d0b03822fd95422e2fe07627cd", - "revisionTime": "2016-10-31T15:37:30Z" + "revision": "faadfbdc035307d901e69eea569f5dda451a3ee3", + "revisionTime": "2017-09-12T19:17:24Z" }, { - "checksumSHA1": "HpfYVaB8VI/Q4dS6I78I1iWaIT4=", + "checksumSHA1": "nqWNlnMmVpt628zzvyo6Yv2CX5Q=", "path": "golang.org/x/crypto/ssh/terminal", - "revision": "2b786ab9e9649dc660afa3bd580fd05a05e20d95", - "revisionTime": "2016-12-19T07:27:34Z" + "revision": "faadfbdc035307d901e69eea569f5dda451a3ee3", + "revisionTime": "2017-09-12T19:17:24Z" }, { "checksumSHA1": "9jjO5GjLa0XF/nfWihF02RoH4qc=", From d0366354d538606e644809e24562aa92c1cb2350 Mon Sep 17 00:00:00 2001 From: Masahiro Fujiwara Date: Fri, 15 Sep 2017 16:42:08 +0900 Subject: [PATCH 38/55] Host key callback became mandate parameter. Due to the change of golang.org/x/crypto/ssh . golang/crypto@e4e2799dd7aa --- cmd/openvdc/cmd/console/ssh.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cmd/openvdc/cmd/console/ssh.go b/cmd/openvdc/cmd/console/ssh.go index 37ba255e..37d06a58 100644 --- a/cmd/openvdc/cmd/console/ssh.go +++ b/cmd/openvdc/cmd/console/ssh.go @@ -22,7 +22,8 @@ type SshConsole struct { func NewSshConsole(instanceID string, config *ssh.ClientConfig) *SshConsole { if config == nil { config = &ssh.ClientConfig{ - Timeout: 5 * time.Second, + Timeout: 5 * time.Second, + HostKeyCallback: ssh.InsecureIgnoreHostKey(), } } return &SshConsole{ From ff7a8862d1a1e34693bcb8c4a0e8e8c4972c3c38 Mon Sep 17 00:00:00 2001 From: Masahiro Fujiwara Date: Sat, 16 Sep 2017 11:37:57 +0900 Subject: [PATCH 39/55] Apply same ssh client host key check to acceptance test binary --- ci/citest/acceptance-test/tests/00_ssh.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ci/citest/acceptance-test/tests/00_ssh.go b/ci/citest/acceptance-test/tests/00_ssh.go index b90a4f40..bcabb17c 100644 --- a/ci/citest/acceptance-test/tests/00_ssh.go +++ b/ci/citest/acceptance-test/tests/00_ssh.go @@ -4,10 +4,12 @@ package tests import ( "bytes" - "golang.org/x/crypto/ssh" "testing" "time" + + "golang.org/x/crypto/ssh" ) + const zookeeper_ip = "10.0.100.10" const mesos_master_ip = "10.0.100.11" const scheduler_ip = "10.0.100.12" @@ -26,6 +28,7 @@ func RunSsh(ip string, cmd string) (*bytes.Buffer, *bytes.Buffer, error) { Auth: []ssh.AuthMethod{ ssh.Password("kemumaki"), }, + HostKeyCallback: ssh.InsecureIgnoreHostKey(), } connection, err := ssh.Dial("tcp", ip+":22", sshConfig) From 299e1acf2b4e54fb1759b231b8e76304446bc7e0 Mon Sep 17 00:00:00 2001 From: Masahiro Fujiwara Date: Sat, 16 Sep 2017 15:51:08 +0900 Subject: [PATCH 40/55] Same ssh host key change with d036635 --- cmd/openvdc/cmd/console.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index 00eb536f..1fe5f0f3 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -79,7 +79,8 @@ var consoleCmd = &cobra.Command{ } var config = &ssh.ClientConfig{ - Timeout: 5 * time.Second, + Timeout: 5 * time.Second, + HostKeyCallback: ssh.InsecureIgnoreHostKey(), } switch res.AuthType { From 1596b50e20790bfde3ed22744cbe25e8c0444c66 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 13 Oct 2017 18:40:16 +0900 Subject: [PATCH 41/55] Adding incorrect private key console test. --- ci/citest/acceptance-test/tests/cmd_console_test.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 72a9891b..7ab2551d 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -52,11 +52,17 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // Make key pair by ssh-keygen private_key_path := "./testRsa" + private_key_path2 := "./testRsa2" _, _, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path, "-C", "", "-N", "") if err != nil { t.Fatalf("err: %s", err) } + _, _, err = RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path2, "-C", "", "-N", "") + if err != nil { + t.Fatalf("err: %s", err) + } + // Read public key data, err := ioutil.ReadFile(private_key_path + ".pub") if err != nil { @@ -69,6 +75,7 @@ func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { instance_id := strings.TrimSpace(stdout.String()) WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) + runConsoleCmdWithPrivatekey(instance_id, private_key_path2, t) // This can not be authenticated. //vrunConsoleCmdPiped(instance_id, t) RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) From 853ffa6b13d83670d983447a30e3624d9d3aa246 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 13 Oct 2017 19:38:39 +0900 Subject: [PATCH 42/55] Modify the test of console with public key. --- .../acceptance-test/tests/cmd_console_test.go | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 7ab2551d..44e09567 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -22,11 +22,12 @@ func runConsoleCmd(instance_id string, t *testing.T) { RunCmdAndExpectFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -- false", instance_id)) } -func runConsoleCmdWithPrivatekey(instance_id string, private_key_path string, t *testing.T) { - RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) - RunCmdAndReportFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s ls", instance_id, private_key_path)) - RunCmdAndReportFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s -- ls", instance_id, private_key_path)) - RunCmdAndExpectFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -i %s -- false", instance_id, private_key_path)) +func runConsoleCmdWithPrivatekey(instance_id string, private_key_path string, t *testing.T, expect_fail bool) { + if expect_fail { + RunCmdAndExpectFail(t, "openvdc", "console", instance_id, "-i", private_key_path) + } else { + RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) + } } func TestCmdConsole_ShowOptionAuthenticationNone(t *testing.T) { @@ -57,7 +58,6 @@ func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { if err != nil { t.Fatalf("err: %s", err) } - _, _, err = RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path2, "-C", "", "-N", "") if err != nil { t.Fatalf("err: %s", err) @@ -74,8 +74,8 @@ func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // runConsole() instance_id := strings.TrimSpace(stdout.String()) WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) - runConsoleCmdWithPrivatekey(instance_id, private_key_path, t) - runConsoleCmdWithPrivatekey(instance_id, private_key_path2, t) // This can not be authenticated. + runConsoleCmdWithPrivatekey(instance_id, private_key_path, t, false) + runConsoleCmdWithPrivatekey(instance_id, private_key_path2, t, true) // This can not be authenticated. //vrunConsoleCmdPiped(instance_id, t) RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) From 533c3d0f7003ee26e61329a4c689d1291271d657 Mon Sep 17 00:00:00 2001 From: Masahiro Fujiwara Date: Tue, 24 Oct 2017 18:38:07 +0900 Subject: [PATCH 43/55] Move console auth methods to new interface --- model/model.pb_test.go | 9 +++++++++ model/resource_templates.go | 3 +++ 2 files changed, 12 insertions(+) diff --git a/model/model.pb_test.go b/model/model.pb_test.go index ab1b0cd0..7866c9a7 100644 --- a/model/model.pb_test.go +++ b/model/model.pb_test.go @@ -12,6 +12,7 @@ func TestImplementsResourceTemplate(t *testing.T) { assert.Implements((*ResourceTemplate)(nil), new(NullTemplate)) assert.Implements((*ResourceTemplate)(nil), new(LxcTemplate)) assert.Implements((*ResourceTemplate)(nil), new(QemuTemplate)) + assert.Implements((*ResourceTemplate)(nil), new(EsxiTemplate)) } func TestImplementsInstanceResource(t *testing.T) { @@ -19,4 +20,12 @@ func TestImplementsInstanceResource(t *testing.T) { assert.Implements((*InstanceResource)(nil), new(NullTemplate)) assert.Implements((*InstanceResource)(nil), new(QemuTemplate)) assert.Implements((*InstanceResource)(nil), new(LxcTemplate)) + assert.Implements((*InstanceResource)(nil), new(EsxiTemplate)) +} + +func TestImplementsConsoleAuthAttributes(t *testing.T) { + assert := assert.New(t) + assert.Implements((*ConsoleAuthAttributes)(nil), new(NullTemplate)) + assert.Implements((*ConsoleAuthAttributes)(nil), new(QemuTemplate)) + assert.Implements((*ConsoleAuthAttributes)(nil), new(LxcTemplate)) } diff --git a/model/resource_templates.go b/model/resource_templates.go index 8160ba92..c3cbb50e 100644 --- a/model/resource_templates.go +++ b/model/resource_templates.go @@ -32,6 +32,9 @@ type InstanceResource interface { GetVcpu() int32 GetMemoryGb() int32 GetNodeGroups() []string +} + +type ConsoleAuthAttributes interface { GetAuthenticationType() AuthenticationType GetSshPublicKey() string } From 8456dd51203b5d1780fde7bb506ef4cc05dc4431 Mon Sep 17 00:00:00 2001 From: Masahiro Fujiwara Date: Tue, 24 Oct 2017 19:38:13 +0900 Subject: [PATCH 44/55] Cast to ConsoleAuthAttributes type instead InstanceResource type --- api/instance_service.go | 17 ++++++++++++----- cmd/openvdc-executor/sshd.go | 23 ++++++++++++----------- 2 files changed, 24 insertions(+), 16 deletions(-) diff --git a/api/instance_service.go b/api/instance_service.go index 70e2adbd..dd8e3e6a 100644 --- a/api/instance_service.go +++ b/api/instance_service.go @@ -244,15 +244,22 @@ func (s *InstanceAPI) Console(ctx context.Context, in *ConsoleRequest) (*Console log.WithError(err).WithField("instance_id", in.GetInstanceId()).Error("Failed to find the instance") return nil, err } - instResource := inst.ResourceTemplate().(model.InstanceResource) - authType := instResource.GetAuthenticationType() - return &ConsoleReply{ + res := &ConsoleReply{ InstanceId: instanceID, Type: node.Console.Type, Address: node.Console.BindAddr, - AuthType: authType, - }, nil + } + + authAttrs, ok := inst.ResourceTemplate().(model.ConsoleAuthAttributes) + if !ok { + // Fallback to NONE auth type + res.AuthType = model.AuthenticationType_NONE + } else { + res.AuthType = authAttrs.GetAuthenticationType() + } + + return res, nil } func (s *InstanceAPI) sendCommand(ctx context.Context, cmd string, instanceID string) error { diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index 6c6f3e7d..cfd00aa2 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -23,40 +23,41 @@ type SSHServer struct { ctx context.Context } -func getInstResource(ctx context.Context, userID string) (model.InstanceResource, error) { - inst, err := model.Instances(ctx).FindByID(userID) +func getAuthAttrsFromInstance(ctx context.Context, instanceID string) (model.ConsoleAuthAttributes, error) { + inst, err := model.Instances(ctx).FindByID(instanceID) if err != nil { - log.WithError(err).Errorf("Unknown instance: %s", userID) - // conn.Close() + log.WithError(err).Errorf("Unknown instance: %s", instanceID) return nil, err } - instResource := inst.ResourceTemplate().(model.InstanceResource) + instResource, ok := inst.ResourceTemplate().(model.ConsoleAuthAttributes) + if !ok { + return nil, errors.Errorf("%T does not support model.ConsoleAuthAttributes", inst.ResourceTemplate()) + } return instResource, nil } func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) *SSHServer { config := &ssh.ServerConfig{ PasswordCallback: func(conn ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) { - instResource, err := getInstResource(ctx, conn.User()) + authAttrs, err := getAuthAttrsFromInstance(ctx, conn.User()) if err != nil { return nil, err } - if instResource.GetSshPublicKey() != "" { + if authAttrs.GetSshPublicKey() != "" { return nil, fmt.Errorf("%s is setted public key", conn.User()) } return nil, nil }, PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) { - instResource, err := getInstResource(ctx, conn.User()) + authAttrs, err := getAuthAttrsFromInstance(ctx, conn.User()) if err != nil { return nil, err } - authType := instResource.GetAuthenticationType() - switch authType { + switch authAttrs.GetAuthenticationType() { case model.AuthenticationType_NONE: return nil, nil case model.AuthenticationType_PUB_KEY: - zkPubKey := strings.TrimSpace(instResource.GetSshPublicKey()) + zkPubKey := strings.TrimSpace(authAttrs.GetSshPublicKey()) var clientPubkey string if key != nil { clientPubkey = strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))) From f4782d350214476c5f7c7d04a259789824bdc720 Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 24 Jan 2018 21:21:28 +0900 Subject: [PATCH 45/55] Modified the separated function to two lines --- .../acceptance-test/tests/cmd_console_test.go | 21 ++++++++----------- 1 file changed, 9 insertions(+), 12 deletions(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 44e09567..44987c9e 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -22,14 +22,6 @@ func runConsoleCmd(instance_id string, t *testing.T) { RunCmdAndExpectFail(t, "sh", "-c", fmt.Sprintf("openvdc console %s -- false", instance_id)) } -func runConsoleCmdWithPrivatekey(instance_id string, private_key_path string, t *testing.T, expect_fail bool) { - if expect_fail { - RunCmdAndExpectFail(t, "openvdc", "console", instance_id, "-i", private_key_path) - } else { - RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) - } -} - func TestCmdConsole_ShowOptionAuthenticationNone(t *testing.T) { stdout, _ := RunCmdAndReportFail(t, "openvdc", "run", "centos/7/lxc", `{"authentication_type":"none"}`) instance_id := strings.TrimSpace(stdout.String()) @@ -53,12 +45,12 @@ func TestLXCCmdConsole_ShowOption(t *testing.T) { func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // Make key pair by ssh-keygen private_key_path := "./testRsa" - private_key_path2 := "./testRsa2" + private_key_path_worng := "./testRsaWorng" _, _, err := RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path, "-C", "", "-N", "") if err != nil { t.Fatalf("err: %s", err) } - _, _, err = RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path2, "-C", "", "-N", "") + _, _, err = RunCmd("ssh-keygen", "-t", "rsa", "-f", private_key_path_worng, "-C", "", "-N", "") if err != nil { t.Fatalf("err: %s", err) } @@ -74,8 +66,13 @@ func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { // runConsole() instance_id := strings.TrimSpace(stdout.String()) WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) - runConsoleCmdWithPrivatekey(instance_id, private_key_path, t, false) - runConsoleCmdWithPrivatekey(instance_id, private_key_path2, t, true) // This can not be authenticated. + + _, stderr := RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) + if stderr != nil { + t.Fatalf("err: %s", err) + } + RunCmdAndExpectFail(t, "openvdc", "console", instance_id, "-i", private_key_path_worng) + //vrunConsoleCmdPiped(instance_id, t) RunCmdWithTimeoutAndReportFail(t, 10, 5, "openvdc", "destroy", instance_id) WaitInstance(t, 5*time.Minute, instance_id, "TERMINATED", nil) From e4a0ecdbb0c35f842a355aa56c096dd213a3379b Mon Sep 17 00:00:00 2001 From: itouri Date: Wed, 24 Jan 2018 21:27:03 +0900 Subject: [PATCH 46/55] Add AuthenticationType to EsxiTmplate --- proto/model.proto | 1 + 1 file changed, 1 insertion(+) diff --git a/proto/model.proto b/proto/model.proto index 4a3d33ac..b6c0be46 100644 --- a/proto/model.proto +++ b/proto/model.proto @@ -197,6 +197,7 @@ message EsxiTemplate { } repeated Interface interfaces = 6; repeated string node_groups = 7 [json_name="node_groups"]; + AuthenticationType authentication_type = 8 [json_name="authentication_type"]; } message NullTemplate { From bc537e3685988cd44487788a2690a693e2b48541 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 26 Jan 2018 17:45:11 +0900 Subject: [PATCH 47/55] Modified TestLXCCmdConsole_AuthenticationPubkey --- ci/citest/acceptance-test/tests/cmd_console_test.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/ci/citest/acceptance-test/tests/cmd_console_test.go b/ci/citest/acceptance-test/tests/cmd_console_test.go index 44987c9e..d937f706 100644 --- a/ci/citest/acceptance-test/tests/cmd_console_test.go +++ b/ci/citest/acceptance-test/tests/cmd_console_test.go @@ -67,10 +67,7 @@ func TestLXCCmdConsole_AuthenticationPubkey(t *testing.T) { instance_id := strings.TrimSpace(stdout.String()) WaitInstance(t, 5*time.Minute, instance_id, "RUNNING", []string{"QUEUED", "STARTING"}) - _, stderr := RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) - if stderr != nil { - t.Fatalf("err: %s", err) - } + RunCmdAndReportFail(t, "openvdc", "console", instance_id, "-i", private_key_path) RunCmdAndExpectFail(t, "openvdc", "console", instance_id, "-i", private_key_path_worng) //vrunConsoleCmdPiped(instance_id, t) From 733384b18f242a6dc2bee9b0e0374dec384d2043 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 26 Jan 2018 19:02:53 +0900 Subject: [PATCH 48/55] Added HostKeyCallback to needed place --- cmd/openvdc/cmd/copy/copy.go | 3 ++- hypervisor/esxi/esxi.go | 2 ++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/cmd/openvdc/cmd/copy/copy.go b/cmd/openvdc/cmd/copy/copy.go index d2ab18cd..3e59f726 100644 --- a/cmd/openvdc/cmd/copy/copy.go +++ b/cmd/openvdc/cmd/copy/copy.go @@ -25,7 +25,8 @@ func NewClient(cr *api.CopyReply) (*Client, error) { } config := &ssh.ClientConfig{ - User: cr.GetInstanceId(), + User: cr.GetInstanceId(), + HostKeyCallback: ssh.InsecureIgnoreHostKey(), } return &Client{ diff --git a/hypervisor/esxi/esxi.go b/hypervisor/esxi/esxi.go index 362c8c70..bb6e89f5 100644 --- a/hypervisor/esxi/esxi.go +++ b/hypervisor/esxi/esxi.go @@ -252,6 +252,7 @@ func runCmd(cmd string, args []string) error { } var ErrApiRequest = errors.New("Failed api request") + func esxiRunCmd(cmdList ...[]string) error { for _, args := range cmdList { a := []string{ @@ -435,6 +436,7 @@ func (d *EsxiHypervisorDriver) CloneBaseImage() error { Auth: []ssh.AuthMethod{ ssh.PublicKeys(signer), }, + HostKeyCallback: ssh.InsecureIgnoreHostKey(), }) if err != nil { From ee4c4ad187e4932f1de4e4adfabefe4b30360038 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 2 Feb 2018 16:17:10 +0900 Subject: [PATCH 49/55] Modified none auth type sshd.go logic --- cmd/openvdc-executor/sshd.go | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/cmd/openvdc-executor/sshd.go b/cmd/openvdc-executor/sshd.go index cfd00aa2..d884d05a 100644 --- a/cmd/openvdc-executor/sshd.go +++ b/cmd/openvdc-executor/sshd.go @@ -43,10 +43,15 @@ func NewSSHServer(provider hypervisor.HypervisorProvider, ctx context.Context) * if err != nil { return nil, err } - if authAttrs.GetSshPublicKey() != "" { - return nil, fmt.Errorf("%s is setted public key", conn.User()) + switch authAttrs.GetAuthenticationType() { + case model.AuthenticationType_NONE: + return nil, nil + case model.AuthenticationType_PUB_KEY: + if authAttrs.GetSshPublicKey() != "" { + return nil, fmt.Errorf("%s auth type is public key but client configured to password auth", conn.User()) + } } - return nil, nil + return nil, fmt.Errorf("%s is using undefind AuthenticationType", conn.User()) }, PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) { authAttrs, err := getAuthAttrsFromInstance(ctx, conn.User()) From b78fbdc607542ebdc79727d97b0a1dfc6a333b15 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 2 Feb 2018 17:22:34 +0900 Subject: [PATCH 50/55] Added auth password method to ssh config --- cmd/openvdc/cmd/copy/copy.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cmd/openvdc/cmd/copy/copy.go b/cmd/openvdc/cmd/copy/copy.go index 3e59f726..ee194e26 100644 --- a/cmd/openvdc/cmd/copy/copy.go +++ b/cmd/openvdc/cmd/copy/copy.go @@ -25,7 +25,10 @@ func NewClient(cr *api.CopyReply) (*Client, error) { } config := &ssh.ClientConfig{ - User: cr.GetInstanceId(), + User: cr.GetInstanceId(), + Auth: []ssh.AuthMethod{ + ssh.Password(""), + }, HostKeyCallback: ssh.InsecureIgnoreHostKey(), } From 3f9bed50e8b92258beddb38903464454940e467f Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 2 Feb 2018 18:20:07 +0900 Subject: [PATCH 51/55] Added ssh.Password("") --- cmd/openvdc/cmd/console.go | 5 ++++- cmd/openvdc/cmd/console/ssh.go | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index 1fe5f0f3..e212b0eb 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -79,7 +79,10 @@ var consoleCmd = &cobra.Command{ } var config = &ssh.ClientConfig{ - Timeout: 5 * time.Second, + Timeout: 5 * time.Second, + Auth: []ssh.AuthMethod{ + ssh.Password(""), + }, HostKeyCallback: ssh.InsecureIgnoreHostKey(), } diff --git a/cmd/openvdc/cmd/console/ssh.go b/cmd/openvdc/cmd/console/ssh.go index 37d06a58..2cf2d9d9 100644 --- a/cmd/openvdc/cmd/console/ssh.go +++ b/cmd/openvdc/cmd/console/ssh.go @@ -22,7 +22,10 @@ type SshConsole struct { func NewSshConsole(instanceID string, config *ssh.ClientConfig) *SshConsole { if config == nil { config = &ssh.ClientConfig{ - Timeout: 5 * time.Second, + Timeout: 5 * time.Second, + Auth: []ssh.AuthMethod{ + ssh.Password(""), + }, HostKeyCallback: ssh.InsecureIgnoreHostKey(), } } From 508f170751faf68c3e58356855a1b2831749a68e Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 23 Feb 2018 17:12:53 +0900 Subject: [PATCH 52/55] Added json_name field of authType --- proto/v1.proto | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/proto/v1.proto b/proto/v1.proto index dd3e6daf..246f40cf 100644 --- a/proto/v1.proto +++ b/proto/v1.proto @@ -90,7 +90,7 @@ message ConsoleReply { string instance_id = 1 [json_name="instance_id"]; model.Console.Transport type = 2; string address = 3; - model.AuthenticationType authType = 4; + model.AuthenticationType authType = 4 [json_name="auth_type"]; } message CreateRequest{ From 4155a3c5cfaa88621869a61f2c913a5cf9f8e87b Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 23 Feb 2018 17:16:37 +0900 Subject: [PATCH 53/55] Modified identify typo and change to local variable from global --- cmd/openvdc/cmd/console.go | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/cmd/openvdc/cmd/console.go b/cmd/openvdc/cmd/console.go index e212b0eb..c58c067a 100644 --- a/cmd/openvdc/cmd/console.go +++ b/cmd/openvdc/cmd/console.go @@ -21,11 +21,9 @@ import ( "google.golang.org/grpc" ) -var indentityFile string - func init() { consoleCmd.Flags().Bool("show", false, "Show console information") - consoleCmd.Flags().StringVarP(&indentityFile, "identity-file", "i", "", "Selects a file from which the identity (private key) for public key authentication is read") + consoleCmd.Flags().StringP("identity-file", "i", "", "Selects a file from which the identity (private key) for public key authentication is read") } var consoleCmd = &cobra.Command{ @@ -90,21 +88,22 @@ var consoleCmd = &cobra.Command{ case model.AuthenticationType_NONE: config.Auth = []ssh.AuthMethod{ssh.Password("")} case model.AuthenticationType_PUB_KEY: - if indentityFile == "" { + identityFile, _ := cmd.Flags().GetString("identity-file") + if identityFile == "" { log.Fatalf("Required private key but not setted") - } else { - // Parse and set indetifyFifle - key, err := ioutil.ReadFile(indentityFile) - if err != nil { - log.Fatalf("unable to read private key: %v", err) - } - // Create the Signer for this private key. - signer, err := ssh.ParsePrivateKey(key) - if err != nil { - log.Fatalf("unable to parse private key: %v", err) - } - config.Auth = []ssh.AuthMethod{ssh.PublicKeys(signer)} } + + // Parse and set indetifyFifle + key, err := ioutil.ReadFile(identityFile) + if err != nil { + log.Fatalf("unable to read private key: %v", err) + } + // Create the Signer for this private key. + signer, err := ssh.ParsePrivateKey(key) + if err != nil { + log.Fatalf("unable to parse private key: %v", err) + } + config.Auth = []ssh.AuthMethod{ssh.PublicKeys(signer)} } sshcon := console.NewSshConsole(instanceID, config) From f9112cf5c8d3b48b1ab83287246d5fc3d08f1cc8 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 23 Feb 2018 19:23:05 +0900 Subject: [PATCH 54/55] Added validation of authtication_type to lxc.go and qemu.go --- handlers/vm/lxc/lxc.go | 5 ++++- handlers/vm/qemu/qemu.go | 6 +++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index 74d4d516..26575c0e 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -107,7 +107,10 @@ func (h *LxcHandler) MergeArgs(dst model.ResourceTemplate, args []string) error } mdst.Vcpu = int32(vcpu) mdst.MemoryGb = int32(mem) - format := model.AuthenticationType_value[strings.ToUpper(authType)] + format, ok := model.AuthenticationType_value[strings.ToUpper(authType)] + if !ok { + return fmt.Errorf("Unknown AuthenticationType: %s", authType) + } mdst.AuthenticationType = model.AuthenticationType(format) sshPubkey = strings.Replace(sshPubkey, "\"", "", -1) mdst.SshPublicKey = sshPubkey diff --git a/handlers/vm/qemu/qemu.go b/handlers/vm/qemu/qemu.go index 1c868167..1d563f04 100644 --- a/handlers/vm/qemu/qemu.go +++ b/handlers/vm/qemu/qemu.go @@ -3,6 +3,7 @@ package qemu import ( "encoding/json" "flag" + "fmt" "io" "strings" @@ -117,7 +118,10 @@ func (h *QemuHandler) MergeArgs(dst model.ResourceTemplate, args []string) error } mdst.Vcpu = int32(vcpu) mdst.MemoryGb = int32(mem) - format := model.AuthenticationType_value[strings.ToUpper(authType)] + format, ok := model.AuthenticationType_value[strings.ToUpper(authType)] + if !ok { + return fmt.Errorf("Unknown AuthenticationType: %s", authType) + } mdst.AuthenticationType = model.AuthenticationType(format) sshPubkey = strings.Replace(sshPubkey, "\"", "", -1) mdst.SshPublicKey = sshPubkey From 6b769a924810b06530c8d6bbc86346a632340785 Mon Sep 17 00:00:00 2001 From: itouri Date: Fri, 23 Feb 2018 19:54:03 +0900 Subject: [PATCH 55/55] Modified lxc and qemu AuthenticationType validation. --- handlers/vm/lxc/lxc.go | 3 ++- handlers/vm/qemu/qemu.go | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/handlers/vm/lxc/lxc.go b/handlers/vm/lxc/lxc.go index 26575c0e..dea21b5e 100644 --- a/handlers/vm/lxc/lxc.go +++ b/handlers/vm/lxc/lxc.go @@ -107,7 +107,8 @@ func (h *LxcHandler) MergeArgs(dst model.ResourceTemplate, args []string) error } mdst.Vcpu = int32(vcpu) mdst.MemoryGb = int32(mem) - format, ok := model.AuthenticationType_value[strings.ToUpper(authType)] + authType = strings.ToUpper(strings.Replace(authType, "\"", "", -1)) + format, ok := model.AuthenticationType_value[authType] if !ok { return fmt.Errorf("Unknown AuthenticationType: %s", authType) } diff --git a/handlers/vm/qemu/qemu.go b/handlers/vm/qemu/qemu.go index 1d563f04..dfe7a677 100644 --- a/handlers/vm/qemu/qemu.go +++ b/handlers/vm/qemu/qemu.go @@ -118,7 +118,8 @@ func (h *QemuHandler) MergeArgs(dst model.ResourceTemplate, args []string) error } mdst.Vcpu = int32(vcpu) mdst.MemoryGb = int32(mem) - format, ok := model.AuthenticationType_value[strings.ToUpper(authType)] + authType = strings.ToUpper(strings.Replace(authType, "\"", "", -1)) + format, ok := model.AuthenticationType_value[authType] if !ok { return fmt.Errorf("Unknown AuthenticationType: %s", authType) }