author | Danek Duvall <danek.duvall@oracle.com> |
Mon, 19 Oct 2015 13:12:51 -0700 | |
changeset 4989 | 26e5e37ce46e |
permissions | -rw-r--r-- |
4989
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
1 |
From 45be8e1c620c50f3cbca76f561945200a8843bc8 Mon Sep 17 00:00:00 2001 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
2 |
From: Stuart McLaren <[email protected]> |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
3 |
Date: Tue, 11 Aug 2015 10:37:09 +0000 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
4 |
Subject: [PATCH] Prevent image status being directly modified via v1 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
5 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
6 |
Users shouldn't be able to change an image's status directly via the |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
7 |
v1 API. |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
8 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
9 |
Some existing consumers of Glance set the x-image-meta-status header in |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
10 |
requests to the Glance API, eg: |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
11 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
12 |
https://github.com/openstack/nova/blob/master/plugins/xenserver/xenapi/etc/xapi.d/plugins/glance#L184 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
13 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
14 |
We should try to prevent users setting 'status' via v1, but without breaking |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
15 |
existing benign API calls such as these. |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
16 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
17 |
I've adopted the following approach (which has some prior art in 'protected properties'). |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
18 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
19 |
If a PUT request is received which contains an x-image-meta-status header: |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
20 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
21 |
* The user provided status is ignored if it matches the current image |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
22 |
status (this prevents benign calls such as the nova one above from |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
23 |
breaking). The usual code (eg 200) will be returned. |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
24 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
25 |
* If the user provided status doesn't match the current image status (ie |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
26 |
there is a real attempt to change the value) 403 will be returned. This |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
27 |
will break any calls which currently intentionally change the status. |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
28 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
29 |
APIImpact |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
30 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
31 |
Closes-bug: 1482371 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
32 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
33 |
Change-Id: I44fadf32abb57c962b67467091c3f51c1ccc25e6 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
34 |
(cherry picked from commit 4d08db5b6d42323ac1958ef3b7417d875e7bea8c) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
35 |
(cherry picked from commit 9beca533f42ae1fc87418de0c360e19bc59b24b5) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
36 |
--- |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
37 |
glance/api/v1/__init__.py | 3 + |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
38 |
glance/api/v1/images.py | 9 +++ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
39 |
glance/tests/functional/v1/test_api.py | 89 ++++++++++++++++++++++ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
40 |
.../integration/legacy_functional/test_v1_api.py | 2 + |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
41 |
test-requirements.txt | 5 ++ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
42 |
5 files changed, 108 insertions(+) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
43 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
44 |
diff --git a/glance/api/v1/__init__.py b/glance/api/v1/__init__.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
45 |
index 74de9aa..9306bbb 100644 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
46 |
--- a/glance/api/v1/__init__.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
47 |
+++ b/glance/api/v1/__init__.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
48 |
@@ -21,3 +21,6 @@ SUPPORTED_PARAMS = ('limit', 'marker', 'sort_key', 'sort_dir') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
49 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
50 |
# Metadata which only an admin can change once the image is active |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
51 |
ACTIVE_IMMUTABLE = ('size', 'checksum') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
52 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
53 |
+# Metadata which cannot be changed (irrespective of the current image state) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
54 |
+IMMUTABLE = ('status',) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
55 |
diff --git a/glance/api/v1/images.py b/glance/api/v1/images.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
56 |
index 746f8cd..f976f9d 100644 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
57 |
--- a/glance/api/v1/images.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
58 |
+++ b/glance/api/v1/images.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
59 |
@@ -56,6 +56,7 @@ _LW = gettextutils._LW |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
60 |
SUPPORTED_PARAMS = glance.api.v1.SUPPORTED_PARAMS |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
61 |
SUPPORTED_FILTERS = glance.api.v1.SUPPORTED_FILTERS |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
62 |
ACTIVE_IMMUTABLE = glance.api.v1.ACTIVE_IMMUTABLE |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
63 |
+IMMUTABLE = glance.api.v1.IMMUTABLE |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
64 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
65 |
CONF = cfg.CONF |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
66 |
CONF.import_opt('disk_formats', 'glance.common.config', group='image_format') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
67 |
@@ -895,6 +896,14 @@ class Controller(controller.BaseController): |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
68 |
request=req, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
69 |
content_type="text/plain") |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
70 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
71 |
+ for key in IMMUTABLE: |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
72 |
+ if (image_meta.get(key) is not None and |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
73 |
+ image_meta.get(key) != orig_image_meta.get(key)): |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
74 |
+ msg = _("Forbidden to modify '%s' of image.") % key |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
75 |
+ raise HTTPForbidden(explanation=msg, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
76 |
+ request=req, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
77 |
+ content_type="text/plain") |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
78 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
79 |
# The default behaviour for a PUT /images/<IMAGE_ID> is to |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
80 |
# override any properties that were previously set. This, however, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
81 |
# leads to a number of issues for the common use case where a caller |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
82 |
diff --git a/glance/tests/functional/v1/test_api.py b/glance/tests/functional/v1/test_api.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
83 |
index 1486fb3..ad54005 100644 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
84 |
--- a/glance/tests/functional/v1/test_api.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
85 |
+++ b/glance/tests/functional/v1/test_api.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
86 |
@@ -765,3 +765,92 @@ class TestApi(functional.FunctionalTest): |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
87 |
self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
88 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
89 |
self.stop_servers() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
90 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
91 |
+ def test_status_cannot_be_manipulated_directly(self): |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
92 |
+ self.cleanup() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
93 |
+ self.start_servers(**self.__dict__.copy()) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
94 |
+ headers = minimal_headers('Image1') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
95 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
96 |
+ # Create a 'queued' image |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
97 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
98 |
+ headers = {'Content-Type': 'application/octet-stream', |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
99 |
+ 'X-Image-Meta-Disk-Format': 'raw', |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
100 |
+ 'X-Image-Meta-Container-Format': 'bare'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
101 |
+ path = "http://%s:%d/v1/images" % ("127.0.0.1", self.api_port) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
102 |
+ response, content = http.request(path, 'POST', headers=headers, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
103 |
+ body=None) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
104 |
+ self.assertEqual(201, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
105 |
+ image = jsonutils.loads(content)['image'] |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
106 |
+ self.assertEqual('queued', image['status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
107 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
108 |
+ # Ensure status of 'queued' image can't be changed |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
109 |
+ path = "http://%s:%d/v1/images/%s" % ("127.0.0.1", self.api_port, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
110 |
+ image['id']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
111 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
112 |
+ headers = {'X-Image-Meta-Status': 'active'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
113 |
+ response, content = http.request(path, 'PUT', headers=headers) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
114 |
+ self.assertEqual(403, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
115 |
+ response, content = http.request(path, 'HEAD') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
116 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
117 |
+ self.assertEqual('queued', response['x-image-meta-status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
118 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
119 |
+ # We allow 'setting' to the same status |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
120 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
121 |
+ headers = {'X-Image-Meta-Status': 'queued'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
122 |
+ response, content = http.request(path, 'PUT', headers=headers) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
123 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
124 |
+ response, content = http.request(path, 'HEAD') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
125 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
126 |
+ self.assertEqual('queued', response['x-image-meta-status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
127 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
128 |
+ # Make image active |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
129 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
130 |
+ headers = {'Content-Type': 'application/octet-stream'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
131 |
+ response, content = http.request(path, 'PUT', headers=headers, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
132 |
+ body='data') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
133 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
134 |
+ image = jsonutils.loads(content)['image'] |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
135 |
+ self.assertEqual('active', image['status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
136 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
137 |
+ # Ensure status of 'active' image can't be changed |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
138 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
139 |
+ headers = {'X-Image-Meta-Status': 'queued'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
140 |
+ response, content = http.request(path, 'PUT', headers=headers) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
141 |
+ self.assertEqual(403, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
142 |
+ response, content = http.request(path, 'HEAD') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
143 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
144 |
+ self.assertEqual('active', response['x-image-meta-status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
145 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
146 |
+ # We allow 'setting' to the same status |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
147 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
148 |
+ headers = {'X-Image-Meta-Status': 'active'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
149 |
+ response, content = http.request(path, 'PUT', headers=headers) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
150 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
151 |
+ response, content = http.request(path, 'HEAD') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
152 |
+ self.assertEqual(200, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
153 |
+ self.assertEqual('active', response['x-image-meta-status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
154 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
155 |
+ # Create a 'queued' image, ensure 'status' header is ignored |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
156 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
157 |
+ path = "http://%s:%d/v1/images" % ("127.0.0.1", self.api_port) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
158 |
+ headers = {'Content-Type': 'application/octet-stream', |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
159 |
+ 'X-Image-Meta-Status': 'active'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
160 |
+ response, content = http.request(path, 'POST', headers=headers, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
161 |
+ body=None) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
162 |
+ self.assertEqual(201, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
163 |
+ image = jsonutils.loads(content)['image'] |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
164 |
+ self.assertEqual('queued', image['status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
165 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
166 |
+ # Create an 'active' image, ensure 'status' header is ignored |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
167 |
+ http = httplib2.Http() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
168 |
+ path = "http://%s:%d/v1/images" % ("127.0.0.1", self.api_port) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
169 |
+ headers = {'Content-Type': 'application/octet-stream', |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
170 |
+ 'X-Image-Meta-Disk-Format': 'raw', |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
171 |
+ 'X-Image-Meta-Status': 'queued', |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
172 |
+ 'X-Image-Meta-Container-Format': 'bare'} |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
173 |
+ response, content = http.request(path, 'POST', headers=headers, |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
174 |
+ body='data') |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
175 |
+ self.assertEqual(201, response.status) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
176 |
+ image = jsonutils.loads(content)['image'] |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
177 |
+ self.assertEqual('active', image['status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
178 |
+ self.stop_servers() |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
179 |
diff --git a/glance/tests/integration/legacy_functional/test_v1_api.py b/glance/tests/integration/legacy_functional/test_v1_api.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
180 |
index 66455a2..0e5b339 100644 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
181 |
--- a/glance/tests/integration/legacy_functional/test_v1_api.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
182 |
+++ b/glance/tests/integration/legacy_functional/test_v1_api.py |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
183 |
@@ -357,6 +357,8 @@ class TestApi(base.ApiTest): |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
184 |
path = "/v1/images" |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
185 |
response, content = self.http.request(path, 'POST', headers=headers) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
186 |
self.assertEqual(response.status, 201) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
187 |
+ image = jsonutils.loads(content)['image'] |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
188 |
+ self.assertEqual('active', image['status']) |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
189 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
190 |
# 2. HEAD image-location |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
191 |
# Verify image size is zero and the status is active |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
192 |
diff --git a/test-requirements.txt b/test-requirements.txt |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
193 |
index 6d435f2..97affae 100644 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
194 |
--- a/test-requirements.txt |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
195 |
+++ b/test-requirements.txt |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
196 |
@@ -29,3 +29,8 @@ xattr>=0.4 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
197 |
|
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
198 |
# Documentation |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
199 |
oslosphinx>=2.2.0 # Apache-2.0 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
200 |
+ |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
201 |
+# Gate is failing because of an older version of oslo.vmware is installing |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
202 |
+# PyYAML 3.11. Adding this line here will help moving this patch forward and |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
203 |
+# fixing Glance's stable/juno gate |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
204 |
+PyYAML<=3.10,>=3.1.0 |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
205 |
-- |
26e5e37ce46e
21891448 problem in SERVICE/GLANCE
Danek Duvall <danek.duvall@oracle.com>
parents:
diff
changeset
|
206 |
1.9.1 |