This is an automated email from the ASF dual-hosted git repository.
weizhouapache pushed a change to branch update-dbtype-nwrate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
from 19f81edb437 Merge branch 'main' into update-dbtype-nwrate
add 8e933b735e2 ui: do not show deploy instance button for not ready
images (#13161)
add e689c02b689 UI: Allow selecting network for VNF nics if template is a
non deploy-as-is template (#13423)
add aef91ae3240 Add OpenTelemetry tracing instrumentation to API layer
(#13132)
add 95d0aed9f5e Additional metrics for virtual machine orchestration
(#13141)
add 6227525c842 Optimize UsageJobDaoImpl.updateJobSuccess to use direct
UPDATE instead of row-level lock (#13160)
add 288f9a9fd73 framework/spring: throw RuntimeException when fail to
start or load a module (#13186)
add f49ab6b394d API rule regex optimization (#13109)
add 99e34dd443c [20.3] resource allocation
add 2671026f90c [20.3] resource instance limits
add 171ff3260da [20.3] Implement/fix limit validation for projects
add c9e644af74a [20.3] resource allocation vpc
add d8bdc8b3b89 Check resource reservation on volume creation
add ae177a16556 Fix: KVM Direct Download URL injection
add d75140b6579 [20.3] handle user's canned policy when a bucket is deleted
add 9a4f3415507 Check resource reservation on volume snapshot creation
add b07831b56c1 Implement/fix limit validation for secondary storage
add 822696c4181 Fix resource limit reservation and check during
StartVirtualMachine
add ca7b08acceb secondary storage resource limit for download
add ced36291e7a volume download fix
add 021a18dd983 secondary storage resource limit for upload
add c522e963a7a Consider infinite resources when calculating secondary
storage limit for upload operations
add 2377dc5e63f [20.3] Address limit checks for VM, CPU, memory, volume,
and primary storage
add 08bb37a566e Cleanup imported VM from disk on failure due to volume
allocation + prevent duplicate volume and primary storage increment on import
add 928dc7dfc0a Fix failing tests
add 3f4f574e5c9 Address public IP limit validations
add a09835b1f4c review comments
add 4a691f43df6 fix identation
add f6cad87586f Fix copy snapshot resource limit
add ce52b9dae0c Merge branch '4.20' into 20.3.0-sec
add 639ceeea619 Fix snapshot copy resource limit concurrency
add d5101b0c905 Merge branch '4.20' into 4.22
add fb5e24fa086 Merge branch '4.22'
add 236e01aad8d Soft delete port forwarding, load balancing and firewall
rules (#13015)
add 1853435185f Fix RESTRICTED_TOKENS typo issue (#12709)
add d2c8aa7dff7 Feature: Key Management Service (KMS) (#12711)
add ff9ff586ab2 Merge branch 'main' into update-dbtype-nwrate
No new revisions were added by this update.
Summary of changes:
api/pom.xml | 5 +
api/src/main/java/com/cloud/event/EventTypes.java | 30 +
.../java/com/cloud/offering/DiskOfferingInfo.java | 17 +
api/src/main/java/com/cloud/storage/Volume.java | 8 +
.../java/com/cloud/storage/VolumeApiService.java | 2 +-
api/src/main/java/com/cloud/vm/DiskProfile.java | 2 +-
api/src/main/java/com/cloud/vm/UserVmService.java | 6 +-
api/src/main/java/com/cloud/vm/VmDiskInfo.java | 5 +
.../cloudstack/api/ApiCommandResourceType.java | 4 +-
.../org/apache/cloudstack/api/ApiConstants.java | 8 +
.../apache/cloudstack/api/ResponseGenerator.java | 50 +-
.../command/admin/kms/MigrateVolumesToKMSCmd.java | 131 ++
.../api/command/user/kms/CreateKMSKeyCmd.java | 159 ++
.../api/command/user/kms/DeleteKMSKeyCmd.java | 104 ++
.../api/command/user/kms/ListKMSKeysCmd.java | 101 ++
.../api/command/user/kms/RotateKMSKeyCmd.java | 128 ++
.../api/command/user/kms/UpdateKMSKeyCmd.java | 113 ++
.../command/user/kms/hsm/CreateHSMProfileCmd.java | 158 ++
.../kms/hsm/DeleteHSMProfileCmd.java} | 76 +-
.../command/user/kms/hsm/ListHSMProfilesCmd.java | 85 +
.../command/user/kms/hsm/UpdateHSMProfileCmd.java | 104 ++
.../api/command/user/vm/BaseDeployVMCmd.java | 30 +-
.../api/command/user/volume/CreateVolumeCmd.java | 12 +
.../api/command/user/volume/ListVolumesCmd.java | 8 +
.../api/response/HSMProfileResponse.java | 254 +++
.../cloudstack/api/response/KMSKeyResponse.java | 272 +++
.../cloudstack/api/response/VolumeResponse.java | 40 +
.../GuiThemeJoin.java => kms/HSMProfile.java} | 21 +-
.../ResourceSchedule.java => kms/KMSKey.java} | 50 +-
.../java/org/apache/cloudstack/kms/KMSManager.java | 292 ++++
client/pom.xml | 10 +
.../core/spring-core-registry-core-context.xml | 3 +
.../cloudstack/{api => kms}/module.properties | 2 +-
...ing-core-lifecycle-kms-context-inheritable.xml} | 6 +-
.../service/VolumeOrchestrationService.java | 4 +-
.../engine/service/api/OrchestrationService.java | 4 +-
.../com/cloud/vm/VirtualMachineManagerImpl.java | 8 +-
.../engine/orchestration/CloudOrchestrator.java | 6 +-
.../engine/orchestration/VolumeOrchestrator.java | 127 +-
.../orchestration/VolumeOrchestratorTest.java | 5 +-
engine/schema/pom.xml | 5 +
.../com/cloud/network/LBHealthCheckPolicyVO.java | 8 +
.../cloud/network/dao/FirewallRulesDaoImpl.java | 1 +
.../network/dao/LBHealthCheckPolicyDaoImpl.java | 6 +-
.../cloud/network/dao/LBStickinessPolicyDao.java | 2 +
.../network/dao/LBStickinessPolicyDaoImpl.java | 12 +-
.../cloud/network/dao/LBStickinessPolicyVO.java | 8 +
.../cloud/network/dao/LoadBalancerCertMapVO.java | 8 +
.../network/dao/LoadBalancerVMMapDaoImpl.java | 9 +-
.../com/cloud/network/dao/LoadBalancerVMMapVO.java | 9 +
.../com/cloud/network/rules/FirewallRuleVO.java | 10 +
.../src/main/java/com/cloud/storage/VolumeVO.java | 14 +
.../main/java/com/cloud/storage/dao/VolumeDao.java | 15 +
.../java/com/cloud/storage/dao/VolumeDaoImpl.java | 54 +
.../java/com/cloud/usage/dao/UsageJobDaoImpl.java | 8 +-
.../cloudstack/kms/HSMProfileDetailsVO.java} | 31 +-
.../apache/cloudstack/kms/HSMProfileVO.java} | 126 +-
.../org/apache/cloudstack/kms/KMSKekVersionVO.java | 193 ++
.../java/org/apache/cloudstack/kms/KMSKeyVO.java | 264 +++
.../org/apache/cloudstack/kms/KMSWrappedKeyVO.java | 176 ++
.../apache/cloudstack/kms/dao/HSMProfileDao.java | 8 +-
.../cloudstack/kms/dao/HSMProfileDaoImpl.java} | 12 +-
.../cloudstack/kms/dao/HSMProfileDetailsDao.java} | 15 +-
.../kms/dao/HSMProfileDetailsDaoImpl.java | 75 +
.../cloudstack/kms/dao/KMSKekVersionDao.java} | 34 +-
.../cloudstack/kms/dao/KMSKekVersionDaoImpl.java | 98 ++
.../dao/KMSKeyDao.java} | 16 +-
.../apache/cloudstack/kms/dao/KMSKeyDaoImpl.java | 83 +
.../cloudstack/kms/dao/KMSWrappedKeyDao.java} | 17 +-
.../cloudstack/kms/dao/KMSWrappedKeyDaoImpl.java | 70 +
.../region/gslb/GlobalLoadBalancerRuleVO.java | 8 +
.../spring-engine-schema-core-daos-context.xml | 5 +
.../resources/META-INF/db/schema-42210to42300.sql | 186 +-
.../META-INF/db/views/cloud.volume_view.sql | 10 +-
.../storage/motion/AncientDataMotionStrategy.java | 4 +-
.../motion/StorageSystemDataMotionStrategy.java | 6 +-
.../cloudstack/storage/volume/VolumeObject.java | 49 +-
.../storage/volume/VolumeServiceImpl.java | 16 +
framework/{config => kms}/pom.xml | 12 +-
.../cloudstack/framework/kms/KMSException.java | 181 ++
.../cloudstack/framework/kms/KMSProvider.java | 255 +++
.../cloudstack/framework/kms/KeyPurpose.java | 79 +
.../cloudstack/framework/kms/WrappedKey.java | 131 ++
framework/pom.xml | 1 +
.../lifecycle/CloudStackExtendedLifeCycle.java | 3 +-
.../model/impl/DefaultModuleDefinitionSet.java | 12 +-
...ernetesClusterResourceModifierActionWorker.java | 62 +-
.../KubernetesClusterStartWorker.java | 42 +-
.../cloudstack/veeam/adapter/ServerAdapter.java | 2 +-
plugins/kms/database/pom.xml | 73 +
.../kms/provider/DatabaseKMSProvider.java | 386 ++++
.../provider/database/KMSDatabaseKekObjectVO.java | 357 ++++
.../database/dao/KMSDatabaseKekObjectDao.java | 61 +
.../database/dao/KMSDatabaseKekObjectDaoImpl.java | 84 +
.../cloudstack/database-kms}/module.properties | 4 +-
.../database-kms/spring-database-kms-context.xml | 15 +-
{framework/cluster => plugins/kms/pkcs11}/pom.xml | 50 +-
.../kms/provider/pkcs11/PKCS11HSMProvider.java | 1140 ++++++++++++
.../cloudstack/pkcs11-kms}/module.properties | 4 +-
.../pkcs11-kms/spring-pkcs11-kms-context.xml} | 11 +-
.../kms/provider/pkcs11/PKCS11HSMProviderTest.java | 294 ++++
plugins/{backup/dummy => kms}/pom.xml | 33 +-
.../java/com/cloud/network/ElasticLbVmMapVO.java | 9 +
.../dao/TungstenFabricLBHealthMonitorVO.java | 8 +
plugins/pom.xml | 2 +
.../lifecycle/StorageVmSharedFSLifeCycle.java | 2 +-
.../lifecycle/StorageVmSharedFSLifeCycleTest.java | 2 +-
.../CloudStackPrimaryDataStoreDriverImpl.java | 24 +-
.../driver/LinstorPrimaryDataStoreDriverImpl.java | 2 +-
.../storage/motion/LinstorDataMotionStrategy.java | 2 +-
.../driver/ScaleIOPrimaryDataStoreDriver.java | 2 +-
.../driver/StorPoolPrimaryDataStoreDriver.java | 14 +-
.../storage/motion/StorPoolDataMotionStrategy.java | 2 +-
pom.xml | 12 +
server/pom.xml | 13 +
server/src/main/java/com/cloud/api/ApiServer.java | 8 +
.../java/com/cloud/api/query/QueryManagerImpl.java | 5 +
.../com/cloud/api/query/dao/VolumeJoinDaoImpl.java | 22 +-
.../java/com/cloud/api/query/vo/VolumeJoinVO.java | 28 +
.../configuration/ConfigurationManagerImpl.java | 6 +
.../deploy/DeploymentPlanningManagerImpl.java | 4 +-
.../com/cloud/network/as/AutoScaleManagerImpl.java | 6 +-
.../network/lb/LoadBalancingRulesManagerImpl.java | 15 +-
.../main/java/com/cloud/server/StatsCollector.java | 12 +-
.../com/cloud/storage/VolumeApiServiceImpl.java | 35 +-
.../com/cloud/template/TemplateManagerImpl.java | 4 +-
.../java/com/cloud/user/AccountManagerImpl.java | 14 +
.../main/java/com/cloud/vm/UserVmManagerImpl.java | 66 +-
.../cloud/vm/snapshot/VMSnapshotManagerImpl.java | 4 +-
.../org/apache/cloudstack/kms/KMSManagerImpl.java | 1834 ++++++++++++++++++++
.../cloudstack/vm/UnmanagedVMsManagerImpl.java | 78 +-
.../core/spring-server-core-managers-context.xml | 5 +
.../ConfigurationManagerImplTest.java | 28 +
.../cloud/network/as/AutoScaleManagerImplTest.java | 12 +-
.../cloud/user/AccountManagentImplTestBase.java | 3 +
.../com/cloud/user/AccountManagerImplTest.java | 1 +
.../java/com/cloud/vm/UserVmManagerImplTest.java | 34 +-
.../cloudstack/kms/KMSManagerImplAccessTest.java | 281 +++
.../cloudstack/kms/KMSManagerImplHSMTest.java | 442 +++++
.../kms/KMSManagerImplKeyCreationTest.java | 216 +++
.../kms/KMSManagerImplKeyLifecycleTest.java | 457 +++++
.../kms/KMSManagerImplKeyRotationTest.java | 387 +++++
.../cloudstack/kms/KMSManagerImplRetryTest.java | 185 ++
.../cloudstack/vm/UnmanagedVMsManagerImplTest.java | 4 +-
.../component/test_vpc_network_lbrules.py | 8 +-
test/integration/smoke/test_kms_lifecycle.py | 499 ++++++
test/integration/smoke/test_network.py | 15 +-
tools/apidoc/gen_toc.py | 2 +
tools/docker/supervisord.conf | 1 +
tools/marvin/marvin/lib/base.py | 89 +-
ui/public/locales/en.json | 31 +-
ui/src/components/view/DetailsTab.vue | 2 +-
.../components/view/ImageDeployInstanceButton.vue | 5 +-
ui/src/components/view/InfoCard.vue | 24 +
ui/src/components/view/ListView.vue | 10 +-
ui/src/components/view/SearchFilter.vue | 18 +
ui/src/components/view/SearchView.vue | 74 +-
ui/src/components/view/VolumesTab.vue | 11 +-
ui/src/components/widgets/DetailsInput.vue | 24 +-
ui/src/config/router.js | 2 +
ui/src/config/section/kms.js | 280 +++
ui/src/config/section/storage.js | 23 +-
ui/src/store/modules/user.js | 71 +-
ui/src/views/AutogenView.vue | 23 +-
ui/src/views/compute/DeployVM.vue | 100 +-
ui/src/views/compute/wizard/DiskSizeSelection.vue | 119 +-
ui/src/views/compute/wizard/VnfNicsSelection.vue | 2 +-
ui/src/views/storage/CreateVolume.vue | 83 +-
.../utils/exception/CSExceptionErrorCode.java | 1 +
.../utils/jsinterpreter/JsInterpreter.java | 2 +-
170 files changed, 12614 insertions(+), 608 deletions(-)
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/admin/kms/MigrateVolumesToKMSCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/CreateKMSKeyCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/DeleteKMSKeyCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/ListKMSKeysCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/RotateKMSKeyCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/UpdateKMSKeyCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/hsm/CreateHSMProfileCmd.java
copy
api/src/main/java/org/apache/cloudstack/api/command/{admin/network/DeleteNetworkDeviceCmd.java
=> user/kms/hsm/DeleteHSMProfileCmd.java} (53%)
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/hsm/ListHSMProfilesCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/command/user/kms/hsm/UpdateHSMProfileCmd.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/response/HSMProfileResponse.java
create mode 100644
api/src/main/java/org/apache/cloudstack/api/response/KMSKeyResponse.java
copy api/src/main/java/org/apache/cloudstack/{gui/theme/GuiThemeJoin.java =>
kms/HSMProfile.java} (76%)
copy api/src/main/java/org/apache/cloudstack/{schedule/ResourceSchedule.java
=> kms/KMSKey.java} (56%)
create mode 100644 api/src/main/java/org/apache/cloudstack/kms/KMSManager.java
copy core/src/main/resources/META-INF/cloudstack/{api =>
kms}/module.properties (98%)
copy
core/src/main/resources/META-INF/cloudstack/{event/spring-core-lifecycle-event-context-inheritable.xml
=> kms/spring-core-lifecycle-kms-context-inheritable.xml} (93%)
copy engine/schema/src/main/java/{com/cloud/dc/ClusterDetailsVO.java =>
org/apache/cloudstack/kms/HSMProfileDetailsVO.java} (83%)
copy engine/schema/src/main/java/{com/cloud/gpu/GpuCardVO.java =>
org/apache/cloudstack/kms/HSMProfileVO.java} (54%)
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/KMSKekVersionVO.java
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/KMSKeyVO.java
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/KMSWrappedKeyVO.java
copy
framework/quota/src/main/java/org/apache/cloudstack/quota/dao/VmTemplateDao.java
=>
engine/schema/src/main/java/org/apache/cloudstack/kms/dao/HSMProfileDao.java
(85%)
copy engine/schema/src/main/java/{com/cloud/user/dao/UserStatsLogDaoImpl.java
=> org/apache/cloudstack/kms/dao/HSMProfileDaoImpl.java} (79%)
copy
engine/schema/src/main/java/{com/cloud/network/dao/MonitoringServiceDao.java =>
org/apache/cloudstack/kms/dao/HSMProfileDetailsDao.java} (68%)
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/dao/HSMProfileDetailsDaoImpl.java
copy engine/schema/src/main/java/{com/cloud/user/dao/UserDao.java =>
org/apache/cloudstack/kms/dao/KMSKekVersionDao.java} (56%)
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSKekVersionDaoImpl.java
copy
engine/schema/src/main/java/org/apache/cloudstack/{region/gslb/GlobalLoadBalancerRuleDao.java
=> kms/dao/KMSKeyDao.java} (64%)
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSKeyDaoImpl.java
copy engine/schema/src/main/java/{com/cloud/dc/dao/PodVlanMapDao.java =>
org/apache/cloudstack/kms/dao/KMSWrappedKeyDao.java} (67%)
create mode 100644
engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSWrappedKeyDaoImpl.java
copy framework/{config => kms}/pom.xml (80%)
create mode 100644
framework/kms/src/main/java/org/apache/cloudstack/framework/kms/KMSException.java
create mode 100644
framework/kms/src/main/java/org/apache/cloudstack/framework/kms/KMSProvider.java
create mode 100644
framework/kms/src/main/java/org/apache/cloudstack/framework/kms/KeyPurpose.java
create mode 100644
framework/kms/src/main/java/org/apache/cloudstack/framework/kms/WrappedKey.java
create mode 100644 plugins/kms/database/pom.xml
create mode 100644
plugins/kms/database/src/main/java/org/apache/cloudstack/kms/provider/DatabaseKMSProvider.java
create mode 100644
plugins/kms/database/src/main/java/org/apache/cloudstack/kms/provider/database/KMSDatabaseKekObjectVO.java
create mode 100644
plugins/kms/database/src/main/java/org/apache/cloudstack/kms/provider/database/dao/KMSDatabaseKekObjectDao.java
create mode 100644
plugins/kms/database/src/main/java/org/apache/cloudstack/kms/provider/database/dao/KMSDatabaseKekObjectDaoImpl.java
copy {api/src/main/resources/META-INF/cloudstack/api-config =>
plugins/kms/database/src/main/resources/META-INF/cloudstack/database-kms}/module.properties
(96%)
copy client/src/main/resources/META-INF/cloudstack/webApplicationContext.xml
=>
plugins/kms/database/src/main/resources/META-INF/cloudstack/database-kms/spring-database-kms-context.xml
(75%)
copy {framework/cluster => plugins/kms/pkcs11}/pom.xml (52%)
create mode 100644
plugins/kms/pkcs11/src/main/java/org/apache/cloudstack/kms/provider/pkcs11/PKCS11HSMProvider.java
copy {core/src/main/resources/META-INF/cloudstack/backend =>
plugins/kms/pkcs11/src/main/resources/META-INF/cloudstack/pkcs11-kms}/module.properties
(96%)
copy
plugins/{network-elements/netris/src/main/resources/META-INF/cloudstack/core/spring-netris-core-managers-context.xml
=>
kms/pkcs11/src/main/resources/META-INF/cloudstack/pkcs11-kms/spring-pkcs11-kms-context.xml}
(75%)
create mode 100644
plugins/kms/pkcs11/src/test/java/org/apache/cloudstack/kms/provider/pkcs11/PKCS11HSMProviderTest.java
copy plugins/{backup/dummy => kms}/pom.xml (55%)
create mode 100644
server/src/main/java/org/apache/cloudstack/kms/KMSManagerImpl.java
create mode 100644
server/src/test/java/org/apache/cloudstack/kms/KMSManagerImplAccessTest.java
create mode 100644
server/src/test/java/org/apache/cloudstack/kms/KMSManagerImplHSMTest.java
create mode 100644
server/src/test/java/org/apache/cloudstack/kms/KMSManagerImplKeyCreationTest.java
create mode 100644
server/src/test/java/org/apache/cloudstack/kms/KMSManagerImplKeyLifecycleTest.java
create mode 100644
server/src/test/java/org/apache/cloudstack/kms/KMSManagerImplKeyRotationTest.java
create mode 100644
server/src/test/java/org/apache/cloudstack/kms/KMSManagerImplRetryTest.java
create mode 100644 test/integration/smoke/test_kms_lifecycle.py
create mode 100644 ui/src/config/section/kms.js