Investigate SIGSEGV in CI - do not merge (dqlite 1.16.5) #14468
Commits on Nov 15, 2024
-
shared/entity: Add functions to create snapshot and backup URLs.
Signed-off-by: Mark Laing <[email protected]>
-
lxd/auth/drivers: Add snapshots and backups to authorization model.
Adds instance and storage volume snapshots and backups to the OpenFGA model. These entitlements cannot be assigned to identities, service accounts, or group members. Instead they are inherited from the parent instance or volume. Signed-off-by: Mark Laing <[email protected]>
-
lxd/auth/drivers: Clarify that "can_view" allows viewing snapshots an…
…d backups. Signed-off-by: Mark Laing <[email protected]>
-
lxd/auth: Run
make update-auth.Signed-off-by: Mark Laing <[email protected]>
-
metadata: Run
make update-metadata.Signed-off-by: Mark Laing <[email protected]>
-
lxd/auth/drivers: Remove entitlement validation check.
The auth.ValidateEntitlement function validates all entitlements that can be granted via the API. Since the new entitlements on snapshots and backups cannot be granted via the API, this check fails. The OpenFGA server will return an error if an invalid query is performed based on it's own understanding of the authorization model. Signed-off-by: Mark Laing <[email protected]>
-
lxd/db/openfga: Use entity types for parent-child relations.
Signed-off-by: Mark Laing <[email protected]>
-
lxd/db/openfga: Handle instance and storage_volume relations on Read.
Previously the only entities that had inherited relations were project and server. Now that we are linking instances and storage volumes to their snapshots and backups, the OpenFGADatastore implementation needs to handle these relations. On Read, we can connect a snapshot or backup to its parent instance or storage volume using the information stored in its URL. For example, the storage volume backup URL: /1.0/storage-pools/default/volumes/custom/vol1/backups/backup1?project=project1 is related to its parent: /1.0/storage-pools/default/volumes/custom/vol1?project=project1 via the `storage_volume relation`. Signed-off-by: Mark Laing <[email protected]>
-
lxd/db/openfga: Handle instance and storage_volume relations on ReadS…
…tartingWithUser. Previously the only entities that had inherited relations were project and server. Now that we are linking instances and storage volumes to their snapshots and backups, the OpenFGADatastore implementation needs to handle these relations. On ReadStartingWithUser, the function needs to return all backups or snapshots that are related to a parent instance or storage volume. This is used in the `ListObjects` call to the OpenFGA server, which is used by `(auth.Authorizer).GetPermissionChecker`. To do this, I have naively queried for all snapshots or backups in the project, and filtered out those that don't have the correct parent. This keeps the implementation simple and makes use of `GetEntityURLs`, which performs as few queries as possible. Further optimisation may be needed. Signed-off-by: Mark Laing <[email protected]>
-
lxd: Update instance backup and snapshot authorization checks.
We can now use the `can_view`, `can_edit`, and `can_delete` entitlements with instance backups and snapshots. We should do this so that our checks more accurately reflect the authorization model. Signed-off-by: Mark Laing <[email protected]>
-
lxd: Add location to storage volume details.
The access handler was performing some logic to determine the location of the storage volume for use in the access check. This was based on whether the storage pool is remote, and if not, the cluster member where the volume is located. This commit removes that logic and adds a "location" field to `storageVolumeDetails` so that it can be used in the handlers. The logic for determining the location is modified to suit the call site. It is only set when the pool is not remote. Signed-off-by: Mark Laing <[email protected]>
-
lxd: Parameterise the storagePoolVolumeTypeAccessHandler by entity type.
The storage volume snapshot and backup access handlers need to share almost identical logic to the storage volume access handler. Including getting the storage pool, understanding if the storage volume is located on another cluster member, and so forth. This commit parameterises the function so that it can be used by the snapshot and backup entity types as well; creating and checking against the correct URL when called. Signed-off-by: Mark Laing <[email protected]>
-
lxd: Update calls to the storage volume access handler.
Signed-off-by: Mark Laing <[email protected]>
-
lxd: Update storage volume snapshot and backup access checks.
We can now check `can_view`, `can_edit`, and `can_delete` against the backup/snapshot itself. We should do so to more accurately reflect the authorization model. Signed-off-by: Mark Laing <[email protected]>
-
test/suites: Add tests for storage pool used-by filtering.
Signed-off-by: Mark Laing <[email protected]>
-
Fix linter errors (revive: redefines-builtin-id).
Signed-off-by: Mark Laing <[email protected]>
-
DEBUG: Add recovery handling and instance put logging
Signed-off-by: Mark Laing <[email protected]>
-
test/main: print apport crashes info
Print all Apport [1] crash reports in case of test failures. https://wiki.ubuntu.com/Apport Signed-off-by: Alexander Mikhalitsyn <[email protected]>
-
Signed-off-by: Mark Laing <[email protected]>
-
Revert "lxd: Switch to v3 of go-dqlite"
This reverts commit e85099d. Signed-off-by: Mark Laing <[email protected]>
-
Revert "gomod: Switch to v3 of go-dqlite"
This reverts commit dd30aac. Signed-off-by: Mark Laing <[email protected]>
-
Revert "lxd/cluster: Print last dqlite entry on gateway shutdown"
This reverts commit 76c9c9b. Signed-off-by: Mark Laing <[email protected]>
