diff --git a/doc/notification_samples/common_payloads/ImageMetaPropsPayload.json b/doc/notification_samples/common_payloads/ImageMetaPropsPayload.json index d1adfcc427..c4af49022f 100644 --- a/doc/notification_samples/common_payloads/ImageMetaPropsPayload.json +++ b/doc/notification_samples/common_payloads/ImageMetaPropsPayload.json @@ -4,5 +4,5 @@ "hw_architecture": "x86_64" }, "nova_object.name": "ImageMetaPropsPayload", - "nova_object.version": "1.9" + "nova_object.version": "1.10" } diff --git a/nova/notifications/objects/image.py b/nova/notifications/objects/image.py index b4852fc4e7..6f6e3b7c0f 100644 --- a/nova/notifications/objects/image.py +++ b/nova/notifications/objects/image.py @@ -126,7 +126,9 @@ class ImageMetaPropsPayload(base.NotificationPayloadBase): # Version 1.7: Added 'hw_input_bus' field # Version 1.8: Added 'bochs' as an option to 'hw_video_model' # Version 1.9: Added 'hw_emulation_architecture' field - VERSION = '1.9' + # Version 1.10: Added 'hw_ephemeral_encryption' and + # 'hw_ephemeral_encryption_format' fields + VERSION = '1.10' SCHEMA = { k: ('image_meta_props', k) for k in image_meta.ImageMetaProps.fields} diff --git a/nova/objects/fields.py b/nova/objects/fields.py index d8cb10f700..e977aedb4a 100644 --- a/nova/objects/fields.py +++ b/nova/objects/fields.py @@ -260,6 +260,14 @@ class BlockDeviceType(BaseNovaEnum): ALL = (CDROM, DISK, FLOPPY, FS, LUN) +class BlockDeviceEncryptionFormatType(BaseNovaEnum): + PLAIN = 'plain' + LUKS = 'luks' + LUKSv2 = 'luksv2' + + ALL = (PLAIN, LUKS, LUKSv2) + + class ConfigDrivePolicy(BaseNovaEnum): OPTIONAL = "optional" MANDATORY = "mandatory" @@ -1197,6 +1205,10 @@ class BlockDeviceTypeField(BaseEnumField): AUTO_TYPE = BlockDeviceType() +class BlockDeviceEncryptionFormatTypeField(BaseEnumField): + AUTO_TYPE = BlockDeviceEncryptionFormatType() + + class ConfigDrivePolicyField(BaseEnumField): AUTO_TYPE = ConfigDrivePolicy() diff --git a/nova/objects/image_meta.py b/nova/objects/image_meta.py index bd8ec69ab4..f17f145daf 100644 --- a/nova/objects/image_meta.py +++ b/nova/objects/image_meta.py @@ -188,14 +188,19 @@ class ImageMetaProps(base.NovaObject): # Version 1.29: Added 'hw_input_bus' field # Version 1.30: Added 'bochs' as an option to 'hw_video_model' # Version 1.31: Added 'hw_emulation_architecture' field + # Version 1.32: Added 'hw_ephemeral_encryption' and + # 'hw_ephemeral_encryption_format' fields # NOTE(efried): When bumping this version, the version of # ImageMetaPropsPayload must also be bumped. See its docstring for details. - VERSION = '1.31' + VERSION = '1.32' def obj_make_compatible(self, primitive, target_version): super(ImageMetaProps, self).obj_make_compatible(primitive, target_version) target_version = versionutils.convert_version_to_tuple(target_version) + if target_version < (1, 32): + primitive.pop('hw_ephemeral_encryption', None) + primitive.pop('hw_ephemeral_encryption_format', None) if target_version < (1, 31): primitive.pop('hw_emulation_architecture', None) if target_version < (1, 30): @@ -449,6 +454,12 @@ class ImageMetaProps(base.NovaObject): # version of emulated TPM to use. 'hw_tpm_version': fields.TPMVersionField(), + # boolean - if true will enable ephemeral encryption for instance + 'hw_ephemeral_encryption': fields.FlexibleBooleanField(), + # encryption format to be used when ephemeral encryption is enabled + 'hw_ephemeral_encryption_format': + fields.BlockDeviceEncryptionFormatTypeField(), + # if true download using bittorrent 'img_bittorrent': fields.FlexibleBooleanField(), diff --git a/nova/tests/functional/notification_sample_tests/test_instance.py b/nova/tests/functional/notification_sample_tests/test_instance.py index b8ab0ee9ba..84c7246f67 100644 --- a/nova/tests/functional/notification_sample_tests/test_instance.py +++ b/nova/tests/functional/notification_sample_tests/test_instance.py @@ -1231,7 +1231,7 @@ class TestInstanceNotificationSample( 'nova_object.data': {}, 'nova_object.name': 'ImageMetaPropsPayload', 'nova_object.namespace': 'nova', - 'nova_object.version': '1.9', + 'nova_object.version': '1.10', }, 'image.size': 58145823, 'image.tags': [], @@ -1327,7 +1327,7 @@ class TestInstanceNotificationSample( 'nova_object.data': {}, 'nova_object.name': 'ImageMetaPropsPayload', 'nova_object.namespace': 'nova', - 'nova_object.version': '1.9', + 'nova_object.version': '1.10', }, 'image.size': 58145823, 'image.tags': [], diff --git a/nova/tests/unit/notifications/objects/test_notification.py b/nova/tests/unit/notifications/objects/test_notification.py index 4b6869effb..1fddd26045 100644 --- a/nova/tests/unit/notifications/objects/test_notification.py +++ b/nova/tests/unit/notifications/objects/test_notification.py @@ -386,7 +386,7 @@ notification_object_data = { # ImageMetaProps, so when you see a fail here for that reason, you must # *also* bump the version of ImageMetaPropsPayload. See its docstring for # more information. - 'ImageMetaPropsPayload': '1.9-24a851511d98e652aebd3536e7e08330', + 'ImageMetaPropsPayload': '1.10-44cf0030dc94a1a60ba7a0e222e854d6', 'InstanceActionNotification': '1.0-a73147b93b520ff0061865849d3dfa56', 'InstanceActionPayload': '1.8-4fa3da9cbf0761f1f700ae578f36dc2f', 'InstanceActionRebuildNotification': diff --git a/nova/tests/unit/objects/test_image_meta.py b/nova/tests/unit/objects/test_image_meta.py index 6e3725de84..e47f653ba2 100644 --- a/nova/tests/unit/objects/test_image_meta.py +++ b/nova/tests/unit/objects/test_image_meta.py @@ -349,6 +349,34 @@ class TestImageMetaProps(test.NoDBTestCase): self.assertRaises(exception.ObjectActionError, obj.obj_to_primitive, '1.0') + def test_obj_make_compatible_hw_ephemeral_encryption(self): + """Check 'hw_ephemeral_encryption(_format)' compatibility.""" + # assert that 'hw_ephemeral_encryption' and + # 'hw_ephemeral_encryption_format' is supported + # on a suitably new version + new_fields = ( + 'hw_ephemeral_encryption', + 'hw_ephemeral_encryption_format' + ) + eph_format = objects.fields.BlockDeviceEncryptionFormatType.LUKS + obj = objects.ImageMetaProps( + hw_ephemeral_encryption='yes', + hw_ephemeral_encryption_format=eph_format, + ) + primitive = obj.obj_to_primitive('1.32') + for field in new_fields: + self.assertIn(field, primitive['nova_object.data']) + self.assertTrue( + primitive['nova_object.data']['hw_ephemeral_encryption']) + self.assertEqual( + eph_format, + primitive['nova_object.data']['hw_ephemeral_encryption_format']) + + # and is absent on older versions + primitive = obj.obj_to_primitive('1.31') + for field in new_fields: + self.assertNotIn(field, primitive['nova_object.data']) + def test_obj_make_compatible_hw_emulation(self): """Check 'hw_emulation_architecture' compatibility.""" # assert that 'hw_emulation_architecture' is supported diff --git a/nova/tests/unit/objects/test_objects.py b/nova/tests/unit/objects/test_objects.py index 1897117115..2930bf1940 100644 --- a/nova/tests/unit/objects/test_objects.py +++ b/nova/tests/unit/objects/test_objects.py @@ -1072,7 +1072,7 @@ object_data = { 'HyperVLiveMigrateData': '1.4-e265780e6acfa631476c8170e8d6fce0', 'IDEDeviceBus': '1.0-29d4c9f27ac44197f01b6ac1b7e16502', 'ImageMeta': '1.8-642d1b2eb3e880a367f37d72dd76162d', - 'ImageMetaProps': '1.31-27337af769b0c85b4ba4be8aebc1a65d', + 'ImageMetaProps': '1.32-4967d35948af08b710b8b861f3fff0f9', 'Instance': '2.7-d187aec68cad2e4d8b8a03a68e4739ce', 'InstanceAction': '1.2-9a5abc87fdd3af46f45731960651efb5', 'InstanceActionEvent': '1.4-5b1f361bd81989f8bb2c20bb7e8a4cb4',