womax/nova - nova - Gitea: Git with a cup of tea

womax/nova

Fork 0

Commit Graph

Author	SHA1	Message	Date
Matt Riedemann	1241e3ec2a	Stop using "nova" in API samples when creating a server The "availability_zone" parameter for server create in the API reference and the availabilty zone user docs both say that users should not use the default availability zone (nova) yet our server create API samples use "nova" which is...bad. This change fixes the API samples and related tests to use a fake "us-west" availability zone. For any samples that were requesting an AZ when creating a server, those are changed from requesting "nova" to requesting "us-west" and a new AvailabilityZoneFixture is added to stub out the code used to validate the requested AZ and what is shown in server detail responses. Some unused samples are removed from the os-availability-zone directory and the API reference and AZ user docs are updated for formatting and linking to other docs for reference. Change-Id: I3161157f15f05a3ffaaf1b48e7beb6b3e59c5513 Closes-Bug: #1817963	2019-03-01 10:43:08 -05:00
Brianna Poulos	8c7ca368b1	Add trusted_image_certificates to REST API This change adds support for the trusted_image_certificates parameter, which is used to define a list of trusted certificate IDs that can be used during image signature verification and certificate validation. The parameter may contain a list of strings, each string representing the ID of a trusted certificate. The list is restricted to a maximum of 50 IDs. The list of certificate IDs will be stored in the trusted_certs field of the instance InstanceExtra and will be used to verify the validity of the signing certificate of a signed instance image. The trusted_image_certificates request parameter can be passed to the server create and rebuild APIs (if allowed by policy): * POST /servers * POST /servers/{server_id}/action (rebuild) The following policy rules were added to restrict the usage of the ``trusted_image_certificates`` request parameter in the server create and rebuild APIs: * os_compute_api:servers:create:trusted_certs * os_compute_api:servers:rebuild:trusted_certs The trusted_image_certificates parameter will be in the response body of the following APIs (not restricted by policy): * GET /servers/detail * GET /servers/{server_id} * PUT /servers/{server_id} * POST /servers/{server_id}/action (rebuild) APIImpact Implements blueprint: nova-validate-certificates Change-Id: Iedd3fea0e86648fae364f075915555dcb2c4f199	2018-06-13 15:52:59 -04:00

Author

SHA1

Message

Date

Matt Riedemann

1241e3ec2a

Stop using "nova" in API samples when creating a server

The "availability_zone" parameter for server create in the
API reference and the availabilty zone user docs both say
that users should not use the default availability zone (nova)
yet our server create API samples use "nova" which is...bad.

This change fixes the API samples and related tests to use
a fake "us-west" availability zone. For any samples that were
requesting an AZ when creating a server, those are changed from
requesting "nova" to requesting "us-west" and a new
AvailabilityZoneFixture is added to stub out the code used to
validate the requested AZ and what is shown in server detail
responses.

Some unused samples are removed from the os-availability-zone
directory and the API reference and AZ user docs are updated for
formatting and linking to other docs for reference.

Change-Id: I3161157f15f05a3ffaaf1b48e7beb6b3e59c5513
Closes-Bug: #1817963

2019-03-01 10:43:08 -05:00

Brianna Poulos

8c7ca368b1

Add trusted_image_certificates to REST API

This change adds support for the trusted_image_certificates parameter,
which is used to define a list of trusted certificate IDs that can be
used during image signature verification and certificate validation. The
parameter may contain a list of strings, each string representing the ID
of a trusted certificate. The list is restricted to a maximum of 50 IDs.
The list of certificate IDs will be stored in the trusted_certs field of
the instance InstanceExtra and will be used to verify the validity of
the signing certificate of a signed instance image.

The trusted_image_certificates request parameter can be passed to
the server create and rebuild APIs (if allowed by policy):

* POST /servers
* POST /servers/{server_id}/action (rebuild)

The following policy rules were added to restrict the usage of the
``trusted_image_certificates`` request parameter in the server create
and rebuild APIs:

* os_compute_api:servers:create:trusted_certs
* os_compute_api:servers:rebuild:trusted_certs

The trusted_image_certificates parameter will be in the response
body of the following APIs (not restricted by policy):

* GET /servers/detail
* GET /servers/{server_id}
* PUT /servers/{server_id}
* POST /servers/{server_id}/action (rebuild)

APIImpact

Implements blueprint: nova-validate-certificates
Change-Id: Iedd3fea0e86648fae364f075915555dcb2c4f199

2018-06-13 15:52:59 -04:00

2 Commits