You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2022/07/27 14:03:27 UTC
[GitHub] [cloudstack] nvazquez opened a new pull request, #6577: New API: createConsoleURL
nvazquez opened a new pull request, #6577:
URL: https://github.com/apache/cloudstack/pull/6577
### Description
**IN PROGRESS**
This PR creates a new API to create VM console URL allowing it to connect using other UI implementations
### Types of changes
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [x] New feature (non-breaking change which adds functionality)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] Enhancement (improves an existing feature and functionality)
- [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
### Feature/Enhancement Scale or Bug Severity
#### Feature/Enhancement Scale
- [ ] Major
- [ ] Minor
#### Bug Severity
- [ ] BLOCKER
- [ ] Critical
- [ ] Major
- [ ] Minor
- [ ] Trivial
### Screenshots (if appropriate):
### How Has This Been Tested?
<!-- Please describe in detail how you tested your changes. -->
<!-- Include details of your testing environment, and the tests you ran to -->
<!-- see how your change affects other areas of the code, etc. -->
<!-- Please read the [CONTRIBUTING](https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md) document -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218362700
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244860033
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214603456
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 3981
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217391390
<b>Trillian test result (tid-4710)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 36988 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4710-kvm-centos7.zip
Smoke tests completed. 101 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1201489536
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214614109
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216037715
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215017187
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2146)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216719373
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216786978
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [9 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.6% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on a diff in pull request #6577: New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
nvazquez commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r931173846
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,459 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console/thumbnail access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ String userId = null;
+ String account = null;
+ Account accountObj = null;
+
+// Map<String, Object[]> params = new HashMap<String, Object[]>();
+// params.putAll(req.getParameterMap());
+//
+// HttpSession session = req.getSession(false);
+// if (session == null) {
+// if (verifyRequest(params)) {
+// userId = (String)params.get("userid")[0];
+// account = (String)params.get("account")[0];
+// accountObj = (Account)params.get("accountobj")[0];
+// } else {
+// s_logger.debug("Invalid web session or API key in request, reject console/thumbnail access");
+// sendResponse(resp, "Access denied. Invalid web session or API key in request");
+// return;
+// }
+// } else {
+// // adjust to latest API refactoring changes
+// if (session.getAttribute("userid") != null) {
+// userId = ((Long)session.getAttribute("userid")).toString();
+// }
+//
+// accountObj = (Account)session.getAttribute("accountobj");
+// if (accountObj != null) {
+// account = "" + accountObj.getId();
+// }
+// }
+
+// // Do a sanity check here to make sure the user hasn't already been deleted
+// if ((userId == null) || (account == null) || (accountObj == null) || !verifyUser(Long.valueOf(userId))) {
+// s_logger.debug("Invalid user/account, reject console/thumbnail access");
+// sendResponse(resp, "Access denied. Invalid or inconsistent account is found");
+// return;
+// }
+//
+// String cmd = req.getParameter("cmd");
+// if (cmd == null || !isValidCmd(cmd)) {
+// s_logger.debug("invalid console servlet command: " + cmd);
+// sendResponse(resp, "");
+// return;
+// }
+//
+// String vmIdString = req.getParameter("vm");
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+// if (!checkSessionPermision(req, vmId, accountObj)) {
+// sendResponse(resp, "Permission denied");
+// return;
+// }
+
+// if (cmd.equalsIgnoreCase("thumbnail")) {
+// handleThumbnailRequest(req, resp, vmId);
+// } else if (cmd.equalsIgnoreCase("access")) {
+// handleAccessRequest(req, resp, vmId);
+// } else {
+// handleAuthRequest(req, resp, vmId);
+// }
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private String generateAccessUrl(Long vmId) {
+ VirtualMachine vm = _vmMgr.findById(vmId);
+ String msg;
+ if (vm == null) {
+ msg = "VM " + vmId + " does not exist, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ if (vm.getHostId() == null) {
+ msg = "VM " + vmId + " lost host info, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ HostVO host = _ms.getHostBy(vm.getHostId());
+ if (host == null) {
+ msg = "VM " + vmId + "'s host does not exist, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ if (Hypervisor.HypervisorType.LXC.equals(vm.getHypervisorType())) {
+ throw new CloudRuntimeException("Console access is not supported for LXC");
+ }
+
+ String rootUrl = _ms.getConsoleAccessUrlRoot(vmId);
+ if (rootUrl == null) {
+ throw new CloudRuntimeException("Console access will be ready in a few minutes. Please try it again later.");
+ }
+
+ String vmName = vm.getHostName();
+ if (vm.getType() == VirtualMachine.Type.User) {
+ UserVm userVm = _entityMgr.findById(UserVm.class, vmId);
+ String displayName = userVm.getDisplayName();
+ if (displayName != null && !displayName.isEmpty() && !displayName.equals(vmName)) {
+ vmName += "(" + displayName + ")";
+ }
+ }
+
+// InetAddress remoteAddress = null;
+// try {
+// remoteAddress = ApiServlet.getClientAddress(req);
+// } catch (UnknownHostException e) {
+// s_logger.warn("UnknownHostException when trying to lookup remote IP-Address. This should never happen. Blocking request.", e);
+// }
+
+ String url = composeConsoleAccessUrl(rootUrl, vm, host, null);
+ s_logger.debug("The console URL is: " + url);
+ return url;
+ }
+
+ public static final String escapeHTML(String content) {
+ if (content == null || content.isEmpty())
+ return content;
+
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < content.length(); i++) {
+ char c = content.charAt(i);
+ switch (c) {
+ case '<':
+ sb.append("<");
+ break;
+ case '>':
+ sb.append(">");
+ break;
+ case '&':
+ sb.append("&");
+ break;
+ case '"':
+ sb.append(""");
+ break;
+ case ' ':
+ sb.append(" ");
+ break;
+ default:
+ sb.append(c);
+ break;
+ }
+ }
+ return sb.toString();
+ }
+
+ private String composeConsoleAccessUrl(String rootUrl, VirtualMachine vm, HostVO hostVo, InetAddress addr) {
Review Comment:
Yes, the goal is to move the code away from the servlet in favour of the API implementation. Please note this PR is still in progress, will be polishing it
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218547020
<b>Trillian test result (tid-4714)</b>
Environment: vmware-65u2 (x2), Advanced Networking with Mgmt server 7
Total time taken: 54613 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4714-vmware-65u2.zip
Smoke tests completed. 101 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_deploy_vm_on_specific_host | `Error` | 14.72 | test_vm_deployment_planner.py
test_02_deploy_vm_on_specific_cluster | `Error` | 3603.87 | test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod | `Error` | 3.38 | test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster | `Error` | 2.51 | test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod | `Error` | 3.35 | test_vm_deployment_planner.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214567248
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215024463
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2147)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215473993
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215560939
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 3993
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216690081
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [10 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215742331
<b>Trillian Build Failed (tid-4698)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215862817
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1232128317
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] borisstoyanov commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
borisstoyanov commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235382626
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233143816
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219007117
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2177)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215211836
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216727248
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216726682
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216837704
@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214946241
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215420478
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2152)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216778003
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4004
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217376365
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219004361
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233145748
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233144712
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233214037
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [7 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1201489135
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1231966679
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [9 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.4% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1231956720
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4089
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] GutoVeronezi commented on a diff in pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
GutoVeronezi commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r967026872
##########
server/src/main/java/com/cloud/server/ManagementServerImpl.java:
##########
@@ -2847,6 +2849,42 @@ public String getConsoleAccessUrlRoot(final long vmId) {
return null;
}
+ @Override
+ public Pair<Boolean, String> setConsoleAccessForVm(long vmId, String sessionUuid) {
+ final VMInstanceVO vm = _vmInstanceDao.findById(vmId);
+ if (vm == null) {
+ return new Pair<>(false, "Cannot find a VM with id = " + vmId);
+ }
+ final ConsoleProxyInfo proxy = getConsoleProxyForVm(vm.getDataCenterId(), vmId);
+ if (proxy == null) {
+ return new Pair<>(false, "Cannot find a console proxy for the VM " + vmId);
+ }
+ AllowConsoleAccessCommand cmd = new AllowConsoleAccessCommand(sessionUuid);
+ HostVO hostVO = _hostDao.findByTypeNameAndZoneId(vm.getDataCenterId(), proxy.getProxyName(), Type.ConsoleProxy);
+ if (hostVO == null) {
+ return new Pair<>(false, "Cannot find a console proxy agent for CPVM with name " + proxy.getProxyName());
+ }
+ Answer answer;
+ try {
+ answer = _agentMgr.send(hostVO.getId(), cmd);
+ } catch (AgentUnavailableException | OperationTimedoutException e) {
+ String errorMsg = "Could not send allow session command to CPVM: " + e.getMessage();
+ s_logger.error(errorMsg, e);
+ return new Pair<>(false, errorMsg);
+ }
+ return new Pair<>(answer != null && answer.getResult(), answer != null ? answer.getDetails() : "null answer");
Review Comment:
```suggestion
boolean result = false;
String details = "null answer";
if (answer != null) {
result = answer.getResult();
details = answer.getDetails();
}
return new Pair<>(result, details);
```
##########
server/src/main/java/com/cloud/servlet/ConsoleProxyClientParam.java:
##########
@@ -36,6 +36,15 @@ public class ConsoleProxyClientParam {
private String sourceIP;
private String websocketUrl;
+ private String sessionUuid;
+
+ // The server-side generated value for extra console endpoint validation
+ private String extraSecurityToken;
+
+ // The extra parameter received in the console URL, must be compared against the server-side generated value
+ // for extra validation (if has been enabled)
Review Comment:
It could be a JavaDoc instead of a comment.
##########
server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,489 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.consoleproxy.ConsoleProxyManager;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.api.command.user.consoleproxy.ConsoleEndpoint;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager accountManager;
+ @Inject
+ private VirtualMachineManager virtualMachineManager;
+ @Inject
+ private ManagementServer managementServer;
+ @Inject
+ private EntityManager entityManager;
+ @Inject
+ private UserVmDetailsDao userVmDetailsDao;
+ @Inject
+ private KeysManager keysManager;
+ @Inject
+ private AgentManager agentManager;
+ @Inject
+ private ConsoleProxyManager consoleProxyManager;
+
+ private static KeysManager secretKeysManager;
+ private final Gson gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ private static Set<String> allowedSessions;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ ConsoleAccessManagerImpl.secretKeysManager = keysManager;
+ ConsoleAccessManagerImpl.allowedSessions = new HashSet<>();
+ return super.configure(name, params);
+ }
+
+ @Override
+ public ConsoleEndpoint generateConsoleEndpoint(Long vmId, String extraSecurityToken, String clientAddress) {
+ try {
+ if (accountManager == null || virtualMachineManager == null || managementServer == null) {
Review Comment:
We could use `org.apache.commons.lang3.ObjectUtils#anyNull()` here:
```suggestion
if (ObjectUtils.anyNull(accountManager, virtualMachineManager, managementServer)) {
```
##########
api/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManager.java:
##########
@@ -0,0 +1,35 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.consoleproxy;
+
+import com.cloud.utils.component.Manager;
+import org.apache.cloudstack.api.command.user.consoleproxy.ConsoleEndpoint;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.config.Configurable;
+
+public interface ConsoleAccessManager extends Manager, Configurable {
+
+ ConfigKey<Boolean> ConsoleProxyExtraSecurityValidationEnabled = new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, Boolean.class,
+ "consoleproxy.extra.security.validation.enabled", "false",
+ "Enable/disable extra security validation for console proxy using an extra token", true);
Review Comment:
```suggestion
"Enable/disable extra security validation for console proxy using an extra token.", true);
```
##########
server/src/main/java/com/cloud/servlet/ConsoleProxyClientParam.java:
##########
@@ -36,6 +36,15 @@ public class ConsoleProxyClientParam {
private String sourceIP;
private String websocketUrl;
+ private String sessionUuid;
+
+ // The server-side generated value for extra console endpoint validation
Review Comment:
It could be a JavaDoc instead of a comment.
##########
server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,489 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.consoleproxy.ConsoleProxyManager;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.api.command.user.consoleproxy.ConsoleEndpoint;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager accountManager;
+ @Inject
+ private VirtualMachineManager virtualMachineManager;
+ @Inject
+ private ManagementServer managementServer;
+ @Inject
+ private EntityManager entityManager;
+ @Inject
+ private UserVmDetailsDao userVmDetailsDao;
+ @Inject
+ private KeysManager keysManager;
+ @Inject
+ private AgentManager agentManager;
+ @Inject
+ private ConsoleProxyManager consoleProxyManager;
+
+ private static KeysManager secretKeysManager;
+ private final Gson gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ private static Set<String> allowedSessions;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ ConsoleAccessManagerImpl.secretKeysManager = keysManager;
+ ConsoleAccessManagerImpl.allowedSessions = new HashSet<>();
+ return super.configure(name, params);
+ }
+
+ @Override
+ public ConsoleEndpoint generateConsoleEndpoint(Long vmId, String extraSecurityToken, String clientAddress) {
+ try {
+ if (accountManager == null || virtualMachineManager == null || managementServer == null) {
+ return new ConsoleEndpoint(false, null,"Console service is not ready");
+ }
+
+ if (keysManager.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new ConsoleEndpoint(false, null, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new ConsoleEndpoint(false, null,"Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = entityManager.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new ConsoleEndpoint(false, null, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermission(vm, account)) {
+ return new ConsoleEndpoint(false, null, "Permission denied");
+ }
+
+ if (BooleanUtils.isTrue(ConsoleAccessManager.ConsoleProxyExtraSecurityValidationEnabled.value()) &&
+ StringUtils.isBlank(extraSecurityToken)) {
+ String errorMsg = "Extra security validation is enabled but the extra token is missing";
+ s_logger.error(errorMsg);
+ return new ConsoleEndpoint(false, errorMsg);
+ }
+
+ String sessionUuid = UUID.randomUUID().toString();
+ return generateAccessEndpoint(vmId, sessionUuid, extraSecurityToken, clientAddress);
+ } catch (Exception e) {
+ s_logger.error("Unexepected exception in ConsoleAccessManager", e);
Review Comment:
We could print the some context info here, like the `vmId` or the `clientAddress`.
##########
api/src/main/java/org/apache/cloudstack/api/command/user/consoleproxy/CreateConsoleEndpointCmd.java:
##########
@@ -0,0 +1,120 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.api.command.user.consoleproxy;
+
+import com.cloud.exception.ConcurrentOperationException;
+import com.cloud.exception.InsufficientCapacityException;
+import com.cloud.exception.NetworkRuleConflictException;
+import com.cloud.exception.ResourceAllocationException;
+import com.cloud.exception.ResourceUnavailableException;
+import org.apache.cloudstack.acl.RoleType;
+import org.apache.cloudstack.api.APICommand;
+import org.apache.cloudstack.api.ApiConstants;
+import org.apache.cloudstack.api.ApiErrorCode;
+import org.apache.cloudstack.api.BaseCmd;
+import org.apache.cloudstack.api.Parameter;
+import org.apache.cloudstack.api.ServerApiException;
+import org.apache.cloudstack.api.response.ConsoleEndpointWebsocketResponse;
+import org.apache.cloudstack.api.response.CreateConsoleEndpointResponse;
+import org.apache.cloudstack.api.response.UserVmResponse;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.utils.consoleproxy.ConsoleAccessUtils;
+import org.apache.commons.collections.MapUtils;
+import org.apache.log4j.Logger;
+
+import javax.inject.Inject;
+import java.util.Map;
+
+@APICommand(name = CreateConsoleEndpointCmd.APINAME, description = "Create a console endpoint to connect to a VM console",
+ responseObject = CreateConsoleEndpointResponse.class, since = "4.18.0",
+ requestHasSensitiveInfo = false, responseHasSensitiveInfo = false,
+ authorized = {RoleType.Admin, RoleType.ResourceAdmin, RoleType.DomainAdmin, RoleType.User})
+public class CreateConsoleEndpointCmd extends BaseCmd {
+
+ public static final String APINAME = "createConsoleEndpoint";
+ public static final Logger s_logger = Logger.getLogger(CreateConsoleEndpointCmd.class.getName());
+
+ @Inject
+ private ConsoleAccessManager consoleManager;
+
+ @Parameter(name = ApiConstants.VIRTUAL_MACHINE_ID,
+ type = CommandType.UUID,
+ entityType = UserVmResponse.class,
+ required = true,
+ description = "ID of the VM")
+ private Long vmId;
+
+ @Parameter(name = ApiConstants.TOKEN,
+ type = CommandType.STRING,
+ required = false,
+ description = "(optional) extra security token, valid when the extra validation is enabled")
+ private String extraSecurityToken;
+
+ @Override
+ public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException, NetworkRuleConflictException {
+ String clientAddress = getClientAddress();
+ ConsoleEndpoint endpoint = consoleManager.generateConsoleEndpoint(vmId, extraSecurityToken, clientAddress);
+ if (endpoint != null) {
+ CreateConsoleEndpointResponse response = createResponse(endpoint);
+ setResponseObject(response);
+ } else {
+ throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Unable to generate console endpoint for vm " + vmId);
+ }
+ }
+
+ private CreateConsoleEndpointResponse createResponse(ConsoleEndpoint endpoint) {
+ CreateConsoleEndpointResponse response = new CreateConsoleEndpointResponse();
+ response.setResult(endpoint.isResult());
+ response.setDetails(endpoint.getDetails());
+ response.setUrl(endpoint.getUrl());
+ response.setWebsocketResponse(createWebsocketResponse(endpoint));
+ response.setResponseName(getCommandName());
+ response.setObjectName("consoleendpoint");
+ return response;
+ }
+
+ private ConsoleEndpointWebsocketResponse createWebsocketResponse(ConsoleEndpoint endpoint) {
+ ConsoleEndpointWebsocketResponse wsResponse = new ConsoleEndpointWebsocketResponse();
+ wsResponse.setHost(endpoint.getWebsocketHost());
+ wsResponse.setPort(endpoint.getWebsocketPort());
+ wsResponse.setPath(endpoint.getWebsocketPath());
+ wsResponse.setToken(endpoint.getWebsocketToken());
+ wsResponse.setExtra(endpoint.getWebsocketExtra());
+ wsResponse.setObjectName("websocket");
+ return wsResponse;
+ }
+
+ private String getParameterBase(String paramKey) {
+ Map<String, String> params = getFullUrlParams();
+ return MapUtils.isNotEmpty(params) && params.containsKey(paramKey) ? params.get(paramKey) : null;
Review Comment:
[Map#get] already returns `null` if there is no mapping for the key.
```suggestion
return MapUtils.isNotEmpty(params) ? params.get(paramKey) : null;
```
[Map#get]: https://docs.oracle.com/javase/8/docs/api/java/util/Map.html#get-java.lang.Object-
##########
server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,489 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.consoleproxy.ConsoleProxyManager;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.api.command.user.consoleproxy.ConsoleEndpoint;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager accountManager;
+ @Inject
+ private VirtualMachineManager virtualMachineManager;
+ @Inject
+ private ManagementServer managementServer;
+ @Inject
+ private EntityManager entityManager;
+ @Inject
+ private UserVmDetailsDao userVmDetailsDao;
+ @Inject
+ private KeysManager keysManager;
+ @Inject
+ private AgentManager agentManager;
+ @Inject
+ private ConsoleProxyManager consoleProxyManager;
+
+ private static KeysManager secretKeysManager;
+ private final Gson gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ private static Set<String> allowedSessions;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ ConsoleAccessManagerImpl.secretKeysManager = keysManager;
+ ConsoleAccessManagerImpl.allowedSessions = new HashSet<>();
+ return super.configure(name, params);
+ }
+
+ @Override
+ public ConsoleEndpoint generateConsoleEndpoint(Long vmId, String extraSecurityToken, String clientAddress) {
+ try {
+ if (accountManager == null || virtualMachineManager == null || managementServer == null) {
+ return new ConsoleEndpoint(false, null,"Console service is not ready");
+ }
+
+ if (keysManager.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new ConsoleEndpoint(false, null, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new ConsoleEndpoint(false, null,"Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = entityManager.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new ConsoleEndpoint(false, null, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermission(vm, account)) {
+ return new ConsoleEndpoint(false, null, "Permission denied");
+ }
+
+ if (BooleanUtils.isTrue(ConsoleAccessManager.ConsoleProxyExtraSecurityValidationEnabled.value()) &&
+ StringUtils.isBlank(extraSecurityToken)) {
+ String errorMsg = "Extra security validation is enabled but the extra token is missing";
+ s_logger.error(errorMsg);
+ return new ConsoleEndpoint(false, errorMsg);
+ }
+
+ String sessionUuid = UUID.randomUUID().toString();
+ return generateAccessEndpoint(vmId, sessionUuid, extraSecurityToken, clientAddress);
+ } catch (Exception e) {
+ s_logger.error("Unexepected exception in ConsoleAccessManager", e);
+ return new ConsoleEndpoint(false, null, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ @Override
+ public boolean isSessionAllowed(String sessionUuid) {
+ return allowedSessions.contains(sessionUuid);
+ }
+
+ @Override
+ public void removeSessions(String[] sessionUuids) {
+ for (String r : sessionUuids) {
+ allowedSessions.remove(r);
+ }
+ }
+
+ protected boolean checkSessionPermission(VirtualMachine vm, Account account) {
+ if (accountManager.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ accountManager.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (accountManager.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
+ account.getId() + " and caller is a normal user");
+ }
+ } else if ((accountManager.isDomainAdmin(account.getId())
+ || account.getType() == Account.Type.READ_ONLY_ADMIN) && s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId()
Review Comment:
We could print the VM ID here too.
##########
server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,489 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.consoleproxy.ConsoleProxyManager;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.api.command.user.consoleproxy.ConsoleEndpoint;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager accountManager;
+ @Inject
+ private VirtualMachineManager virtualMachineManager;
+ @Inject
+ private ManagementServer managementServer;
+ @Inject
+ private EntityManager entityManager;
+ @Inject
+ private UserVmDetailsDao userVmDetailsDao;
+ @Inject
+ private KeysManager keysManager;
+ @Inject
+ private AgentManager agentManager;
+ @Inject
+ private ConsoleProxyManager consoleProxyManager;
+
+ private static KeysManager secretKeysManager;
+ private final Gson gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ private static Set<String> allowedSessions;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ ConsoleAccessManagerImpl.secretKeysManager = keysManager;
+ ConsoleAccessManagerImpl.allowedSessions = new HashSet<>();
+ return super.configure(name, params);
+ }
+
+ @Override
+ public ConsoleEndpoint generateConsoleEndpoint(Long vmId, String extraSecurityToken, String clientAddress) {
+ try {
+ if (accountManager == null || virtualMachineManager == null || managementServer == null) {
+ return new ConsoleEndpoint(false, null,"Console service is not ready");
+ }
+
+ if (keysManager.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new ConsoleEndpoint(false, null, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new ConsoleEndpoint(false, null,"Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = entityManager.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new ConsoleEndpoint(false, null, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermission(vm, account)) {
+ return new ConsoleEndpoint(false, null, "Permission denied");
+ }
+
+ if (BooleanUtils.isTrue(ConsoleAccessManager.ConsoleProxyExtraSecurityValidationEnabled.value()) &&
+ StringUtils.isBlank(extraSecurityToken)) {
+ String errorMsg = "Extra security validation is enabled but the extra token is missing";
+ s_logger.error(errorMsg);
+ return new ConsoleEndpoint(false, errorMsg);
+ }
+
+ String sessionUuid = UUID.randomUUID().toString();
+ return generateAccessEndpoint(vmId, sessionUuid, extraSecurityToken, clientAddress);
+ } catch (Exception e) {
+ s_logger.error("Unexepected exception in ConsoleAccessManager", e);
+ return new ConsoleEndpoint(false, null, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ @Override
+ public boolean isSessionAllowed(String sessionUuid) {
+ return allowedSessions.contains(sessionUuid);
+ }
+
+ @Override
+ public void removeSessions(String[] sessionUuids) {
+ for (String r : sessionUuids) {
+ allowedSessions.remove(r);
+ }
+ }
+
+ protected boolean checkSessionPermission(VirtualMachine vm, Account account) {
+ if (accountManager.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ accountManager.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (accountManager.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
Review Comment:
We could print the VM ID here too.
##########
server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,489 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package org.apache.cloudstack.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.consoleproxy.ConsoleProxyManager;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.api.command.user.consoleproxy.ConsoleEndpoint;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.UUID;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager accountManager;
+ @Inject
+ private VirtualMachineManager virtualMachineManager;
+ @Inject
+ private ManagementServer managementServer;
+ @Inject
+ private EntityManager entityManager;
+ @Inject
+ private UserVmDetailsDao userVmDetailsDao;
+ @Inject
+ private KeysManager keysManager;
+ @Inject
+ private AgentManager agentManager;
+ @Inject
+ private ConsoleProxyManager consoleProxyManager;
+
+ private static KeysManager secretKeysManager;
+ private final Gson gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ private static Set<String> allowedSessions;
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ ConsoleAccessManagerImpl.secretKeysManager = keysManager;
+ ConsoleAccessManagerImpl.allowedSessions = new HashSet<>();
+ return super.configure(name, params);
+ }
+
+ @Override
+ public ConsoleEndpoint generateConsoleEndpoint(Long vmId, String extraSecurityToken, String clientAddress) {
+ try {
+ if (accountManager == null || virtualMachineManager == null || managementServer == null) {
+ return new ConsoleEndpoint(false, null,"Console service is not ready");
Review Comment:
```suggestion
return new ConsoleEndpoint(false, null, "Console service is not ready");
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on a diff in pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r960719041
##########
plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java:
##########
@@ -47,7 +47,7 @@
import com.cloud.vm.VirtualMachine;
@ResourceWrapper(handles = StartCommand.class)
-public class LibvirtStartCommandWrapper extends CommandWrapper<StartCommand, Answer, LibvirtComputingResource> {
+public final class LibvirtStartCommandWrapper extends CommandWrapper<StartCommand, Answer, LibvirtComputingResource> {
Review Comment:
Had actually reverted the changes on this file @DaanHoogland
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234355921
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] borisstoyanov commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
borisstoyanov commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234352390
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1245216086
<b>Trillian Build Failed (tid-4887)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244859074
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1196876800
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [25 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [37.3% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217376261
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [9 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.6% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217370708
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4005
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218022560
<b>Trillian test result (tid-4711)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 39772 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4711-kvm-centos7.zip
Smoke tests completed. 100 look OK, 2 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_07_arping_in_vr | `Failure` | 5.17 | test_diagnostics.py
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 547.10 | test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218367346
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2173)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218400218
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4011
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215860819
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216627030
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r945769492
##########
server/src/main/java/com/cloud/consoleproxy/AgentHookBase.java:
##########
@@ -93,16 +99,20 @@ public AgentControlAnswer onConsoleAccessAuthentication(ConsoleAccessAuthenticat
}
if (!cmd.isReauthenticating()) {
- String ticket = ConsoleProxyServlet.genAccessTicket(cmd.getHost(), cmd.getPort(), cmd.getSid(), cmd.getVmId());
+ String ticket = ConsoleAccessManagerImpl.genAccessTicket(cmd.getHost(), cmd.getPort(), cmd.getSid(), cmd.getVmId(), sessionUuid);
if (s_logger.isDebugEnabled()) {
s_logger.debug("Console authentication. Ticket in 1 minute boundary for " + cmd.getHost() + ":" + cmd.getPort() + "-" + cmd.getVmId() + " is " + ticket);
}
+ if (!consoleAccessManager.isSessionAllowed(sessionUuid)) {
+ s_logger.error("Invalid session, only one session allowed per token");
+ return new ConsoleAccessAuthenticationAnswer(cmd, false);
+ }
+
Review Comment:
A return in the middle of the method. Can this be refactorred to make this complex method more readable?
##########
plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java:
##########
@@ -110,6 +114,17 @@ public Answer execute(final StartCommand command, final LibvirtComputingResource
}
}
+ if (vmSpec.getType() == VirtualMachine.Type.ConsoleProxy && vmSpec.getVncPort() != null) {
+ String novncPort = vmSpec.getVncPort();
+ try {
+ String addCmd = "echo " + novncPort + " > " + vncConfFileLocation;
+ SshHelper.sshExecute(controlIp, sshPort, "root",
+ pemFile, null, addCmd, 20000, 20000, 600000);
+ } catch (Exception e) {
+ s_logger.error("Could not set the noVNC port " + novncPort + " to the CPVM", e);
+ }
+ }
Review Comment:
can this be a separate method?
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private boolean checkSessionPermision(VirtualMachine vm, Account account) {
+ if (_accountMgr.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ _accountMgr.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (_accountMgr.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
Review Comment:
I don´t think leaving out the 'is' is bettering the English here. let's leave it in.
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,451 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
Review Comment:
new classes should go in `org.apacje.cloudstack` packages
##########
server/src/main/java/com/cloud/hypervisor/HypervisorGuruBase.java:
##########
@@ -283,6 +284,15 @@ protected VirtualMachineTO toVirtualMachineTO(VirtualMachineProfile vmProfile) {
to.setConfigDriveLocation(vmProfile.getConfigDriveLocation());
to.setState(vm.getState());
+ if (vmInstance.getType() == VirtualMachine.Type.ConsoleProxy) {
+ try {
+ String vncPort = String.valueOf(ConsoleProxyManager.NoVncConsolePort.value());
+ to.setVncPort(vncPort);
+ } catch (Exception e) {
+ s_logger.error("Could not parse the noVNC port set on " + ConsoleProxyManager.NoVncConsolePort.key(), e);
+ }
+ }
Review Comment:
extract?
##########
server/src/main/java/com/cloud/api/ApiServlet.java:
##########
@@ -324,6 +327,16 @@ void processRequestInContext(final HttpServletRequest req, final HttpServletResp
// Add the HTTP method (GET/POST/PUT/DELETE) as well into the params map.
params.put("httpmethod", new String[]{req.getMethod()});
setProjectContext(params);
+ if (org.apache.commons.lang3.StringUtils.isNotBlank(command) &&
+ command.equalsIgnoreCase(CreateConsoleEndpointCmd.APINAME)) {
+ InetAddress addr = getClientAddress(req);
+ String clientAddress = addr != null ? addr.getHostAddress() : null;
+ params.put(ConsoleAccessUtils.CLIENT_INET_ADDRESS_KEY, new String[] {clientAddress});
+ if (ConsoleAccessManager.ConsoleProxyExtraSecurityHeaderEnabled.value()) {
+ String clientSecurityToken = req.getHeader(ConsoleAccessManager.ConsoleProxyExtraSecurityHeaderName.value());
+ params.put(ConsoleAccessUtils.CLIENT_SECURITY_HEADER_PARAM_KEY, new String[] {clientSecurityToken});
+ }
+ }
Review Comment:
extra method?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216425668
@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215206948
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [45 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [4.4% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214613733
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215067439
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [46 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [6.3% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215078279
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [45 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [6.4% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215472013
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1220015907
<b>Trillian test result (tid-4726)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 44026 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4726-kvm-centos7.zip
Smoke tests completed. 100 look OK, 2 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_02_upgrade_kubernetes_cluster | `Failure` | 487.60 | test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 615.74 | test_kubernetes_clusters.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | `Failure` | 457.84 | test_vpc_redundant.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234710870
<b>Trillian test result (tid-4795)</b>
Environment: vmware-65u2 (x2), Advanced Networking with Mgmt server 7
Total time taken: 43248 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4795-vmware-65u2.zip
Smoke tests completed. 101 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 703.29 | test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234352916
@borisstoyanov a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1231914577
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1245977862
<b>Trillian test result (tid-4888)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 38042 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4888-kvm-centos7.zip
Smoke tests completed. 102 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud merged pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud merged PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215213945
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215533384
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [10 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.6% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214611967
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [45 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.2% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [6.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215015522
@rohityadavcloud done
@DaanHoogland can you please review?
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215024532
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215108448
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2150)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218362223
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216424249
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] borisstoyanov commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
borisstoyanov commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217529137
@blueorangutan test matrix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218406374
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [9 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [3.4% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.1% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216634601
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2159)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214582994
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215012109
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215011676
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215016151
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216836193
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215073112
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [46 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.1% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [6.3% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219149818
@rohityadavcloud a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215023563
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6577: New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r931120405
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,459 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console/thumbnail access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ String userId = null;
+ String account = null;
+ Account accountObj = null;
+
+// Map<String, Object[]> params = new HashMap<String, Object[]>();
+// params.putAll(req.getParameterMap());
+//
+// HttpSession session = req.getSession(false);
+// if (session == null) {
+// if (verifyRequest(params)) {
+// userId = (String)params.get("userid")[0];
+// account = (String)params.get("account")[0];
+// accountObj = (Account)params.get("accountobj")[0];
+// } else {
+// s_logger.debug("Invalid web session or API key in request, reject console/thumbnail access");
+// sendResponse(resp, "Access denied. Invalid web session or API key in request");
+// return;
+// }
+// } else {
+// // adjust to latest API refactoring changes
+// if (session.getAttribute("userid") != null) {
+// userId = ((Long)session.getAttribute("userid")).toString();
+// }
+//
+// accountObj = (Account)session.getAttribute("accountobj");
+// if (accountObj != null) {
+// account = "" + accountObj.getId();
+// }
+// }
+
+// // Do a sanity check here to make sure the user hasn't already been deleted
+// if ((userId == null) || (account == null) || (accountObj == null) || !verifyUser(Long.valueOf(userId))) {
+// s_logger.debug("Invalid user/account, reject console/thumbnail access");
+// sendResponse(resp, "Access denied. Invalid or inconsistent account is found");
+// return;
+// }
+//
+// String cmd = req.getParameter("cmd");
+// if (cmd == null || !isValidCmd(cmd)) {
+// s_logger.debug("invalid console servlet command: " + cmd);
+// sendResponse(resp, "");
+// return;
+// }
+//
+// String vmIdString = req.getParameter("vm");
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+// if (!checkSessionPermision(req, vmId, accountObj)) {
+// sendResponse(resp, "Permission denied");
+// return;
+// }
+
+// if (cmd.equalsIgnoreCase("thumbnail")) {
+// handleThumbnailRequest(req, resp, vmId);
+// } else if (cmd.equalsIgnoreCase("access")) {
+// handleAccessRequest(req, resp, vmId);
+// } else {
+// handleAuthRequest(req, resp, vmId);
+// }
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private String generateAccessUrl(Long vmId) {
+ VirtualMachine vm = _vmMgr.findById(vmId);
+ String msg;
+ if (vm == null) {
+ msg = "VM " + vmId + " does not exist, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ if (vm.getHostId() == null) {
+ msg = "VM " + vmId + " lost host info, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ HostVO host = _ms.getHostBy(vm.getHostId());
+ if (host == null) {
+ msg = "VM " + vmId + "'s host does not exist, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ if (Hypervisor.HypervisorType.LXC.equals(vm.getHypervisorType())) {
+ throw new CloudRuntimeException("Console access is not supported for LXC");
+ }
+
+ String rootUrl = _ms.getConsoleAccessUrlRoot(vmId);
+ if (rootUrl == null) {
+ throw new CloudRuntimeException("Console access will be ready in a few minutes. Please try it again later.");
+ }
+
+ String vmName = vm.getHostName();
+ if (vm.getType() == VirtualMachine.Type.User) {
+ UserVm userVm = _entityMgr.findById(UserVm.class, vmId);
+ String displayName = userVm.getDisplayName();
+ if (displayName != null && !displayName.isEmpty() && !displayName.equals(vmName)) {
+ vmName += "(" + displayName + ")";
+ }
+ }
+
+// InetAddress remoteAddress = null;
+// try {
+// remoteAddress = ApiServlet.getClientAddress(req);
+// } catch (UnknownHostException e) {
+// s_logger.warn("UnknownHostException when trying to lookup remote IP-Address. This should never happen. Blocking request.", e);
+// }
+
+ String url = composeConsoleAccessUrl(rootUrl, vm, host, null);
+ s_logger.debug("The console URL is: " + url);
+ return url;
+ }
+
+ public static final String escapeHTML(String content) {
+ if (content == null || content.isEmpty())
+ return content;
+
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < content.length(); i++) {
+ char c = content.charAt(i);
+ switch (c) {
+ case '<':
+ sb.append("<");
+ break;
+ case '>':
+ sb.append(">");
+ break;
+ case '&':
+ sb.append("&");
+ break;
+ case '"':
+ sb.append(""");
+ break;
+ case ' ':
+ sb.append(" ");
+ break;
+ default:
+ sb.append(c);
+ break;
+ }
+ }
+ return sb.toString();
+ }
+
+ private String composeConsoleAccessUrl(String rootUrl, VirtualMachine vm, HostVO hostVo, InetAddress addr) {
Review Comment:
@nvazquez
are these code same as `ConsoleProxyServlet.java` ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1232127395
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234414464
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4113
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215730478
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244859728
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244865330
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2345)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1245192475
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1245223216
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1245223787
@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217349606
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218366212
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219192891
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4015
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219149074
@nvazquez are we looking for more changes or is this ready for review/testing?
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235380369
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234689666
<b>Trillian test result (tid-4793)</b>
Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 7
Total time taken: 41696 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4793-xenserver-71.zip
Smoke tests completed. 101 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 634.96 | test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235383121
@borisstoyanov a Jenkins job has been kicked to build packages. It will be bundled with
SystemVM template(s). I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235381527
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233144551
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233861684
@borisstoyanov a Trillian-Jenkins matrix job (centos7 mgmt + xs71, centos7 mgmt + vmware65, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214576141
Packaging result: :heavy_multiplication_x: el7 :heavy_multiplication_x: el8 :heavy_multiplication_x: debian :heavy_multiplication_x: suse15. SL-JID 3979
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215224832
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2151)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215408062
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216628240
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216717755
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217055580
<b>Trillian test result (tid-4701)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 43088 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4701-kvm-centos7.zip
Smoke tests completed. 100 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 3650.90 | test_kubernetes_clusters.py
test_09_delete_kubernetes_ha_cluster | `Failure` | 0.06 | test_kubernetes_clusters.py
ContextSuite context=TestKubernetesCluster>:teardown | `Error` | 75.91 | test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1240000787
<b>Trillian test result (tid-4837)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 37727 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4837-kvm-centos7.zip
Smoke tests completed. 102 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244882722
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4175
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217216827
<b>Trillian test result (tid-4708)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40182 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4708-kvm-centos7.zip
Smoke tests completed. 101 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218399311
<b>Trillian test result (tid-4712)</b>
Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 7
Total time taken: 43788 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4712-xenserver-71.zip
Smoke tests completed. 102 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] codecov[bot] commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
codecov[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214660621
# [Codecov](https://codecov.io/gh/apache/cloudstack/pull/6577?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation) Report
> :exclamation: No coverage uploaded for pull request base (`main@61e4e86`). [Click here to learn what that means](https://docs.codecov.io/docs/error-reference?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation#section-missing-base-commit).
> The diff coverage is `n/a`.
```diff
@@ Coverage Diff @@
## main #6577 +/- ##
=======================================
Coverage ? 5.86%
Complexity ? 3933
=======================================
Files ? 2455
Lines ? 242760
Branches ? 37991
=======================================
Hits ? 14248
Misses ? 226935
Partials ? 1577
```
:mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=The+Apache+Software+Foundation)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216042852
<b>Trillian Build Failed (tid-4700)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214950490
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2145)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214946040
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214990090
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [46 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.2% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [6.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215406526
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215731440
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214567290
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214582974
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234369173
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2278)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234426377
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [7 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234356744
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1239313023
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219003905
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215095517
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217349240
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244859488
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1245193386
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] JoaoJandre commented on a diff in pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
JoaoJandre commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r937007741
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
Review Comment:
```suggestion
s_logger.error("Unexpected exception in ConsoleProxyServlet", e);
```
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private boolean checkSessionPermision(VirtualMachine vm, Account account) {
+ if (_accountMgr.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ _accountMgr.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (_accountMgr.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
+ account.getId() + " and caller is a normal user");
+ }
+ } else if (_accountMgr.isDomainAdmin(account.getId())
+ || account.getType() == Account.Type.READ_ONLY_ADMIN) {
+ if(s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId()
+ + " does not match the account id in session " + account.getId() + " and the domain-admin caller does not manage the target domain");
+ }
+ }
+ return false;
+ }
+ break;
+
+ case DomainRouter:
+ case ConsoleProxy:
+ case SecondaryStorageVm:
+ return false;
+
+ default:
+ s_logger.warn("Unrecoginized virtual machine type, deny access by default. type: " + vm.getType());
Review Comment:
```suggestion
s_logger.warn("Unrecognized virtual machine type, deny access by default. type: " + vm.getType());
```
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private boolean checkSessionPermision(VirtualMachine vm, Account account) {
+ if (_accountMgr.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ _accountMgr.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (_accountMgr.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
+ account.getId() + " and caller is a normal user");
+ }
+ } else if (_accountMgr.isDomainAdmin(account.getId())
+ || account.getType() == Account.Type.READ_ONLY_ADMIN) {
+ if(s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId()
+ + " does not match the account id in session " + account.getId() + " and the domain-admin caller does not manage the target domain");
+ }
+ }
+ return false;
+ }
+ break;
+
+ case DomainRouter:
+ case ConsoleProxy:
+ case SecondaryStorageVm:
+ return false;
+
+ default:
+ s_logger.warn("Unrecoginized virtual machine type, deny access by default. type: " + vm.getType());
+ return false;
+ }
+
+ return true;
+ }
+
+ private String generateAccessUrl(Long vmId) {
+ VirtualMachine vm = _vmMgr.findById(vmId);
+ String msg;
+ if (vm == null) {
+ msg = "VM " + vmId + " does not exist, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ if (vm.getHostId() == null) {
+ msg = "VM " + vmId + " lost host info, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ HostVO host = _ms.getHostBy(vm.getHostId());
+ if (host == null) {
+ msg = "VM " + vmId + "'s host does not exist, sending blank response for console access request";
+ s_logger.warn(msg);
+ throw new CloudRuntimeException(msg);
+ }
+
+ if (Hypervisor.HypervisorType.LXC.equals(vm.getHypervisorType())) {
+ throw new CloudRuntimeException("Console access is not supported for LXC");
+ }
+
+ String rootUrl = _ms.getConsoleAccessUrlRoot(vmId);
+ if (rootUrl == null) {
+ throw new CloudRuntimeException("Console access will be ready in a few minutes. Please try it again later.");
+ }
+
+ String vmName = vm.getHostName();
+ if (vm.getType() == VirtualMachine.Type.User) {
+ UserVm userVm = _entityMgr.findById(UserVm.class, vmId);
+ String displayName = userVm.getDisplayName();
+ if (displayName != null && !displayName.isEmpty() && !displayName.equals(vmName)) {
+ vmName += "(" + displayName + ")";
+ }
+ }
+
+// InetAddress remoteAddress = null;
+// try {
+// remoteAddress = ApiServlet.getClientAddress();
+// } catch (UnknownHostException e) {
+// s_logger.warn("UnknownHostException when trying to lookup remote IP-Address. This should never happen. Blocking request.", e);
+// }
+
+ String url = composeConsoleAccessUrl(rootUrl, vm, host, null);
+ s_logger.debug("The console URL is: " + url);
+ return url;
+ }
+
+ public static final String escapeHTML(String content) {
+ if (content == null || content.isEmpty())
+ return content;
+
+ StringBuilder sb = new StringBuilder();
+ for (int i = 0; i < content.length(); i++) {
+ char c = content.charAt(i);
+ switch (c) {
+ case '<':
+ sb.append("<");
+ break;
+ case '>':
+ sb.append(">");
+ break;
+ case '&':
+ sb.append("&");
+ break;
+ case '"':
+ sb.append(""");
+ break;
+ case ' ':
+ sb.append(" ");
+ break;
+ default:
+ sb.append(c);
+ break;
+ }
+ }
+ return sb.toString();
+ }
+
+ private String composeConsoleAccessUrl(String rootUrl, VirtualMachine vm, HostVO hostVo, InetAddress addr) {
+ StringBuffer sb = new StringBuffer(rootUrl);
+ String host = hostVo.getPrivateIpAddress();
+
+ Pair<String, Integer> portInfo = null;
+ if (hostVo.getHypervisorType() == Hypervisor.HypervisorType.KVM &&
+ (hostVo.getResourceState().equals(ResourceState.ErrorInMaintenance) ||
+ hostVo.getResourceState().equals(ResourceState.ErrorInPrepareForMaintenance))) {
+ UserVmDetailVO detailAddress = _userVmDetailsDao.findDetail(vm.getId(), VmDetailConstants.KVM_VNC_ADDRESS);
+ UserVmDetailVO detailPort = _userVmDetailsDao.findDetail(vm.getId(), VmDetailConstants.KVM_VNC_PORT);
+ if (detailAddress != null && detailPort != null) {
+ portInfo = new Pair<>(detailAddress.getValue(), Integer.valueOf(detailPort.getValue()));
+ } else {
+ s_logger.warn("KVM Host in ErrorInMaintenance/ErrorInPrepareForMaintenance but " +
+ "no VNC Address/Port was available. Falling back to default one from MS.");
+ }
+ }
+
+ if (portInfo == null) {
+ portInfo = _ms.getVncPort(vm);
+ }
+
+ if (s_logger.isDebugEnabled())
+ s_logger.debug("Port info " + portInfo.first());
+
+ Ternary<String, String, String> parsedHostInfo = parseHostInfo(portInfo.first());
+
+ int port = -1;
+ if (portInfo.second() == -9) {
+ //for hyperv
+ port = Integer.parseInt(_ms.findDetail(hostVo.getId(), "rdp.server.port").getValue());
+ } else {
+ port = portInfo.second();
+ }
+
+ String sid = vm.getVncPassword();
+ UserVmDetailVO details = _userVmDetailsDao.findDetail(vm.getId(), VmDetailConstants.KEYBOARD);
+
+ String tag = vm.getUuid();
+
+ String ticket = genAccessTicket(parsedHostInfo.first(), String.valueOf(port), sid, tag);
+ ConsoleProxyPasswordBasedEncryptor encryptor = new ConsoleProxyPasswordBasedEncryptor(getEncryptorPassword());
+ ConsoleProxyClientParam param = new ConsoleProxyClientParam();
+ param.setClientHostAddress(parsedHostInfo.first());
+ param.setClientHostPort(port);
+ param.setClientHostPassword(sid);
+ param.setClientTag(tag);
+ param.setTicket(ticket);
+ param.setSourceIP(addr != null ? addr.getHostAddress(): null);
+
+ if (requiresVncOverWebSocketConnection(vm, hostVo)) {
+ setWebsocketUrl(vm, param);
+ }
+
+ if (details != null) {
+ param.setLocale(details.getValue());
+ }
+
+ if (portInfo.second() == -9) {
+ //For Hyperv Clinet Host Address will send Instance id
+ param.setHypervHost(host);
+ param.setUsername(_ms.findDetail(hostVo.getId(), "username").getValue());
+ param.setPassword(_ms.findDetail(hostVo.getId(), "password").getValue());
+ }
+ if (parsedHostInfo.second() != null && parsedHostInfo.third() != null) {
+ param.setClientTunnelUrl(parsedHostInfo.second());
+ param.setClientTunnelSession(parsedHostInfo.third());
+ }
+
+ if (param.getHypervHost() != null || !ConsoleProxyManager.NoVncConsoleDefault.value()) {
+ sb.append("/ajax?token=" + encryptor.encryptObject(ConsoleProxyClientParam.class, param));
+ } else {
+ sb.append("/resource/noVNC/vnc.html")
+ .append("?autoconnect=true")
+ .append("&port=" + ConsoleProxyManager.DEFAULT_NOVNC_PORT)
+ .append("&token=" + encryptor.encryptObject(ConsoleProxyClientParam.class, param));
+ }
+
+ // for console access, we need guest OS type to help implement keyboard
+ long guestOs = vm.getGuestOSId();
+ GuestOSVO guestOsVo = _ms.getGuestOs(guestOs);
+ if (guestOsVo.getCategoryId() == 6)
+ sb.append("&guest=windows");
+
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("Compose console url: " + sb);
+ }
+ return sb.toString();
+ }
+
+ static public Ternary<String, String, String> parseHostInfo(String hostInfo) {
+ String host = null;
+ String tunnelUrl = null;
+ String tunnelSession = null;
+
+ s_logger.info("Parse host info returned from executing GetVNCPortCommand. host info: " + hostInfo);
+
+ if (hostInfo != null) {
+ if (hostInfo.startsWith("consoleurl")) {
+ String tokens[] = hostInfo.split("&");
+
+ if (hostInfo.length() > 19 && hostInfo.indexOf('/', 19) > 19) {
+ host = hostInfo.substring(19, hostInfo.indexOf('/', 19)).trim();
Review Comment:
This 19 should probably be extracted to a variable and documented. We should avoid using ''magical numbers''.
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private boolean checkSessionPermision(VirtualMachine vm, Account account) {
+ if (_accountMgr.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ _accountMgr.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (_accountMgr.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
Review Comment:
```suggestion
s_logger.debug("VM access denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
```
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
+ s_logger.error("Unexepected exception in ConsoleProxyServlet", e);
+ return new Pair<>(false, "Server Internal Error: " + e.getMessage());
+ }
+ }
+
+ private boolean checkSessionPermision(VirtualMachine vm, Account account) {
+ if (_accountMgr.isRootAdmin(account.getId())) {
+ return true;
+ }
+
+ switch (vm.getType()) {
+ case User:
+ try {
+ _accountMgr.checkAccess(account, null, true, vm);
+ } catch (PermissionDeniedException ex) {
+ if (_accountMgr.isNormalUser(account.getId())) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId() + " does not match the account id in session " +
+ account.getId() + " and caller is a normal user");
+ }
+ } else if (_accountMgr.isDomainAdmin(account.getId())
+ || account.getType() == Account.Type.READ_ONLY_ADMIN) {
+ if(s_logger.isDebugEnabled()) {
+ s_logger.debug("VM access is denied. VM owner account " + vm.getAccountId()
Review Comment:
```suggestion
s_logger.debug("VM access denied. VM owner account " + vm.getAccountId()
```
##########
server/src/main/java/com/cloud/consoleproxy/ConsoleAccessManagerImpl.java:
##########
@@ -0,0 +1,467 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements. See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership. The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied. See the License for the
+// specific language governing permissions and limitations
+// under the License.
+package com.cloud.consoleproxy;
+
+import com.cloud.agent.AgentManager;
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.GetVmVncTicketAnswer;
+import com.cloud.agent.api.GetVmVncTicketCommand;
+import com.cloud.exception.AgentUnavailableException;
+import com.cloud.exception.OperationTimedoutException;
+import com.cloud.exception.PermissionDeniedException;
+import com.cloud.host.HostVO;
+import com.cloud.hypervisor.Hypervisor;
+import com.cloud.resource.ResourceState;
+import com.cloud.server.ManagementServer;
+import com.cloud.servlet.ConsoleProxyClientParam;
+import com.cloud.servlet.ConsoleProxyPasswordBasedEncryptor;
+import com.cloud.storage.GuestOSVO;
+import com.cloud.user.Account;
+import com.cloud.user.AccountManager;
+import com.cloud.uservm.UserVm;
+import com.cloud.utils.Pair;
+import com.cloud.utils.Ternary;
+import com.cloud.utils.component.ManagerBase;
+import com.cloud.utils.db.EntityManager;
+import com.cloud.utils.exception.CloudRuntimeException;
+import com.cloud.vm.UserVmDetailVO;
+import com.cloud.vm.VirtualMachine;
+import com.cloud.vm.VirtualMachineManager;
+import com.cloud.vm.VmDetailConstants;
+import com.cloud.vm.dao.UserVmDetailsDao;
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import org.apache.cloudstack.consoleproxy.ConsoleAccessManager;
+import org.apache.cloudstack.context.CallContext;
+import org.apache.cloudstack.framework.config.ConfigKey;
+import org.apache.cloudstack.framework.security.keys.KeysManager;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
+
+import javax.crypto.Mac;
+import javax.crypto.spec.SecretKeySpec;
+import javax.inject.Inject;
+import javax.naming.ConfigurationException;
+import java.net.InetAddress;
+import java.util.Date;
+
+import java.util.Map;
+
+public class ConsoleAccessManagerImpl extends ManagerBase implements ConsoleAccessManager {
+
+ @Inject
+ private AccountManager _accountMgr;
+ @Inject
+ private VirtualMachineManager _vmMgr;
+ @Inject
+ private ManagementServer _ms;
+ @Inject
+ private EntityManager _entityMgr;
+ @Inject
+ private UserVmDetailsDao _userVmDetailsDao;
+ @Inject
+ private KeysManager _keysMgr;
+ @Inject
+ private AgentManager agentManager;
+
+ private static KeysManager s_keysMgr;
+ private final Gson _gson = new GsonBuilder().create();
+
+ public static final Logger s_logger = Logger.getLogger(ConsoleAccessManagerImpl.class.getName());
+
+ @Override
+ public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
+ s_keysMgr = _keysMgr;
+ return super.configure(name, params);
+ }
+
+ @Override
+ public Pair<Boolean, String> generateConsoleUrl(Long vmId) {
+ try {
+ if (_accountMgr == null || _vmMgr == null || _ms == null) {
+ return new Pair<>(false, "Console service is not ready");
+ }
+
+ if (_keysMgr.getHashKey() == null) {
+ String msg = "Console access denied. Ticket service is not ready yet";
+ s_logger.debug(msg);
+ return new Pair<>(false, msg);
+ }
+
+ Account account = CallContext.current().getCallingAccount();
+
+ // Do a sanity check here to make sure the user hasn't already been deleted
+ if (account == null) {
+ s_logger.debug("Invalid user/account, reject console access");
+ return new Pair<>(false, "Access denied. Invalid or inconsistent account is found");
+ }
+
+ VirtualMachine vm = _entityMgr.findById(VirtualMachine.class, vmId);
+ if (vm == null) {
+ s_logger.info("Invalid console servlet command parameter: " + vmId);
+ return new Pair<>(false, "Cannot find VM with ID " + vmId);
+ }
+
+ if (!checkSessionPermision(vm, account)) {
+ return new Pair<>(false, "Permission denied");
+ }
+
+ return new Pair<>(true, generateAccessUrl(vmId));
+ } catch (Throwable e) {
Review Comment:
Catching `Throwable` is a bad practice, what methods do you worry may throw exceptions? We should catch those specific exceptions instead. `generateAccessUrl()` only throws `CloudRuntimeException`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] borisstoyanov commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
borisstoyanov commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233860839
@blueorangutan test matrix
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235447133
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [7 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1232604110
<b>Trillian test result (tid-4783)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40831 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4783-kvm-centos7.zip
Smoke tests completed. 102 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233183759
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4105
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235386910
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2283)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1235417113
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 4118
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1201495587
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2044)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1231915072
@nvazquez a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1231915035
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1239313232
@rohityadavcloud a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215405630
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215018045
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215054677
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 3987
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215095227
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215350937
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [10 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [1.2% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.8% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217347122
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217346748
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244886987
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [6 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [4.3% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [3.3% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1243460595
LGTM
@nvazquez can you review the outstanding comments and advise if this is ready for merging cc @borisstoyanov @vladimirpetrov
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216726042
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2160)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218351853
<b>Trillian test result (tid-4713)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40341 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4713-kvm-centos7.zip
Smoke tests completed. 102 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218362878
@acs-robot a Jenkins job has been kicked to build UI QA env. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1218365346
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219028701
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [0 Security Hotspots](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [9 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [3.4% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [2.1% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219248475
@DaanHoogland a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1219247500
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217529336
@borisstoyanov a Trillian-Jenkins matrix job (centos7 mgmt + xs71, centos7 mgmt + vmware65, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] sonarcloud[bot] commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
sonarcloud[bot] commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1201540268
SonarCloud Quality Gate failed. [](https://sonarcloud.io/dashboard?id=apache_cloudstack&pullRequest=6577)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG) [0 Bugs](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=BUG)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY) [0 Vulnerabilities](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=VULNERABILITY)
[](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT) [1 Security Hotspot](https://sonarcloud.io/project/security_hotspots?id=apache_cloudstack&pullRequest=6577&resolved=false&types=SECURITY_HOTSPOT)
[](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL) [25 Code Smells](https://sonarcloud.io/project/issues?id=apache_cloudstack&pullRequest=6577&resolved=false&types=CODE_SMELL)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list) [0.0% Coverage](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_coverage&view=list)
[](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list) [14.0% Duplication](https://sonarcloud.io/component_measures?id=apache_cloudstack&pullRequest=6577&metric=new_duplicated_lines_density&view=list)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214566853
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214582789
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217350029
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2163)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1217376879
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1244859004
Thanks @GutoVeronezi, have addressed your comments
@rohityadavcloud yes it is ready for merging
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on code in PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#discussion_r960294873
##########
plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java:
##########
@@ -47,7 +47,7 @@
import com.cloud.vm.VirtualMachine;
@ResourceWrapper(handles = StartCommand.class)
-public class LibvirtStartCommandWrapper extends CommandWrapper<StartCommand, Answer, LibvirtComputingResource> {
+public final class LibvirtStartCommandWrapper extends CommandWrapper<StartCommand, Answer, LibvirtComputingResource> {
Review Comment:
any reason we want this class to be final, @nvazquez ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1233155275
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2265)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1234666453
<b>Trillian test result (tid-4794)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 40138 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4794-kvm-centos7.zip
Smoke tests completed. 102 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215884519
<b>Trillian Build Failed (tid-4699)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216037578
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] rohityadavcloud commented on pull request #6577: [WIP] New API: createConsoleURL
Posted by GitBox <gi...@apache.org>.
rohityadavcloud commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1214991843
@nvazquez can you rebase your branch against upstream main branch?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215017421
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215031279
UI build: :heavy_check_mark:
Live QA URL: http://qa.cloudstack.cloud:8080/client/pr/6577 (SL-JID-2148)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1215252688
<b>Trillian test result (tid-4686)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 39632 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6577-t4686-kvm-centos7.zip
Smoke tests completed. 100 look OK, 1 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_08_upgrade_kubernetes_ha_cluster | `Failure` | 576.66 | test_kubernetes_clusters.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6577: Console access enhancements
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6577:
URL: https://github.com/apache/cloudstack/pull/6577#issuecomment-1216447084
<b>Trillian Build Failed (tid-4707)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org