From 0a1196f8c0e025349daad95677df18ab099a8c48 Mon Sep 17 00:00:00 2001 From: Russell Bunch Date: Mon, 22 May 2023 11:58:17 -0500 Subject: [PATCH] CASMHMS-6018 Pre-signed URL support `root=live:` Add pre-signed URL support for `root=live:` parameters, allowing users to boot with pre-signed URLs from native dracut modules. --- .version | 2 +- CHANGELOG.md | 4 +++ cmd/boot-script-service/default_api.go | 2 +- cmd/boot-script-service/default_api_test.go | 30 ++++++++++++++++++--- 4 files changed, 33 insertions(+), 5 deletions(-) diff --git a/.version b/.version index 53cc1a6..ad21919 100644 --- a/.version +++ b/.version @@ -1 +1 @@ -1.24.0 +1.25.0 diff --git a/CHANGELOG.md b/CHANGELOG.md index 3c55d91..6cae64a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,10 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [1.25.0] - 2023-05-22 + +- CASMHMS-6018: Add support for creating pre-signed URLs for `root=live:` parameters, enabling native dmsquash-live dracut usage. + ## [1.24.0] - 2023-03-28 ### Changed diff --git a/cmd/boot-script-service/default_api.go b/cmd/boot-script-service/default_api.go index 9b53c8b..af0b316 100644 --- a/cmd/boot-script-service/default_api.go +++ b/cmd/boot-script-service/default_api.go @@ -76,7 +76,7 @@ var gwURI = getEnvVal("BSS_GW_URI", "/apis/bss") var s3Client *hms_s3.S3Client // regex for matching s3 URIs in the params field -var s3ParamsRegex = "(^|[ ])((metal.server=)(s3://[^ ]*))" +var s3ParamsRegex = "(^|[ ])((metal.server=|root=live:)(s3://[^ ]*))" type ( // function interface for checkURL() diff --git a/cmd/boot-script-service/default_api_test.go b/cmd/boot-script-service/default_api_test.go index 82d6d0b..7e9151e 100644 --- a/cmd/boot-script-service/default_api_test.go +++ b/cmd/boot-script-service/default_api_test.go @@ -83,15 +83,16 @@ func TestReplaceS3Params_regex(t *testing.T) { } } -func TestReplaceS3Params_replace(t *testing.T) { - params := fmt.Sprintf("%s %s %s %s %s", +// TestReplaceS3Params_replace_kernel_metal tests that the “metal.server=s3://“ argument is recognized and given a pre-signed URL. +func TestReplaceS3Params_replace_kernel_metal(t *testing.T) { + params := fmt.Sprintf("%s %s %s %s %s", "metal.server=s3://ncn-images/k8s/0.2.78/filesystem.squashfs", "bond=bond0", "metal.server=s3://bucket/path", "root=craycps-s3:s3://boot-images", "m=s3://b/p") - expected_params := fmt.Sprintf("%s %s %s %s %s", + expected_params := fmt.Sprintf("%s %s %s %s %s", "metal.server=s3://ncn-images/k8s/0.2.78/filesystem.squashfs_signed", "bond=bond0", "metal.server=s3://bucket/path_signed", @@ -107,6 +108,29 @@ func TestReplaceS3Params_replace(t *testing.T) { } } +// TestReplaceS3Params_replace_kernel_live tests that the dmsquash-live “root=live:s3://“ argument is recognized and given a pre-signed URL. +func TestReplaceS3Params_replace_kernel_live(t *testing.T) { + params := fmt.Sprintf("%s %s %s %s", + "root=live:s3://boot-images/k8s/0.2.78/rootfs", + "bond=bond0", + "root=live:s3://bucket/path", + "m=s3://b/p") + + expected_params := fmt.Sprintf("%s %s %s %s", + "root=live:s3://boot-images/k8s/0.2.78/rootfs_signed", + "bond=bond0", + "root=live:s3://bucket/path_signed", + "m=s3://b/p") + + newParams, err := replaceS3Params(params, mockGetSignedS3Url) + if err != nil { + t.Errorf("replaceS3Params returned an error for params: %s, error: %v\n", params, err) + } + if newParams != expected_params { + t.Errorf("replaceS3Params failed.\n expected: %s\n actual: %s\n", expected_params, newParams) + } +} + func TestReplaceS3Params_replace2(t *testing.T) { params := fmt.Sprintf("%s %s", "xmetal.server=s3://ncn-images/k8s/0.2.78/filesystem.squashfs",