openstack/freezer-api
Code Issues Proposed changes
Files
master
freezer-api/freezer_api/common/check.py
Volodymyr Mevsha e0ecbad03a Check client capabilities on job creation 
Scheduling backups of Cinder volumes using
centralized instance(s) of freezer-scheduler
requires executing tasks on behalf of the user.

Client capabilities provide a mechanism to
restrict which actions, modes, storages, and
engines can be assigned to freezer-scheduler
for security and workload control.

The core implementation of client capabilities
resides in freezer-scheduler.

The primary purpose of checking capabilities on
the freezer-api side is to prevent the assignment
of actions that cannot be executed by a specific
scheduler instance.

Implements: blueprint centralized-scheduler
Depends-On: I15a91e8232d07e5bbc2cc95a72b0405c61c64a72
Change-Id: Ie774f9e66ac373a43ef935775de3b18539c5bebd
2025-02-18 19:51:19 +00:00

37 lines
1.6 KiB
Python
Raw Permalink Blame History

# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from freezer_api.common import exceptions
def check_client_capabilities(job_actions, client):
# Check if the client has the capabilities to execute the job.
# Using job_actions instead of the full job document for compatibility
# with both create and update API endpoint handlers.
capabilities = ["action", "mode", "storage", "engine"]
client = client["client"]
for action in job_actions:
for capability in capabilities:
if "freezer_action" not in action:
raise exceptions.BadDataFormat(
"job_actions: missing 'freezer_action' in job_actions"
"list item")
option = action["freezer_action"].get(capability, None)
# if option is not set, we don't need to check
if not option:
continue
if option not in client.get(f"supported_{capability}s"):
raise exceptions.UnprocessableEntity(
f"Client does not support {capability}: {option}")
View Git Blame Copy Permalink