Merge "Also wipe agent token on manual power off or reboot" into stable/ussuri

This commit is contained in:
Zuul 2020-11-13 05:50:50 +00:00 committed by Gerrit Code Review
commit 67ff2b843d
3 changed files with 34 additions and 15 deletions

View File

@ -278,21 +278,19 @@ def node_power_action(task, new_state, timeout=None):
# Set the target_power_state and clear any last_error, if we're
# starting a new operation. This will expose to other processes
# and clients that work is in progress.
if node['target_power_state'] != target_state:
node['target_power_state'] = target_state
node['last_error'] = None
driver_internal_info = node.driver_internal_info
driver_internal_info['last_power_state_change'] = str(
timeutils.utcnow().isoformat())
# NOTE(dtantsur): wipe token on shutting down, otherwise a reboot in
# fast-track (or an accidentally booted agent) will cause subsequent
# actions to fail.
if target_state in (states.POWER_OFF, states.SOFT_POWER_OFF,
states.REBOOT, states.SOFT_REBOOT):
if not is_agent_token_pregenerated(node):
driver_internal_info.pop('agent_secret_token', False)
node.driver_internal_info = driver_internal_info
node.save()
node['target_power_state'] = target_state
node['last_error'] = None
driver_internal_info = node.driver_internal_info
driver_internal_info['last_power_state_change'] = str(
timeutils.utcnow().isoformat())
node.driver_internal_info = driver_internal_info
# NOTE(dtantsur): wipe token on shutting down, otherwise a reboot in
# fast-track (or an accidentally booted agent) will cause subsequent
# actions to fail.
if target_state in (states.POWER_OFF, states.SOFT_POWER_OFF,
states.REBOOT, states.SOFT_REBOOT):
wipe_internal_info_on_power_off(node)
node.save()
# take power action
try:
@ -451,6 +449,21 @@ def cleaning_error_handler(task, msg, tear_down_cleaning=True,
task.process_event('fail', target_state=target_state)
def wipe_internal_info_on_power_off(node):
"""Wipe information that should not survive reboot/power off."""
driver_internal_info = node.driver_internal_info
# DHCP may result in a new IP next time.
driver_internal_info.pop('agent_url', None)
if not is_agent_token_pregenerated(node):
# Wipe the token if it's not pre-generated, otherwise we'll refuse to
# generate it again for the newly booted agent.
driver_internal_info.pop('agent_secret_token', False)
# Wipe cached steps since they may change after reboot.
driver_internal_info.pop('agent_cached_deploy_steps', None)
driver_internal_info.pop('agent_cached_clean_steps', None)
node.driver_internal_info = driver_internal_info
def wipe_token_and_url(task):
"""Remove agent URL and token from the task."""
info = task.node.driver_internal_info

View File

@ -381,6 +381,7 @@ class NodePowerActionTestCase(db_base.DbTestCase):
self.assertEqual(states.POWER_OFF, node['power_state'])
self.assertEqual(states.NOSTATE, node['target_power_state'])
self.assertIsNone(node['last_error'])
self.assertNotIn('agent_secret_token', node['driver_internal_info'])
@mock.patch.object(conductor_utils, 'LOG', autospec=True)
@mock.patch.object(fake.FakePower, 'set_power_state', autospec=True)

View File

@ -0,0 +1,5 @@
---
fixes:
- |
Fixes wiping the agent secret token on manual power off or reboot. Also
makes sure to remove the agent URL since it may potentially change.