Fix Trusted Filter to work with Mt. Wilson vtime

The Trusted Filter expects that `vtime` is returned from the attestation server in an ISO8601 format, but the Mt. Wilson attestation server can return it in a locale appropriate string format instead. There's no way to configure Mt. Wilson to do the right thing so we should just try to parse the returned `vtime` as a string formatted date. Closes-Bug: #1353029 Change-Id: Ic7351e0463c014321bdb4fcfeba90ac51460b325
2014-08-05 11:06:14 -07:00
parent b64ab166df
commit 37918fd876
2 changed files with 33 additions and 3 deletions
--- a/nova/scheduler/filters/trusted_filter.py
+++ b/nova/scheduler/filters/trusted_filter.py
@@ -237,9 +237,16 @@ class ComputeAttestationCache(object):
            entry['vtime'] = timeutils.normalize_time(
                            timeutils.parse_isotime(state['vtime']))
        except ValueError:
-            # Mark the system as un-trusted if get invalid vtime.
-            entry['trust_lvl'] = 'unknown'
-            entry['vtime'] = timeutils.utcnow()
+            try:
+                # Mt. Wilson does not necessarily return an ISO8601 formatted
+                # `vtime`, so we should try to parse it as a string formatted
+                # datetime.
+                vtime = timeutils.parse_strtime(state['vtime'], fmt="%c")
+                entry['vtime'] = timeutils.normalize_time(vtime)
+            except ValueError:
+                # Mark the system as un-trusted if get invalid vtime.
+                entry['trust_lvl'] = 'unknown'
+                entry['vtime'] = timeutils.utcnow()

        self.compute_nodes[host] = entry

--- a/nova/tests/scheduler/test_host_filters.py
+++ b/nova/tests/scheduler/test_host_filters.py
@@ -1449,6 +1449,29 @@ class HostFiltersTestCase(test.NoDBTestCase):
        filt_cls.host_passes(host, filter_properties)     # Fill the caches
        self.assertEqual(set(self.oat_hosts), set(['node1', 'node2']))

+    def test_trusted_filter_trusted_and_locale_formated_vtime_passes(self):
+        self.oat_data = {"hosts": [{"host_name": "host1",
+                                    "trust_lvl": "trusted",
+                                    "vtime": timeutils.strtime(fmt="%c")},
+                                   {"host_name": "host2",
+                                    "trust_lvl": "trusted",
+                                    "vtime": timeutils.strtime(fmt="%D")},
+                                    # This is just a broken date to ensure that
+                                    # we're not just arbitrarily accepting any
+                                    # date format.
+                        ]}
+        self._stub_service_is_up(True)
+        filt_cls = self.class_map['TrustedFilter']()
+        extra_specs = {'trust:trusted_host': 'trusted'}
+        filter_properties = {'context': self.context.elevated(),
+                             'instance_type': {'memory_mb': 1024,
+                                               'extra_specs': extra_specs}}
+        host = fakes.FakeHostState('host1', 'host1', {})
+        bad_host = fakes.FakeHostState('host2', 'host2', {})
+
+        self.assertTrue(filt_cls.host_passes(host, filter_properties))
+        self.assertFalse(filt_cls.host_passes(bad_host, filter_properties))
+
    def test_core_filter_passes(self):
        filt_cls = self.class_map['CoreFilter']()
        filter_properties = {'instance_type': {'vcpus': 1}}