From 42b2926c0a96139799bab37db6db31bffec0a2a1 Mon Sep 17 00:00:00 2001 From: gordon chung Date: Mon, 2 Nov 2015 14:42:54 -0500 Subject: [PATCH] make generate_uuid return valid uuid original design prepended a namespace to the beginning of uuid. this scoped the uuid to a namespace but it is technically invalid. this patch drops the behaviour of prepending string. rather, it takes the namespace, hashes it, and uses uuid v5 to generate valid uuid based on that namespace Change-Id: Ibde222c91522fa3c4a1720b6a8da81dac31560b9 Closes-Bug: #1504889 --- doc/source/event_concept.rst | 18 +++++++-------- doc/source/specification/events.rst | 10 ++++----- pycadf/identifier.py | 34 +++++++++++++++++------------ requirements.txt | 1 + 4 files changed, 35 insertions(+), 28 deletions(-) diff --git a/doc/source/event_concept.rst b/doc/source/event_concept.rst index ff5114a..3e77ce5 100644 --- a/doc/source/event_concept.rst +++ b/doc/source/event_concept.rst @@ -104,7 +104,7 @@ details): "name": "public" } ], - "id": "openstack:06747855d62547d4bfd707f75b8a1c54", + "id": "06747855d62547d4bfd707f75b8a1c54", "name": "nova" }, "observer": { @@ -112,7 +112,7 @@ details): }, # tags use to query events on, "tags": [ - "correlation_id?value=openstack:56cdde6f-6b4e-48a4-94e6-defb40522fb2" + "correlation_id?value=56cdde6f-6b4e-48a4-94e6-defb40522fb2" ], "eventType": "activity", "initiator": { @@ -128,8 +128,8 @@ details): "agent": "python-novaclient", "address": "9.26.26.250" }, - "project_id": "openstack:e7e2bcc9c0df4f3eabcd412ae62503f6", - "id": "openstack:68a3f50705a54f799ce94380fc02ed8a" + "project_id": "e7e2bcc9c0df4f3eabcd412ae62503f6", + "id": "68a3f50705a54f799ce94380fc02ed8a" }, # optional Reason for activity event, "reason": { @@ -148,7 +148,7 @@ details): ], "action": "authenticate/logon", "outcome": "success", - "id": "openstack:0a196053-95de-48f8-9890-4527b25b5007", + "id": "0a196053-95de-48f8-9890-4527b25b5007", # Event model is extensible so additional attributes may be added to describe model, "requestPath": "/v2/e7e2bcc9c0df4f3eabcd412ae62503f6/os-certificates" } @@ -188,7 +188,7 @@ Event serialisation: "eventTime": "2014-02-27T19:29:30.855665+0000", "target": { "typeURI": "service/compute/cpu", - "id": "openstack:06747855d62547d4bfd707f75b8a1c54", + "id": "06747855d62547d4bfd707f75b8a1c54", "name": "instance" }, "observer": { @@ -198,13 +198,13 @@ Event serialisation: "initiator": { "typeURI": "service/oss/monitoring", "name": "ceilometer-pollster", - "id": "openstack:68a3f50705a54f799ce94380fc02ed8a" + "id": "68a3f50705a54f799ce94380fc02ed8a" }, "measurement": [ { "result": "80", "metric": { - "metricId": "openstack:", + "metricId": "", "unit": "%", "name": "CPU utilisation metric" } @@ -212,7 +212,7 @@ Event serialisation: ], "action": "monitor", "outcome": "success", - "id": "openstack:0a196053-95de-48f8-9890-4527b25b5007" + "id": "0a196053-95de-48f8-9890-4527b25b5007" } .. note:: diff --git a/doc/source/specification/events.rst b/doc/source/specification/events.rst index 7cd781c..058c6de 100644 --- a/doc/source/specification/events.rst +++ b/doc/source/specification/events.rst @@ -54,7 +54,7 @@ Serialisation { "typeURI": "http://schemas.dmtf.org/cloud/audit/1.0/event", - "id": "openstack:a80dc5ee-be83-48ad-ad5e-6577f2217637", + "id": "a80dc5ee-be83-48ad-ad5e-6577f2217637", "eventType": "activity", "action": "read", "outcome": "success", @@ -64,10 +64,10 @@ Serialisation }, "eventTime": "2014-01-17T23:23:38.109989+0000", "initiator": { - "id": "openstack:95f12d248a234a969f456cd2c794f29a", + "id": "95f12d248a234a969f456cd2c794f29a", "typeURI": "service/security/account/user", "name": "admin", - "project_id": "openstack:e55b158759854ea6a7852aa76632c6c1", + "project_id": "e55b158759854ea6a7852aa76632c6c1", "credential": { "token": "MIIQBgYJKoZIhvcNAQcCoIIP9z xxxxxx KoZIhvcIP9z=", "identity_status": "Confirmed" @@ -78,7 +78,7 @@ Serialisation } }, "target": { - "id": "openstack:0f126160203748a5b4923f2eb6e3b7db", + "id": "0f126160203748a5b4923f2eb6e3b7db", "typeURI": "service/compute/servers", "name": "nova", "addresses": [ @@ -110,6 +110,6 @@ Serialisation ], "requestPath": "/v2/56600971-90f3-4370-807f-ab79339381a9/servers", "tags": [ - "correlation_id?value=openstack:bcac04dc-e0be-4110-862c-347088a7836a" + "correlation_id?value=bcac04dc-e0be-4110-862c-347088a7836a" ] } diff --git a/pycadf/identifier.py b/pycadf/identifier.py index de9e8eb..cb60627 100644 --- a/pycadf/identifier.py +++ b/pycadf/identifier.py @@ -11,11 +11,11 @@ # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the # License for the specific language governing permissions and limitations under # the License. - +import hashlib import uuid +from debtcollector import removals from oslo_config import cfg -import six CONF = cfg.CONF opts = [ @@ -26,29 +26,35 @@ opts = [ CONF.register_opts(opts, group='audit') -# TODO(mrutkows): make the namespace prefix configurable and have it resolve to -# a full openstack namespace/domain value via some declaration (e.g. -# "openstack:" == "http:\\www.openstack.org\")... +AUDIT_NS = None +if CONF.audit.namespace: + md5_hash = hashlib.md5(CONF.audit.namespace.encode('utf-8')) + AUDIT_NS = uuid.UUID(md5_hash.hexdigest()) + + def generate_uuid(): """Generate a CADF identifier """ - return norm_ns(str(uuid.uuid4())) + if AUDIT_NS: + return str(uuid.uuid5(AUDIT_NS, str(uuid.uuid4()))) + return str(uuid.uuid4()) +@removals.remove def norm_ns(str_id): - """Apply a namespace to the identifier - """ + """Apply a namespace to the identifier """ prefix = CONF.audit.namespace + ':' if CONF.audit.namespace else '' return prefix + str_id -# TODO(mrutkows): validate any cadf:Identifier (type) record against -# CADF schema. This would include schema validation as an optional parm. def is_valid(value): """Validation to ensure Identifier is correct. """ - if not isinstance(value, six.string_types): - raise TypeError - elif not value: + if value in ['target', 'initiator', 'observer']: + return True + try: + uuid.UUID(value) + except ValueError: return False - return True + else: + return True diff --git a/requirements.txt b/requirements.txt index 6e334b4..a19cb0e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,3 +5,4 @@ oslo.config>=2.6.0 # Apache-2.0 oslo.serialization>=1.10.0 # Apache-2.0 pytz>=2013.6 six>=1.9.0 +debtcollector>=0.3.0 # Apache-2.0