Prevents critical apps from being deleted.
If an app has a metadata stating deletion is prevented then system application-delete will be rejected Story: 2007960 Task: 41882 Signed-off-by: Suvro Ghosh <suvrojeet.ghosh@windriver.com> Change-Id: I4401d3af6e7af354783edc945c1a5cdb72c1d0a1
This commit is contained in:
parent
663c8b67b3
commit
b27f224803
|
@ -26,7 +26,7 @@ from sysinv.common import exception
|
|||
from sysinv.common import utils as cutils
|
||||
from sysinv.common import kubernetes
|
||||
from sysinv.helm.lifecycle_hook import LifecycleHookInfo
|
||||
|
||||
from sysinv.openstack.common.rpc import common as rpc_common
|
||||
import cgcs_patch.constants as patch_constants
|
||||
|
||||
LOG = log.getLogger(__name__)
|
||||
|
@ -515,6 +515,9 @@ class KubeAppController(rest.RestController):
|
|||
constants.APP_DELETE_OP)
|
||||
self._app_lifecycle_actions(db_app,
|
||||
lifecycle_hook_info)
|
||||
except rpc_common.RemoteError as e:
|
||||
raise wsme.exc.ClientSideError(_(
|
||||
"Application-delete rejected: " + str(e.value)))
|
||||
except Exception as e:
|
||||
raise wsme.exc.ClientSideError(_(
|
||||
"Application-delete rejected: " + str(e.message)))
|
||||
|
|
|
@ -1590,7 +1590,7 @@ APP_METADATA_FILTERS = 'filters'
|
|||
APP_METADATA_FILTER_FIELD = 'filter_field'
|
||||
APP_METADATA_PLATFORM_MANAGED_APP = 'platform_managed_app'
|
||||
APP_METADATA_DESIRED_STATE = 'desired_state'
|
||||
|
||||
APP_METADATA_FORBIDDEN_MANUAL_OPERATIONS = 'forbidden_manual_operations'
|
||||
APP_EVALUATE_REAPPLY_TYPE_HOST_ADD = 'host-add'
|
||||
APP_EVALUATE_REAPPLY_TYPE_HOST_DELETE = 'host-delete'
|
||||
APP_EVALUATE_REAPPLY_TYPE_HOST_REINSTALL = REINSTALL_ACTION
|
||||
|
|
|
@ -1540,5 +1540,9 @@ class LifecycleSemanticCheckException(SysinvException):
|
|||
message = _("Semantic check hook for app failed.")
|
||||
|
||||
|
||||
class LifecycleSemanticCheckOpererationBlocked(SysinvException):
|
||||
message = _("%(op)s is disabled for this version of %(app)s")
|
||||
|
||||
|
||||
class LifecycleMissingInfo(SysinvException):
|
||||
message = _("Lifecycle hook missing information.")
|
||||
|
|
|
@ -12035,7 +12035,11 @@ class ConductorManager(service.PeriodicService):
|
|||
LOG.debug("app_lifecycle_actions for app "
|
||||
"{}, {}".format(rpc_app.name, hook_info))
|
||||
|
||||
self._app.app_lifecycle_actions(context, self, rpc_app, hook_info)
|
||||
try:
|
||||
self._app.app_lifecycle_actions(context, self, rpc_app, hook_info)
|
||||
except exception.LifecycleSemanticCheckOpererationBlocked as e:
|
||||
LOG.info("Metadata-evaluation: {}".format(e))
|
||||
raise
|
||||
|
||||
def perform_app_upload(self, context, rpc_app, tarfile, lifecycle_hook_info_app_upload):
|
||||
"""Handling of application upload request (via AppOperator)
|
||||
|
|
|
@ -44,6 +44,22 @@ class AppLifecycleOperator(object):
|
|||
# To reject the reapply evaluation an app can override this
|
||||
# hook and raise exception.LifecycleSemanticCheckException
|
||||
pass
|
||||
# Check if it is a delete operation
|
||||
elif hook_info.operation == constants.APP_DELETE_OP:
|
||||
try:
|
||||
# Store the forbidden operations in a list
|
||||
forbidden = conductor_obj.apps_metadata[
|
||||
constants.APP_METADATA_APPS][app.name][
|
||||
constants.APP_METADATA_BEHAVIOR][
|
||||
constants.APP_METADATA_FORBIDDEN_MANUAL_OPERATIONS]
|
||||
except KeyError:
|
||||
pass
|
||||
else:
|
||||
# Check if deletion is a forbidden operation
|
||||
if constants.APP_DELETE_OP in forbidden:
|
||||
raise exception.LifecycleSemanticCheckOpererationBlocked(
|
||||
op=constants.APP_DELETE_OP.capitalize(),
|
||||
app=app.name)
|
||||
|
||||
# TODO(dvoicule) remove once each app has its lifecycle operator and takes care of its rbd
|
||||
# this is here to keep the same functionality while decoupling
|
||||
|
|
Loading…
Reference in New Issue