Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Setting up a development environment in a Dev Container #4

Closed
wants to merge 21 commits into from
Closed

Setting up a development environment in a Dev Container #4

wants to merge 21 commits into from

Conversation

BrooklynDewolf
Copy link
Owner

Changes introduced with this PR

  • Included all the essential files to setup a Dev Container with Docker
  • Included a guide DEVELOPMENT.adoc to setup a development environment in a Dev Container easily

Co-authored-by: Jean-Louis Dupond jean-louis@dupond.be

@BrooklynDewolf BrooklynDewolf deleted the branch development March 15, 2024 11:50
@BrooklynDewolf BrooklynDewolf changed the base branch from master to development March 15, 2024 11:53
dupondje
dupondje requested changes Mar 15, 2024
View reviewed changes
.devcontainer/devcontainer.json Show resolved Hide resolved
.devcontainer/devcontainer.json Show resolved Hide resolved
DEVELOPMENT.adoc Outdated Show resolved Hide resolved
DEVELOPMENT.adoc Outdated Show resolved Hide resolved
DEVELOPMENT.adoc Outdated Show resolved Hide resolved
DEVELOPMENT.adoc Outdated Show resolved Hide resolved
DEVELOPMENT.adoc Outdated Show resolved Hide resolved
DEVELOPMENT.adoc Outdated Show resolved Hide resolved
frontend/webadmin/modules/pom.xml Outdated Show resolved Hide resolved
packaging/bin/pki-create-ca.sh Outdated Show resolved Hide resolved
@BrooklynDewolf
Copy link
Owner Author

All feedback should have been processed, looks good?

@BrooklynDewolf BrooklynDewolf force-pushed the dockerfile branch 4 times, most recently from a0fb231 to e96e979 Compare March 19, 2024 13:45
@dupondje @sandrobonazzola
Fix CA generation as non-root user due to .rnd error
14bca05 
engine-setup fails creating the CA certificate when running under non-root user with the following error:

---------

plugin.execute:923 execute-output: ('/home/build/**FILTERED**//share/**FILTERED**-engine/bin/pki-create-ca.sh', '--subject=/C=US/O=Test/CN=c0714690d92b.71630', '--keystore-password=**FILTERED**', '--ca-file=ca') stderr:
Can't load .rnd into RNG
803BCAC12B7F0000:error:12000079:random number generator:RAND_load_file:Cannot open file:crypto/rand/randfile.c:106:Filename=.rnd
Cannot write random bytes:
803BCAC12B7F0000:error:12000079:random number generator:RAND_write_file:Cannot open file:crypto/rand/randfile.c:240:Filename=.rnd
Cannot generate CA request

----------

openssl commands try to find a .rnd file in the current directly. If not found, it will be created.
But as we do not change early enough into the correct path, the .rnd file can't be created there, resulting in an error.
So we just switch move the openssl req command in the subshell in the correct PKIDIR path.

Signed-off-by: Brooklyn Dewolf <contact@brooklyn.gent>
Signed-off-by: Jean-Louis Dupond <jean-louis@dupond.be>
antonios-f and others added 7 commits April 3, 2024 15:14
@antonios-f @sandrobonazzola
Change save/restore nvram data logic
188290f 
Save NVRAM data not only if BiosType is Q35_SECURE_BOOT
Also save if Q35_OVMF because it also includes EFI boot variables
With Q35_OVMF we unable to boot non-fallback bootloaders
in place different from <esp>/EFI/BOOT/BOOT<arch>.EFI

To check this it needed to:
1) Run VM with installed Linux (it doesn't matter what distro)
2) Add a bootloader via efibbotmgr
   efibootmgr -c -d <boot device> -L "Some Linux" -l \\EFI\\<somevendor>\\grubx64.efi
3) Look at created efi boot variable
   efibootmgr -v
   It's present
4) Shutdown VM
5) Run it again
6) Check efi boot variables again
   efibootmgr -v
7) We got non bootable VM if fallback bootloader is broken or boot default esp/EFI/BOOT/BOOT<arch>.EFI
   otherwise

Signed-off-by: Anton Fadeev <anton.fadeev@red-soft.ru>
@antonios-f @sandrobonazzola
Update SaveVmExternalDataCommand.java
616b8d9 
Fix typo in method name.
isUEFI -> isUefi

Signed-off-by: Anton Fadeev <anton.fadeev@red-soft.ru>
@B4N4N41C @sandrobonazzola
Added a warning window about clearing NVRAM when changing Bios type a…
f2a4e18 
…nd added a condition in the Remove_nvram_data function

When changing the chipset from the Q35 chipset with UEFI SecureBoot to any other and with a Q35 chipset with UEFI, a Q35 chipset with BIOS, or an I440FX chipset with BIOS, the nvram is cleared. A window based on the ConfirmationModel has been added to notify the user about clearing NVRAM when changing the BIOS type

Signed-off-by: Mochalin Nikolay <mochalin.nikolay2017@yandex.ru>
@sandrobonazzola
Rewrite code to correspond with general oVirt style
046bcb6 
Signed-off-by: Mochalin Nikolay <nikolay.mochalin@red-soft.ru>
@sandrobonazzola
Simplification of conditions
c80dbdd 
Signed-off-by: Mochalin Nikolay <nikolay.mochalin@red-soft.ru>
@antonios-f @sandrobonazzola
Fix checkstyle violations in VmListModel.java
e66373a 
Signed-off-by: Anton Fadeev <anton.fadeev@red-soft.ru>
@antonios-f @sandrobonazzola
Fix comparision in VmListModel.java
943a244 
Signed-off-by: Anton Fadeev <anton.fadeev@red-soft.ru>
@0ffer @mwperina
db: cleanup: Remove crumbs after materialized views deletion
7238a37 
There were some remained parts after materialized views functionality deletion.
Comments and if-blocks that don't mean anything now.
Initial deletion commit hash: fa5ead3

Signed-off-by: Stanislav Melnichuk <melnichuk.stas@gmail.com>
0ffer and others added 6 commits April 26, 2024 17:04
@0ffer @mwperina
Handle situation when empty groups not come from the keycloak (and he…
0d006fa 
…nce from mod_auth_openidc)

Before the keycloak v22 it sends empty array as group claim when user not a member of any group.
After v22 it not put this claim at all.
Look discussion: keycloak/keycloak#22340

Signed-off-by: Stanislav Melnichuk <melnichuk.stas@gmail.com>
@0ffer @mwperina
engine: add scope 'openid' for compatibility with new versions of the…
b94007b 
… keycloak

This is linked with this change for V19 and higher: https://www.keycloak.org/docs/latest/upgrading/index.html#userinfo-endpoint-changes

Now for request user-info endpoint we need request token with 'openid' scope (this is required scope by standard)

Signed-off-by: Melnichuk Stas <melnichuk.stas@gmail.com>
@dupondje @sandrobonazzola
packaging: fix error when enabling KeyCloak
8b75156 
This fixes engine-setup error:
[ ERROR ] Failed to execute stage 'Misc configuration': 'OVESETUP_OVN/ovirtProviderOvnSecret'

Since commit 978c90e we save the ovirtProviderOvnSecret value in the
setup file.
But if this value is not there, but ovirtProviderOvn is True, the
engine-setup fails.

So if we can't find the value in the config, a new password is
generated.

Signed-off-by: Jean-Louis Dupond <jean-louis@dupond.be>
@shubhaOracle @sandrobonazzola
During VM import from SD, exclude shared disk when iterating over dis…
0a1ba82 
…k snapshots. Signed-off-by: Shubha Kulkarni shubha.kulkarni@oracle.com

Signed-off-by: ShubhaOracle <Shubha.kulkarni@oracle.com>
@dupondje @sandrobonazzola
Create VmBackup earlier in HybridBackupCommand
ed023e5 
When creation of a snapshot for the HybridBackup fails, we end up with a
null pointer exception.

2024-04-17 10:29:48,296+02 ERROR [org.ovirt.engine.core.dal.dbbroker.auditloghandling.AuditLogDirector] (default task-2) [76e81a20-4d1d-441b-8e6c-90f37889cd66] EVENT_ID: USER_FAILED_CREATE_SNAPSHOT(117), Failed to create Snapshot Auto-generated for Backup VM for VM xxxxx (User: admin@internal-authz).
2024-04-17 10:29:48,298+02 INFO  [org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand] (default task-2) [76e81a20-4d1d-441b-8e6c-90f37889cd66] Change VM '73df70f5-09b0-4f1a-abd8-2d0b4cd5e8b2' backup 'null' phase from 'null' to 'FAILED'
2024-04-17 10:29:48,299+02 ERROR [org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand] (default task-2) [76e81a20-4d1d-441b-8e6c-90f37889cd66] Command 'org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand' failed: null
2024-04-17 10:29:48,299+02 ERROR [org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand] (default task-2) [76e81a20-4d1d-441b-8e6c-90f37889cd66] Exception: java.lang.NullPointerException
	at org.ovirt.engine.core.dal//org.ovirt.engine.core.dao.VmBackupDaoImpl.update(VmBackupDaoImpl.java:90)
	at org.ovirt.engine.core.dal//org.ovirt.engine.core.dao.VmBackupDaoImpl.update(VmBackupDaoImpl.java:22)
	at deployment.engine.ear.bll.jar//org.ovirt.engine.core.bll.storage.backup.StartVmBackupCommand.updateVmBackupPhase(StartVmBackupCommand.java:632)
	at deployment.engine.ear.bll.jar//org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand.executeCommand(HybridBackupCommand.java:118)
	at deployment.engine.ear.bll.jar//org.ovirt.engine.core.bll.CommandBase.executeWithoutTransaction(CommandBase.java:1174)
	at deployment.engine.ear.bll.jar//org.ovirt.engine.core.bll.CommandBase.executeActionInTransactionScope(CommandBase.java:1332)

This happens because VmBackupDaoImpl tries to save the BackupType into
the database (entity.getBackupType().getName()), but that value is still
null.
The BackupType is only set when calling createVmBackup.

But as we already have all the data except the snapshotId at the start
of the HybridBackup, we already call createVmBackup before creating the
snapshot and when the snapshot was created, we add it to the VmBackup
data.

This avoids the null getBackupType()

Signed-off-by: Jean-Louis Dupond <jean-louis@dupond.be>
@sandrobonazzola
automation: drop el8 after centos stream 8 eol
80d6b0f 
Dropping automation on el8 stream as centos stream 8 reached EOL.

Signed-off-by: Sandro Bonazzola <sandro.bonazzola@gmail.com>
@BrooklynDewolf @sandrobonazzola
engine: Fix duplicate VM backup entry error when creating incremental…
40a9a01 
… backup

Fixes an issue that originates from oVirt@ed023e5

 The following error occured when trying to create an incremental backup:

 ------
 ERROR [org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand] (default task-1) [full_cold_vm_backup] Command 'org.ovirt.engine.core.bll.storage.backup.HybridBackupCommand' failed: CallableStatementCallback; SQL [{call insertvmbackup(?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)}]; ERROR: duplicate key value violates unique constraint "vm_backups_pkey"
   Detail: Key (backup_id)=(1733241d-4a0b-4205-9e52-5383eb7a82f2) already exists.
 -----

 This was caused by using vmBackupDao.save() instead of vmBackupDao.update(), because the backup already existed when the setVmBackupSnapshot method is executed.

Signed-off-by: Brooklyn Dewolf <contact@brooklyn.gent>
BrooklynDewolf and others added 4 commits June 7, 2024 11:09
@BrooklynDewolf @sandrobonazzola
Add support for DC/cluster level 4.8
90e688b 
This patch adds support for DC/cluster compatibility level 4.8. Hosts need to be running on libvirt >= 9.5 and qemu-kvm 8.1.

Signed-off-by: Brooklyn Dewolf <contact@brooklyn.gent>
@BrooklynDewolf @sandrobonazzola
Added discard-no-unref support to CL 4.8
142d791 
The discard-no-unref was introduced to qemu to counteract fragmentation. Without this, qcow2 images would grow over 100% of their size. See https://patchew.org/QEMU/20230602124747.1544077-1-jean-louis@dupond.be/

I have added the option to ovirt-engine so that this flag is enabled by default on hosts with cluster level compatibility level 4.8. The EnableQemuDiscardNoUnref option can be enabled/disabled in the config. The Virtual Disk option 'Enable Discard' also needs to be active before this flag is enabled.

Signed-off-by: Brooklyn Dewolf <contact@brooklyn.gent>
@BrooklynDewolf @sandrobonazzola
Bump machine type for cluster level 4.8
a48bad9 
Hosts supporting level 4.8 need to be running on RHEL 9.4 or CentOS Stream/RHEL 9.

Signed-off-by: Brooklyn Dewolf <contact@brooklyn.gent>
@0ffer @sandrobonazzola
engine: Check concrete disk permissions firstly on TransferImageStatu…
1043c13 
…sCommand

There is some situations when storageDomainId is not come with parameters (image upload cancel and pause operations). For this operations checked CREATE_DISK permission on SYSTEM_OBJECT (i.e. system-wide).
Problem starts when we give permissions for user only on concrete storage domain object (not system-wide). Then permission check failed for operations without storage domain id info in parameters. Here I just add check permission for disk before other objects.

Signed-off-by: Stanislav Melnichuk <melnichuk.stas@gmail.com>
@BrooklynDewolf @dupondje
Included all the essential files to setup a Dev Container with Docker…
32a916f 
… and included a guide DEVELOPMENT.adoc to setup dev environment easily

All the instructions on how to setup the Dev Container environment can be found in DEVELOPMENT.adoc

Co-authored-by: Jean-Louis Dupond <jean-louis@dupond.be>
Signed-off-by: Brooklyn Dewolf <contact@brooklyn.gent>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dupondje dupondje dupondje requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@BrooklynDewolf @dupondje @antonios-f @B4N4N41C @0ffer @shubhaOracle @sandrobonazzola