schema: secret: Relax requirements for usage name

There's plenty of existing documentation [1] which shows as example a
name which contains a space and a dot ('client.admin secret') as ceph
usage name.

Use a more relaxed type in the RNG schema since the usage name is
actually just a string used to look up the secret.

[1]:
https://docs.ceph.com/en/latest/rbd/libvirt/#configuring-the-vm
https://documentation.suse.com/ses/6/html/ses-all/cha-ceph-libvirt.html#ceph-libvirt-cfg-vm
Libvirt docs were correct though:
https://libvirt.org/formatsecret.html#CephUsageType

Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1689168

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>

diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
index 4fc6a7ee7ae1d24ac9fb9af98d2ddbf42cc7b0d9..701db7e7d298d49035cd136f01103e1649a92aa6 100644 (file)
--- a/docs/schemas/domaincommon.rng
+++ b/docs/schemas/domaincommon.rng
@@ -6261,7 +6261,7 @@
           <ref name="UUID"/>
         </attribute>
         <attribute name="usage">
-          <ref name="genericName"/>
+          <ref name="objectName"/>
         </attribute>
       </choice>
     </element>

diff --git a/docs/schemas/secret.rng b/docs/schemas/secret.rng
index 1aafe03e618ff6aec4d3ebe8f9f521891632c681..c90e2eb81fe67d181277c6caf50723d817b533bb 100644 (file)
--- a/docs/schemas/secret.rng
+++ b/docs/schemas/secret.rng
@@ -60,7 +60,7 @@
       <value>ceph</value>
     </attribute>
     <element name="name">
-      <ref name="genericName"/>
+      <ref name="objectName"/>
     </element>
   </define>
 
@@ -69,7 +69,7 @@
       <value>iscsi</value>
     </attribute>
     <element name="target">
-      <ref name="genericName"/>
+      <ref name="objectName"/>
     </element>
   </define>
 
@@ -78,7 +78,7 @@
       <value>tls</value>
     </attribute>
     <element name="name">
-      <ref name="genericName"/>
+      <ref name="objectName"/>
     </element>
   </define>
 
@@ -87,7 +87,7 @@
       <value>vtpm</value>
     </attribute>
     <element name="name">
-      <ref name="genericName"/>
+      <ref name="objectName"/>
     </element>
   </define>
 

diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.args b/tests/qemuxml2argvdata/disk-network-source-auth.args
index e68b81fde0aefc3657c4492843dfd72c64bce93c..18d48b263f0ff439618788d7c83c9720f602a0b9 100644 (file)
--- a/tests/qemuxml2argvdata/disk-network-source-auth.args
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.args
@@ -35,4 +35,10 @@ key=QVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=:\
 auth_supported=cephx\;none:mon_host=mon1.example.org\:6321\;mon2.example.org\:\
 6322\;mon3.example.org\:6322,format=raw,if=none,id=drive-virtio-disk1' \
 -device virtio-blk-pci,bus=pci.0,addr=0x4,drive=drive-virtio-disk1,\
-id=virtio-disk1
+id=virtio-disk1 \
+-drive 'file=rbd:pool/image2:id=myname:\
+key=QVFDVm41aE82SHpGQWhBQXEwTkN2OGp0SmNJY0UrSE9CbE1RMUE=:\
+auth_supported=cephx\;none:mon_host=mon1.example.org\:6321\;mon2.example.org\:\
+6322\;mon3.example.org\:6322,format=raw,if=none,id=drive-virtio-disk2' \
+-device virtio-blk-pci,bus=pci.0,addr=0x5,drive=drive-virtio-disk2,\
+id=virtio-disk2

diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args
index 279d5c73ec7154421d22dd4900a487d185f4edee..0ccf3df10680babbdb0269f369dde31f71c7b82d 100644 (file)
--- a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-2.12.0.args
@@ -45,6 +45,15 @@ mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:\
 id=drive-virtio-disk1' \
 -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk1,\
 id=virtio-disk1 \
+-object secret,id=virtio-disk2-auth-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-drive 'file=rbd:pool/image2:id=myname:auth_supported=cephx\;none:\
+mon_host=mon1.example.org\:6321\;mon2.example.org\:6322\;mon3.example.org\:\
+6322,file.password-secret=virtio-disk2-auth-secret0,format=raw,if=none,\
+id=drive-virtio-disk2' \
+-device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x4,drive=drive-virtio-disk2,\
+id=virtio-disk2 \
 -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
 resourcecontrol=deny \
 -msg timestamp=on

diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args
index 257ca1376c06d83cf0398ddf9d7e2a151b0f5cdc..879a52123c24abe98e5bca784bb2888172836605 100644 (file)
--- a/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.x86_64-latest.args
@@ -29,21 +29,34 @@ file=/tmp/lib/domain--1-QEMUGuest1/master-key.aes \
 -no-acpi \
 -boot strict=on \
 -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 \
--object secret,id=libvirt-2-storage-auth-secret0,\
+-object secret,id=libvirt-3-storage-auth-secret0,\
 data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 -blockdev '{"driver":"iscsi","portal":"example.org:6000",\
 "target":"iqn.1992-01.com.example:storage","lun":1,"transport":"tcp",\
-"user":"myname","password-secret":"libvirt-2-storage-auth-secret0",\
-"node-name":"libvirt-2-storage","auto-read-only":true,"discard":"unmap"}' \
+"user":"myname","password-secret":"libvirt-3-storage-auth-secret0",\
+"node-name":"libvirt-3-storage","auto-read-only":true,"discard":"unmap"}' \
+-blockdev '{"node-name":"libvirt-3-format","read-only":false,"driver":"raw",\
+"file":"libvirt-3-storage"}' \
+-device virtio-blk-pci,bus=pci.0,addr=0x2,drive=libvirt-3-format,\
+id=virtio-disk0,bootindex=1 \
+-object secret,id=libvirt-2-storage-auth-secret0,\
+data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
+keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
+-blockdev '{"driver":"rbd","pool":"pool","image":"image",\
+"server":[{"host":"mon1.example.org","port":"6321"},{"host":"mon2.example.org",\
+"port":"6322"},{"host":"mon3.example.org","port":"6322"}],"user":"myname",\
+"auth-client-required":["cephx","none"],\
+"key-secret":"libvirt-2-storage-auth-secret0","node-name":"libvirt-2-storage",\
+"auto-read-only":true,"discard":"unmap"}' \
 -blockdev '{"node-name":"libvirt-2-format","read-only":false,"driver":"raw",\
 "file":"libvirt-2-storage"}' \
--device virtio-blk-pci,bus=pci.0,addr=0x2,drive=libvirt-2-format,\
-id=virtio-disk0,bootindex=1 \
+-device virtio-blk-pci,bus=pci.0,addr=0x3,drive=libvirt-2-format,\
+id=virtio-disk1 \
 -object secret,id=libvirt-1-storage-auth-secret0,\
 data=9eao5F8qtkGt+seB1HYivWIxbtwUu6MQtg1zpj/oDtUsPr1q8wBYM91uEHCn6j/1,\
 keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
--blockdev '{"driver":"rbd","pool":"pool","image":"image",\
+-blockdev '{"driver":"rbd","pool":"pool","image":"image2",\
 "server":[{"host":"mon1.example.org","port":"6321"},{"host":"mon2.example.org",\
 "port":"6322"},{"host":"mon3.example.org","port":"6322"}],"user":"myname",\
 "auth-client-required":["cephx","none"],\
@@ -51,8 +64,8 @@ keyid=masterKey0,iv=AAECAwQFBgcICQoLDA0ODw==,format=base64 \
 "auto-read-only":true,"discard":"unmap"}' \
 -blockdev '{"node-name":"libvirt-1-format","read-only":false,"driver":"raw",\
 "file":"libvirt-1-storage"}' \
--device virtio-blk-pci,bus=pci.0,addr=0x3,drive=libvirt-1-format,\
-id=virtio-disk1 \
+-device virtio-blk-pci,bus=pci.0,addr=0x4,drive=libvirt-1-format,\
+id=virtio-disk2 \
 -sandbox on,obsolete=deny,elevateprivileges=deny,spawn=deny,\
 resourcecontrol=deny \
 -msg timestamp=on

diff --git a/tests/qemuxml2argvdata/disk-network-source-auth.xml b/tests/qemuxml2argvdata/disk-network-source-auth.xml
index 7cc5c96ae70b99ff27bf7403a0534ea9eaa77737..0f8d29070f7c16953d36417006f3ae763c46fdd5 100644 (file)
--- a/tests/qemuxml2argvdata/disk-network-source-auth.xml
+++ b/tests/qemuxml2argvdata/disk-network-source-auth.xml
@@ -36,6 +36,18 @@
       </source>
       <target dev='vdb' bus='virtio'/>
     </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source protocol='rbd' name='pool/image2'>
+        <host name='mon1.example.org' port='6321'/>
+        <host name='mon2.example.org' port='6322'/>
+        <host name='mon3.example.org' port='6322'/>
+        <auth username='myname'>
+          <secret type='ceph' usage='client.admin secret'/>
+        </auth>
+      </source>
+      <target dev='vdc' bus='virtio'/>
+    </disk>
     <controller type='usb' index='0'/>
     <controller type='pci' index='0' model='pci-root'/>
     <input type='mouse' bus='ps2'/>

diff --git a/tests/qemuxml2argvtest.c b/tests/qemuxml2argvtest.c
index 8b2df0744812b6562741bf9152ba3ed11e547c50..f26130f212fb7ff807b729a0542fbe66c96adc2b 100644 (file)
--- a/tests/qemuxml2argvtest.c
+++ b/tests/qemuxml2argvtest.c
@@ -64,7 +64,8 @@ fakeSecretLookupByUsage(virConnectPtr conn,
                            usageID);
             return NULL;
         }
-    } else if (STRNEQ(usageID, "mycluster_myname")) {
+    } else if (STRNEQ(usageID, "mycluster_myname") &&
+               STRNEQ(usageID, "client.admin secret")) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
                        "test provided incorrect usage '%s'", usageID);
         return NULL;

diff --git a/tests/qemuxml2xmloutdata/disk-network-source-auth.xml b/tests/qemuxml2xmloutdata/disk-network-source-auth.xml
index b9f06448c10a15bb9d2a9493bb5a73978ca5b20a..d9c85c478de65ad1fb7ed02dceff63b8aba6dd1f 100644 (file)
--- a/tests/qemuxml2xmloutdata/disk-network-source-auth.xml
+++ b/tests/qemuxml2xmloutdata/disk-network-source-auth.xml
@@ -38,6 +38,19 @@
       <target dev='vdb' bus='virtio'/>
       <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
     </disk>
+    <disk type='network' device='disk'>
+      <driver name='qemu' type='raw'/>
+      <source protocol='rbd' name='pool/image2'>
+        <host name='mon1.example.org' port='6321'/>
+        <host name='mon2.example.org' port='6322'/>
+        <host name='mon3.example.org' port='6322'/>
+        <auth username='myname'>
+          <secret type='ceph' usage='client.admin secret'/>
+        </auth>
+      </source>
+      <target dev='vdc' bus='virtio'/>
+      <address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
+    </disk>
     <controller type='usb' index='0'>
       <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
     </controller>

diff --git a/tests/secretxml2xmlin/usage-ceph-space.xml b/tests/secretxml2xmlin/usage-ceph-space.xml
new file mode 100644 (file)
index 0000000..557b124
--- /dev/null
+++ b/tests/secretxml2xmlin/usage-ceph-space.xml
@@ -0,0 +1,7 @@
+<secret ephemeral='no' private='yes'>
+  <uuid>f52a81b2-424e-490c-823d-6bd4235bc573</uuid>
+  <description>Ceph secret with space and dot</description>
+  <usage type='ceph'>
+    <name>client.admin secret</name>
+  </usage>
+</secret>

diff --git a/tests/secretxml2xmltest.c b/tests/secretxml2xmltest.c
index 9eb3c460e717f6fb5e6511e440d92caefe7eb0d6..74a262e1e801d54e660fe2c95d59b8b3b024c938 100644 (file)
--- a/tests/secretxml2xmltest.c
+++ b/tests/secretxml2xmltest.c
@@ -74,6 +74,7 @@ mymain(void)
     DO_TEST("ephemeral-usage-volume");
     DO_TEST("usage-volume");
     DO_TEST("usage-ceph");
+    DO_TEST("usage-ceph-space");
     DO_TEST("usage-iscsi");
     DO_TEST("usage-tls");
     DO_TEST("usage-vtpm");