[PATCH 4/4] virsh: add support for '--validate' option in define secret

Kristina Hanicova khanicov at redhat.com
Fri Aug 20 12:30:40 UTC 2021 

Signed-off-by: Kristina Hanicova <khanicov at redhat.com>
---
 docs/manpages/virsh.rst |  4 +++-
 tools/virsh-secret.c    | 10 +++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/docs/manpages/virsh.rst b/docs/manpages/virsh.rst
index 3eb310d02e..de6d6ee1c2 100644
--- a/docs/manpages/virsh.rst
+++ b/docs/manpages/virsh.rst
@@ -6697,13 +6697,15 @@ secret-define
 
 ::
 
-   secret-define file
+   secret-define file [--validate]
 
 Create a secret with the properties specified in *file*, with no associated
 secret value.  If *file* does not specify a UUID, choose one automatically.
 If *file* specifies a UUID of an existing secret, replace its properties by
 properties defined in *file*, without affecting the secret value.
 
+Optionally, the format of the input XML file can be validated against an
+internal RNG schema with *--validate*.
 
 secret-dumpxml
 --------------
diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index dde0d26398..173a77fd90 100644
--- a/tools/virsh-secret.c
+++ b/tools/virsh-secret.c
@@ -73,6 +73,10 @@ static const vshCmdInfo info_secret_define[] = {
 
 static const vshCmdOptDef opts_secret_define[] = {
     VIRSH_COMMON_OPT_FILE(N_("file containing secret attributes in XML")),
+    {.name = "validate",
+     .type = VSH_OT_BOOL,
+     .help = N_("validate the XML against the schema")
+    },
     {.name = NULL}
 };
 
@@ -84,15 +88,19 @@ cmdSecretDefine(vshControl *ctl, const vshCmd *cmd)
     virSecretPtr res;
     char uuid[VIR_UUID_STRING_BUFLEN];
     bool ret = false;
+    unsigned int flags = 0;
     virshControl *priv = ctl->privData;
 
     if (vshCommandOptStringReq(ctl, cmd, "file", &from) < 0)
         return false;
 
+    if (vshCommandOptBool(cmd, "validate"))
+        flags |= VIR_SECRET_DEFINE_VALIDATE;
+
     if (virFileReadAll(from, VSH_MAX_XML_FILE, &buffer) < 0)
         return false;
 
-    if (!(res = virSecretDefineXML(priv->conn, buffer, 0))) {
+    if (!(res = virSecretDefineXML(priv->conn, buffer, flags))) {
         vshError(ctl, _("Failed to set attributes from %s"), from);
         goto cleanup;
     }
-- 
2.31.1

More information about the libvir-list mailing list