[PATCH 7/7] schema: secret: Relax requirements for usage name

Ján Tomko jtomko at redhat.com
Wed Jan 6 21:04:49 UTC 2021 

On a Wednesday in 2021, Peter Krempa wrote:
>There's plenty of existing documentation [1] which shows as example a
>name which contains a space and a dot ('client.admin secret') as ceph
>usage name.
>
>Use a more relaxed type in the RNG schema since the usage name is
>actually just a string used to look up the secret.
>
>[1]:
>https://docs.ceph.com/en/latest/rbd/libvirt/#configuring-the-vm
>https://documentation.suse.com/ses/6/html/ses-all/cha-ceph-libvirt.html#ceph-libvirt-cfg-vm
>Libvirt docs were correct though:
>https://libvirt.org/formatsecret.html#CephUsageType
>
>Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1689168
>
>Signed-off-by: Peter Krempa <pkrempa at redhat.com>
>---
> docs/schemas/domaincommon.rng                 |  2 +-
> docs/schemas/secret.rng                       |  8 ++---
> .../disk-network-source-auth.args             |  8 ++++-
> ...isk-network-source-auth.x86_64-2.12.0.args |  9 ++++++
> ...isk-network-source-auth.x86_64-latest.args | 29 ++++++++++++++-----
> .../disk-network-source-auth.xml              | 12 ++++++++
> tests/qemuxml2argvtest.c                      |  3 +-
> .../disk-network-source-auth.xml              | 13 +++++++++
> tests/secretxml2xmlin/usage-ceph-space.xml    |  7 +++++
> tests/secretxml2xmltest.c                     |  1 +
> 10 files changed, 77 insertions(+), 15 deletions(-)
> create mode 100644 tests/secretxml2xmlin/usage-ceph-space.xml
>
>diff --git a/docs/schemas/domaincommon.rng b/docs/schemas/domaincommon.rng
>index 4fc6a7ee7a..701db7e7d2 100644
>--- a/docs/schemas/domaincommon.rng
>+++ b/docs/schemas/domaincommon.rng
>@@ -6261,7 +6261,7 @@
>           <ref name="UUID"/>
>         </attribute>
>         <attribute name="usage">
>-          <ref name="genericName"/>
>+          <ref name="objectName"/>
>         </attribute>
>       </choice>
>     </element>

The auth info in storagepool.rng is not as restrictive:

   <define name="sourceinfoauthsecret">
     <element name="secret">
       <choice>
         <attribute name="uuid">
           <text/>
         </attribute>
         <attribute name="usage">
           <text/>
         </attribute>
       </choice>
     </element>
   </define>

Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20210106/37eda7bb/attachment-0001.sig>

More information about the libvir-list mailing list