[libvirt PATCH v6 27/36] schema: add password configuration for ssh disk

[Jonathon Jongsma]

Right now, ssh network disks are not usable. There is some basic support
in libvirt that is meant to support disk chains that have backing disks
located at ssh urls, but there is no real way for a user to configure a
ssh-based disk.  This commit allows users to configure an ssh disk with
password authentication. Implementation will follow.

<disk type='network'>
  <source  protocol='ssh' ...>
    <auth username='myusername'>
      <secret type='iscsi' usage='secretname'/>
    </auth>
</disk>

Signed-off-by: Jonathon Jongsma <jjongsma at redhat.com>
Reviewed-by: Peter Krempa <pkrempa at redhat.com>
---
 docs/formatdomain.rst             | 27 ++++++++++++++-------------
 src/conf/schemas/domaincommon.rng | 23 ++++++++++++++++++++++-
 2 files changed, 36 insertions(+), 14 deletions(-)

diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 4af0b82569..7a5cb1cf22 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -2760,7 +2760,7 @@ paravirtualized driver is specified via the ``disk`` element.
    ``network``
       The ``protocol`` attribute specifies the protocol to access to the
       requested image. Possible values are "nbd", "iscsi", "rbd", "sheepdog",
-      "gluster", "vxhs", "nfs", "http", "https", "ftp", ftps", or "tftp".
+      "gluster", "vxhs", "nfs", "http", "https", "ftp", ftps", "tftp", or "ssh".
 
       For any ``protocol`` other than ``nbd`` an additional attribute ``name``
       is mandatory to specify which volume/image will be used.
@@ -2912,18 +2912,19 @@ paravirtualized driver is specified via the ``disk`` element.
    ``auth``
       :since:`Since libvirt 3.9.0` , the ``auth`` element is supported for a
       disk ``type`` "network" that is using a ``source`` element with the
-      ``protocol`` attributes "rbd" or "iscsi". If present, the ``auth`` element
-      provides the authentication credentials needed to access the source. It
-      includes a mandatory attribute ``username``, which identifies the username
-      to use during authentication, as well as a sub-element ``secret`` with
-      mandatory attribute ``type``, to tie back to a `libvirt secret
-      object <formatsecret.html>`__ that holds the actual password or other
-      credentials (the domain XML intentionally does not expose the password,
-      only the reference to the object that does manage the password). Known
-      secret types are "ceph" for Ceph RBD network sources and "iscsi" for CHAP
-      authentication of iSCSI targets. Both will require either a ``uuid``
-      attribute with the UUID of the secret object or a ``usage`` attribute
-      matching the key that was specified in the secret object.
+      ``protocol`` attributes "rbd", "iscsi", or "ssh". If present, the
+      ``auth`` element provides the authentication credentials needed to access
+      the source. It includes a mandatory attribute ``username``, which
+      identifies the username to use during authentication, as well as a
+      sub-element ``secret`` with mandatory attribute ``type``, to tie back to
+      a `libvirt secret object <formatsecret.html>`__ that holds the actual
+      password or other credentials (the domain XML intentionally does not
+      expose the password, only the reference to the object that does manage
+      the password). Known secret types are "ceph" for Ceph RBD network sources
+      and "iscsi" for CHAP authentication of iSCSI targets. Both will require
+      either a ``uuid`` attribute with the UUID of the secret object or a
+      ``usage`` attribute matching the key that was specified in the secret
+      object.
    ``encryption``
       :since:`Since libvirt 3.9.0` , the ``encryption`` can be a sub-element of
       the ``source`` element for encrypted storage sources. If present,
diff --git a/src/conf/schemas/domaincommon.rng b/src/conf/schemas/domaincommon.rng
index 2284e3c949..9fcf59268d 100644
--- a/src/conf/schemas/domaincommon.rng
+++ b/src/conf/schemas/domaincommon.rng
@@ -2187,6 +2187,27 @@
     </element>
   </define>
 
+  <define name="diskSourceNetworkProtocolSSH">
+    <element name="source">
+      <interleave>
+        <attribute name="protocol">
+          <choice>
+            <value>ssh</value>
+          </choice>
+        </attribute>
+        <attribute name="name"/>
+        <ref name="diskSourceCommon"/>
+        <ref name="diskSourceNetworkHost"/>
+        <optional>
+          <ref name="encryption"/>
+        </optional>
+        <ref name="diskSourceNetworkProtocolPropsCommon"/>
+        <optional>
+          <ref name="diskAuth"/>
+        </optional>
+      </interleave>
+    </element>
+  </define>
   <define name="diskSourceNetworkProtocolSimple">
     <element name="source">
       <interleave>
@@ -2194,7 +2215,6 @@
           <choice>
             <value>sheepdog</value>
             <value>tftp</value>
-            <value>ssh</value>
           </choice>
         </attribute>
         <attribute name="name"/>
@@ -2304,6 +2324,7 @@
       <ref name="diskSourceNetworkProtocolHTTPS"/>
       <ref name="diskSourceNetworkProtocolFTPS"/>
       <ref name="diskSourceNetworkProtocolFTP"/>
+      <ref name="diskSourceNetworkProtocolSSH"/>
       <ref name="diskSourceNetworkProtocolSimple"/>
       <ref name="diskSourceNetworkProtocolVxHS"/>
       <ref name="diskSourceNetworkProtocolNFS"/>
-- 
2.41.0