Bump version to 0.9.4

Readd erroneously removed blk_file.write
Bump version to 0.9.3
2020-11-10 15:33:50 -05:00 · 2020-11-10 15:33:29 -05:00 · 2020-11-09 10:28:15 -05:00 · 2020-11-09 10:26:01 -05:00 · 2020-11-09 09:59:33 -05:00 · 2020-11-09 09:45:54 -05:00
8 changed files with 112 additions and 11 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -0,0 +1,68 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+# ******** NOTE ********
+
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches: [ master ]
+  schedule:
+    - cron: '17 22 * * 2'
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
+        # Learn more...
+        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+    # If this step fails, then you should remove it and run the build manually (see below)
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 https://git.io/JvXDl
+
+    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+    #    and modify them (or add more) to build your code if your project
+    #    uses a compiled language
+
+    #- run: |
+    #   make bootstrap
+    #   make release
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
--- a/README.md
+++ b/README.md
@ -21,6 +21,14 @@ To get started with PVC, read the [Cluster Architecture document](https://parall

 ## Changelog

+#### v0.9.4
+
+  * Fixes major bug in OVA parser
+
+#### v0.9.3
+
+  * Fixes bugs with image & OVA upload parsing
+
 #### v0.9.2

  * Major linting of the codebase with flake8; adds linting tools
--- a/api-daemon/pvcapid/flaskapi.py
+++ b/api-daemon/pvcapid/flaskapi.py
@ -157,13 +157,16 @@ class RequestParser(object):
            parser = reqparse.RequestParser()
            # Parse and add each argument
            for reqarg in self.reqargs:
+                location = reqarg.get('location', None)
+                if location is None:
+                    location = ['args', 'form']
                parser.add_argument(
                    reqarg.get('name', None),
                    required=reqarg.get('required', False),
                    action=reqarg.get('action', None),
                    choices=reqarg.get('choices', ()),
                    help=reqarg.get('helptext', None),
-                    location=['args', 'form']
+                    location=location
                )
            reqargs = parser.parse_args()
            kwargs['reqargs'] = reqargs
@ -3803,7 +3806,7 @@ api.add_resource(API_Storage_Ceph_Volume_Element_Clone, '/storage/ceph/volume/<p
 # /storage/ceph/volume/<pool>/<volume>/upload
 class API_Storage_Ceph_Volume_Element_Upload(Resource):
    @RequestParser([
-        {'name': 'image_format', 'required': True, 'helpmsg': "A source image format must be specified."}
+        {'name': 'image_format', 'required': True, 'location': ['args'], 'helpmsg': "A source image format must be specified."}
    ])
    @Authenticator
    def post(self, pool, volume, reqargs):
@ -5846,9 +5849,9 @@ class API_Provisioner_OVA_Root(Resource):
        )

    @RequestParser([
-        {'name': 'pool', 'required': True, 'helpmsg': "A storage pool must be specified."},
-        {'name': 'name', 'required': True, 'helpmsg': "A VM name must be specified."},
-        {'name': 'ova_size', 'required': True, 'helpmsg': "An OVA size must be specified."},
+        {'name': 'pool', 'required': True, 'location': ['args'], 'helpmsg': "A storage pool must be specified."},
+        {'name': 'name', 'required': True, 'location': ['args'], 'helpmsg': "A VM name must be specified."},
+        {'name': 'ova_size', 'required': True, 'location': ['args'], 'helpmsg': "An OVA size must be specified."},
    ])
    @Authenticator
    def post(self, reqargs):
@ -5923,8 +5926,8 @@ class API_Provisioner_OVA_Element(Resource):
        )

    @RequestParser([
-        {'name': 'pool', 'required': True, 'helpmsg': "A storage pool must be specified."},
-        {'name': 'ova_size', 'required': True, 'helpmsg': "An OVA size must be specified."},
+        {'name': 'pool', 'required': True, 'location': ['args'], 'helpmsg': "A storage pool must be specified."},
+        {'name': 'ova_size', 'required': True, 'location': ['args'], 'helpmsg': "An OVA size must be specified."},
    ])
    @Authenticator
    def post(self, ova, reqargs):
--- a/api-daemon/pvcapid/helper.py
+++ b/api-daemon/pvcapid/helper.py
@ -1464,7 +1464,7 @@ def ceph_volume_upload(pool, volume, img_type):
            parse_form_data(flask.request.environ, stream_factory=image_stream_factory)
        except Exception:
            output = {
-                'message': "Failed to write image file to volume."
+                'message': "Failed to upload or write image file to temporary volume."
            }
            retcode = 400
            cleanup_maps_and_volumes()
@ -1523,9 +1523,9 @@ def ceph_volume_upload(pool, volume, img_type):
            # rather than the standard stream_factory which writes to a temporary file waiting
            # on a save() call. This will break if the API ever uploaded multiple files, but
            # this is an acceptable workaround.
-            def ova_stream_factory(total_content_length, filename, content_type, content_length=None):
+            def image_stream_factory(total_content_length, filename, content_type, content_length=None):
                return open(temp_blockdev, 'wb')
-            parse_form_data(flask.request.environ, stream_factory=ova_stream_factory)
+            parse_form_data(flask.request.environ, stream_factory=image_stream_factory)
        except Exception:
            output = {
                'message': "Failed to upload or write image file to temporary volume."
--- a/api-daemon/pvcapid/ova.py
+++ b/api-daemon/pvcapid/ova.py
@ -316,6 +316,8 @@ def upload_ova(pool, name, ova_size):
            # Open the temporary blockdev and seek to byte 0
            blk_file = open(temp_blockdev, 'wb')
            blk_file.seek(0)
+            # Write the contents of vmdk_file into blk_file
+            blk_file.write(vmdk_file.read())
            # Close blk_file (and flush the buffers)
            blk_file.close()
            # Close vmdk_file
--- a/debian/changelog
+++ b/debian/changelog
@ -1,3 +1,15 @@
+pvc (0.9.4-0) unstable; urgency=high
+
+  * Fixes major bug in OVA parser
+
+ -- Joshua M. Boniface <joshua@boniface.me>  Tue, 10 Nov 2020 15:33:50 -0500
+
+pvc (0.9.3-0) unstable; urgency=high
+
+  * Fixes bugs with image & OVA upload parsing
+
+ -- Joshua M. Boniface <joshua@boniface.me>  Mon, 09 Nov 2020 10:28:15 -0500
+
 pvc (0.9.2-0) unstable; urgency=high

  * Major linting of the codebase with flake8; adds linting tools
--- a/docs/index.md
+++ b/docs/index.md
@ -19,6 +19,14 @@ To get started with PVC, read the [Cluster Architecture document](https://parall

 ## Changelog

+#### v0.9.4
+
+  * Fixes major bug in OVA parser
+
+#### v0.9.3
+
+  * Fixes bugs with image & OVA upload parsing
+
 #### v0.9.2

  * Major linting of the codebase with flake8; adds linting tools
--- a/node-daemon/pvcnoded/Daemon.py
+++ b/node-daemon/pvcnoded/Daemon.py
@ -54,7 +54,7 @@ import pvcnoded.CephInstance as CephInstance
 import pvcnoded.MetadataAPIInstance as MetadataAPIInstance

 # Version string for startup output
-version = '0.9.2'
+version = '0.9.4'

 ###############################################################################
 # PVCD - node daemon startup program
Author	SHA1	Message	Date
Joshua M. Boniface	9053edacd8	Bump version to 0.9.4	2020-11-10 15:33:50 -05:00
Joshua M. Boniface	beb62c9f3d	Readd erroneously removed blk_file.write	2020-11-10 15:33:29 -05:00
Joshua M. Boniface	baac8f24fd	Bump version to 0.9.3	2020-11-09 10:28:15 -05:00
Joshua M. Boniface	e6bca5b6a9	Add override args for RequestParser Properly fixes the issue with OVA upload bodies by allowing the restriction of the 'location' directive when parsing specific request args. Thus the 'form' location can be included by default but removed for those parsers that have a file body.	2020-11-09 10:26:01 -05:00
Joshua M. Boniface	b169620eee	Revert "Ensure args are checked against form body" This reverts commit `d63e757c32`. This did not work; by readding 'form' checking, the attempt to isolate the large file upload was again thwarted. Another solution, perhaps specific to the uploads, is needed instead.	2020-11-09 09:59:33 -05:00
Joshua M. Boniface	ee4d682b29	Correct faulty function naming	2020-11-09 09:45:54 -05:00
Joshua M. Boniface	b221e0e954	Add GitHub CodeQL analysis config	2020-11-08 03:54:10 -05:00