Merge branch 'main' into 422-vmware-to-kvm-improvements

Author: nvazquez

api/src/main/java/org/apache/cloudstack/api/response/StoragePoolResponse.java

@@ -77,19 +77,24 @@ public class StoragePoolResponse extends BaseResponseWithAnnotations {
     @Param(description = "the name of the cluster for the storage pool")
     private String clusterName;
 
+    @SerializedName(ApiConstants.CAPACITY_BYTES)
+    @Param(description = "bytes CloudStack can provision from this storage pool", since = "4.22.0")
+    private Long capacityBytes;
+
+    @Deprecated(since = "4.22.0")
     @SerializedName("disksizetotal")
     @Param(description = "the total disk size of the storage pool")
     private Long diskSizeTotal;
 
     @SerializedName("disksizeallocated")
-    @Param(description = "the host's currently allocated disk size")
+    @Param(description = "the pool's currently allocated disk size")
     private Long diskSizeAllocated;
 
     @SerializedName("disksizeused")
-    @Param(description = "the host's currently used disk size")
+    @Param(description = "the pool's currently used disk size")
     private Long diskSizeUsed;
 
-    @SerializedName("capacityiops")
+    @SerializedName(ApiConstants.CAPACITY_IOPS)
     @Param(description = "IOPS CloudStack can provision from this storage pool")
     private Long capacityIops;
 
@@ -288,6 +293,14 @@ public void setClusterName(String clusterName) {
         this.clusterName = clusterName;
     }
 
+    public Long getCapacityBytes() {
+        return capacityBytes;
+    }
+
+    public void setCapacityBytes(Long capacityBytes) {
+        this.capacityBytes = capacityBytes;
+    }
+
     public Long getDiskSizeTotal() {
         return diskSizeTotal;
     }

api/src/main/java/org/apache/cloudstack/userdata/UserDataManager.java

@@ -22,11 +22,23 @@
 
 import com.cloud.utils.component.Manager;
 
+import java.io.IOException;
+
 public interface UserDataManager extends Manager, Configurable {
     String VM_USERDATA_MAX_LENGTH_STRING = "vm.userdata.max.length";
     ConfigKey<Integer> VM_USERDATA_MAX_LENGTH = new ConfigKey<>("Advanced", Integer.class, VM_USERDATA_MAX_LENGTH_STRING, "32768",
             "Max length of vm userdata after base64 encoding. Default is 32768 and maximum is 1048576", true);
 
     String concatenateUserData(String userdata1, String userdata2, String userdataProvider);
     String validateUserData(String userData, BaseCmd.HTTPMethod httpmethod);
+
+    /**
+     * This method validates the user data uuid for system VMs and returns the user data
+     * after compression and base64 encoding for the system VM to consume.
+     *
+     * @param userDataUuid
+     * @return a String containing the user data after compression and base64 encoding
+     * @throws IOException
+     */
+    String validateAndGetUserDataForSystemVM(String userDataUuid) throws IOException;
 }

engine/api/src/main/java/com/cloud/vm/VirtualMachineManager.java

@@ -106,6 +106,9 @@ public interface VirtualMachineManager extends Manager {
     ConfigKey<Boolean> VmSyncPowerStateTransitioning = new ConfigKey<>("Advanced", Boolean.class, "vm.sync.power.state.transitioning", "true",
             "Whether to sync power states of the transitioning and stalled VMs while processing VM power reports.", false);
 
+    ConfigKey<Boolean> SystemVmEnableUserData = new ConfigKey<>(Boolean.class, "systemvm.userdata.enabled", "Advanced", "false",
+            "Enable user data for system VMs. When enabled, the CPVM, SSVM, and Router system VMs will use the values from the global settings console.proxy.vm.userdata, secstorage.vm.userdata, and virtual.router.userdata, respectively, to provide cloud-init user data to the VM.",
+            true, ConfigKey.Scope.Zone, null);
 
     interface Topics {
         String VM_POWER_STATE = "vm.powerstate";

engine/api/src/main/java/org/apache/cloudstack/engine/subsystem/api/storage/PrimaryDataStoreLifeCycle.java

@@ -24,8 +24,8 @@
 import com.cloud.storage.StoragePool;
 
 public interface PrimaryDataStoreLifeCycle extends DataStoreLifeCycle {
-    public static final String CAPACITY_BYTES = "capacityBytes";
-    public static final String CAPACITY_IOPS = "capacityIops";
+    String CAPACITY_BYTES = "capacityBytes";
+    String CAPACITY_IOPS = "capacityIops";
 
     void updateStoragePool(StoragePool storagePool, Map<String, String> details);
     void enableStoragePool(DataStore store);

engine/orchestration/src/main/java/com/cloud/vm/VirtualMachineManagerImpl.java

@@ -5244,7 +5244,7 @@ public ConfigKey<?>[] getConfigKeys() {
                 VmConfigDriveLabel, VmConfigDriveOnPrimaryPool, VmConfigDriveForceHostCacheUse, VmConfigDriveUseHostCacheOnUnsupportedPool,
                 HaVmRestartHostUp, ResourceCountRunningVMsonly, AllowExposeHypervisorHostname, AllowExposeHypervisorHostnameAccountLevel, SystemVmRootDiskSize,
                 AllowExposeDomainInMetadata, MetadataCustomCloudName, VmMetadataManufacturer, VmMetadataProductName,
-                VmSyncPowerStateTransitioning
+                VmSyncPowerStateTransitioning, SystemVmEnableUserData
         };
     }
 

engine/schema/src/main/java/org/apache/cloudstack/storage/datastore/db/PrimaryDataStoreDaoImpl.java

@@ -320,6 +320,9 @@ public StoragePoolVO persist(StoragePoolVO pool, Map<String, String> details, Li
         pool = super.persist(pool);
         if (details != null) {
             for (Map.Entry<String, String> detail : details.entrySet()) {
+                if (detail.getKey().toLowerCase().contains("password") || detail.getKey().toLowerCase().contains("token")) {
+                    displayDetails = false;
+                }
                 StoragePoolDetailVO vo = new StoragePoolDetailVO(pool.getId(), detail.getKey(), detail.getValue(), displayDetails);
                 _detailsDao.persist(vo);
             }

engine/schema/src/main/resources/META-INF/db/schema-42100to42200.sql

@@ -35,6 +35,10 @@ UPDATE `cloud`.`ldap_configuration` SET uuid = UUID() WHERE uuid IS NULL OR uuid
 -- Add the column cross_zone_instance_creation to cloud.backup_repository. if enabled it means that new Instance can be created on all Zones from Backups on this Repository.
 CALL `cloud`.`IDEMPOTENT_ADD_COLUMN`('cloud.backup_repository', 'cross_zone_instance_creation', 'TINYINT(1) DEFAULT NULL COMMENT ''Backup Repository can be used for disaster recovery on another zone''');
 
+-- Updated display to false for password/token detail of the storage pool details
+UPDATE `cloud`.`storage_pool_details` SET display = 0 WHERE name LIKE '%password%';
+UPDATE `cloud`.`storage_pool_details` SET display = 0 WHERE name LIKE '%token%';
+
 -- VMware to KVM migration improvements
 CREATE TABLE IF NOT EXISTS `cloud`.`import_vm_task`(
     `id` bigint unsigned NOT NULL auto_increment COMMENT 'id',

engine/storage/src/main/java/org/apache/cloudstack/storage/volume/datastore/PrimaryDataStoreHelper.java

@@ -85,8 +85,7 @@ public class PrimaryDataStoreHelper {
     DataStoreProviderManager dataStoreProviderMgr;
 
     public DataStore createPrimaryDataStore(PrimaryDataStoreParameters params) {
-        if(params == null)
-        {
+        if (params == null) {
             throw new InvalidParameterValueException("createPrimaryDataStore: Input params is null, please check");
         }
         StoragePoolVO dataStoreVO = dataStoreDao.findPoolByUUID(params.getUuid());

engine/userdata/src/main/java/org/apache/cloudstack/userdata/UserDataManagerImpl.java

@@ -16,12 +16,18 @@
 // under the License.
 package org.apache.cloudstack.userdata;
 
+import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import com.cloud.domain.Domain;
+import com.cloud.user.User;
+import com.cloud.user.UserDataVO;
+import com.cloud.user.dao.UserDataDao;
+import com.cloud.utils.compression.CompressionUtil;
 import org.apache.cloudstack.api.BaseCmd;
 import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.commons.codec.binary.Base64;
@@ -31,7 +37,12 @@
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.exception.CloudRuntimeException;
 
+import javax.inject.Inject;
+
 public class UserDataManagerImpl extends ManagerBase implements UserDataManager {
+    @Inject
+    UserDataDao userDataDao;
+
     private static final int MAX_USER_DATA_LENGTH_BYTES = 2048;
     private static final int MAX_HTTP_GET_LENGTH = 2 * MAX_USER_DATA_LENGTH_BYTES; // 4KB
     private static final int NUM_OF_2K_BLOCKS = 512;
@@ -118,6 +129,25 @@ public String validateUserData(String userData, BaseCmd.HTTPMethod httpmethod) {
         return Base64.encodeBase64String(decodedUserData);
     }
 
+    @Override
+    public String validateAndGetUserDataForSystemVM(String userDataUuid) throws IOException {
+        if (StringUtils.isBlank(userDataUuid)) {
+            return null;
+        }
+        UserDataVO userDataVo = userDataDao.findByUuid(userDataUuid);
+        if (userDataVo == null) {
+            return null;
+        }
+        if (userDataVo.getDomainId() == Domain.ROOT_DOMAIN && userDataVo.getAccountId() == User.UID_ADMIN) {
+            // Decode base64 user data, compress it, then re-encode to reduce command line length
+            String plainTextUserData = new String(java.util.Base64.getDecoder().decode(userDataVo.getUserData()));
+            CompressionUtil compressionUtil = new CompressionUtil();
+            byte[] compressedUserData = compressionUtil.compressString(plainTextUserData);
+            return java.util.Base64.getEncoder().encodeToString(compressedUserData);
+        }
+        throw new CloudRuntimeException("User data can only be used by system VMs if it belongs to the ROOT domain and ADMIN account.");
+    }
+
     private byte[] validateAndDecodeByHTTPMethod(String userData, int maxHTTPLength, BaseCmd.HTTPMethod httpMethod) {
         byte[] decodedUserData = Base64.decodeBase64(userData.getBytes());
         if (decodedUserData == null || decodedUserData.length < 1) {

engine/userdata/src/test/java/org/apache/cloudstack/userdata/UserDataManagerImplTest.java

@@ -17,19 +17,37 @@
 package org.apache.cloudstack.userdata;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.mockito.Mockito.when;
 
+import java.io.IOException;
 import java.nio.charset.StandardCharsets;
+import java.util.Base64;
 
 import org.apache.cloudstack.api.BaseCmd;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.Mockito;
 import org.mockito.Spy;
 import org.mockito.junit.MockitoJUnitRunner;
 
+import com.cloud.domain.Domain;
+import com.cloud.user.User;
+import com.cloud.user.UserDataVO;
+import com.cloud.user.dao.UserDataDao;
+import com.cloud.utils.exception.CloudRuntimeException;
+
 @RunWith(MockitoJUnitRunner.class)
 public class UserDataManagerImplTest {
 
+    @Mock
+    private UserDataDao userDataDao;
+
     @Spy
     @InjectMocks
     private UserDataManagerImpl userDataManager;
@@ -56,4 +74,76 @@ public void testValidateUrlEncodedBase64() {
         assertEquals("validate return the value with padding", encodedUserdata, userDataManager.validateUserData(urlEncodedUserdata, BaseCmd.HTTPMethod.GET));
     }
 
+    @Test
+    public void testValidateAndGetUserDataForSystemVMWithBlankUuid() throws IOException {
+        // Test with blank UUID should return null
+        assertNull("null UUID should return null", userDataManager.validateAndGetUserDataForSystemVM(null));
+        assertNull("blank UUID should return null", userDataManager.validateAndGetUserDataForSystemVM(""));
+        assertNull("blank UUID should return null", userDataManager.validateAndGetUserDataForSystemVM("   "));
+    }
+
+    @Test
+    public void testValidateAndGetUserDataForSystemVMNotFound() throws IOException {
+        // Test when userDataVo is not found
+        String testUuid = "test-uuid-123";
+        when(userDataDao.findByUuid(testUuid)).thenReturn(null);
+
+        assertNull("userdata not found should return null", userDataManager.validateAndGetUserDataForSystemVM(testUuid));
+    }
+
+    @Test(expected = CloudRuntimeException.class)
+    public void testValidateAndGetUserDataForSystemVMInvalidDomain() throws IOException {
+        // Test with userDataVo that doesn't belong to ROOT domain
+        String testUuid = "test-uuid-123";
+        UserDataVO userDataVo = Mockito.mock(UserDataVO.class);
+        when(userDataVo.getDomainId()).thenReturn(2L); // Not ROOT domain
+
+        when(userDataDao.findByUuid(testUuid)).thenReturn(userDataVo);
+        userDataManager.validateAndGetUserDataForSystemVM(testUuid);
+    }
+
+    @Test(expected = CloudRuntimeException.class)
+    public void testValidateAndGetUserDataForSystemVMInvalidAccount() throws IOException {
+        // Test with userDataVo that doesn't belong to ADMIN account
+        String testUuid = "test-uuid-123";
+        UserDataVO userDataVo = Mockito.mock(UserDataVO.class);
+        when(userDataVo.getDomainId()).thenReturn(Domain.ROOT_DOMAIN);
+        when(userDataVo.getAccountId()).thenReturn(3L);
+        userDataVo.setUserData("dGVzdCBkYXRh"); // "test data" in base64
+
+        when(userDataDao.findByUuid(testUuid)).thenReturn(userDataVo);
+        userDataManager.validateAndGetUserDataForSystemVM(testUuid);
+    }
+
+    @Test
+    public void testValidateAndGetUserDataForSystemVMValidSystemVMUserData() throws IOException {
+        // Test with valid system VM userdata (ROOT domain + ADMIN account)
+        String testUuid = "test-uuid-123";
+        String originalText = "#!/bin/bash\necho 'Hello World'";
+        String base64EncodedUserData = Base64.getEncoder().encodeToString(originalText.getBytes());
+
+        UserDataVO userDataVo = Mockito.mock(UserDataVO.class);
+        when(userDataVo.getDomainId()).thenReturn(Domain.ROOT_DOMAIN);
+        when(userDataVo.getAccountId()).thenReturn(User.UID_ADMIN);
+        when(userDataVo.getUserData()).thenReturn(base64EncodedUserData);
+
+        when(userDataDao.findByUuid(testUuid)).thenReturn(userDataVo);
+
+        String result = userDataManager.validateAndGetUserDataForSystemVM(testUuid);
+
+        // Verify result is not null and is base64 encoded
+        assertNotNull("result should not be null", result);
+        assertFalse("result should be base64 encoded", result.isEmpty());
+
+        // Verify the result is valid base64
+        try {
+            Base64.getDecoder().decode(result);
+        } catch (IllegalArgumentException e) {
+            throw new AssertionError("Result should be valid base64", e);
+        }
+
+        // The result should be different from input since it's compressed
+        assertNotEquals("compressed result should be different from original", result, base64EncodedUserData);
+    }
+
 }