Merge branch 'master' into CASMHMS-5821-part2

.gitignore

@@ -1,5 +1,6 @@
 kubernetes/.packaged/
 .idea/
+*.swp
 
 # Prevent certificates from getting checked in
 *.ca
@@ -8,3 +9,6 @@ kubernetes/.packaged/
 *.csr
 *.key
 *.pem
+
+# compiled go command
+boot-script-service

.version

@@ -1 +1 @@
-1.23.0
+1.26.0

CHANGELOG.md

@@ -5,12 +5,36 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
-## [1.23.0] - 2023-07-06
+## [1.26.0] - 2023-07-06
 
-### Changed
+### Added
 
 - Added retries to destructive bootscript CT tests for hms-nightly-integration runs.
 
+## [1.25.1] - 2023-05-30
+
+### Changed
+
+- CASMCMS-8651: Update example fields in API spec to be links to S3 instead of dear departed ARS.
+
+## [1.25.0] - 2023-05-22
+
+### Added
+
+- CASMHMS-6018: Add support for creating pre-signed URLs for `root=live:` parameters, enabling native dmsquash-live dracut usage.
+
+## [1.24.0] - 2023-03-28
+
+### Changed
+
+- CASMHMS-5812 and CASMHMS-5813: Fixed the endpoint-history API to filter data correctly when using the name and endpoint query parameters.
+
+## [1.23.0] - 2023-01-24
+
+### Changed
+
+- CASMHMS-5894: Minor language linting of API spec; corrected markdown errors in changelog
+
 ## [1.22.0] - 2022-11-01
 
 ### Changed
@@ -260,11 +284,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - CASMCLOUD-1023
   These are changes to charts in support of:
-  *moving to Helm v1/Loftsman v1
-  *the newest 2.x cray-service base chart
-    +upgraded to support Helm v3
-    +modified containers/init containers, volume, and persistent volume claim value definitions to be objects instead of arrays
-  *the newest 0.2.x cray-jobs base chart ◦upgraded to support Helm v3
+  - moving to Helm v1/Loftsman v1
+  - the newest 2.x cray-service base chart
+    - upgraded to support Helm v3
+    - modified containers/init containers, volume, and persistent volume claim value definitions to be objects instead of arrays
+  - the newest 0.2.x cray-jobs base chart upgraded to support Helm v3
 
 ## [1.3.5] - 2020-08-18
 

cmd/boot-script-service/boot_data.go

@@ -642,11 +642,13 @@ func searchKeyspace(prefix string) ([]hmetcd.Kvi_KV, error) {
 	// > If range_end is key plus one (e.g., "aa"+1 == "ab", "a\xff"+1 == "b"), then the range request gets all keys
 	// > prefixed with key.
 	// https://github.com/etcd-io/etcd/pull/7206/commits/7e31ddd32a4511c436b14e30ef43756ac782d080
+
+	rangeStart := prefix
 	rangePrefix := prefix[:len(prefix)-1]
 	rangeLastNextChar := prefix[len(prefix)-1:][0] + 1
 	rangeEnd := fmt.Sprintf("%s%c", rangePrefix, rangeLastNextChar)
 
-	return kvstore.GetRange(rangePrefix, rangeEnd)
+	return kvstore.GetRange(rangeStart, rangeEnd)
 }
 
 func getAccessesForPrefix(prefix string) (accesses []bssTypes.EndpointAccess, err error) {
@@ -681,15 +683,29 @@ func getAccessesForPrefix(prefix string) (accesses []bssTypes.EndpointAccess, er
 func SearchEndpointAccessed(name string, endpointType bssTypes.EndpointType) (accesses []bssTypes.EndpointAccess,
 	err error) {
 	if name == "" && endpointType == "" {
-		return getAccessesForPrefix(endpointAccessPfx)
+		return getAccessesForPrefix(fmt.Sprintf("%s/", endpointAccessPfx))
 	} else if name != "" && endpointType == "" {
-		return getAccessesForPrefix(fmt.Sprintf("%s/%s", endpointAccessPfx, name))
+		return getAccessesForPrefix(fmt.Sprintf("%s/%s/", endpointAccessPfx, name))
 	} else if name != "" && endpointType != "" {
 		var epoch int64
 		epoch, err = getEndpointAccessed(name, endpointType)
 		if err != nil {
 			return
 		}
+		// epoch == 0 means the given name and endpoint combo has never been accessed.
+		// A long existing bug/feature of bss has been to return a value in this case with a LastEpoch value of zero.
+		// The following preserves that behavior, but only if the endpoint type is valid.
+		if epoch == 0 {
+			hasValidType := false
+			for _, t := range bssTypes.EndpointTypes {
+				if strings.EqualFold(string(endpointType), string(t)) {
+					hasValidType = true
+				}
+			}
+			if !hasValidType {
+				return
+			}
+		}
 
 		access := bssTypes.EndpointAccess{
 			Name:      name,

cmd/boot-script-service/default_api.go

@@ -76,7 +76,7 @@ var gwURI = getEnvVal("BSS_GW_URI", "/apis/bss")
 var s3Client *hms_s3.S3Client
 
 // regex for matching s3 URIs in the params field
-var s3ParamsRegex = "(^|[ ])((metal.server=)(s3://[^ ]*))"
+var s3ParamsRegex = "(^|[ ])((metal.server=|root=live:)(s3://[^ ]*))"
 
 type (
 	// function interface for checkURL()

cmd/boot-script-service/default_api_test.go

@@ -83,15 +83,16 @@ func TestReplaceS3Params_regex(t *testing.T) {
 	}
 }
 
-func TestReplaceS3Params_replace(t *testing.T) {
-	params := fmt.Sprintf("%s %s  %s %s %s",
+// TestReplaceS3Params_replace_kernel_metal tests that the “metal.server=s3://<url>“ argument is recognized and given a pre-signed URL.
+func TestReplaceS3Params_replace_kernel_metal(t *testing.T) {
+	params := fmt.Sprintf("%s %s %s %s %s",
 		"metal.server=s3://ncn-images/k8s/0.2.78/filesystem.squashfs",
 		"bond=bond0",
 		"metal.server=s3://bucket/path",
 		"root=craycps-s3:s3://boot-images",
 		"m=s3://b/p")
 
-	expected_params := fmt.Sprintf("%s %s  %s %s %s",
+	expected_params := fmt.Sprintf("%s %s %s %s %s",
 		"metal.server=s3://ncn-images/k8s/0.2.78/filesystem.squashfs_signed",
 		"bond=bond0",
 		"metal.server=s3://bucket/path_signed",
@@ -107,6 +108,29 @@ func TestReplaceS3Params_replace(t *testing.T) {
 	}
 }
 
+// TestReplaceS3Params_replace_kernel_live tests that the dmsquash-live “root=live:s3://<url>“ argument is recognized and given a pre-signed URL.
+func TestReplaceS3Params_replace_kernel_live(t *testing.T) {
+	params := fmt.Sprintf("%s %s %s %s",
+		"root=live:s3://boot-images/k8s/0.2.78/rootfs",
+		"bond=bond0",
+		"root=live:s3://bucket/path",
+		"m=s3://b/p")
+
+	expected_params := fmt.Sprintf("%s %s %s %s",
+		"root=live:s3://boot-images/k8s/0.2.78/rootfs_signed",
+		"bond=bond0",
+		"root=live:s3://bucket/path_signed",
+		"m=s3://b/p")
+
+	newParams, err := replaceS3Params(params, mockGetSignedS3Url)
+	if err != nil {
+		t.Errorf("replaceS3Params returned an error for params: %s, error: %v\n", params, err)
+	}
+	if newParams != expected_params {
+		t.Errorf("replaceS3Params failed.\n  expected: %s\n  actual: %s\n", expected_params, newParams)
+	}
+}
+
 func TestReplaceS3Params_replace2(t *testing.T) {
 	params := fmt.Sprintf("%s %s",
 		"xmetal.server=s3://ncn-images/k8s/0.2.78/filesystem.squashfs",

pkg/bssTypes/types.go

@@ -66,9 +66,14 @@ type EndpointType string
 
 const (
 	EndpointTypeBootscript EndpointType = "bootscript"
-	EndpointTypeUserData                = "user-data"
+	EndpointTypeUserData   EndpointType = "user-data"
 )
 
+var EndpointTypes = []EndpointType{
+	EndpointTypeBootscript,
+	EndpointTypeUserData,
+}
+
 type EndpointAccess struct {
 	Name      string       `json:"name"`
 	Endpoint  EndpointType `json:"endpoint"`

test/ct/api/3-destructive/test_endpoint_history.tavern.yaml

@@ -59,11 +59,11 @@ stages:
   response:
     status_code: 200
 
-# Please note that this stage is a hack to retrieve and save the IP address of this container into 
+# Please note that this stage is a hack to retrieve and save the IP address of this container into
 # a variable. Perhaps a plugin might be better here.
 - name: Retrieve test container IP address
   request:
-    # The endpoint that we hit doesn't really matter, just 
+    # The endpoint that we hit doesn't really matter, just
     url: "{bss_base_url}/boot/v1/service/status"
     method: GET
     verify: !bool "{verify}"
@@ -135,9 +135,39 @@ stages:
                 - bootscript
               last_epoch:
                 type: int
-                range: 
+                range:
                   min: 0 # If the epoch time is 0, then that means the endpoint wasn't really queried.
 
+# Verify that there are no matches when using a bad endpoint.
+- name: Query endpoint-history with bad endpoint
+  request:
+    url: "{bss_base_url}/boot/v1/endpoint-history"
+    method: GET
+    verify: !bool "{verify}"
+    params:
+      name: "{node_xname}"
+      endpoint: bootscript-bad
+  response:
+    status_code: 200
+    verify_response_with:
+      function: tavern.testutils.helpers:validate_pykwalify
+      extra_kwargs:
+        schema:
+          type: seq
+          matching: all
+          range:
+            min: 0
+            max: 0
+          sequence:
+          - type: map
+            mapping:
+              name:
+                type: str
+              endpoint:
+                type: str
+              last_epoch:
+                type: int
+
 - name: Query for cloud-init user-data for the node
   request:
     url: "{bss_base_url}/user-data"
@@ -179,9 +209,38 @@ stages:
                 - user-data
               last_epoch:
                 type: int
-                range: 
+                range:
                   min: 1 # If the epoch time is 0, then that means the endpoint wasn't really queried.
 
+# Verify that there are no matches when using a prefix of the xname.
+- name: Query endpoint-history with xname prefix
+  request:
+    url: "{bss_base_url}/boot/v1/endpoint-history"
+    method: GET
+    verify: !bool "{verify}"
+    params:
+      name: x1000
+  response:
+    status_code: 200
+    verify_response_with:
+      function: tavern.testutils.helpers:validate_pykwalify
+      extra_kwargs:
+        schema:
+          type: seq
+          matching: all
+          range:
+            min: 0
+            max: 0
+          sequence:
+          - type: map
+            mapping:
+              name:
+                type: str
+              endpoint:
+                type: str
+              last_epoch:
+                type: int
+
 - name: Remove test HSM EthernetInterfaces for the CT Test container
   request:
     url: "{hsm_base_url}/hsm/v2/Inventory/EthernetInterfaces/0efffffffffe"