diff options
| author | Julia Kreger <juliaashleykreger@gmail.com> | 2019-12-05 14:24:17 -0800 |
|---|---|---|
| committer | Julia Kreger <juliaashleykreger@gmail.com> | 2020-03-09 16:08:11 -0700 |
| commit | 6121fbf1005097e2cfa23725df3e35e91ae4cbf5 (patch) | |
| tree | 4f5b82bdbc5706d81d3f5fc3356ba80d72c04441 /ironic/drivers/modules/irmc/boot.py | |
| parent | 7a15df60c3da28bbae44e8e3cbb0b5c4042730ed (diff) | |
| download | ironic-6121fbf1005097e2cfa23725df3e35e91ae4cbf5.tar.gz | |
Enable agent_token for virtual media boot
This provides an embedded agent_token through out of band
means which ensures greater security for such deployments.
Also some changes to the redfish virtual media boot unit
tests as the entirety of conductor utilties was mocked.
Downside with the pregenerated token, the logic had to be
slightly revised as the existence of a token with an older
client is a case that virtual media deployments will hit.
This was addressed, and tests updated as a result.
Story: 2007025
Task: 37819
Change-Id: Iaa2a52c2e53534cbf6998ad24f1f1184c0f222d8
Diffstat (limited to 'ironic/drivers/modules/irmc/boot.py')
| -rw-r--r-- | ironic/drivers/modules/irmc/boot.py | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ironic/drivers/modules/irmc/boot.py b/ironic/drivers/modules/irmc/boot.py index c7bb45c78..e23ee4961 100644 --- a/ironic/drivers/modules/irmc/boot.py +++ b/ironic/drivers/modules/irmc/boot.py @@ -990,6 +990,13 @@ class IRMCVirtualMediaBoot(base.BootInterface, IRMCVolumeBootMixIn): {'node': task.node.uuid}) return + # NOTE(TheJulia): Since we're deploying, cleaning, or rescuing, + # with virtual media boot, we should generate a token! + manager_utils.add_secret_token(task.node, pregenerated=True) + ramdisk_params['ipa-agent-token'] = \ + task.node.driver_internal_info['agent_secret_token'] + task.node.save() + deploy_nic_mac = deploy_utils.get_single_nic_with_vif_port_id(task) ramdisk_params['BOOTIF'] = deploy_nic_mac |