Skip to content

auth: Add entitlements to LXD entities (part 2: Enrich LXD resources with entitlements) #14748

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 31 commits into from
Jan 28, 2025
Merged

auth: Add entitlements to LXD entities (part 2: Enrich LXD resources with entitlements) #14748

merged 31 commits into from
Jan 28, 2025

Conversation

gabrielmougard
Copy link
Contributor

@gabrielmougard gabrielmougard commented Jan 6, 2025
edited by tomponline
Loading

This is the second part of a group of three stacked PRs.

@github-actions github-actions bot added Documentation Documentation needs updating API Changes to the REST API labels Jan 6, 2025
This was referenced Jan 6, 2025
Closed
Closed
@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch 11 times, most recently from d5f0001 to 3cae833 Compare January 8, 2025 16:58
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 8, 2025
View reviewed changes
@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch 2 times, most recently from e653ad9 to 7f5457a Compare January 8, 2025 21:09
@gabrielmougard gabrielmougard marked this pull request as ready for review January 8, 2025 21:09
@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch 2 times, most recently from 171b326 to 1a09849 Compare January 9, 2025 13:09
minaelee
minaelee reviewed Jan 10, 2025
View reviewed changes
@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch from 1a09849 to e18b874 Compare January 10, 2025 08:44
@gabrielmougard
Copy link
Contributor Author

@minaelee thanks for the feedbacks. Fixing that right now

@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch 4 times, most recently from 6f763e7 to c793358 Compare January 10, 2025 14:28
edlerd
edlerd reviewed Jan 10, 2025
View reviewed changes
Copy link
Contributor

@edlerd edlerd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approach and format seems all right from my point of view. Left some comments below.

@gabrielmougard
lxd/instance: Add entitlements for 'instance' entities
2e44e19 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/project: Add entitlements for 'project' entities
23cc09f 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/storage-pools: Add entitlements for 'storage-pool' entities
9b11509 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/storage-buckets: Add entitlements for 'storage-bucket' entities
501b2ce 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/storage_buckets: fix linter warning for filreredDBBuckets initi…
c2ab553 
…alization

This comes from golangci-lint: "Consider preallocating [filterDBBuckets] (prealloc)"
But since we use 'continue' statement in the loop, we can't really forecast a preallocation size,
so instead we use `make([]*db.StorageBucket, 0)` which is the same as `var .. []*db.StorageBucket`
but it stops the linter from complaining...

Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/storage-volumes: Add entitlements for 'storage-volume' entities
9769826 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/auth-groups: Add entitlements for 'auth-group' entities
ec7e518 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/certificates: Add entitlements for 'certificate' entities
fb86237 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/identities: Add entitlements for 'identity' entities
df103ab 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/identity-provider-groups: Add entitlements for 'identity-provider…
67d910d 
…-group' entities

Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/images: Add entitlements for 'image' entities
97d4cec 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/network-acls: Add entitlements for 'network-acl' entities
8e56af8 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/network-zones: Add entitlements for 'network-zone' entities
7393899 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/networks: Add entitlements for 'network' entities
51687bf 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
lxd/profiles: Add entitlements for 'profile' entities
281fbf9 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard
test/auth: Add check for entitlements
5dc551a 
Signed-off-by: Gabriel Mougard <[email protected]>
@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch from ced5d8b to 970b227 Compare January 28, 2025 15:41
tomponline
tomponline previously approved these changes Jan 28, 2025
View reviewed changes
Copy link
Member

@tomponline tomponline left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM thanks!

@gabrielmougard gabrielmougard force-pushed the feat/auth-dry-run-check-part3 branch from 970b227 to 4cc2a37 Compare January 28, 2025 16:06
@gabrielmougard
Copy link
Contributor Author

gabrielmougard commented Jan 28, 2025
edited
Loading

@tomponline auth test passed (it was a simple formatting error with jq in the test since we now use sort | @csv). Let's wait for the rest.

@tomponline tomponline merged commit 7c7aabf into canonical:main Jan 28, 2025
29 checks passed
@tomponline
Copy link
Member

@gabrielmougard thanks, please update your jira task and epic to reflect this is done now.

hamistao pushed a commit to hamistao/lxd that referenced this pull request Jan 31, 2025
@tomponline @hamistao
auth: Add entitlements to LXD entities (part 2: Enrich LXD resources …
6069c2c 
…with entitlements) (canonical#14748)

This is the second part of a group of three stacked PRs.

* First part: canonical#14745

Signed-off-by: hamistao <[email protected]>
@gabrielmougard gabrielmougard mentioned this pull request Jan 31, 2025
Merged
tomponline added a commit that referenced this pull request Jan 31, 2025
@tomponline
lxd: Entitlement enrichment for remaining API entities (#14880)
e51283c 
This should fix the issues discussed here:
https://chat.canonical.com/canonical/pl/c3bjkis1g3nmbytao6q5gcaxuc

This also add entitlement enrichment for API entities that weren't added
as part as #14748
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomponline tomponline tomponline approved these changes

@edlerd edlerd edlerd approved these changes

@minaelee minaelee minaelee left review comments

@markylaing markylaing Awaiting requested review from markylaing

Assignees
No one assigned
Labels
API Changes to the REST API Documentation Documentation needs updating
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@gabrielmougard @tomponline @edlerd @minaelee @markylaing