Merge pull request #351 from Semedi/master

F #5136: ec2 migrator done, new oca utils file

install.sh

@@ -1354,7 +1354,8 @@ RUBY_OPENNEBULA_LIB_FILES="src/oca/ruby/opennebula/acl_pool.rb \
                             src/oca/ruby/opennebula/marketplace_pool.rb \
                             src/oca/ruby/opennebula/marketplace.rb \
                             src/oca/ruby/opennebula/marketplaceapp_pool.rb \
-                            src/oca/ruby/opennebula/marketplaceapp.rb"
+                            src/oca/ruby/opennebula/marketplaceapp.rb \
+                            src/oca/ruby/opennebula/utils.rb"
 
 #-------------------------------------------------------------------------------
 # Common Cloud Files

src/cli/one_helper.rb

@@ -492,20 +492,6 @@ EOT
         end
 
 
-        # receive a object key => value format
-        # returns hashed values
-        def encrypt(opts, token)
-            res = {}
-            opts.each do |key, value|
-                cipher = OpenSSL::Cipher::AES.new(256,:CBC)
-                cipher.encrypt.key = token[0..31]
-                encrypted = cipher.update(value) + cipher.final
-                res[key] = Base64::encode64(encrypted) 
-            end
-            
-            return res
-        end
-
         def list_pool(options, top=false, filter_flag=nil)
             if options[:describe]
                 table = format_pool(options)

src/oca/ruby/opennebula.rb

@@ -27,6 +27,7 @@ require 'pp'
 require 'opennebula/xml_utils'
 require 'opennebula/client'
 require 'opennebula/error'
+require 'opennebula/utils'
 require 'opennebula/virtual_machine'
 require 'opennebula/virtual_machine_pool'
 require 'opennebula/virtual_network'

src/oca/ruby/opennebula/utils.rb

@@ -0,0 +1,35 @@
+# -------------------------------------------------------------------------- #
+# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems                #
+#                                                                            #
+# Licensed under the Apache License, Version 2.0 (the "License"); you may    #
+# not use this file except in compliance with the License. You may obtain    #
+# a copy of the License at                                                   #
+#                                                                            #
+# http://www.apache.org/licenses/LICENSE-2.0                                 #
+#                                                                            #
+# Unless required by applicable law or agreed to in writing, software        #
+# distributed under the License is distributed on an "AS IS" BASIS,          #
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+# See the License for the specific language governing permissions and        #
+# limitations under the License.                                             #
+#--------------------------------------------------------------------------- #
+
+module OpenNebula
+    # we use this file to extend opennebula oca functionalities
+    # It contains generic methods that can be used in oca context
+    # to help other components
+
+    # receive a object key => value format
+    # returns hashed values
+    def self.encrypt(opts, token)
+        res = {}
+        opts.each do |key, value|
+            cipher = OpenSSL::Cipher::AES.new(256,:CBC)
+            cipher.encrypt.key = token[0..31]
+            encrypted = cipher.update(value) + cipher.final
+            res[key] = Base64::encode64(encrypted).gsub("\n", "")
+        end
+        return res
+    end
+
+end

src/onedb/local/4.90.0_to_5.3.80.rb

@@ -19,7 +19,7 @@ require 'set'
 require 'base64'
 require 'zlib'
 require 'pathname'
-
+require 'yaml'
 require 'opennebula'
 
 $: << File.dirname(__FILE__)
@@ -38,6 +38,8 @@ module Migrator
     def up
         init_log_time()
 
+        feature_5136()
+
         feature_4901()
 
         feature_5005()
@@ -47,7 +49,6 @@ module Migrator
         bug_3705()
 
         feature_4809()
-
         log_time()
 
         return true
@@ -64,6 +65,54 @@ module Migrator
         end
     end
 
+    ############################################################################
+    # Feature 5136. Improve ec2 keys_ids_security
+    #
+    ############################################################################
+    def feature_5136
+        ec2_driver_conf = "#{ETC_LOCATION}/ec2_driver.conf"
+        token = File.read(VAR_LOCATION+'/.one/one_key')
+        opts = {}
+
+        begin
+            ec2_conf = YAML::load(File.read(ec2_driver_conf))
+        rescue Exception => e
+            str_error="ec2_driver.conf invalid syntax!"
+            raise str_error
+        end
+
+        regions = ec2_conf["regions"]
+        @db.run "ALTER TABLE host_pool RENAME TO old_host_pool;"
+        create_table(:host_pool)
+
+        @db.transaction do
+            @db.fetch("SELECT * FROM old_host_pool") do |row|
+                doc = Nokogiri::XML(row[:body], nil, NOKOGIRI_ENCODING) { |c|
+                    c.default_xml.noblanks
+                }
+                template = doc.root.at_xpath("TEMPLATE")
+
+                if xpath(doc, "TEMPLATE/HYPERVISOR").to_s == "ec2"
+
+                    host_name = xpath(doc, "NAME").to_s
+                    host_info = ( regions[host_name].nil? ? regions["default"] : regions[host_name] )
+
+                    opts["EC2_ACCESS"]=host_info["access_key_id"]
+                    opts["EC2_SECRET"]=host_info["secret_access_key"]
+
+                    OpenNebula.encrypt(opts, token).each { |k, v|
+                        template.add_child(doc.create_element k, v)
+                    }
+                end
+
+                row[:body] = doc.root.to_s
+                @db[:host_pool].insert(row)
+            end
+        end
+
+        @db.run "DROP TABLE old_host_pool;"
+    end
+
     ############################################################################
     # Feature 4921. Adds TOTAL_CPU and TOTAL_MEM to HOST/HOST_SHARE to compute
     # MAX_CPU and MAX_MEM when RESERVED_CPU/MEM is updated