Remove pre-victoria cycle agent token transition upgrade support

Code Issues Proposed changes

In order to support a state of mid-cluster upgrades, IPA had logic
to permit the case of getting a call where we didn't have a token
but got token, which could happen in a deployment which is mid-upgrade.
The code now explicitly lacks that permissive logic because, at this
point, upgrades no longer need to be supported from the pre-victoria
clusters by current IPA.
Related-Bug: #2086865
Related-Bug: #2086866
Change-Id: Ia4c459158098f48cde4a6f6f9c96b25431a88081

This commit is contained in:

Julia Kreger

2025年02月13日 07:03:57 -08:00

parent a6ca65201a

commit 6c22ab2d39

4 changed files with 10 additions and 17 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

18
ironic_python_agent/agent.py

View File

@@ -269,19 +269,11 @@ class IronicPythonAgent(base.ExecuteCommandMixin):

def validate_agent_token(self, token):

# We did not get a token, i.e. None and

# we've previously seen a token, which is

# a mid-cluster upgrade case with long-running ramdisks.

if (not token and self.agent_token

and not self.agent_token_required):

# TODO(TheJulia): Rip this out during or after the V cycle.

LOG.warning('Agent token for requests are not required '

'by the conductor, yet we received a token. '

'Cluster may be mid-upgrade. Support to '

'not fail in this condition will be removed in '

'the Victoria development cycle.')

# Tell the API everything is okay.

return True

# or we've not seen a token yet, so we

# cannot make a comparison, thus False.

if (not token or not self.agent_token):

return False

# Otherwise, compare the values.

return self.agent_token == token

def _get_route_source(self, dest):

1
ironic_python_agent/api/app.py

View File

@@ -236,7 +236,6 @@ class Application(object):

if ('name' not in body or 'params' not in body

or not isinstance(body['params'], dict)):

raise http_exc.BadRequest('Missing or invalid name or params')

token = request.args.get('agent_token', None)

if not self.agent.validate_agent_token(token):

raise http_exc.Unauthorized(

2
ironic_python_agent/tests/functional/base.py

View File

@@ -49,7 +49,7 @@ class FunctionalBase(test_base.BaseTestCase):

lookup_timeout=300,

lookup_interval=1,

standalone=True,

agent_token=None)

agent_token='678123')

self.process = multiprocessing.Process(

target=self.agent.run)

self.process.start()

6
ironic_python_agent/tests/functional/test_commands.py

View File

@@ -37,7 +37,8 @@ class TestCommands(base.FunctionalBase):

# success is required for steps 3 and 4 to succeed.

command = {'name': 'clean.get_clean_steps',

'params': {'node': self.node, 'ports': {}}}

response = self.request('post', 'commands', json=command,

response = self.request('post', 'commands/?agent_token=678123',

json=command,

headers={'Content-Type': 'application/json'})

self.assertIsNone(response['command_error'])

@@ -63,7 +64,8 @@ class TestCommands(base.FunctionalBase):

def step_5_run_non_existent_command(self):

fake_command = {'name': 'bad_extension.fake_command', 'params': {}}

self.request('post', 'commands', expect_error=404, json=fake_command)

self.request('post', 'commands/?agent_token=678123',

expect_error=404, json=fake_command)

def positive_get_post_command_steps(self):

"""Returns generator with test steps sorted by step number."""