From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id 7FA2394FF0 for ; Tue, 17 Jan 2023 12:47:31 +0100 (CET) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 6197CAE69 for ; Tue, 17 Jan 2023 12:47:01 +0100 (CET) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Tue, 17 Jan 2023 12:47:00 +0100 (CET) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 431D244B40 for ; Tue, 17 Jan 2023 12:47:00 +0100 (CET) From: Dominik Csapak To: pve-devel@lists.proxmox.com Date: Tue, 17 Jan 2023 12:46:51 +0100 Message-Id: <20230117114659.2397499-1-d.csapak@proxmox.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-SPAM-LEVEL: Spam detection results: 0 AWL -0.086 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment POISEN_SPAM_PILL 0.1 Meta: its spam POISEN_SPAM_PILL_1 0.1 random spam to be learned in bayes POISEN_SPAM_PILL_3 0.1 random spam to be learned in bayes SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record URIBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [jobs.pm, realmsync.pm, plugin.pm, sectionconfig.pm] Subject: [pve-devel] [PATCH common/access-control/wt/manager v3] add realm sync jobs X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jan 2023 11:47:31 -0000 with this, users now can schedule realm sync jobs, instead of manually pressing 'sync' or configuring a cronjob for 'pveum realm sync' the access-control patch needs special care, since i try to sync independent pve-scheduler calls across the cluster. in my tests here it worked, but that does not mean i didn't overlook some things. access-control depends on pve-common and pve-manager depends on access-control and widget-toolkit the most notable changes (beside what thomas said in the review) is that i moved the api from /access/jobs to /cluster/jobs, since we already have that, and it made more sense to have it there (especially if we want to have more type of 'jobs' later on, having them all in one place makes more sense). if we rather want to have it in /access/jobs (like i sent it last) i can make the change and send a v4 (should be relatively trivial) changes from v2: * incorporated thomas suggestions: - typo fixes - use of register_standard_option for reuse - better description - omitting of the 'node' parameter, always schedule in cluster - use 'realm-sync' as 'domain' for cluster locking - refactor/reuse state saving/reading - refactor crud ap update delete checks (if we go forward with this series, i'll send patches to make use of this in other parts of our code) - renamed 'realmsync' to 'realm-sync' (this made it necessary to change the regex in the job cleanup slightly, see pve-manager patch 1/4) * moved crud api to /cluster/jobs (was /access/jobs) * removed calls to PVE::Jobs from AccessControl (was an implicit cyclic dependency, but actually not necessary) changes from v1: * include thomas suggestions * add patches to allow 'none' for remove-vanished * add patch for wt that allows filtering for the realm combobox * load the default values (if any) from the realm on sync job create, but not on edit pve-common: Dominik Csapak (1): SectionConfig: add helper to delete keys from a section config entry src/PVE/SectionConfig.pm | 15 +++++++++++++++ 1 file changed, 15 insertions(+) pve-access-control: Dominik Csapak (2): realm sync: refactor scope/remove-vanished into a standard option add realm-sync plugin for jobs and CRUD api for realm-sync-jobs src/PVE/API2/AccessControl/Makefile | 6 + src/PVE/API2/AccessControl/RealmSync.pm | 292 ++++++++++++++++++++++++ src/PVE/API2/Makefile | 4 + src/PVE/Auth/Plugin.pm | 42 ++-- src/PVE/Jobs/Makefile | 6 + src/PVE/Jobs/RealmSync.pm | 201 ++++++++++++++++ src/PVE/Makefile | 1 + 7 files changed, 533 insertions(+), 19 deletions(-) create mode 100644 src/PVE/API2/AccessControl/Makefile create mode 100644 src/PVE/API2/AccessControl/RealmSync.pm create mode 100644 src/PVE/Jobs/Makefile create mode 100644 src/PVE/Jobs/RealmSync.pm proxmox-widget-toolkit: Dominik Csapak (1): RealmComboBox: add custom store filters for callers src/form/RealmComboBox.js | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) pve-manager: Dominik Csapak (4): Jobs: include existing types in state file regex for deletion Jobs: add RealmSync Plugin and register it api: add realm-sync crud api to /cluster/jobs ui: add Realm Sync panel PVE/API2/Cluster/Jobs.pm | 7 + PVE/Jobs.pm | 7 +- www/manager6/Makefile | 1 + www/manager6/dc/Config.js | 7 + www/manager6/dc/RealmSyncJob.js | 364 ++++++++++++++++++++++++++++++++ 5 files changed, 385 insertions(+), 1 deletion(-) create mode 100644 www/manager6/dc/RealmSyncJob.js -- 2.30.2