From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9])
	by lore.proxmox.com (Postfix) with ESMTPS id C3FC11FF164
	for <inbox@lore.proxmox.com>; Fri, 20 Jun 2025 16:32:30 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 5EEB6DDCB;
	Fri, 20 Jun 2025 16:32:16 +0200 (CEST)
From: Daniel Kral <d.kral@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Fri, 20 Jun 2025 16:31:34 +0200
Message-Id: <20250620143148.218469-27-d.kral@proxmox.com>
X-Mailer: git-send-email 2.39.5
In-Reply-To: <20250620143148.218469-1-d.kral@proxmox.com>
References: <20250620143148.218469-1-d.kral@proxmox.com>
MIME-Version: 1.0
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.011 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: [pve-devel] [PATCH ha-manager v2 22/26] config: prune services from
 rules if services are deleted from config
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

Remove services from rules, where these services are used, if they are
removed by delete_service_from_config(...), which is called by the
services' delete API endpoint and possibly external callers, e.g. if the
service is removed externally.

If all of the rules' services have been removed, the rule itself must be
removed as it would result in an erroneous rules config, which would
become user-visible at the next read and parse of the rules config.

Signed-off-by: Daniel Kral <d.kral@proxmox.com>
---
changes since v1:
    - NEW!

 src/PVE/HA/Config.pm | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/src/PVE/HA/Config.pm b/src/PVE/HA/Config.pm
index 2b3d726..3442d31 100644
--- a/src/PVE/HA/Config.pm
+++ b/src/PVE/HA/Config.pm
@@ -362,6 +362,25 @@ sub delete_service_from_config {
         "delete resource failed",
     );
 
+    PVE::HA::Config::lock_ha_domain(
+        sub {
+            my $rules = read_rules_config();
+
+            return if !defined($rules->{ids});
+
+            for my $ruleid (keys %{ $rules->{ids} }) {
+                my $rule_services = $rules->{ids}->{$ruleid}->{services} // {};
+
+                delete $rule_services->{$sid};
+
+                delete $rules->{ids}->{$ruleid} if !%$rule_services;
+            }
+
+            write_rules_config($rules);
+        },
+        "delete resource from rules failed",
+    );
+
     return !!$res;
 }
 
-- 
2.39.5



_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel