I'm looking at ovirt-engine/api/vms/$vmid on a RHV instance, in particular at the /vms/vm/display/ node. The instance I'm testing with has REST CA != SPICE CA, so I would expect to have find a /vms/vm/display/certificate node as described in https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/paged/rest-api-guide/chapter-6-types#types-certificate The node is not there, so I cannot know the CA to use to connect to the VM.
Actually the certificate node is there if I access ovirt-engine/api/vms/$vmid rather than ovirt-engine/api/vms/ However, it does not have any of the other nodes described in https://access.redhat.com/documentation/en/red-hat-virtualization/4.0/paged/rest-api-guide/chapter-6-types#types-certificate Not sure if one of these should contain the CA certificate or not.
This is on the VM collection. Moving to virt.
You can get this info from API using: POST: .../ovirt-engine/api/vms/<vm id>/graphicsconsoles/<console id>/remoteviewerconnectionfile hence, postponing.
(In reply to Tomas Jelinek from comment #4) > You can get this info from API using: > POST: .../ovirt-engine/api/vms/<vm id>/graphicsconsoles/<console > id>/remoteviewerconnectionfile > > hence, postponing. Christophe, is that good enough? just a doc update?
(In reply to Michal Skrivanek from comment #5) > (In reply to Tomas Jelinek from comment #4) > > You can get this info from API using: > > POST: .../ovirt-engine/api/vms/<vm id>/graphicsconsoles/<console > > id>/remoteviewerconnectionfile > > > > hence, postponing. > > Christophe, is that good enough? > just a doc update? This really looks like a workaround to me than a proper way of getting the CA data. By that reasoning, the whole <vm><display> node could go away and be replaced by <vm><graphicsconsoles>.
that's true:)
This will not make it in a reasonable time. Please re-open if you still feel this should be fixed
(In reply to Ryan Barry from comment #8) > This will not make it in a reasonable time. Please re-open if you still feel > this should be fixed Without this, one cannot establish a secure SPICE connection to a RHV VM through the REST API, so yes this should be fixed.
This will not be addressed in a reasonable timeframe. Please re-open if it's still important.
I've already reopened it less than 2 months ago, has there been any changes which would make this less important than at that time?
Sorry, Christophe, I forgot to clear the flag before, so it got caught again
This seems to be fixed in ovirt-engine-4.3.2.1. Can you please check target milestone for this bug?
Verification version: ovirt-engine-4.3.2.1-0.0.master.20190310172919.git0b3fbad.el7 vdsm-4.40.0-59.git5533158.el7.x86_64 qemu-kvm-ev-2.12.0-18.el7_6.3.1.x86_64 libvirt-client-4.5.0-10.el7_6.4.x86_64 Verification scenario: 1. Open REST client and verify <certificate> node (with <content>) is present under: https://engine-fqdn.redhat.com/ovirt-engine/api/vms/ and also under: https://engine-fqdn.redhat.com/ovirt-engine/api/vms/{id}
This bugzilla is included in oVirt 4.3.2 release, published on March 19th 2019. Since the problem described in this bug report should be resolved in oVirt 4.3.2 release, it has been closed with a resolution of CURRENT RELEASE. If the solution does not work for you, please open a new bug report.