Bug 1440402 - Policy to prevent a VM retire request did not work
Summary: Policy to prevent a VM retire request did not work
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: Control
Version: 5.6.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: GA
: 5.7.3
Assignee: Lucy Fu
QA Contact: Dmitry Misharov
URL:
Whiteboard: control:policy:retire
Depends On: 1439331
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-04-08 14:50 UTC by Satoe Imaishi
Modified: 2017-06-28 14:59 UTC (History)
6 users (show)

Fixed In Version: 5.7.3.1
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1439331
Environment:
Last Closed: 2017-06-28 14:59:04 UTC
Category: ---
Cloudforms Team: CFME Core
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:1601 0 normal SHIPPED_LIVE Important: CFME 5.7.3 security, bug fix and enhancement update 2017-06-28 18:51:52 UTC

Comment 2 CFME Bot 2017-04-17 18:06:04 UTC
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/58b5c37c809081b02816ea5583b1b0595f19b86f

commit 58b5c37c809081b02816ea5583b1b0595f19b86f
Author:     Satoe Imaishi <simaishi@redhat.com>
AuthorDate: Mon Apr 17 14:01:35 2017 -0400
Commit:     Satoe Imaishi <simaishi@redhat.com>
CommitDate: Mon Apr 17 14:01:35 2017 -0400

    Merge pull request #86 from lfu/prevent_retirement_request
    
    Add policy checking for the retirement request.
    (cherry picked from commit c6c51d4e6580c866334629b627cefb955fd1801d)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1440402

 .../POLICY.class/request_orchestration_stack_retire.yaml     |  4 ++++
 .../Event/MiqEvent/POLICY.class/request_service_retire.yaml  |  6 ++++--
 .../Event/MiqEvent/POLICY.class/request_vm_retire.yaml       |  6 ++++--
 .../__methods__/check_policy_prevent.yaml                    | 12 ++++++++++++
 .../System/event_handlers.class/check_policy_prevent.yaml    | 12 ++++++++++++
 5 files changed, 36 insertions(+), 4 deletions(-)
 create mode 100644 db/fixtures/ae_datastore/ManageIQ/System/event_handlers.class/__methods__/check_policy_prevent.yaml
 create mode 100644 db/fixtures/ae_datastore/ManageIQ/System/event_handlers.class/check_policy_prevent.yaml

Comment 3 CFME Bot 2017-04-17 18:25:55 UTC
New commit detected on ManageIQ/manageiq/euwe:
https://github.com/ManageIQ/manageiq/commit/57dace5297b1df2b5861888d9afbb08f1abc3c25

commit 57dace5297b1df2b5861888d9afbb08f1abc3c25
Author:     Greg McCullough <gmccullo@redhat.com>
AuthorDate: Fri Apr 7 14:37:40 2017 -0400
Commit:     Satoe Imaishi <simaishi@redhat.com>
CommitDate: Mon Apr 17 14:16:27 2017 -0400

    Merge pull request #14641 from lfu/prevent_retirement_request
    
    Add policy checking for retirement request.
    (cherry picked from commit 302e14cc2329267c6c9c8d249f05d8d9070ea320)
    
    https://bugzilla.redhat.com/show_bug.cgi?id=1440402

 db/fixtures/miq_event_definition_sets.csv             |  3 ++-
 db/fixtures/miq_event_definitions.csv                 |  5 +++++
 .../engine/miq_ae_builtin_method.rb                   |  8 ++++++++
 .../service_models/miq_ae_service_event_stream.rb     |  1 +
 .../engine/miq_ae_builtin_method_spec.rb              | 19 +++++++++++++++++++
 5 files changed, 35 insertions(+), 1 deletion(-)
 create mode 100644 spec/lib/miq_automation_engine/engine/miq_ae_builtin_method_spec.rb

Comment 4 Mike Shriver 2017-06-12 13:03:42 UTC
Tested in CFME 5.7.3.1.20170608124102_4b35a9e

I created a policy as described in the original PR, with the Retire Request event and 'prevent current event from processing' action.

With the policy assigned to the VM as part of a policy profile, the VM retirement was blocked and logged in evm.log on the server.

With the policy removed, I was able to retire VM/Instances normally.

Comment 6 errata-xmlrpc 2017-06-28 14:59:04 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:1601


Note You need to log in before you can comment on or make changes to this bug.