StarlingX

system host-device-image-update command fails with error message "forbidden"

Bug #2102054 reported by ayyappa
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Undecided
Unassigned

Bug Description

Brief Description
-----------------
admin user not able to execute the command "system host-device-image-update"

Severity
------
major
Steps to Reproduce
-------------------
admin user not able to execute the command "system host-device-image-update"

Expected Behavior
----------------
admin user should be able to execute the command

Actual Behavior
--------------
admin user fails to execute the command

Reproducibility
-------------------
100% Reproducible

System Configuration
------------------

all lab types

Load info (eg: 2022-03-10_20-00-07)

stx.9.0

Branch/Pull Time/Commit
-----------------------
NA.

Last Pass
--------
N/A

Timestamp/Logs
------------
NA.

Alarms
------
N/A

Test Activity
--------------
dev testing

Workaround
-----------
Not required.

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to config (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/config/+/944082

Changed in starlingx:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to config (master)

Reviewed: https://review.opendev.org/c/starlingx/config/+/944082
Committed: https://opendev.org/starlingx/config/commit/6e8156afa7afdab02ede510d03ceb29fb2f4f7bc
Submitter: "Zuul (22348)"
Branch: master

commit 6e8156afa7afdab02ede510d03ceb29fb2f4f7bc
Author: amantri <email address hidden>
Date: Tue Mar 11 19:03:11 2025 -0400

    Handle custom actions in host controller api

    There are custom actions in the host controller api which are not
    handled in the commit
    https://review.opendev.org/c/starlingx/config/+/941717 ,this is
    blocking the access to 'admin' role user for commands like
    "system host-device-image-update <hostname>" , this change handles
    this by also taking these custom actions into account.

    Test Cases:
    PASS: run the following command as admin role user and verify that
          it works
          system host-device-image-update <hostname>
          system host-device-image-abort <hostname>
    PASS: run the following command as operator role user and verify
          that it blocks the access
          system host-device-image-update <hostname>
          system host-device-image-abort <hostname>
    PASS: verify that only admin role user is allowed to execute the
          following
            system registry-image-delete
            system host-delete
    PASS: execute the following commands as operator,admin role user and
          expect it to work
           system host-lock / host-unlock
           system host-swact
           system host-power-off / host-power-on
           system host-reboot / host-reset
           system host-update "id" "path=value"
           system host-reinstall "id"
           system host-ptp-instance-assign/host-ptp-instance-remove
           system registry-garbage-collect

    Closes-Bug: 2102054

    Change-Id: Ie0536d939d349bd7dd7dd8e5c2f57caf0c62a6c8
    Signed-off-by: amantri <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.