kvm: fix error when enable SSL for kvm agent

[weizhouapache]

Description

This PR fixes the error: 'Failed to find passphrase for keystore: cloud.jks'

This was implemented in PR #6200 and #6371 , but broken in PR #6348.
The issue has been fixed in PR #7693, not sure if this change is required or not

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Bug Severity

• BLOCKER
• Critical
• Major
• Minor
• Trivial

Screenshots (if appropriate):

How Has This Been Tested?

[weizhouapache]

@blueorangutan package

[blueorangutan]

@weizhouapache a [SF] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[GutoVeronezi]

@weizhouapache could describe the steps to reproducee the error?

[blueorangutan]

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 6941

[codecov]

Codecov Report

Merging #7923 (26702b8) into 4.18 (0b3438b) will decrease coverage by 0.01%.
Report is 4 commits behind head on 4.18.
The diff coverage is 0.00%.

@@             Coverage Diff              @@
##               4.18    #7923      +/-   ##
============================================
- Coverage     13.07%   13.06%   -0.01%     
+ Complexity     9110     9108       -2     
============================================
  Files          2720     2720              
  Lines        257526   257533       +7     
  Branches      40150    40150              
============================================
- Hits          33661    33656       -5     
- Misses       219636   219649      +13     
+ Partials       4229     4228       -1     

Files	Coverage Δ
...oud/hypervisor/vmware/resource/VmwareResource.java	4.48% <0.00%> (ø)
...ervisor/kvm/resource/LibvirtComputingResource.java	18.45% <0.00%> (ø)
.../hypervisor/kvm/storage/LinstorStorageAdaptor.java	0.00% <0.00%> (ø)

... and 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[weizhouapache]

@weizhouapache could describe the steps to reproducee the error?

@GutoVeronezi
you can search "cloud.jks" in agent.log on any 4.18.0.0 kvm host. for example,

2023-08-30 12:56:33,603 INFO  [kvm.resource.LibvirtComputingResource] (main:null) (logid:) Failed to find passphrase for keystore: cloud.jks

[yadvr]

LGTM

[yadvr]

@weizhouapache is that a critical/blocker issue for 4.18.1, could env loose the passphrase key from agent.properties on usage or upgrade?

@blueorangutan test

[blueorangutan]

@rohityadavcloud a [SF] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[weizhouapache]

@weizhouapache is that a critical/blocker issue for 4.18.1, could env loose the passphrase key from agent.properties on usage or upgrade?

@blueorangutan test

@rohityadavcloud
not critical I think, the keystore passphrase is saved in agent.properties without issue.
the issue is, the URL check of direct-download templates may fail

[blueorangutan]

[SF] Trillian test result (tid-7608)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 45992 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr7923-t7608-kvm-centos7.zip
Smoke tests completed. 107 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_02_upgrade_kubernetes_cluster	Failure	558.50	test_kubernetes_clusters.py

[weizhouapache]

@blueorangutan test rocky8 kvm-rocky8

[blueorangutan]

@weizhouapache a [SF] Trillian-Jenkins test job (rocky8 mgmt + kvm-rocky8) has been kicked to run smoke tests

[weizhouapache]

@blueorangutan test ubuntu22 kvm-ubuntu22

[blueorangutan]

@weizhouapache a [SF] Trillian-Jenkins test job (ubuntu22 mgmt + kvm-ubuntu22) has been kicked to run smoke tests

[DaanHoogland]

clgtm

[weizhouapache]

The URL check issue has been fixed by #7693 in another way

I am not sure if this PR will break the feature. let's NOT merge it into 4.18.1.0

cc @rohityadavcloud @DaanHoogland @nvazquez

[GutoVeronezi]

We could have some unit tests for this method.

[blueorangutan]

[SF] Trillian test result (tid-7611)
Environment: kvm-rocky8 (x2), Advanced Networking with Mgmt server r8
Total time taken: 41113 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr7923-t7611-kvm-rocky8.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[blueorangutan]

[SF] Trillian test result (tid-7860)
Environment: kvm-rocky8 (x2), Advanced Networking with Mgmt server r8
Total time taken: 44760 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr7923-t7860-kvm-rocky8.zip
Smoke tests completed. 108 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File

[DaanHoogland]

@weizhouapache is this covoured by any tests?

[weizhouapache]

@weizhouapache is this covoured by any tests?

@DaanHoogland no...

[shwstppr]

@weizhouapache is this ready for review/testing or more work is needed?

[DaanHoogland]

@weizhouapache is this ready for review/testing or more work is needed?

@harikrishna-patnala , it needs some test(ing) i would put it on my list save the number of PRs on there. We could do with manual testing for now.

[vladimirpetrov]

@blueorangutan package

[blueorangutan]

@vladimirpetrov a [SF] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 7421

[vladimirpetrov]

LGTM based on manual testing. Uploaded a new download certificate, registered a new HTTPS template, no cloud.jks failures in agents' logs.

[DaanHoogland]

@weizhouapache is this ready now? see also #7923 (comment), will you add to that (in this PR)?

[weizhouapache]

@weizhouapache is this ready now? see also #7923 (comment), will you add to that (in this PR)?

@DaanHoogland
sorry no, I am not going to do it

[DaanHoogland]

@weizhouapache is this ready now? see also #7923 (comment), will you add to that (in this PR)?

@DaanHoogland sorry no, I am not going to do it

ok, as @vladimirpetrov tested manually I gues we can merge this, right?

[weizhouapache]

@weizhouapache is this ready now? see also #7923 (comment), will you add to that (in this PR)?

@DaanHoogland sorry no, I am not going to do it

ok, as @vladimirpetrov tested manually I gues we can merge this, right?

@DaanHoogland @shwstppr
if there is no objection, let's merge this ?

[shwstppr]

@blueorangutan package

[blueorangutan]

@shwstppr a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 7945

[DaanHoogland]

@blueorangutan test

[blueorangutan]

@DaanHoogland a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-8485)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 42393 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr7923-t8485-kvm-centos7.zip
Smoke tests completed. 109 look OK, 0 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File