etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
38,415 Commits 322 Branches 325 Tags 975 MiB
Commit Graph

38415 Commits

Author SHA1 Message Date
Daan Hoogland e3999923a7 Merge release branch 4.22 to main 
* 4.22:
  fix install path for systemvm templates when introducing new sec storage (#11605)
  fix Sensitive Data Exposure Through Exception Logging in OVM Hypervis… (#12032)
  Fix snapshot physical size after migration (#12166)
  ConfigDrive: use file absolute path instead of canonical path to create ISO (#11623)
  Add log for null templateVO (#12406)
  snapshot: fix listSnapshots for volume which got delete and whose storage pool got deleted (#12433)
  Notify user if template upgrade is not required (#12483)
  Fix: proper permissions for systemvm template registrations on hardened systems (#12098)
  Allow modification of user vm details if user.vm.readonly.details is empty (#10456)
  NPE fix while deleting storage pool when pool has detached volumes (#12451)
 2026-01-26 13:32:56 +01:00
Daan Hoogland edb62b490c Merge branch '4.20' into 4.22 2026-01-26 13:30:26 +01:00
Bernardo De Marco Gonçalves bbc23a7468
fix install path for systemvm templates when introducing new sec storage (#11605) 2026-01-26 14:14:40 +02:00
Edward-x 44793da58f
fix Sensitive Data Exposure Through Exception Logging in OVM Hypervis… (#12032) 
* fix Sensitive Data Exposure Through Exception Logging in OVM Hypervisor Configuration

* extra ‘)’ in log.

Co-authored-by: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>

* remove non-descriptive part

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>

---------

Co-authored-by: chenyoulong20g@ict.ac.cn <chenyoulong20g@ict.ac.cn>
Co-authored-by: dahn <daan.hoogland@gmail.com>
Co-authored-by: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
 2026-01-26 13:22:22 +02:00
Henrique Sato 36edd92e48
Fix snapshot physical size after migration (#12166) 2026-01-26 12:58:42 +02:00
Wei Zhou 097c3a018b
ConfigDrive: use file absolute path instead of canonical path to create ISO (#11623) 
* ConfigDrive: use file absolute path instead of canonical path to create ISO

* el8: add xorrisofs as option
 2026-01-26 12:56:14 +02:00
Manoj Kumar 63bdc2b990
Add log for null templateVO (#12406) 2026-01-26 12:55:55 +02:00
Rohit Yadav 315cd52fd1
snapshot: fix listSnapshots for volume which got delete and whose storage pool got deleted (#12433) 
This fixes the case when the storage pool is removed as well the KVM
host and the subsequent volumes on the host. When that happened, listing
snapshots (for recovery purposes) cause NPE as the pool_id was null, but
last_pool_id for the related destroyed volume wasn't null. This adds a
fallback logic.

Signed-off-by: Rohit Yadav <rohit@yadav.cloud>
 2026-01-26 12:53:47 +02:00
Manoj Kumar d010e9fcf2
Notify user if template upgrade is not required (#12483) 2026-01-26 10:33:30 +01:00
Artem Sidorenko 0958dfc138
Fix: proper permissions for systemvm template registrations on hardened systems (#12098) 
Related to https://github.com/apache/cloudstack/issues/10029#issuecomment-2531599607

We have umask 0077, so cloud-install-sys-tmplt is creating by default paths like below

```
$ ls -l /mnt/secondary/template/tmpl/
total 16
drwx------. 3 root root 4096 Nov 19 13:58 1
drwxrwxrwx. 7 root root 4096 Oct 31 09:42 2
drwxrwxrwx. 3 root root 4096 Oct 30 15:59 4
drwxr-xr-x. 2 root root 4096 Oct 31 10:21 5
$ ls -l /mnt/secondary/template/tmpl/1/
total 4
drwx------. 2 root root 4096 Nov 19 13:59 3
$ ls -l /mnt/secondary/template/tmpl/1/3/
total 549848
-rw-------. 1 root root 563032576 Nov 19 13:59 d23a1e19-c563-4f69-85ca-8721cf02082c.qcow2
-rw-------. 1 root root       287 Nov 19 13:59 template.properties
```

This results to the permissions problems later on, when trying to access the image

Signed-off-by: Artem Sidorenko <artem.sidorenko@telekom.de>
 2026-01-26 11:21:47 +02:00
Pearl Dsilva 4adb719570
Allow modification of user vm details if user.vm.readonly.details is empty (#10456) 2026-01-26 11:18:12 +02:00
Suresh Kumar Anaparti c8cadcb56e
NPE fix while deleting storage pool when pool has detached volumes (#12451) 
* NPE fix while deleting storage pool when pool has detached volumes

* review

* unit tests

* Added log for volumes not attached to any VMs

* update filter, log and test

* updated volume dao method names returning non destroyed volumes

* build fix

---------

Co-authored-by: dahn <daan@onecht.net>
 2026-01-26 10:31:14 +02:00
Suresh Kumar Anaparti 4bcf3ea57d
Merge branch '4.22' 2026-01-26 12:46:54 +05:30
Suresh Kumar Anaparti 000919d6e5
Merge branch '4.20' into 4.22 2026-01-26 12:46:09 +05:30
Manoj Kumar 8db065a14e
limit iso filename to have 251 chars at max (#12430) 2026-01-23 16:34:52 +01:00
Daman Arora bce3e54a7e
improve error handling for template upload notifications (#12412) 
Co-authored-by: Daman Arora <daman.arora@shapeblue.com>
 2026-01-22 15:02:46 +01:00
Nicolas Vazquez 6a9835904c
Fix for zoneids parameters length on updateAPIs (#12440) 2026-01-22 14:57:46 +01:00
Nicolas Vazquez 6846619a6f
Fix update network offering domainids size limitation (#12431) 2026-01-22 14:32:46 +01:00
Vishesh d1eb2822d9
Remove redundant Exceptions from logs for vm schedules (#12428) 2026-01-22 14:29:35 +01:00
Abhisar Sinha cd5bb09d0d
Fix potential leaks in executePipedCommands (#12478) 2026-01-22 10:59:41 +01:00
Wei Zhou b5e9178078
UI: fix issues when deploy VNF applicance on network with SG (#12436) 2026-01-22 10:56:03 +01:00
Suresh Kumar Anaparti 420bf6dff8
Merge branch '4.22' 2026-01-22 13:24:08 +05:30
Suresh Kumar Anaparti b1f870ae83
Merge branch '4.20' into 4.22 2026-01-22 13:23:21 +05:30
Harikrishna 6e5d78a8a7
Fix NPE on adding new columns in the tables (#12464) 
* Fix NPE on adding new columns in the tables

* Remove assert
 2026-01-22 12:46:16 +05:30
Wei Zhou 036489b288
CKS: fix resource limitation check on cpu when scale cks cluster (#12379) 2026-01-21 09:59:21 +01:00
dependabot[bot] 1b0a036a5b
Bump ads.version from 2.0.0.AM25 to 2.0.0.AM27 (#12269) 
Bumps `ads.version` from 2.0.0.AM25 to 2.0.0.AM27.

Updates `org.apache.directory.server:apacheds-server-integ` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

Updates `org.apache.directory.server:apacheds-core-constants` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

Updates `org.apache.directory.server:apacheds-core-annotations` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

Updates `org.apache.directory.server:apacheds-core` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

Updates `org.apache.directory.server:apacheds-protocol-ldap` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

Updates `org.apache.directory.server:apacheds-jdbm-partition` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

Updates `org.apache.directory.server:apacheds-ldif-partition` from 2.0.0.AM25 to 2.0.0.AM27
- [Commits](https://github.com/apache/directory-server/compare/2.0.0.AM25...2.0.0.AM27)

---
updated-dependencies:
- dependency-name: org.apache.directory.server:apacheds-server-integ
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.server:apacheds-core-constants
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.server:apacheds-core-annotations
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.server:apacheds-core
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.server:apacheds-protocol-ldap
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.server:apacheds-jdbm-partition
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
- dependency-name: org.apache.directory.server:apacheds-ldif-partition
  dependency-version: 2.0.0.AM27
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 12:07:23 +05:30
dependabot[bot] e2f4ed9dcf
Bump commons-codec:commons-codec from 1.15 to 1.20.0 (#12303) 
Bumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.15 to 1.20.0.
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.15...rel/commons-codec-1.20.0)

---
updated-dependencies:
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-21 12:06:44 +05:30
Suresh Kumar Anaparti 8db7cab7ba
Storage pool monitor disconnect improvements (#12398) 2026-01-20 09:08:39 +01:00
Nicolas Vazquez 496bc0329c
Fix: Condition for aborting migration, resume paused VMs on destination (#12331) 2026-01-20 08:56:32 +01:00
Abhisar Sinha cf36fb0000
Set nfsVersion in ssvm agent.properties only if it is not null (#12445) 2026-01-20 08:25:16 +01:00
Daman Arora da518e9036
CKS: Add image store validation for Kubernetes version registration (#12418) 
Co-authored-by: Daman Arora <daman.arora@shapeblue.com>
 2026-01-20 08:13:15 +01:00
Henrique Sato 03d24ff851
Fix NPE on primary storage delete (#11817) 2026-01-20 08:12:16 +01:00
Vitor Hugo Homem Marzarotto 2a6ce0c8a8
Adds url kubernetes iso (#10862) 
Co-authored-by: Vitor Hugo Homem Marzarotto <vitor.marzarotto@scclouds.com.br>
Co-authored-by: Henrique Sato <henriquesato2003@gmail.com>
 2026-01-20 08:10:42 +01:00
Suresh Kumar Anaparti 04b58acdd6
Merge branch '4.22' 2026-01-19 19:50:51 +05:30
Suresh Kumar Anaparti 3828a3b744
Merge branch '4.20' into 4.22 2026-01-19 19:50:10 +05:30
Manoj Kumar 42f1e19362
Mask vncPasswd being logged in agent.log (#12404) 2026-01-19 14:20:18 +01:00
Pearl Dsilva 8b2f1f19c2
Support dedicating backup offerings to domains (#12194) 
* Add support for dedicating backup offerings to domains

* Add tests and UI support and update response params

* add license header

* exclude backupofferingdetailsvo from sonar

* fix pre-commit checks - missing / extra EOF line

* add test

* EOF

* filter backup offerings by domain id

* add unit tests

* add more unit tests and remove response file from code coverage check

* update checks

* address review comments: extract common code, fix tests

* added bean definition

* address comments

* add unit tests to increase coverage

* pre-commit check failure fix

* address merge issue

* allow updating backup offering when only domain id is modified
 2026-01-19 14:21:47 +05:30
Abhishek Kumar a4b1a27c7d
ui: fix 404 on login after forgot password (#12448) 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
 2026-01-19 08:50:07 +01:00
Abhisar Sinha 002d9768b2
Add settings to mark cryptographic algorithms in vpn customer gateways as excluded or obsolete (#12193) 
This PR introduces several configuration settings using which an operator can mark certain cryptographic algorithms and parameters as excluded or obsolete for VPN Customer Gateway creation for Site-to-Site VPN.

Cloud providers following modern security frameworks (e.g., ISO 27001/27017) are required to enforce and communicate approved cryptographic standards. CloudStack currently accepts several weak or deprecated algorithms without guidance to users. This PR closes that gap by giving operators explicit control over what is disallowed vs discouraged, improving security posture without breaking existing deployments.

These settings are:

1. vpn.customer.gateway.excluded.encryption.algorithms
2. vpn.customer.gateway.excluded.hashing.algorithms
3. vpn.customer.gateway.excluded.ike.versions
4. vpn.customer.gateway.excluded.dh.group
5. vpn.customer.gateway.obsolete.encryption.algorithms
6. vpn.customer.gateway.obsolete.hashing.algorithms
7. vpn.customer.gateway.obsolete.ike.versions
8. vpn.customer.gateway.obsolete.dh.group
 2026-01-19 13:18:37 +05:30
Abhishek Kumar 76e6de7f90
ui: fix form data double fetch/reset form data by ownership selection (#11705) 
* ui: fix form data double fetch/reset form data by ownership selection

Fixes #10832
 2026-01-16 10:48:57 -05:00
Wei Zhou b31c2f4cae
Revert "Review comment on pull request #12436" 
This reverts commit a566af35f5.
 2026-01-15 19:17:12 +01:00
Wei Zhou a566af35f5 Review comment on pull request #12436 2026-01-15 19:14:51 +01:00
Suresh Kumar Anaparti f1f779a08d
Cleanup snapshot files in datastores for Error-ed snapshots, and some code improvements (#12347) 2026-01-15 12:12:32 +01:00
Nicolas Vazquez aba3285c3c
[Usage] Include accounts uuid on the cloud_usage accounts initial saving (#12420) 2026-01-15 06:50:35 -03:00
Suresh Kumar Anaparti 507c4cd128
Merge branch '4.22' 2026-01-15 10:09:09 +05:30
Suresh Kumar Anaparti b5fd39fca0
Merge branch '4.20' into 4.22 2026-01-15 10:08:27 +05:30
Abhisar Sinha 5c1f9315ce
Remove transaction from updateCapacityForHost cal (#12421) 2026-01-14 16:12:42 +01:00
Suresh Kumar Anaparti 6a324da27a
MAC address assignment improvements (#12349) 2026-01-13 13:56:39 +01:00
Vishesh b8ed34e2a8
Reset modifier button's state (#12187) 2026-01-13 13:48:55 +01:00
Abhisar Sinha 9e86fdf1b6
Fix cloud-sysvmadmin hang (#12355) 2026-01-13 09:06:25 +01:00