From 58f4112b6a7906130523d41baa76cff92278bd32 Mon Sep 17 00:00:00 2001 From: akutz Date: Sun, 11 Dec 2022 20:44:51 -0600 Subject: [PATCH 1/6] api: Update types to vSphere 8.0 GA This patch updates the generated types to vSphere 8.0 GA. --- eam/methods/methods.go | 40 +++++++++++++++++++++ eam/types/types.go | 31 ++++++++++++++++ gen/gen.sh | 6 ++-- simulator/folder.go | 14 ++++---- vim25/types/helpers.go | 72 +++++++++++++++++++++++++++++++++++++ vim25/types/helpers_test.go | 34 ++++++++++++++++++ vim25/types/types.go | 24 ++++++------- vim25/types/unreleased.go | 10 ------ 8 files changed, 199 insertions(+), 32 deletions(-) diff --git a/eam/methods/methods.go b/eam/methods/methods.go index edf67f1b0..7e968b2e1 100644 --- a/eam/methods/methods.go +++ b/eam/methods/methods.go @@ -183,6 +183,26 @@ func DestroyAgency(ctx context.Context, r soap.RoundTripper, req *types.DestroyA return resBody.Res, nil } +type GetMaintenanceModePolicyBody struct { + Req *types.GetMaintenanceModePolicy `xml:"urn:eam GetMaintenanceModePolicy,omitempty"` + Res *types.GetMaintenanceModePolicyResponse `xml:"urn:eam GetMaintenanceModePolicyResponse,omitempty"` + Fault_ *soap.Fault `xml:"http://schemas.xmlsoap.org/soap/envelope/ Fault,omitempty"` +} + +func (b *GetMaintenanceModePolicyBody) Fault() *soap.Fault { return b.Fault_ } + +func GetMaintenanceModePolicy(ctx context.Context, r soap.RoundTripper, req *types.GetMaintenanceModePolicy) (*types.GetMaintenanceModePolicyResponse, error) { + var reqBody, resBody GetMaintenanceModePolicyBody + + reqBody.Req = req + + if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil { + return nil, err + } + + return resBody.Res, nil +} + type MarkAsAvailableBody struct { Req *types.MarkAsAvailable `xml:"urn:eam MarkAsAvailable,omitempty"` Res *types.MarkAsAvailableResponse `xml:"urn:eam MarkAsAvailableResponse,omitempty"` @@ -383,6 +403,26 @@ func ScanForUnknownAgentVm(ctx context.Context, r soap.RoundTripper, req *types. return resBody.Res, nil } +type SetMaintenanceModePolicyBody struct { + Req *types.SetMaintenanceModePolicy `xml:"urn:eam SetMaintenanceModePolicy,omitempty"` + Res *types.SetMaintenanceModePolicyResponse `xml:"urn:eam SetMaintenanceModePolicyResponse,omitempty"` + Fault_ *soap.Fault `xml:"http://schemas.xmlsoap.org/soap/envelope/ Fault,omitempty"` +} + +func (b *SetMaintenanceModePolicyBody) Fault() *soap.Fault { return b.Fault_ } + +func SetMaintenanceModePolicy(ctx context.Context, r soap.RoundTripper, req *types.SetMaintenanceModePolicy) (*types.SetMaintenanceModePolicyResponse, error) { + var reqBody, resBody SetMaintenanceModePolicyBody + + reqBody.Req = req + + if err := r.RoundTrip(ctx, &reqBody, &resBody); err != nil { + return nil, err + } + + return resBody.Res, nil +} + type UninstallBody struct { Req *types.Uninstall `xml:"urn:eam Uninstall,omitempty"` Res *types.UninstallResponse `xml:"urn:eam UninstallResponse,omitempty"` diff --git a/eam/types/types.go b/eam/types/types.go index ed8b2d3f4..1b130483a 100644 --- a/eam/types/types.go +++ b/eam/types/types.go @@ -582,6 +582,12 @@ func init() { types.Add("eam:DisabledClusterFault", reflect.TypeOf((*DisabledClusterFault)(nil)).Elem()) } +type DisabledClusterFaultFault DisabledClusterFault + +func init() { + types.Add("eam:DisabledClusterFaultFault", reflect.TypeOf((*DisabledClusterFaultFault)(nil)).Elem()) +} + type EamAppFault struct { EamRuntimeFault } @@ -646,6 +652,12 @@ func init() { types.Add("eam:EamInvalidState", reflect.TypeOf((*EamInvalidState)(nil)).Elem()) } +type EamInvalidStateFault EamInvalidState + +func init() { + types.Add("eam:EamInvalidStateFault", reflect.TypeOf((*EamInvalidStateFault)(nil)).Elem()) +} + type EamInvalidVibPackage struct { EamRuntimeFault } @@ -729,6 +741,12 @@ func init() { types.Add("eam:ExtensibleIssue", reflect.TypeOf((*ExtensibleIssue)(nil)).Elem()) } +type GetMaintenanceModePolicy GetMaintenanceModePolicyRequestType + +func init() { + types.Add("eam:GetMaintenanceModePolicy", reflect.TypeOf((*GetMaintenanceModePolicy)(nil)).Elem()) +} + type GetMaintenanceModePolicyRequestType struct { This types.ManagedObjectReference `xml:"_this"` } @@ -737,6 +755,10 @@ func init() { types.Add("eam:GetMaintenanceModePolicyRequestType", reflect.TypeOf((*GetMaintenanceModePolicyRequestType)(nil)).Elem()) } +type GetMaintenanceModePolicyResponse struct { + Returnval string `xml:"returnval"` +} + type HostInMaintenanceMode struct { VmDeployed } @@ -1332,6 +1354,12 @@ func init() { type ScanForUnknownAgentVmResponse struct { } +type SetMaintenanceModePolicy SetMaintenanceModePolicyRequestType + +func init() { + types.Add("eam:SetMaintenanceModePolicy", reflect.TypeOf((*SetMaintenanceModePolicy)(nil)).Elem()) +} + type SetMaintenanceModePolicyRequestType struct { This types.ManagedObjectReference `xml:"_this"` Policy string `xml:"policy"` @@ -1341,6 +1369,9 @@ func init() { types.Add("eam:SetMaintenanceModePolicyRequestType", reflect.TypeOf((*SetMaintenanceModePolicyRequestType)(nil)).Elem()) } +type SetMaintenanceModePolicyResponse struct { +} + type Uninstall UninstallRequestType func init() { diff --git a/gen/gen.sh b/gen/gen.sh index 6f8929124..b19345a7f 100755 --- a/gen/gen.sh +++ b/gen/gen.sh @@ -48,7 +48,7 @@ generate() { } # -# All types derive from vCenter build 20023987, vSphere 8.0. +# All types derive from vSphere 8.0 GA, vcenter-all build 20519528. # export COPYRIGHT_DATE_RANGE="2014-2022" @@ -59,14 +59,14 @@ export COPYRIGHT_DATE_RANGE="2014-2022" # export FORCE_BASE_INTERFACE_FOR_TYPES="AgencyConfigInfo" -# ./sdk/ contains the contents of wsdl.zip from vimbase build 19936444. +# ./sdk/ contains the contents of wsdl.zip from vimbase build 20031402. generate "../vim25" "vim" "./rbvmomi/vmodl.db" # from github.com/vmware/rbvmomi@v3.0.0 generate "../pbm" "pbm" generate "../vslm" "vslm" generate "../sms" "sms" # ./sdk/ contains the files eam-messagetypes.xsd and eam-types.xsd from -# eam-wsdl.zip, from eam-vcenter build 19970683. +# eam-wsdl.zip, from eam-vcenter build 20031438. # # Please note the EAM files are also available at the following, public URL -- # http://bit.ly/eam-sdk, therefore the WSDL resource for EAM are in fact diff --git a/simulator/folder.go b/simulator/folder.go index 88efac2c7..a30094383 100644 --- a/simulator/folder.go +++ b/simulator/folder.go @@ -807,12 +807,13 @@ func (f *Folder) PlaceVmsXCluster(ctx *Context, req *types.PlaceVmsXCluster) soa Target: &cluster.Self, } - placementAction := types.ClusterInitialPlacementAction{ - Pool: &pool.Self, + placementAction := types.ClusterClusterInitialPlacementAction{ + Pool: pool.Self, } if hostRequired { - placementAction.TargetHost = cluster.Host[rand.Intn(len(cluster.Host))] + randomHost := cluster.Host[rand.Intn(len(cluster.Host))] + placementAction.TargetHost = &randomHost } if datastoreRequired { @@ -856,12 +857,11 @@ func (f *Folder) PlaceVmsXCluster(ctx *Context, req *types.PlaceVmsXCluster) soa } } } + + placementAction.ConfigSpec = configSpec } - res.Action = append(res.Action, &types.ClusterClusterInitialPlacementAction{ - ClusterInitialPlacementAction: placementAction, - ConfigSpec: configSpec, - }) + res.Action = append(res.Action, &placementAction) body.Res.Returnval.PlacementInfos = append(body.Res.Returnval.PlacementInfos, types.PlaceVmsXClusterResultPlacementInfo{ diff --git a/vim25/types/helpers.go b/vim25/types/helpers.go index 67d9793fa..70360eb4f 100644 --- a/vim25/types/helpers.go +++ b/vim25/types/helpers.go @@ -157,6 +157,18 @@ func (ci VirtualMachineConfigInfo) ToConfigSpec() VirtualMachineConfigSpec { SevEnabled: ci.SevEnabled, PmemFailoverEnabled: ci.PmemFailoverEnabled, Pmem: ci.Pmem, + NpivWorldWideNameOp: ci.NpivWorldWideNameType, + RebootPowerOff: ci.RebootPowerOff, + ScheduledHardwareUpgradeInfo: ci.ScheduledHardwareUpgradeInfo, + SgxInfo: ci.SgxInfo, + GuestMonitoringModeInfo: ci.GuestMonitoringModeInfo, + VmxStatsCollectionEnabled: ci.VmxStatsCollectionEnabled, + VmOpNotificationToAppEnabled: ci.VmOpNotificationToAppEnabled, + VmOpNotificationTimeout: ci.VmOpNotificationTimeout, + DeviceSwap: ci.DeviceSwap, + SimultaneousThreads: ci.Hardware.SimultaneousThreads, + DeviceGroups: ci.DeviceGroups, + MotherboardLayout: ci.Hardware.MotherboardLayout, } // Unassign the Files field if all of its fields are empty. @@ -234,6 +246,66 @@ func (ci VirtualMachineConfigInfo) ToConfigSpec() VirtualMachineConfigSpec { } } + if ni := ci.NumaInfo; ni != nil { + cs.VirtualNuma = &VirtualMachineVirtualNuma{ + CoresPerNumaNode: ni.CoresPerNumaNode, + ExposeVnumaOnCpuHotadd: ni.VnumaOnCpuHotaddExposed, + } + } + + if civa, ok := ci.VAppConfig.(*VmConfigInfo); ok { + var csva VmConfigSpec + + csva.Eula = civa.Eula + csva.InstallBootRequired = &civa.InstallBootRequired + csva.InstallBootStopDelay = civa.InstallBootStopDelay + + ipAssignment := civa.IpAssignment + csva.IpAssignment = &ipAssignment + + csva.OvfEnvironmentTransport = civa.OvfEnvironmentTransport + for i := range civa.OvfSection { + s := civa.OvfSection[i] + csva.OvfSection = append( + csva.OvfSection, + VAppOvfSectionSpec{ + ArrayUpdateSpec: ArrayUpdateSpec{ + Operation: ArrayUpdateOperationAdd, + }, + Info: &s, + }, + ) + } + + for i := range civa.Product { + p := civa.Product[i] + csva.Product = append( + csva.Product, + VAppProductSpec{ + ArrayUpdateSpec: ArrayUpdateSpec{ + Operation: ArrayUpdateOperationAdd, + }, + Info: &p, + }, + ) + } + + for i := range civa.Property { + p := civa.Property[i] + csva.Property = append( + csva.Property, + VAppPropertySpec{ + ArrayUpdateSpec: ArrayUpdateSpec{ + Operation: ArrayUpdateOperationAdd, + }, + Info: &p, + }, + ) + } + + cs.VAppConfig = &csva + } + return cs } diff --git a/vim25/types/helpers_test.go b/vim25/types/helpers_test.go index 08914ea4a..960c4256e 100644 --- a/vim25/types/helpers_test.go +++ b/vim25/types/helpers_test.go @@ -122,6 +122,40 @@ func TestVirtualMachineConfigInfoToConfigSpec(t *testing.T) { }, }, }, + { + name: "vAppConfig", + conf: VirtualMachineConfigInfo{ + Name: "Hello, world.", + VAppConfig: &VmConfigInfo{ + InstallBootRequired: false, + IpAssignment: VAppIPAssignmentInfo{}, + Product: []VAppProductInfo{ + { + Key: 1, + Name: "P1", + }, + }, + }, + }, + spec: VirtualMachineConfigSpec{ + Name: "Hello, world.", + VAppConfig: &VmConfigSpec{ + InstallBootRequired: NewBool(false), + IpAssignment: &VAppIPAssignmentInfo{}, + Product: []VAppProductSpec{ + { + ArrayUpdateSpec: ArrayUpdateSpec{ + Operation: ArrayUpdateOperationAdd, + }, + Info: &VAppProductInfo{ + Key: 1, + Name: "P1", + }, + }, + }, + }, + }, + }, { name: "really big config", conf: VirtualMachineConfigInfo{ diff --git a/vim25/types/types.go b/vim25/types/types.go index 30a58792b..f7ae195f7 100644 --- a/vim25/types/types.go +++ b/vim25/types/types.go @@ -8313,6 +8313,18 @@ func init() { t["ClusterAttemptedVmInfo"] = reflect.TypeOf((*ClusterAttemptedVmInfo)(nil)).Elem() } +type ClusterClusterInitialPlacementAction struct { + ClusterAction + + TargetHost *ManagedObjectReference `xml:"targetHost,omitempty"` + Pool ManagedObjectReference `xml:"pool"` + ConfigSpec *VirtualMachineConfigSpec `xml:"configSpec,omitempty"` +} + +func init() { + t["ClusterClusterInitialPlacementAction"] = reflect.TypeOf((*ClusterClusterInitialPlacementAction)(nil)).Elem() +} + type ClusterComplianceCheckedEvent struct { ClusterEvent @@ -8835,18 +8847,6 @@ func init() { t["ClusterDasVmConfigSpec"] = reflect.TypeOf((*ClusterDasVmConfigSpec)(nil)).Elem() } -type ClusterDasVmPreemptiblePairInfo struct { - DynamicData - - Key int32 `xml:"key,omitempty"` - MonitoredVm ManagedObjectReference `xml:"monitoredVm"` - PreemptibleVm ManagedObjectReference `xml:"preemptibleVm"` -} - -func init() { - t["ClusterDasVmPreemptiblePairInfo"] = reflect.TypeOf((*ClusterDasVmPreemptiblePairInfo)(nil)).Elem() -} - type ClusterDasVmSettings struct { DynamicData diff --git a/vim25/types/unreleased.go b/vim25/types/unreleased.go index 9c9de58ae..72bc1082b 100644 --- a/vim25/types/unreleased.go +++ b/vim25/types/unreleased.go @@ -119,13 +119,3 @@ func init() { } const RecommendationReasonCodeXClusterPlacement = RecommendationReasonCode("xClusterPlacement") - -type ClusterClusterInitialPlacementAction struct { - ClusterInitialPlacementAction - - ConfigSpec *VirtualMachineConfigSpec `xml:"configSpec,omitempty"` -} - -func init() { - t["ClusterClusterInitialPlacementAction"] = reflect.TypeOf((*ClusterClusterInitialPlacementAction)(nil)).Elem() -} From 60a18c56e0195e1f8091e51a819ecce41cc4acc8 Mon Sep 17 00:00:00 2001 From: akutz Date: Mon, 12 Dec 2022 09:10:44 -0600 Subject: [PATCH 2/6] govc: about.cert was not respecting -k This patch fixes a bug where "govc about.cert" was not respecting the -k flag (or env var) that disabled TLS verification. --- govc/about/cert.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/govc/about/cert.go b/govc/about/cert.go index 7cbd5c9f1..d315707ea 100644 --- a/govc/about/cert.go +++ b/govc/about/cert.go @@ -98,7 +98,7 @@ func (r *certResult) Write(w io.Writer) error { func (cmd *cert) Run(ctx context.Context, f *flag.FlagSet) error { u := cmd.Session.URL - c := soap.NewClient(u, false) + c := soap.NewClient(u, cmd.Session.Insecure) t := c.Client.Transport.(*http.Transport) r := certResult{cmd: cmd} From 86f9d42ac5cf58dbe379f075bd2679c75478d452 Mon Sep 17 00:00:00 2001 From: akutz Date: Mon, 12 Dec 2022 09:12:18 -0600 Subject: [PATCH 3/6] vcsim: Update test keys to be RSA 2048 This patch updates the cert/key pairs vC Sim uses for testing to be RSA 2048 in accordance with Apple's new requirements on macOS. https://developer.apple.com/documentation/security/preventing_insecure_network_connections --- simulator/internal/testcert.go | 79 ++++++++++++++++++++++------------ sts/signer_test.go | 77 ++++++++++++++++++++------------- 2 files changed, 99 insertions(+), 57 deletions(-) diff --git a/simulator/internal/testcert.go b/simulator/internal/testcert.go index 075b7c196..3c8640e2c 100644 --- a/simulator/internal/testcert.go +++ b/simulator/internal/testcert.go @@ -19,35 +19,58 @@ package internal // LocalhostCert is a PEM-encoded TLS cert with SAN IPs // "127.0.0.1" and "[::1]", expiring at Jan 29 16:00:00 2084 GMT. // generated from src/crypto/tls: -// go run generate_cert.go --rsa-bits 1024 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h +// go run generate_cert.go --rsa-bits 2048 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h +// +// Please note the certificate was updated to 2048 bits due to macOS now +// requiring RSA keys of at least 2048 bits. For more information, please see: +// https://developer.apple.com/documentation/security/preventing_insecure_network_connections var LocalhostCert = []byte(`-----BEGIN CERTIFICATE----- -MIICEzCCAXygAwIBAgIQMIMChMLGrR+QvmQvpwAU6zANBgkqhkiG9w0BAQsFADAS -MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw -MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB -iQKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9SjY1bIw4 -iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZBl2+XsDul -rKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQABo2gwZjAO -BgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw -AwEB/zAuBgNVHREEJzAlggtleGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAA -AAAAATANBgkqhkiG9w0BAQsFAAOBgQCEcetwO59EWk7WiJsG4x8SY+UIAA+flUI9 -tyC4lNhbcF2Idq9greZwbYCqTTTr2XiRNSMLCOjKyI7ukPoPjo16ocHj+P3vZGfs -h1fIw3cSS2OolhloGw/XM6RWPWtPAlGykKLciQrBru5NAPvCMsb/I1DAceTiotQM -fblo6RBxUQ== +MIIDOjCCAiKgAwIBAgIRAK6d/JpGL75P2wOSYc6WalEwDQYJKoZIhvcNAQELBQAw +EjEQMA4GA1UEChMHQWNtZSBDbzAgFw03MDAxMDEwMDAwMDBaGA8yMDg0MDEyOTE2 +MDAwMFowEjEQMA4GA1UEChMHQWNtZSBDbzCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAK9lInM4OAKI4z+wDNkvcZC6S6exFSOysp7NPJyaEAhW93kPY7gO +f6H5aP3V3YU0vYpCSnz/UhyDD+/knBof1J3Do7FVwYtC293vrtXffNtAvygfJodW +1dPllp17ZJbq76ei9oWq1Y5Hox/sVYmNVNztvBfK1mtpS8z8Qrk1LWCyLiDHkvDA +hCy2OjuaopxC6qQejdWT1PxwbqptuLVakQmecpiFrupy8DTG0x0rxxdMdAATywhY +Gm49A/FroagZ6HMz3bm39we/w6VIx3pX1lbUUyrfjvBgfUlRwxyZABBj2STGsOQJ +a451eEcESXcSEWzjGjUQ1Wf+zzxr2GAHmI8CAwEAAaOBiDCBhTAOBgNVHQ8BAf8E +BAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUjtR2VSuxchTxe0UNDVqWDNMR37AwLgYDVR0RBCcwJYILZXhhbXBsZS5j +b22HBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwDQYJKoZIhvcNAQELBQADggEBACK7 +1L15IeYPiQHFDml3EgDoRnd/tAaZP9nUZIIPLRgUnQITNAtjFgBvqneQZwlQtco2 +s8YXSivBQiATlBEtGBzVxv36R4tTXldIgJxaCUxxZtqALLwyGqSaI/cwE0pWa6Z0 +Op2wkzUmoQ5rRrJfRM+C6HR/+lWkNtHRzaUFOSlxNJbPo53K53OoDriwEc1PvEYP +wFeUXwTzCZ68pAlWUmDKCyp+lPhjIt2Gznig+BSPCNJqmwKM76oFyywi3HIP56rD +/cwUtoplF68uVuD8HXb1ggGsqtGiAT4GLT8tU5w+BtK8ZIs/LK7mdi7W8aIOhUUH +l1lgeV3oEQue3A7SogA= -----END CERTIFICATE-----`) // LocalhostKey is the private key for localhostCert. -var LocalhostKey = []byte(`-----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9 -SjY1bIw4iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZB -l2+XsDulrKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQAB -AoGAGRzwwir7XvBOAy5tM/uV6e+Zf6anZzus1s1Y1ClbjbE6HXbnWWF/wbZGOpet -3Zm4vD6MXc7jpTLryzTQIvVdfQbRc6+MUVeLKwZatTXtdZrhu+Jk7hx0nTPy8Jcb -uJqFk541aEw+mMogY/xEcfbWd6IOkp+4xqjlFLBEDytgbIECQQDvH/E6nk+hgN4H -qzzVtxxr397vWrjrIgPbJpQvBsafG7b0dA4AFjwVbFLmQcj2PprIMmPcQrooz8vp -jy4SHEg1AkEA/v13/5M47K9vCxmb8QeD/asydfsgS5TeuNi8DoUBEmiSJwma7FXY -fFUtxuvL7XvjwjN5B30pNEbc6Iuyt7y4MQJBAIt21su4b3sjXNueLKH85Q+phy2U -fQtuUE9txblTu14q3N7gHRZB4ZMhFYyDy8CKrN2cPg/Fvyt0Xlp/DoCzjA0CQQDU -y2ptGsuSmgUtWj3NM9xuwYPm+Z/F84K6+ARYiZ6PYj013sovGKUFfYAqVXVlxtIX -qyUBnu3X9ps8ZfjLZO7BAkEAlT4R5Yl6cGhaJQYZHOde3JEMhNRcVFMO8dJDaFeo -f9Oeos0UUothgiDktdQHxdNEwLjQf7lJJBzV+5OtwswCWA== ------END RSA PRIVATE KEY-----`) +var LocalhostKey = []byte(`-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCvZSJzODgCiOM/ +sAzZL3GQukunsRUjsrKezTycmhAIVvd5D2O4Dn+h+Wj91d2FNL2KQkp8/1Icgw/v +5JwaH9Sdw6OxVcGLQtvd767V33zbQL8oHyaHVtXT5Zade2SW6u+novaFqtWOR6Mf +7FWJjVTc7bwXytZraUvM/EK5NS1gsi4gx5LwwIQstjo7mqKcQuqkHo3Vk9T8cG6q +bbi1WpEJnnKYha7qcvA0xtMdK8cXTHQAE8sIWBpuPQPxa6GoGehzM925t/cHv8Ol +SMd6V9ZW1FMq347wYH1JUcMcmQAQY9kkxrDkCWuOdXhHBEl3EhFs4xo1ENVn/s88 +a9hgB5iPAgMBAAECggEAEpeS3knQThx6kk60HfWUgTXuPRldV0pi+shgq2z9VBT7 +6J5EAMewqdfJVFbuQ2eCy/wY70UVTCZscw51qaNEI3EQkgS4Hm345n64tr0Y/BjR +6ovaxq/ivLJyk8D3ubOvscJphWPFfW6EkSa5LnqHy197972tmvcvbMw0unMzmzM7 +DenXdoIJQu1SqLiLUiDXEfkvCReekqhe1jATCwTzIBTCnTWxgI4Ox2qsBaxuwrnl +D1GpWy4sh8NpDB0EBwdrjAOmLDOyvsy2X65DIlHS/k7901tvzyNjRrsr2Ig0sAz4 +w0ke6CUKQ2B+Pqn3p6bvxRYMP08+ZjlQpPuU4RrxGQKBgQDd3HCrZCgUJAGcfzYX +ZzSmSoxB9+sEuVUZGU+ICMPlG0Dd8aEkXIyDjGMWsLFMIvzNBf4wB1FwdLaCJu6y +0PbX3KVfg/Yc4lvYUuQ+1nD/3gm2hE46lZuSfbmExH5SQVLSbSQf9S/5BTHAWQO9 +PNie71AZ8fO5YDBM18tq2V7dBQKBgQDKYk1+Zup5p0BeRyCNnVYnpngO+pAZZmld +gYiRn8095QJ/Y+yV0kYc2+0+5f6St462E+PVH3tX1l9OG3ujVQnWfu2iSsRJRMUf +0blxqTWvqdcGi8SLpVjkrHn30scFNWmojhJv3k42H3nUMC1+WU3rp2f7+W58afyd +NY9x4sqzgwKBgQCoeMq9+3JLyQPIOPl0UBS06gsT1RUMI0gxpPy1yiInich6QRAi +snypMCPWiRo5PKBHd/OLuSLoiFhHARVliDTJum2B2I09Zc5kuJ1F8kUgpxUtGc7l +wdG/LeWAok1iXORtkh9KfT+Ok5kx/OZP/zJnjkZ/TTHMZPSIhZ2cZ7AXmQKBgHMP +HjWNtyKApsSytVwtpgyWxMznQMNgCOkjOoxoCJx2tUvNeHTY/glsM14+DdRFzTnQ +5weEhXAzrS1PzKPYNeafdOR+k0eAdH2Zk09+PspmyZusHIqz72zabeEqEQHyEubE +FtFI1rhIfs/WsBaUGQuvuhtz/I95BiguiiXaJRmXAoGADwcO6YXoWXga07gGRwZP +LYKwt5wBh13LAGbSsUyCSK5FG6ZrTmzaFdAGV1U4wc/wgiIgv33m8BG4Ikxvpa0r +Wg3dbhBx9Oya8QWIMBPk72KKEzsSDfi+Cn52ZmxTkWbBDCnkRhG77Ooi8vJ3dhq4 +fHeAu1F9OwF83SBi1oNySd8= +-----END PRIVATE KEY-----`) diff --git a/sts/signer_test.go b/sts/signer_test.go index 6acacc515..f768bc37e 100644 --- a/sts/signer_test.go +++ b/sts/signer_test.go @@ -31,38 +31,57 @@ import ( var _ soap.Signer = new(Signer) -// LocalhostCert copied from go/src/net/http/internal/testcert.go +// LocalhostCert copied from simulator/internal/testcert.go var LocalhostCert = []byte(`-----BEGIN CERTIFICATE----- -MIICEzCCAXygAwIBAgIQMIMChMLGrR+QvmQvpwAU6zANBgkqhkiG9w0BAQsFADAS -MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw -MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB -iQKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9SjY1bIw4 -iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZBl2+XsDul -rKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQABo2gwZjAO -BgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw -AwEB/zAuBgNVHREEJzAlggtleGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAA -AAAAATANBgkqhkiG9w0BAQsFAAOBgQCEcetwO59EWk7WiJsG4x8SY+UIAA+flUI9 -tyC4lNhbcF2Idq9greZwbYCqTTTr2XiRNSMLCOjKyI7ukPoPjo16ocHj+P3vZGfs -h1fIw3cSS2OolhloGw/XM6RWPWtPAlGykKLciQrBru5NAPvCMsb/I1DAceTiotQM -fblo6RBxUQ== +MIIDOjCCAiKgAwIBAgIRAK6d/JpGL75P2wOSYc6WalEwDQYJKoZIhvcNAQELBQAw +EjEQMA4GA1UEChMHQWNtZSBDbzAgFw03MDAxMDEwMDAwMDBaGA8yMDg0MDEyOTE2 +MDAwMFowEjEQMA4GA1UEChMHQWNtZSBDbzCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAK9lInM4OAKI4z+wDNkvcZC6S6exFSOysp7NPJyaEAhW93kPY7gO +f6H5aP3V3YU0vYpCSnz/UhyDD+/knBof1J3Do7FVwYtC293vrtXffNtAvygfJodW +1dPllp17ZJbq76ei9oWq1Y5Hox/sVYmNVNztvBfK1mtpS8z8Qrk1LWCyLiDHkvDA +hCy2OjuaopxC6qQejdWT1PxwbqptuLVakQmecpiFrupy8DTG0x0rxxdMdAATywhY +Gm49A/FroagZ6HMz3bm39we/w6VIx3pX1lbUUyrfjvBgfUlRwxyZABBj2STGsOQJ +a451eEcESXcSEWzjGjUQ1Wf+zzxr2GAHmI8CAwEAAaOBiDCBhTAOBgNVHQ8BAf8E +BAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAdBgNV +HQ4EFgQUjtR2VSuxchTxe0UNDVqWDNMR37AwLgYDVR0RBCcwJYILZXhhbXBsZS5j +b22HBH8AAAGHEAAAAAAAAAAAAAAAAAAAAAEwDQYJKoZIhvcNAQELBQADggEBACK7 +1L15IeYPiQHFDml3EgDoRnd/tAaZP9nUZIIPLRgUnQITNAtjFgBvqneQZwlQtco2 +s8YXSivBQiATlBEtGBzVxv36R4tTXldIgJxaCUxxZtqALLwyGqSaI/cwE0pWa6Z0 +Op2wkzUmoQ5rRrJfRM+C6HR/+lWkNtHRzaUFOSlxNJbPo53K53OoDriwEc1PvEYP +wFeUXwTzCZ68pAlWUmDKCyp+lPhjIt2Gznig+BSPCNJqmwKM76oFyywi3HIP56rD +/cwUtoplF68uVuD8HXb1ggGsqtGiAT4GLT8tU5w+BtK8ZIs/LK7mdi7W8aIOhUUH +l1lgeV3oEQue3A7SogA= -----END CERTIFICATE-----`) -// LocalhostKey copied from go/src/net/http/internal/testcert.go -var LocalhostKey = []byte(`-----BEGIN RSA PRIVATE KEY----- -MIICXgIBAAKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9 -SjY1bIw4iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZB -l2+XsDulrKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQAB -AoGAGRzwwir7XvBOAy5tM/uV6e+Zf6anZzus1s1Y1ClbjbE6HXbnWWF/wbZGOpet -3Zm4vD6MXc7jpTLryzTQIvVdfQbRc6+MUVeLKwZatTXtdZrhu+Jk7hx0nTPy8Jcb -uJqFk541aEw+mMogY/xEcfbWd6IOkp+4xqjlFLBEDytgbIECQQDvH/E6nk+hgN4H -qzzVtxxr397vWrjrIgPbJpQvBsafG7b0dA4AFjwVbFLmQcj2PprIMmPcQrooz8vp -jy4SHEg1AkEA/v13/5M47K9vCxmb8QeD/asydfsgS5TeuNi8DoUBEmiSJwma7FXY -fFUtxuvL7XvjwjN5B30pNEbc6Iuyt7y4MQJBAIt21su4b3sjXNueLKH85Q+phy2U -fQtuUE9txblTu14q3N7gHRZB4ZMhFYyDy8CKrN2cPg/Fvyt0Xlp/DoCzjA0CQQDU -y2ptGsuSmgUtWj3NM9xuwYPm+Z/F84K6+ARYiZ6PYj013sovGKUFfYAqVXVlxtIX -qyUBnu3X9ps8ZfjLZO7BAkEAlT4R5Yl6cGhaJQYZHOde3JEMhNRcVFMO8dJDaFeo -f9Oeos0UUothgiDktdQHxdNEwLjQf7lJJBzV+5OtwswCWA== ------END RSA PRIVATE KEY-----`) +// LocalhostKey copied from simulator/internal/testcert.go +var LocalhostKey = []byte(`-----BEGIN PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCvZSJzODgCiOM/ +sAzZL3GQukunsRUjsrKezTycmhAIVvd5D2O4Dn+h+Wj91d2FNL2KQkp8/1Icgw/v +5JwaH9Sdw6OxVcGLQtvd767V33zbQL8oHyaHVtXT5Zade2SW6u+novaFqtWOR6Mf +7FWJjVTc7bwXytZraUvM/EK5NS1gsi4gx5LwwIQstjo7mqKcQuqkHo3Vk9T8cG6q +bbi1WpEJnnKYha7qcvA0xtMdK8cXTHQAE8sIWBpuPQPxa6GoGehzM925t/cHv8Ol +SMd6V9ZW1FMq347wYH1JUcMcmQAQY9kkxrDkCWuOdXhHBEl3EhFs4xo1ENVn/s88 +a9hgB5iPAgMBAAECggEAEpeS3knQThx6kk60HfWUgTXuPRldV0pi+shgq2z9VBT7 +6J5EAMewqdfJVFbuQ2eCy/wY70UVTCZscw51qaNEI3EQkgS4Hm345n64tr0Y/BjR +6ovaxq/ivLJyk8D3ubOvscJphWPFfW6EkSa5LnqHy197972tmvcvbMw0unMzmzM7 +DenXdoIJQu1SqLiLUiDXEfkvCReekqhe1jATCwTzIBTCnTWxgI4Ox2qsBaxuwrnl +D1GpWy4sh8NpDB0EBwdrjAOmLDOyvsy2X65DIlHS/k7901tvzyNjRrsr2Ig0sAz4 +w0ke6CUKQ2B+Pqn3p6bvxRYMP08+ZjlQpPuU4RrxGQKBgQDd3HCrZCgUJAGcfzYX +ZzSmSoxB9+sEuVUZGU+ICMPlG0Dd8aEkXIyDjGMWsLFMIvzNBf4wB1FwdLaCJu6y +0PbX3KVfg/Yc4lvYUuQ+1nD/3gm2hE46lZuSfbmExH5SQVLSbSQf9S/5BTHAWQO9 +PNie71AZ8fO5YDBM18tq2V7dBQKBgQDKYk1+Zup5p0BeRyCNnVYnpngO+pAZZmld +gYiRn8095QJ/Y+yV0kYc2+0+5f6St462E+PVH3tX1l9OG3ujVQnWfu2iSsRJRMUf +0blxqTWvqdcGi8SLpVjkrHn30scFNWmojhJv3k42H3nUMC1+WU3rp2f7+W58afyd +NY9x4sqzgwKBgQCoeMq9+3JLyQPIOPl0UBS06gsT1RUMI0gxpPy1yiInich6QRAi +snypMCPWiRo5PKBHd/OLuSLoiFhHARVliDTJum2B2I09Zc5kuJ1F8kUgpxUtGc7l +wdG/LeWAok1iXORtkh9KfT+Ok5kx/OZP/zJnjkZ/TTHMZPSIhZ2cZ7AXmQKBgHMP +HjWNtyKApsSytVwtpgyWxMznQMNgCOkjOoxoCJx2tUvNeHTY/glsM14+DdRFzTnQ +5weEhXAzrS1PzKPYNeafdOR+k0eAdH2Zk09+PspmyZusHIqz72zabeEqEQHyEubE +FtFI1rhIfs/WsBaUGQuvuhtz/I95BiguiiXaJRmXAoGADwcO6YXoWXga07gGRwZP +LYKwt5wBh13LAGbSsUyCSK5FG6ZrTmzaFdAGV1U4wc/wgiIgv33m8BG4Ikxvpa0r +Wg3dbhBx9Oya8QWIMBPk72KKEzsSDfi+Cn52ZmxTkWbBDCnkRhG77Ooi8vJ3dhq4 +fHeAu1F9OwF83SBi1oNySd8= +-----END PRIVATE KEY-----`) func TestSigner(t *testing.T) { cert, err := tls.X509KeyPair(LocalhostCert, LocalhostKey) From 05b0b08c4997144accd4e4b94ee1ec1883c67623 Mon Sep 17 00:00:00 2001 From: akutz Date: Mon, 12 Dec 2022 09:13:35 -0600 Subject: [PATCH 4/6] fix: DialTLSContext / Go 1.18+ CertificateVerify support This patch updates the GoVmomi SOAP client to use DialTLSContext instead of DialTLS, as the latter has been deprecated for multiple, major Go versions. This patch also updates how the SOAP client handles TLS validation with respect to thumbprints. Go 1.18+ adopted the host's certificate verification framework, so it is necessary to alter a few things to continue to support thumbprint verification. * https://tip.golang.org/doc/go1.18 (search for "Certificate.Verify") * https://github.com/square/certigo/issues/264 --- vim25/soap/client.go | 36 ++++++++++++++++++++++++++++++------ 1 file changed, 30 insertions(+), 6 deletions(-) diff --git a/vim25/soap/client.go b/vim25/soap/client.go index 5c63bcc9a..e46a17f95 100644 --- a/vim25/soap/client.go +++ b/vim25/soap/client.go @@ -156,10 +156,14 @@ func NewClient(u *url.URL, insecure bool) *Client { c.hosts = make(map[string]string) c.t.TLSClientConfig = &tls.Config{InsecureSkipVerify: c.k} - // Don't bother setting DialTLS if InsecureSkipVerify=true - if !c.k { - c.t.DialTLS = c.dialTLS - } + + // Always set DialTLS and DialTLSContext, even if InsecureSkipVerify=true, + // because of how certificate verification has been delegated to the host's + // PKI framework in Go 1.18. Please see the following links for more info: + // + // * https://tip.golang.org/doc/go1.18 (search for "Certificate.Verify") + // * https://github.com/square/certigo/issues/264 + c.t.DialTLSContext = c.dialTLSContext c.Client.Transport = c.t c.Client.Jar, _ = cookiejar.New(nil) @@ -352,7 +356,10 @@ func ThumbprintSHA1(cert *x509.Certificate) string { return strings.Join(hex, ":") } -func (c *Client) dialTLS(network string, addr string) (net.Conn, error) { +func (c *Client) dialTLSContext( + ctx context.Context, + network, addr string) (net.Conn, error) { + // Would be nice if there was a tls.Config.Verify func, // see tls.clientHandshakeState.doFullHandshake @@ -366,7 +373,20 @@ func (c *Client) dialTLS(network string, addr string) (net.Conn, error) { case x509.UnknownAuthorityError: case x509.HostnameError: default: - return nil, err + // Allow a thumbprint verification attempt if the error indicates + // the failure was due to lack of trust. + // + // Please note the err variable is not a special type of x509 or HTTP + // error that can be validated by a type assertion. The err variable is + // in fact an *errors.errorString. + switch { + case strings.HasSuffix(err.Error(), "certificate is not trusted"): + // darwin and linux + case strings.HasSuffix(err.Error(), "certificate signed by unknown authority"): + // windows + default: + return nil, err + } } thumbprint := c.Thumbprint(addr) @@ -391,6 +411,10 @@ func (c *Client) dialTLS(network string, addr string) (net.Conn, error) { return conn, nil } +func (c *Client) dialTLS(network, addr string) (net.Conn, error) { + return c.dialTLSContext(context.Background(), network, addr) +} + // splitHostPort is similar to net.SplitHostPort, // but rather than return error if there isn't a ':port', // return an empty string for the port. From 22c4814747d5f0ab761e593158481a7c9fc7691c Mon Sep 17 00:00:00 2001 From: akutz Date: Mon, 12 Dec 2022 09:19:37 -0600 Subject: [PATCH 5/6] fix: Update $mktemp to support macOS This patch updates the instances of $mktemp in the govc/test/*.bats files to support the macOS variant. --- govc/test/import.bats | 6 +++--- govc/test/session.bats | 8 ++++---- govc/test/vcsim.bats | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/govc/test/import.bats b/govc/test/import.bats index 7550fad80..96225bd0f 100755 --- a/govc/test/import.bats +++ b/govc/test/import.bats @@ -76,7 +76,7 @@ load test_helper assert_success # ensure vcsim doesn't panic without capacityAllocationUnits - dir=$($mktemp --tmpdir -d govc-test-XXXXX) + dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) sed -e s/capacityAllocationUnits/invalid/ "$GOVC_IMAGES/$TTYLINUX_NAME.ovf" > "$dir/$TTYLINUX_NAME.ovf" touch "$dir/$TTYLINUX_NAME-disk1.vmdk" # .vmdk contents don't matter to vcsim run govc import.ovf "$dir/$TTYLINUX_NAME.ovf" @@ -98,7 +98,7 @@ load test_helper vcsim_env name=$(new_id) - file=$($mktemp --tmpdir govc-test-XXXXX) + file=$($mktemp --tmpdir govc-test-XXXXX 2>/dev/null || $mktemp -t govc-test-XXXXX) echo "{ \"Name\": \"${name}\"}" > ${file} run govc import.ovf -options="${file}" $GOVC_IMAGES/${TTYLINUX_NAME}.ovf @@ -113,7 +113,7 @@ load test_helper @test "import.ovf with import.spec result" { vcsim_env - file=$($mktemp --tmpdir govc-test-XXXXX) + file=$($mktemp --tmpdir govc-test-XXXXX 2>/dev/null || $mktemp -t govc-test-XXXXX) name=$(new_id) govc import.spec $GOVC_IMAGES/${TTYLINUX_NAME}.ovf > ${file} diff --git a/govc/test/session.bats b/govc/test/session.bats index 1427b022d..74908568e 100755 --- a/govc/test/session.bats +++ b/govc/test/session.bats @@ -24,7 +24,7 @@ load test_helper @test "session.rm" { vcsim_env - dir=$($mktemp --tmpdir -d govc-test-XXXXX) + dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) export GOVMOMI_HOME="$dir" export GOVC_PERSIST_SESSION=true @@ -48,7 +48,7 @@ load test_helper @test "session.persist" { vcsim_env - dir=$($mktemp --tmpdir -d govc-test-XXXXX) + dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) export GOVMOMI_HOME="$dir" export GOVC_PERSIST_SESSION=true @@ -102,7 +102,7 @@ load test_helper assert_success user=$(govc env GOVC_USERNAME) - dir=$($mktemp --tmpdir -d govc-test-XXXXX) + dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) export GOVMOMI_HOME="$dir" export GOVC_PERSIST_SESSION=true @@ -137,7 +137,7 @@ load test_helper vcsim_env user=$(govc env GOVC_USERNAME) - dir=$($mktemp --tmpdir -d govc-test-XXXXX) + dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) export GOVMOMI_HOME="$dir" export GOVC_PERSIST_SESSION=true diff --git a/govc/test/vcsim.bats b/govc/test/vcsim.bats index 30d2af0ac..6b9f44d1d 100755 --- a/govc/test/vcsim.bats +++ b/govc/test/vcsim.bats @@ -428,7 +428,7 @@ EOF vcsim_stop - dir=$($mktemp --tmpdir -d govc-test-XXXXX) + dir=$($mktemp --tmpdir -d govc-test-XXXXX 2>/dev/null || $mktemp -d -t govc-test-XXXXX) echo nobody > "$dir/username" echo nothing > "$dir/password" From 1ad33d48669e229c48a9cf3411ed237ed678cb1c Mon Sep 17 00:00:00 2001 From: akutz Date: Mon, 12 Dec 2022 11:32:17 -0600 Subject: [PATCH 6/6] fix: Heal the broken Namespace API This patch fixes a few bugs related to the Namespaces API. There was an NPE occurring due to a pointer variable being used prior to being assigned. The "govc namespace.logs.download" command also just failed to work due to the VAPI client assuming the response will always be JSON and not possibly, binary data as one sends when one receives a tar file. Finally, the namespace.bats file used to use the cluster name "Workload-Cluster", but due to a hack in the simulated namespaces API, it only recognizes clusters that begin with "WCP". --- govc/namespace/cluster/enable.go | 1 + govc/namespace/cluster/logs.go | 4 ++++ govc/test/namespace.bats | 8 ++++---- vapi/namespace/namespace.go | 14 +++++++++----- vapi/namespace/simulator/simulator.go | 2 +- 5 files changed, 19 insertions(+), 10 deletions(-) diff --git a/govc/namespace/cluster/enable.go b/govc/namespace/cluster/enable.go index 0a5515932..8170a7782 100644 --- a/govc/namespace/cluster/enable.go +++ b/govc/namespace/cluster/enable.go @@ -310,6 +310,7 @@ func (cmd *enableCluster) toVapiSpec(refs objectReferences) (*namespace.EnableCl if (cmd.ControlPlaneManagementNetwork.Mode != "") || (cmd.ControlPlaneManagementNetwork.FloatingIP != "") || (cmd.ControlPlaneManagementNetwork.Network != "") { + masterManagementNetwork = &namespace.MasterManagementNetwork{} masterManagementNetwork.AddressRange = cmd.ControlPlaneManagementNetwork.AddressRange masterManagementNetwork.FloatingIP = cmd.ControlPlaneManagementNetwork.FloatingIP ipam := namespace.IpAssignmentModeFromString(cmd.ControlPlaneManagementNetwork.Mode) diff --git a/govc/namespace/cluster/logs.go b/govc/namespace/cluster/logs.go index 9bc1748bf..80808f734 100644 --- a/govc/namespace/cluster/logs.go +++ b/govc/namespace/cluster/logs.go @@ -86,6 +86,10 @@ func (cmd *logs) Run(ctx context.Context, f *flag.FlagSet) error { return err } + if id := c.SessionID(); id != "" { + req.Header.Set("vmware-api-session-id", id) + } + return c.Client.Do(ctx, req, func(res *http.Response) error { if name == "" { d := res.Header.Get("Content-Disposition") diff --git a/govc/test/namespace.bats b/govc/test/namespace.bats index a21874568..a0bd7b170 100755 --- a/govc/test/namespace.bats +++ b/govc/test/namespace.bats @@ -32,7 +32,7 @@ load test_helper vcsim_env # need to set up some dependencies - govc cluster.create Workload-Cluster + govc cluster.create WCP-Cluster assert_success govc dvs.create "DVPG-Management Network" @@ -41,7 +41,7 @@ load test_helper govc namespace.cluster.enable \ --service-cidr 10.96.0.0/23 \ --pod-cidrs 10.244.0.0/20 \ - --cluster "Workload-Cluster" \ + --cluster "WCP-Cluster" \ --control-plane-dns 8.8.8.8 \ --worker-dns 8.8.8.8 \ --control-plane-dns-search-domains example.com \ @@ -67,10 +67,10 @@ load test_helper @test "namespace.cluster.disable" { vcsim_env - govc cluster.create Workload-Cluster + govc cluster.create WCP-Cluster assert_success - govc namespace.cluster.disable --cluster Workload-Cluster + govc namespace.cluster.disable --cluster WCP-Cluster assert_success } diff --git a/vapi/namespace/namespace.go b/vapi/namespace/namespace.go index 99245310a..7a1c8d30d 100644 --- a/vapi/namespace/namespace.go +++ b/vapi/namespace/namespace.go @@ -338,7 +338,9 @@ type AviConfigCreateSpec struct { // a Tanzu Kubernetes Grid enabled vSphere cluster to a HA Proxy // Load Balancer. // Note: HA Proxy is not supported in vSphere 7.0u3 and above. Use Avi -// with vSphere networking, or NSX-T networking, instead. +// +// with vSphere networking, or NSX-T networking, instead. +// // See https://developer.vmware.com/apis/vsphere-automation/latest/vcenter/data-structures/NamespaceManagement/LoadBalancers/HAProxyConfigCreateSpec/ // Since 7.0u1:- type HAProxyConfigCreateSpec struct { @@ -352,10 +354,12 @@ type HAProxyConfigCreateSpec struct { // the Load Balancer technology in use in a Tanzu Kubernetes Grid // cluster. // Note: If invalid or undefined (E.g. if a newer/older vSphere -// version is used whose option isn't listed) then the -// UndefinedLoadBalancerProvider value shall be set. -// This translates to an empty string, removing its element -// from the produces JSON. +// +// version is used whose option isn't listed) then the +// UndefinedLoadBalancerProvider value shall be set. +// This translates to an empty string, removing its element +// from the produces JSON. +// // See https://developer.vmware.com/apis/vsphere-automation/latest/vcenter/data-structures/NamespaceManagement/LoadBalancers/Provider/ type LoadBalancerProvider struct { slug string diff --git a/vapi/namespace/simulator/simulator.go b/vapi/namespace/simulator/simulator.go index afde46bdf..55382fb80 100644 --- a/vapi/namespace/simulator/simulator.go +++ b/vapi/namespace/simulator/simulator.go @@ -137,7 +137,7 @@ func (h *Handler) clustersSupportBundle(w http.ResponseWriter, r *http.Request) name := fmt.Sprintf("wcp-support-bundle-%s-%s--00-00.tar", id, time.Now().Format("2006Jan02")) w.Header().Set("Content-Disposition", fmt.Sprintf("attachment; filename=%s", name)) - r.Header.Set("Content-Type", "application/octet-stream") + w.Header().Set("Content-Type", "application/octet-stream") readme := "vcsim generated support bundle" tw := tar.NewWriter(w)