[pve-devel] applied: [PATCH access-control v3 2/2] add realm-sync plugin for jobs and CRUD api for realm-sync-jobs
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Jun 7 10:38:00 CEST 2023
Am 17/01/2023 um 12:46 schrieb Dominik Csapak:
> to be able to define automated jobs that sync ldap/ad
>
> The jobs plugin contains special handling when no node is given, since
> we only want it to run on a single node when that triggers. For that,
> we save a statefile in /etc/pve/priv/jobs/ which contains the
> node/time/upid of the node that runs the job. The first node that
> is able to lock the realm (via cfs_lock_domain) "wins" and may
> sync from the ldap.
>
> in case a specific node was selected, this is omitted and the Jobs
> handling will not let it run on other nodes anyway
>
> the API part is our usual sectionconfig CRUD api, but specialized
> for the specific type of job.
>
> the api will be at /cluster/jobs/realm-sync
> (this must be done in pve-manager)
>
> Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
> ---
> src/PVE/API2/AccessControl/Makefile | 6 +
> src/PVE/API2/AccessControl/RealmSync.pm | 292 ++++++++++++++++++++++++
> src/PVE/API2/Makefile | 4 +
> src/PVE/Jobs/Makefile | 6 +
> src/PVE/Jobs/RealmSync.pm | 201 ++++++++++++++++
> src/PVE/Makefile | 1 +
> 6 files changed, 510 insertions(+)
> create mode 100644 src/PVE/API2/AccessControl/Makefile
> create mode 100644 src/PVE/API2/AccessControl/RealmSync.pm
> create mode 100644 src/PVE/Jobs/Makefile
> create mode 100644 src/PVE/Jobs/RealmSync.pm
>
>
applied, moving the API from AccessControl namespace to Jobs one, as it's confusing
if it's located in PVE::API2::AccessControl::, but isn't mounted there.
Some small code/import cleanups thrown in, thanks!
More information about the pve-devel
mailing list