Merge "Provide knob to disable ata secure erase"
This commit is contained in:
commit
105e580310
|
@ -771,14 +771,15 @@ class GenericHardwareManager(HardwareManager):
|
|||
LOG.info("Skipping the erase of virtual media device %s",
|
||||
block_device.name)
|
||||
return
|
||||
|
||||
info = node.get('driver_internal_info', {})
|
||||
# Note(TheJulia) Use try/except to capture and log the failure
|
||||
# and then revert to attempting to shred the volume if enabled.
|
||||
try:
|
||||
if self._ata_erase(block_device):
|
||||
execute_secure_erase = info.get(
|
||||
'agent_enable_ata_secure_erase', True)
|
||||
if execute_secure_erase and self._ata_erase(block_device):
|
||||
return
|
||||
except errors.BlockDeviceEraseError as e:
|
||||
info = node.get('driver_internal_info', {})
|
||||
execute_shred = info.get(
|
||||
'agent_continue_if_ata_erase_failed', False)
|
||||
if execute_shred:
|
||||
|
|
|
@ -1785,6 +1785,22 @@ class TestGenericHardwareManager(base.IronicAgentTest):
|
|||
self.hardware.erase_block_device(self.node, block_device)
|
||||
self.assertTrue(mock_shred.called)
|
||||
|
||||
@mock.patch.object(hardware.GenericHardwareManager, '_shred_block_device',
|
||||
autospec=True)
|
||||
@mock.patch.object(utils, 'execute', autospec=True)
|
||||
def test_erase_block_device_ata_erase_disabled(
|
||||
self, mocked_execute, mock_shred):
|
||||
|
||||
info = self.node['driver_internal_info']
|
||||
info['agent_enable_ata_secure_erase'] = False
|
||||
|
||||
block_device = hardware.BlockDevice('/dev/sda', 'big', 1073741824,
|
||||
True)
|
||||
|
||||
self.hardware.erase_block_device(self.node, block_device)
|
||||
self.assertTrue(mock_shred.called)
|
||||
self.assertFalse(mocked_execute.called)
|
||||
|
||||
def test_normal_vs_enhanced_security_erase(self):
|
||||
@mock.patch.object(utils, 'execute', autospec=True)
|
||||
def test_security_erase_option(test_case,
|
||||
|
|
|
@ -0,0 +1,6 @@
|
|||
---
|
||||
features:
|
||||
- |
|
||||
Adds the ability for the Bare Metal service conductor
|
||||
service to explicitly choose to disable ATA Secure Erase
|
||||
from being executed.
|
Loading…
Reference in New Issue