Age | Commit message (Collapse) | Author | Files | Lines |
|
OriginResource allows filtering messages on a per-device basis. This
was already listed as supported in our docs.
RegistryPrefixes is also added.
Tested: Unit tests pass.
Change-Id: Idfde8416f2f466ce11957177e052b540fc669888
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Added ChassisSubNode enum for defining the different chassis subNode
paths to retrieving sensor data.
Modified path building sensor data to use the enum. Other paths were
left still using the string. Specifically the paths using
SensorsAsyncResp as these primarily use the strings for human readable
output.
Added utility functions to convert to/from enum to string value.
Added unit tests for new utility functions.
Tested:
- Verified sensor paths before and after change had no change:
- /redfish/v1/Chassis/chassis/Sensors
- /redfish/v1/Chassis/chassis/Thermal
- /redfish/v1/Chassis/chassis/Power
- Selection of: /redfish/v1/Chassis/chassis/Sensors/<sensor>
- /redfish/v1/Chassis/chassis/Sensors?\$expand=*
- Redfish Validator passes
Change-Id: I02bb5f3c0c49d85dbd1dff911d9f1a8467d6b1db
Signed-off-by: Janet Adkins <janeta@us.ibm.com>
|
|
Similar to other patches, break out the post codes log services into
their own file. log_services.hpp is far too large.
Change-Id: I3cb644d52a9d3b5f9a15a2f90c1b69c87491e5c8
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
These were added as part of
d5c80ad9c07b94465d8ea62d2b6f87c30cac765e: test treewide: iwyu
Since then, Nan hasn't been very active on the project, and to my
knowledge, since the initial run, we've never used IWYU again.
clang-include-cleaner seems to work well without needing these pragmas,
and is what we're using, even if it's less useful than IWYU.
Remove all mention of IWYU.
Tested: Code compiles.
Change-Id: I06feedeeac9a114f5bdec81d59ca83223efd8aa7
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
This commit is automatically generated by enabling clang-include-fixer.
Tested: Code compiles.
Change-Id: I475d7b9d43e95bbdeeaadf11905d3b2a60aa8ef3
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Previously searchCollectionsArray() had an implicit assumption that it
would not receive query parameters in the input URI. This patch adds the
assumption that it will.
Tested:
Unit tests pass
Confirmed that the query to the URI
`/redfish/v1/UpdateService?$expand=.($levels=1)` worked as expected now.
Change-Id: Ia33ece024c58e9d32f5815b2c69e8ab62c0c2127
Signed-off-by: Joonwon Kang <joonwonkang@google.com>
Signed-off-by: Ed Tanous <etanous@nvidia.com>
Signed-off-by: Carson Labrado <clabrado@google.com>
|
|
It was correctly pointed out that for PATCH, we cannot return 200
success without also returning the object, per Redfish. This commit
partially reverts cdf25ff, to give PATCH the old (204) behavior again.
Tested: Patch now returns 204
Change-Id: I8ede932a73ae064586d94c47393e4418350adb00
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Create a separate utility class for sensors. The goal is to make these
functions easily available for use outside of sensors for paths which
need reference sensors.
Moved splitSensorNameAndType() into new utility class.
Created new utility function getSensorId(). The Id for a sensor is
built from its name and type in a few different locations. These are
modified to call the new function. The function has also been
simplified to use std::format() to build the Id.
Tested:
- Checked before and after results for queries using this function:
(Note: I was not able to confirm the setSensorsOverride() caller as
it is only being used for redfish-allow-deprecated-power-thermal
URI.)
'''
- https://${bmc}/redfish/v1/Chassis/chassis/Sensors
- https://${bmc}/redfish/v1/Chassis/chassis/Sensors/<str>
where <str> was sensors of different types
- https://${bmc}/redfish/v1/Chassis/chassis/Sensors?\$expand=*
- https://${bmc}/redfish/v1/Chassis/chassis/ThermalSubsystem/Fans
- https://${bmc}/redfish/v1/Chassis/chassis/PowerSubsystem/PowerSupplies
'''
- Redfish Validator passed
Change-Id: Ifa200b6e63f8e52d47f70c33d350999f5c527bbd
Signed-off-by: Janet Adkins <janeta@us.ibm.com>
|
|
clang-format-18 isn't compatible with the clang-format-17 output, so we
need to reformat the code with the latest version. The way clang-18
handles lambda formatting also changed, so we have made changes to the
organization default style format to better handle lambda formatting.
See I5e08687e696dd240402a2780158664b7113def0e for updated style.
See Iea0776aaa7edd483fa395e23de25ebf5a6288f71 for clang-18 enablement.
Change-Id: Iceec1dc95b6c908ec6c21fb40093de9dd18bf11a
Signed-off-by: Patrick Williams <patrick@stwcx.xyz>
|
|
Both 200 and 204 are allowed by the Redfish specification. Table 11
states:
200 OK Success, and the action's schema definition does not contain an
action response.
204 No Content: Success, and the action's schema definition does not
contain an action response.
While both of these are allowed, we accidentally changed behavior in the
following commit:
87c4496 Move to Redfish setProperty call
When we transitioned these over to the common dbus calling methods.
This commit restores the old behavior of returning 200 success on
actions, which some implementations are expecting.
Tested: WIP.
Change-Id: I02e47585acf85bd04dcb9d428ef3e39a21d9c75f
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
The Redfish spec require filtering of SSE entries to be supported.
This commit rearranges the code, and implements SSE sorting as well
as support for Last-Event-Id. To do this it adds a dependency on
boost circular_buffer.
Tested:
SSE connections succeed. Show filtered results.
Change-Id: I7aeb266fc40471519674c7b65cd5cc4625019e68
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
Fixes #272
The TaskMonitor urls we create aren't correct per Redfish. Per DSP0266
section 12.2, our TaskMonitor URIs should take the form
/redfish/v1/TaskService/TaskMonitors/<id>
Note that even though this appears to be a collection, it is not, and
does not "exist" in the Redfish schema, hence why it is called out
explicitly.
Tested:
Started dump collection task with
POST
```
/redfish/v1/Managers/bmc/LogServices/Dump/Actions/LogService.CollectDiagnosticData
```
GET /redfish/v1/Tasks/0
Returned TaskMonitor = /redfish/v1/Tasks/TaskMonitors/0
GET /redfish/v1/Tasks/TaskMonitors/0 returned 200
Change-Id: I9fb1d62090f7787d7649c077b748b51ac3202f8a
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Journal logging currently loops over all entries to find even a single
entry. This was reasonable at the time when bmc couldn't really store a
lot, but now that BMCs are getting significantly more flash storage,
this simplification is insufficient. In an example system with an
AST2600, this API takes 32 seconds to respond. This is mediocre for
obvious reasons.
This commit updates to use the sd_journal APIs to let journald do the
skipping, which can use internal details and can be a lot more
efficient. To get the total size, bmcweb still needs to pull the
sequenceids of HEAD and TAIL to determine the complete size, but this is
still reasonable.
Tested:
Redfish service validator passes.
Various versions of top and skip return the correct result, pulling
various top sizes from 0, omitted to the limit.
https://gerrit.openbmc.org/c/openbmc/openbmc-tools/+/72975
To test all corner cases.
Change-Id: I0456bca4e037529f70eaee0bdd9191e9d5839226
Signed-off-by: Ed Tanous <etanous@nvidia.com>
|
|
log_services.hpp probably shouldn't have been allowed to get as large
as it has. This commit starts by breaking out functions from
log_services.hpp, and moves them to manager_logservices_journal.hpp.
Code is moved as-is with no functional changes.
Tested: Journal GET works as before. Redfish service validator passes.
Change-Id: I93c372ae3e39967e1b0eaf0cf496f84ac4114b5c
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Add unit tests for dateStringToEpoch method for various invalid datetime
strings and make sure that std::nullopt is returned as expected in each
test case.
Change-Id: I1eaa1beb471e02e7c11e575fa13bb175b48dc30d
Signed-off-by: Farah Rasheed <Farah.Rasheed1@dell.com>
|
|
Filter allows comparing certain strings as numeric greater than or less
than operators. The most obvious example of this is something like
\$filter=Created gt <timestamp>
Because internally timestamps are treated as strings, this requires
including and parsing out the timestamps again, which we have utilities
for.
In addition, "fuzzy" string comparisons, like
GPU_2 gt GPU_1
Should also be supported.
Tested: Unit tests pass
Change-Id: I39fc543921ed8cc93664d9cf297dad8ee902b68f
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Previously, the parser added space ignore instructions between every
node. This is because there was one place where we actually cared about
spaces, when doing operator comparisons (x eq y). If spaces are
ignored, it's impossible to determine the end of x and the beginning of
eq.
Spirit x3 has a lexeme, which allows us to ignore the parser skips
temporarily, which allows us to parse the operations in a much simpler
way. This also requires that we change to phrase_parse instead of
parse.
Tested: Unit tests pass. Good coverage.
Change-Id: Ifc6f1681e8524ba5032ee118cc3b3a18b30c639e
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
$filter is a parameter documented in the Redfish specification, section
7.3.4. It defines a mechanism for filtering arbitrary collections of
parameters based on a set of arbitrary language expressions.
From the specification, it supports the following language operators:
() Precedence grouping operator.
(Status/State eq 'Enabled' and Status/Health eq 'OK')
or SystemType eq 'Physical'
and Logical and operator.
ProcessorSummary/Count eq 2 and MemorySummary/TotalSystemMemoryGiB gt 64
eq Equal comparison operator.
ProcessorSummary/Count eq 2
ge Greater than or equal to comparison operator.
ProcessorSummary/Count ge 2
gt Great than comparison operator.
ProcessorSummary/Count gt 2
le Less than or equal to comparison operator
MemorySummary/TotalSystemMemoryGiB le 64
lt Less than comparison operator.
MemorySummary/TotalSystemMemoryGiB lt 64
ne Not equal comparison operator.
SystemType ne 'Physical'
not Logical negation operator.
not (ProcessorSummary/Count eq 2)
or Logical or operator.
ProcessorSummary/Count eq 2 or ProcessorSummary/Count eq 4
Support for these operators have been added in previous commits. This
commit enables them behind the insecure-enable-redfish-query meson
option. This is an arbitrary language, so the likelihood there's some
improper implementation in the patch is high. This gives folks the
ability to test it.
Tested:
Lots of unit tests included in this patch.
Functionally tested the basic operators:
```
GET /redfish/v1/Managers/bmc/LogServices/Journal/Entries?\$filter=EntryType+eq+'Oem'
GET /redfish/v1/Managers/bmc/LogServices/Journal/Entries?\$filter=EntryType+ne+'Oem'
```
Function as expected, producing multiple results or no results
respectively.
GET /redfish/v1 reports "FilterQuery": true
Redfish service validator passes.
Change-Id: Id568acc5dcfce868af12da5ee16c4f0caae8060a
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
This commit implements a parser for $filter expressions, per the redfish
specification and odata specification. This is intended to be used to
support $filter query for collections.
For parsing libraries, this commit chooses boost spirit x3. It's chosen
because it doesn't require a new external dependency, and is done
entirely in the compiler, using C++ syntax. While the syntax is still
somewhat difficult to read, there's a slew of unit tests included to
make sure that at least the common things we expect to work will parse
correctly.
Tested: Unit tests pass (good coverage). Code not yet used.
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1b0ab615bc49064acab4dad47f0a8aa499557bfc
|
|
When enabled, redfish aggregation causes unit tests to fail.
Tested: Unit tests now pass with redfish aggregation enabled.
Change-Id: Ieb92a4ad0a4be3ce757c816a676e0a641cd7c85a
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
72169 points out a mistake in 1.16 which is fixed in 1.18. Let's pull
1.18.1 in. 1.18.1 is the latest.
Changed 1 line in parse_registries.py and reran it.
Tested: None. In the past bumping these hasn't caused problems.
Change-Id: I79b135b8366d9b423f789c34802b1c0366d4e8a5
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
It was reported that ipv6 URLS failed to parse now. This test seems
useful to have.
Tested: Unit tests pass.
Change-Id: I21f1b11039c1b35dff5c85ecab784dd3cd6228dc
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
In the initial implementation of metadata indexing the bmc knew at
compile time what schemas it could potentially publish. bmcweb took the
approach of adding all schemas of all versions to the $metadata
resource. Since that was made, two major changes have happened.
First, Redfish has added significantly more versions of each schema, as
well as significantly more schemas to the point where the metadata index
is now 213KB. While this file compresses fairly well, the size is
obvious from the large amount of time that redfish service validator
takes to parse the schemas, compared to actually acquiring BMC redfish
resources.
Second, aggregation was added, where an aggregated Redfish service might
implement any number of schemas, including OEM ones.
In an effort to fix this, this patch takes the compile-time algorithm in
update_schemas.py, and moves it into bmcweb itself, parsing the files on
disk as needed on demand. This has some immediate benefits; First, is
that now schemas can be potentially installed from anywhere, not only
from within the bmcweb build, and they will be resolved at runtime.
Second, patches that want to add support for a given schema need to only
symlink the schema into the correct folder, without needing to rerun
update_schemas.py. This saves time in review.
Finally, this opens to door to reducing the schema versions present in
the metadata to the unique set of only what this bmcweb instance, and
its aggregated BMCs expose.
Tested: Redfish service validator passes. Need A/B checking to verify
the file is byte for byte the same.
GET /redfish/v1/$metadata returns what looks like sane results, with a
correct content-type.
Unit tests require the use of TemporaryFileHandle, so that class is
moved into a more general folder, outside of test/http.
Change-Id: I326159099c6b6c4056023b2e173c5f074ed88ce1
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
This is yet another step in parsing HTTP requests.
Tested:
'''
curl -vvvv -k --user "root:0penBmc" -H "Content-Type: application/json" \
-X POST https://192.168.7.2/redfish/v1/UpdateService/Actions/UpdateService.SimpleUpdate \
-d '{ \
"TransferProtocol":"TFTP", \
"ImageURI":"https://192.168.7.1/myfile.bin" \
}'
'''
Returns ActionParameterNotSupported
TransferProtocol: Omitted
ImageURI: https://192.168.7.1/myfile.bin
Returns ActionParameterNotSupported
TransferProtocol: Omitted
ImageURI: 192.168.7.1/myfile.bin
Returns ActionParameterValueTypeError
TransferProtocol: Bad
ImageURI: https:/192.168.7.1/myfile.bin
Returns: ActionParameterNotSupported
No changes to GET requests, so Redfish Service Validator not necessary.
Change-Id: Ibf4b69877031f3b8617412c06d40f2d0d0827ac3
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
The configuration options that exist in bmcweb are an amalgimation of
CROW options, CMAKE options using #define, pre-bmcweb ifdef mechanisms
and meson options using a config file. This history has led to a lot of
different ways to configure code in the codebase itself, which has led
to problems, and issues in consistency.
ifdef options do no compile time checking of code not within the branch.
This is good when you have optional dependencies, but not great when
you're trying to ensure both options compile.
This commit moves all internal configuration options to:
1. A namespace called bmcweb
2. A naming scheme matching the meson option. hyphens are replaced with
underscores, and the option is uppercased. This consistent transform
allows matching up option keys with their code counterparts, without
naming changes.
3. All options are bool true = enabled, and any options with _ENABLED or
_DISABLED postfixes have those postfixes removed. (note, there are
still some options with disable in the name, those are left as-is)
4. All options are now constexpr booleans, without an explicit compare.
To accomplish this, unfortunately an option list in config/meson.build
is required, given that meson doesn't provide a way to dump all options,
as is a manual entry in bmcweb_config.h.in, in addition to the
meson_options. This obsoletes the map in the main meson.build, which
helps some of the complexity.
Now that we've done this, we have some rules that will be documented.
1. Runtime behavior changes should be added as a constexpr bool to
bmcweb_config.h
2. Options that require optionally pulling in a dependency shall use an
ifdef, defined in the primary meson.build. (note, there are no
options that currently meet this class, but it's included for
completeness.)
Note, that this consolidation means that at configure time, all options
are printed. This is a good thing and allows direct comparison of
configs in log files.
Tested: Code compiles
Server boots, and shows options configured in the default build. (HTTPS,
log level, etc)
Change-Id: I94e79a56bcdc01755036e4e7278c7e69e25809ce
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Most of these were found by breaking every redfish class handler into
its own compile unit:
When that's done, these missing headers become compile errors. We
should just fix them.
In addition, this allows us to enable automatic header checking in
clang-tidy using misc-header-cleaner. Because the compiler can now
"see" all the defines, it no longer tries to remove headers that it
thinks are unused.
[1] https://github.com/openbmc/bmcweb/commit/4fdee9e39e9f03122ee16a6fb251a380681f56ac
Tested: Code compiles.
Change-Id: Ifa27ac4a512362b7ded7cc3068648dc4aea6ad7b
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
This function in the next patch will be used for more than just TFTP, so
rename it to match intent, and refactor to use non-TFTP specific types.
Tested: Rename only. Need help on TFTP setups if we need it.
Change-Id: Ifc7485aa60ec53407c38b3d1bec530bdacf50075
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
If we use string_view with std::from_chars, we can use begin() and end()
directly (because they return pointers) and not have to do silly things
like dereference end(), which, while works in practice, is technically
undefined behavior, and some static analyzers complain about it.
Tested: Unit tests pass against both old parsePostCode and new.
Change-Id: Icfdec3b81f4a9c9bed3599571a8bc8779f9bfb98
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
In Redfish schema, just about all values can be a type (string,
EDM.Numeric, etc) or null. Most APIs don't allow explicitly setting
null, but there are a few cases where it is useful, namely in lists,
where an an empty object {} keeps the value the same, and null deletes
the value from the list.
Previously we handled this by unpacking as nlohmann::json, but this
allowed things like
[1.0, {}] to pass the check for an array of string values. We'd
ideally like to reject the 1.0 at the first stage, as well as reduce
the number of tiered readJson calls that we make.
This commit introducess support for unpacking std::variant types, that
allows unpacking a known type, or explicitly allowing null, by unpacking
std::nullptr_t.
Tested: Unit tests pass.
Change-Id: Ic7451877c824ac743faf1951cc2b5d9f8df8019c
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Several places access the members of `req` indirectly like
`req.req.method()`. This can be simplified as `req.method()` .
This would also make the code clearer.
Tested:
- Compiles
- Redfish service validator passes
Change-Id: Ie129564ff907cdea7ac224b1e3d80cc0dedfbd7b
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
There are currently 78 sdbusplus::asio::setProperty calls in
redfish-core. The error handler for nearly all of them looks something
like:
```
if (ec)
{
const sd_bus_error* dbusError = msg.get_error();
if ((dbusError != nullptr) &&
(dbusError->name ==
std::string_view(
"xyz.openbmc_project.Common.Error.InvalidArgument")))
{
BMCWEB_LOG_WARNING("DBUS response error: {}", ec);
messages::propertyValueIncorrect(asyncResp->res, "<PropertyName>", <PropertyValue>);
return;
}
messages::internalError(asyncResp->res);
return;
}
messages::success(asyncResp->res);
```
In some cases there are more errors handled that translate to more error
messages, but the vast majority only handle InvalidArgument. Many of
these, like the ones in account_service.hpp, do the error handling in a
lambda, which causes readability problems. This commit starts to make
things more consistent, and easier for trivial property sets.
This commit invents a setDbusProperty method in the redfish namespace
that tries to handle all DBus errors in a consistent manner. Looking
for input on whether this will work before changing over the other 73
calls. Overall this is less code, fewer inline lambdas, and defaults
that should work for MOST use cases of calling an OpenBMC daemon, and
fall back to more generic errors when calling a "normal" dbus daemon.
As part of this, I've ported over several examples. Some things that
might be up in the air:
1. Do we always return 204 no_content on property sets? Today there's a
mix of 200, with a Base::Success message, and 204, with an empty body.
2. Do all DBus response codes map to the same error? A majority are
covered by xyz.openbmc_project.Common.Error.InvalidArgument, but there
are likely differences. If we allow any daemon to return any return
code, does that cause compatibility problems later?
Tested:
```
curl -k --user "root:0penBmc" -H "Content-Type: application/json" -X PATCH -d '{"HostName":"openbmc@#"}' https://192.168.7.2/redfish/v1/Managers/bmc/EthernetInterfaces/eth0
```
Returns the appropriate error in the response
Base.1.16.0.PropertyValueIncorrect
Change-Id: If033a1112ba516792c9386c997d090c8f9094f3a
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
And fix the includes that are wrong.
Note, there is a very large ignore list included in the .clang-tidy
configcfile. These are things that clang-tidy doesn't yet handle
well, like knowing about a details include.
Change-Id: Ie3744f2c8cba68a8700b406449d6c2018a736952
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
clang-tidy-18 makes this feature stable enough for us to use in general.
Enable the check, and fix the couple of regressions that have snuck in
since we last ran the check.
Tidy seems to not be able to understand that ASSERT will not continue,
so if we ASSERT a std::optional, it's not a bug. Add explicit checks to
keep tidy happy.
Tested: clang-tidy passes.
Change-Id: I0986453851da5471056a7b47b8ad57a9801df259
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
These variables aren't used, and clang-tidy-18 flags it. Remove
Tested: Code compiles.
Change-Id: I414c4614a5f789aecab7700a4ec805e98c09cade
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Redfish supports several type systems for json. This makes parsing into
proper types a challenge. Nlohmann supports 3 core data types,
nlohmann::json, which supports all json types (float, int, array,
object). Nlohmann::json::object_t, which is a specific typedef of
std::map, and nlohmann::json::array_t, which is a specific typedef of
std::map.
Redfish allows reading our arrays of complex objects, similar to
NtpServers: [null, {}, "string"]
Which makes it a challenge to support. This commit allows parsing out
objects as a nlohmann::object_t, which gives the ability to later use it
in a type safe manner, without having to call
get_ptr<nlohmann::json::object_t later>.
Tested:
Unit tests pass.
Change-Id: I4134338951ce27c2f56841a45b56bc64ad1753db
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
Commit [1] introduced a new optional dbus property that OpenBMC
developers can populate to define which
redfish/v1/Systems/system/ResetActionInfo AllowableValues are.
Look for that new property on dbus. If not found, hard code the
previous values otherwise utilize the property to fill in the return
value.
Tested:
- Put new property on dbus and confirmed Redfish API returned expected
values:
```
curl -k -H "X-Auth-Token: $token" -X GET https://${bmc}/redfish/v1/Systems/system/ResetActionInfo
{
"@odata.id": "/redfish/v1/Systems/system/ResetActionInfo",
"@odata.type": "#ActionInfo.v1_1_2.ActionInfo",
"Id": "ResetActionInfo",
"Name": "Reset Action Info",
"Parameters": [
{
"AllowableValues": [
"ForceOff",
"PowerCycle",
"Nmi",
"On",
"ForceOn",
"ForceRestart",
"GracefulRestart",
"GracefulShutdown"
],
"DataType": "String",
"Name": "ResetType",
"Required": true
}
]
}
```
- Did not run redfish validator as response was same as previous
[1]: https://gerrit.openbmc.org/c/openbmc/phosphor-dbus-interfaces/+/68933
Change-Id: Iecece14e7ff55db98d96df71b106ecc9e3f0ac33
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Signed-off-by: Gunnar Mills <gmills@us.ibm.com>
|
|
Add support to fetch MemoryStatistics, FreeStorageSpaceKiB and
ProcessorStatistics for Manager Diagnostic Data.
https://redfish.dmtf.org/schemas/v1/ManagerDiagnosticData.v1_2_1.json
This change is in relation to following design and D-Bus interface -
https://gerrit.openbmc.org/c/openbmc/docs/+/64917
https://gerrit.openbmc.org/c/openbmc/phosphor-dbus-interfaces/+/64914
Test:
Redfish query output -
{
"@odata.id": "/redfish/v1/Managers/bmc/ManagerDiagnosticData",
"@odata.type": "#ManagerDiagnosticData.v1_2_0.ManagerDiagnosticData",
"FreeStorageSpaceKiB": 3772,
"Id": "ManagerDiagnosticData",
"MemoryStatistics": {
"AvailableBytes": 354224066,
"BuffersAndCacheBytes": 78984633,
"SharedBytes": 11876066,
"TotalBytes": 425516000
},
"Name": "Manager Diagnostic Data",
"ProcessorStatistics": {
"KernelPercent": 13.0234,
"UserPercent": 5.7374
},
"ServiceRootUptimeSeconds": 2255.117
}
Redfish service validator passing -
Elapsed time: 0:03:12
metadataNamespaces: 3726
pass: 5133
passAction: 9
passGet: 205
passRedfishUri: 197
skipNoSchema: 3
skipOptional: 3492
warnDeprecated: 4
warningPresent: 7
Validation has succeeded.
Change-Id: I43758a993eb7f342cb9ac5f5574498b37261c2cc
Signed-off-by: Jagpal Singh Gill <paligill@gmail.com>
|
|
Similar to transforms we've done elsewhere, we shouldn't be parsing
urls using std::string::find, regex, or anything else, as they don't
handle URL % encoding properly.
Change-Id: I48bb30c0c737c4df2ae73f40fc49c63bac5b658f
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
These were found with:
codespell -w $(git ls-files | grep "\.[hc]\(pp\)\?$")
At some point in the future, we might want to get this enabled in CI.
Change-Id: Iccb57b2adfd06a2e177e99db2923fe4e8e329118
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
/redfish/v1/Managers/bmc/LogServices/Journal/Entries gives the system
journal entries whose ID is based on the realtime timestmap. However,
the system realtime may go backward if the system time is changed either
manually or via NTP.
If that happens, those entries may not found via redfish GET as
`sd_journal_seek_realtime_usec()`[1] may not always work on the entries
which are not sorted in time-order.
This may cause the inconsistency between the content of
`/redfish/v1/Managers/bmc/LogServices/Journal/Entries/`
and /redfish/v1/Managers/bmc/LogServices/Journal/Entries/<bmc_journal_id>`.
For example,
```
sudo journalctl --vacuum-time=1s
<wait for a while to clear up journal>
date -s "<backward-time>"
date -s "<forward-time>"
```
Run redfish journal entries and get each entry id from the output
```
curl -k -X GET https://${bmc}/redfish/v1/Managers/bmc/LogServices/Journal/Entries > rj.out
```
Take some logEntry Id that its time going backward like
```
grep "@odata.id" rj.out
```
Run redfish query for each id, and some of them can't be successful.
```
% curl -k -X GET https://${bmc}/redfish/v1/Managers/bmc/LogServices/Journal/Entries/1701604800002075
{
"error": {
"@Message.ExtendedInfo": [
{
"@odata.type": "#Message.v1_1_1.Message",
"Message": "The requested resource of type LogEntry named '1701604800002075' was not found.",
"MessageArgs": [
"LogEntry",
"1701604800002075"
],
"MessageId": "Base.1.13.0.ResourceNotFound",
"MessageSeverity": "Critical",
"Resolution": "Provide a valid resource identifier and resubmit the request."
}
],
"code": "Base.1.13.0.ResourceNotFound",
"message": "The requested resource of type LogEntry named '1701604800002075' was not found."
}
}%
```
This can also be verified by checking the failure of Redfish Validator run
```
python3 RedfishServiceValidator.py --auth Session -i https://${bmc} -u admin -p 0penBmc0 --payload Tree /redfish/v1/Managers/bmc/LogServices/Journal/Entries
```
For example,
```
ERROR - Members: GET of resource at URI /redfish/v1/Managers/bmc/LogServices/Journal/Entries/1701604800002075 returned HTTP error. Check URI.
ERROR - Members: GET of resource at URI /redfish/v1/Managers/bmc/LogServices/Journal/Entries/1701604800065949 returned HTTP error. Check URI.
ERROR - Members: GET of resource at URI /redfish/v1/Managers/bmc/LogServices/Journal/Entries/1701607680003048 returned HTTP error. Check URI.
```
```
--Time goes backwrd
{
"@odata.id": "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/1701604800002075",
"@odata.type": "#LogEntry.v1_9_0.LogEntry",
"Created": "2023-12-03T12:00:00+00:00",
"EntryType": "Oem",
"Id": "1701604800002075",
"Message": "systemd-resolved: Clock change detected. Flushing caches.",
"Name": "BMC Journal Entry",
"OemRecordFormat": "BMC Journal Entry",
"Severity": "OK"
},
...
{
"@odata.id": "/redfish/v1/Managers/bmc/LogServices/Journal/Entries/1701607680003048",
"@odata.type": "#LogEntry.v1_9_0.LogEntry",
"Created": "2023-12-03T12:48:00+00:00",
"EntryType": "Oem",
"Id": "1701607680003048",
"Message": "systemd-resolved: Clock change detected. Flushing caches.",
"Name": "BMC Journal Entry",
"OemRecordFormat": "BMC Journal Entry",
"Severity": "OK"
},
-- Time comes back to the previous moment
```
The solution is proposed to use <bootid> + <monototic timestamp> as the
redfish journal entry id instead of realtime timestamp.
Unlike realtime timestamp which may go backward, <monotonic timestamp>
is monotonically increasing.
Tested:
- Redfish Validator passes
- GET Journal Entry ID will be found even if its time goes backward.
[1] https://github.com/openbmc/bmcweb/blob/7164bc62dd26ec92b01985aaae97ecc48276dea5/redfish-core/lib/log_services.hpp#L2690
Change-Id: I83bfb1ed88c9cf036f594757aa4a00d2709dd196
Signed-off-by: Myung Bae <myungbae@us.ibm.com>
|
|
As is, it reads the whole file into memory before sending it. While
fairly fast for the user, this wastes ram, and makes bmcweb less useful
on less capable systems.
This patch enables using the boost::beast::http::file_body type, which
has more efficient serialization semantics than using a std::string. To
do this, it adds a openFile() handler to http::Response, which can be
used to properly open a file. Once the file is opened, the existing
string body is ignored, and the file payload is sent instead.
openFile() also returns success or failure, to allow users to properly
handle 404s and other errors.
To prove that it works, I moved over every instance of direct use of the
body() method over to using this, including the webasset handler. The
webasset handler specifically should help with system load when doing an
initial page load of the webui.
Tested:
Redfish service validator passes.
Change-Id: Ic7ea9ffefdbc81eb985de7edc0fac114822994ad
Signed-off-by: Ed Tanous <ed@tanous.net>
|
|
This code as it stands pulls in the full datetime library from boost,
including io, and a bunch of timezone code. The bmc doesn't make use of
any of this, so we can rely on a much simplified version.
Unfortunately for us, gcc still doesn't implement the c++20
std::chrono::parse[1]. There is a reference library available from [2]
that backports the parse function to compilers that don't yet support
it, and is the basis for the libc++ version. This commit opts to copy
in the header as-written, under the assumption that we will never need
to pull in new versions of this library, and will move to the std
ersion as soon as it's available in the next gcc version.
This commit simplifies things down to improve compile times and binary
size. It saves ~22KB of compressed binary size, or about 3%.
Tested: Unit tests pass. Pretty good coverage.
[1] https://en.cppreference.com/w/cpp/chrono/parse
[2] https://github.com/HowardHinnant/date/blob/master/include/date/date.h
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I706b91cc3d9df3f32068125bc47ff0c374eb8d87
|
|
Clang-tidy has the aforementioned check, which shows a few places in the
core where we ignored the required optional checks. Fix all uses.
Note, we cannot enable the check that this time because of some weird
code in health.hpp that crashes tidy[1]. That will need to be a future
improvement.
There are tests that call something like
ASSERT(optional)
EXPECT(optional->foo())
While this isn't an actual violation, clang-tidy doesn't seem to be
smart enough to deal with it, so add some explicit checks.
[1] https://github.com/llvm/llvm-project/issues/55530
Tested: Redfish service validator passes.
Change-Id: Ied579cd0b957efc81aff5d5d1091a740a7a2d7e3
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Add a utility function which estimates the size of the JSON tree.
It is used in the children change to limit the reponse size of expand
query.
Tested:
1. unit test passed;
2. tested on hardware, the following are real sizes and estimation
```
Real payload size, Estimation, query
15.69 KB, 10.21 KB, redfish/v1?$expand=.($levels=1)
95.76 KB, 62.11 KB, redfish/v1?$expand=.($levels=2)
117.14 KB, 72.71 KB, redfish/v1?$expand=.($levels=3)
127.65 KB, 77.64 KB, redfish/v1?$expand=.($levels=4)
```
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Change-Id: Iae26d6732a6ec63ecc59eacf657b4bf33c07c046
|
|
With delegate expand, the default expand level is -=
`queryCapabilities.canDelegateExpandLevel`. This creates an overlap of
expand process between delegate expand vs. default expand.
With
query.expandLevel = 2 ->
query.expandLevel = 1 and delegated.expandLevel = 1.
Both delegated and default expand will try to only expand of level one
instead of level 2 for the default.
The code in
https://github.com/openbmc/bmcweb/blob/479e899d5f57a67647f83b7f615d2c8565290bcf/redfish-core/include/utils/query_param.hpp#L583-L597
stated that the level with "@odata.id" + other property is treated as a
seperate level. So with `query.expandLevel = 1` it just loop through the
id that was already expanded and is noop.
Tested:
Before:
/redfish/v1/Chassis/BMC/Sensors?$expand=.($levels=2) returns
the same result as level=1. Needs level=3 to expand to the next level.
The RelatedItem in here doesn't get expanded with level=2.
```
wget -qO- 'http://localhost:80/redfish/v1/Chassis/BMC/Sensors?$expand=.($levels=1)'
...
{
"@odata.id": "/redfish/v1/Chassis/BMC/Sensors/temperature_DIMMXX",
"@odata.type": "#Sensor.v1_2_0.Sensor",
"Id": "temperature_DIMMXX",
"Name": "DIMMXX",
"Reading": 30.0,
"ReadingRangeMax": 127.0,
"ReadingRangeMin": -128.0,
"ReadingType": "Temperature",
"ReadingUnits": "Cel",
"RelatedItem": [
{
"@odata.id": "/redfish/v1/Systems/system/Memory/dimmXX"
}
],
"Status": {
"Health": "OK",
"State": "Enabled"
},
"Thresholds": {
"LowerCaution": {
"Reading": null
},
"LowerCritical": {
"Reading": null
},
"UpperCaution": {
"Reading": 93.0
},
"UpperCritical": {
"Reading": 95.0
}
}
}
],
"Members@odata.count": 242,
"Name": "Sensors"
}
```
After:
level=2 was able to expand to the next level.
Change-Id: I542177a94a33f8df7afbb68837f3a53b86140c86
Signed-off-by: Willy Tu <wltu@google.com>
|
|
This is one that I couldn't figure out for a while. Turns out that
fields has both a set() and an insert() method. Whereas set() replaces,
insert() appends, which is what we want in this case.
This allows us to call the actual methods several times, instead of
essentially string injecting our own code, which should make it clearer.
At the same time, there was one unit test that was structured such that
it was using addHeader to clear a header, so this commit adds an
explicit "clearHeader()" method, so we can be explicit.
Tested:
Logging into the webui in chrome (which uses POST /login) shows:
401 with no cookie header if the incorrect password is used
200 with 2 Set-Cookie headers set:
Set-Cookie:
SESSION=<session tag>; SameSite=Strict; Secure; HttpOnly
Set-Cookie:
XSRF-TOKEN=<token tag>; SameSite=Strict; Secure
Change-Id: I9b87a48ea6ba892fc08e66940563dea86edb9a65
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
Convert all types to uint8_t to not hit the conversion warning.
Change-Id: Ia535ca0a2f4045cbde06a2f8f8eaad9570a0f4a5
Signed-off-by: Willy Tu <wltu@google.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
|
|
This commit adds a utility function |sortJsonArrayByKey|. It can sort an
json array by value of a given key of each element.
Use cases includes:
1. sort the MemberCollection by @odata.id
Tested:
1. unit test passed;
Signed-off-by: Nan Zhou <nanzhoumails@gmail.com>
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: Idc175fab3af5c6102a5a3439b712b659ecb76468
|
|
System includes should be included with <>, in-tree includes should be
included with "". This was found manually, with the help of the
following grep statement[1].
git grep -o -h "#include .*" | sort | uniq
Tested:
Code compiles
Signed-off-by: Ed Tanous <edtanous@google.com>
Change-Id: I1a6b2a5ba35ccbbb61c67b7c4b036a2d7b3a36a3
|
|
The new pre-defined usergroup named "hostconsole" is added to
differentiate access between host console and manager console.
The only users allowed to interact with host console are part of the
"hostconsole" group and they are in an administrator role.
Note: The changes are spread across multiple repositories listed under
"Related commits:"
The bmcweb changes to incorporate new group are as follows:
- The new user is added in the hostconsole group only if it has an
administrative role.
- The ssh usergroup is only translated to ManagerConsole redfish group
and hostconsole usergroup is translated to HostConsole redfish group.
- The following changes are made to check the privileges for host console
access
- The new OEM privilege "OpenBMCHostConsole" added for host console
access. This privilege is not shared externally hence it is not
documented.
- Updated obmc_console BMCWEB_ROUTE to use the new privilege.
- Router functions now save user role and user groups in the session
- getUserPrivileges() function now takes session reference instead
of user role. This function now also checks for the user group
"hostconsole" and add the new privilege if user is member of this
group.
- Updated all callers of the getUserPrivileges to pass session
reference.
- Added test to validate that new privilege is set correctly.
Tested:
Loaded code on the system and validated that;
- New user gets added in hostconsole group. NOTE: Prior to this commit
all groups are assigned to new user. This drop does not change that
behavior.
- Access from the web gui is only available for users in hostconsole
group. Used IBM internal simulator called simics to test this. This
simulator allows accessing openbmc from GUI.
- Checked the role collection and there is no change.
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/Administrator
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/ReadOnly
$ curl -k -H "X-Auth-Token: $TOKEN" -X GET \
https://${bmc}/redfish/v1/AccountService/Roles/Operator
- HostConsole is in AccountType when hostconsole group is present in
UserGroups D-Bus property
$ id user99
uid=1006(user99) gid=100(users) groups=1000(priv-admin),1005(web),\
1006(redfish),1013(hostconsole),100(users)
$ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"HostConsole",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Administrator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Administrator",
"UserName": "user99"
- The hostconsole group is not present for readonly or operator users
and also made sure that console access is not provided. This testing
is done one the system and console access was tried by modifying the
https://github.com/openbmc/bmcweb/blob/master/scripts/websocket_test.py
+ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"IPMI",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/ReadOnly"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "ReadOnly",
"UserName": "user99"
[INFO "http_connection.hpp":209] Request: 0x150ac38 HTTP/1.1 GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1265] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "routing.hpp":1084] userName = user99 userRole = priv-user
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ipmi
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=redfish
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ssh
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=web
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: Login
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureSelf
[DEBUG "routing.hpp":113] checkPrivileges: OEM REQUIRED: OpenBMCHostConsole
[ERROR "routing.hpp":1192] Insufficient Privilege
+ curl -k https://${bmc}/redfish/v1/AccountService/Accounts/user99
{
"@odata.id": "/redfish/v1/AccountService/Accounts/user99",
"@odata.type": "#ManagerAccount.v1_4_0.ManagerAccount",
"AccountTypes": [
"IPMI",
"Redfish",
"WebUI",
"ManagerConsole"
],
"Description": "User Account",
"Enabled": true,
"Id": "user99",
"Links": {
"Role": {
"@odata.id": "/redfish/v1/AccountService/Roles/Operator"
}
},
"Locked": false,
"Locked@Redfish.AllowableValues": [
"false"
],
"Name": "User Account",
"Password": null,
"PasswordChangeRequired": false,
"RoleId": "Operator",
"UserName": "user99"
[INFO "http_connection.hpp":209] Request: 0x21c7c38 HTTP/1.1 GET /console0 ::ffff:x.x.xx.xxx
[DEBUG "routing.hpp":1265] Matched rule (upgrade) '/console0' 1 / 2
[DEBUG "routing.hpp":1084] userName = user99 userRole = priv-operator
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ipmi
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=redfish
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=ssh
[DEBUG "routing.hpp":1123] IsUserPrivileged: group=web
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: Login
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureComponents
[DEBUG "routing.hpp":93] checkPrivileges: BASE USER: ConfigureSelf
[DEBUG "routing.hpp":113] checkPrivileges: OEM REQUIRED: OpenBMCHostConsole
[ERROR "routing.hpp":1192] Insufficient Privilege
Related commits:
NOTE: docs, openbmc, obmc-console changes are already merged. bmcweb
and phosphor-user-manager will be merged together.
docs: https://gerrit.openbmc.org/c/openbmc/docs/+/60968
phosphor-user-manager: https://gerrit.openbmc.org/c/openbmc/phosphor-user-manager/+/61583
openbmc: https://gerrit.openbmc.org/c/openbmc/openbmc/+/61582
obmc-console: https://gerrit.openbmc.org/c/openbmc/obmc-console/+/61581
bmcweb: https://gerrit.openbmc.org/c/openbmc/bmcweb/+/61580
Change-Id: Ia5a33dafc9a76444e6a8e74e752f0f90cb0a31c8
Signed-off-by: Ninad Palsule <ninadpalsule@us.ibm.com>
|