Feature: Disk Encryption

sacloud · Apr 5, 2024 · 1f17e3d · 1f17e3d
1 parent ebdab40
commit 1f17e3d
Show file tree

Hide file tree

Showing 9 changed files with 221 additions and 107 deletions.
diff --git a/internal/define/disk.go b/internal/define/disk.go
@@ -219,6 +219,7 @@ var (
 			fields.Availability(),
 			fields.DiskConnection(),
 			fields.DiskConnectionOrder(),
+			fields.DiskEncryptionAlgorithm(),
 			fields.DiskReinstallCount(),
 			fields.Def("JobStatus", models.migrationJobStatus()),
 			fields.SizeMB(),
@@ -246,6 +247,7 @@ var (
 		Fields: []*dsl.FieldDesc{
 			fields.DiskPlanID(),
 			fields.DiskConnection(),
+			fields.DiskEncryptionAlgorithm(),
 			fields.SourceDiskID(),
 			fields.SourceArchiveID(),
 			fields.ServerID(),

diff --git a/internal/define/fields.go b/internal/define/fields.go
@@ -2182,6 +2182,17 @@ func (f *fieldsDef) DiskConnection() *dsl.FieldDesc {
 	}
 }
 
+func (f *fieldsDef) DiskEncryptionAlgorithm() *dsl.FieldDesc {
+	return &dsl.FieldDesc{
+		Name: "EncryptionAlgorithm",
+		Type: meta.Static(types.EDiskEncryptionAlgorithm("")),
+		Tags: &dsl.FieldTags{
+			JSON:    ",omitempty",
+			MapConv: ",omitempty",
+		},
+	}
+}
+
 func (f *fieldsDef) DiskConnectionOrder() *dsl.FieldDesc {
 	return &dsl.FieldDesc{
 		Name: "ConnectionOrder",

diff --git a/internal/define/server.go b/internal/define/server.go
@@ -288,6 +288,7 @@ var (
 			fields.Availability(),
 			fields.DiskConnection(),
 			fields.DiskConnectionOrder(),
+			fields.DiskEncryptionAlgorithm(),
 			fields.DiskReinstallCount(),
 			fields.SizeMB(),
 			fields.DiskPlanID(),

diff --git a/naked/disk.go b/naked/disk.go
@@ -23,27 +23,28 @@ import (
 
 // Disk ディスク
 type Disk struct {
-	ID              types.ID              `json:",omitempty" yaml:"id,omitempty" structs:",omitempty"`
-	Name            string                `json:",omitempty" yaml:"name,omitempty" structs:",omitempty"`
-	Description     string                `yaml:"description"`
-	Tags            types.Tags            `yaml:"tags"`
-	Icon            *Icon                 `json:",omitempty" yaml:"icon,omitempty" structs:",omitempty"`
-	CreatedAt       *time.Time            `json:",omitempty" yaml:"created_at,omitempty" structs:",omitempty"`
-	ModifiedAt      *time.Time            `json:",omitempty" yaml:"modified_at,omitempty" structs:",omitempty"`
-	Availability    types.EAvailability   `json:",omitempty" yaml:"availability,omitempty" structs:",omitempty"`
-	ServiceClass    string                `json:",omitempty" yaml:"service_class,omitempty" structs:",omitempty"`
-	SizeMB          int                   `json:",omitempty" yaml:"size_mb,omitempty" structs:",omitempty"`
-	MigratedMB      int                   `json:",omitempty" yaml:"migrated_mb,omitempty" structs:",omitempty"`
-	Connection      types.EDiskConnection `json:",omitempty" yaml:"connection,omitempty" structs:",omitempty"`
-	ConnectionOrder int                   `json:",omitempty" yaml:"connection_order,omitempty" structs:",omitempty"`
-	ReinstallCount  int                   `json:",omitempty" yaml:"reinstall_count,omitempty" structs:",omitempty"`
-	JobStatus       *MigrationJobStatus   `json:",omitempty" yaml:"job_status,omitempty" structs:",omitempty"`
-	Plan            *DiskPlan             `json:",omitempty" yaml:"plan,omitempty" structs:",omitempty"`
-	SourceDisk      *Disk                 `json:",omitempty" yaml:"source_disk,omitempty" structs:",omitempty"`
-	SourceArchive   *Archive              `json:",omitempty" yaml:"source_archive,omitempty" structs:",omitempty"`
-	BundleInfo      *BundleInfo           `json:",omitempty" yaml:"bundle_info,omitempty" structs:",omitempty"`
-	Storage         *Storage              `json:",omitempty" yaml:"storage,omitempty" structs:",omitempty"`
-	Server          *Server               `json:",omitempty" yaml:"server,omitempty" structs:",omitempty"`
+	ID                  types.ID                       `json:",omitempty" yaml:"id,omitempty" structs:",omitempty"`
+	Name                string                         `json:",omitempty" yaml:"name,omitempty" structs:",omitempty"`
+	Description         string                         `yaml:"description"`
+	Tags                types.Tags                     `yaml:"tags"`
+	Icon                *Icon                          `json:",omitempty" yaml:"icon,omitempty" structs:",omitempty"`
+	CreatedAt           *time.Time                     `json:",omitempty" yaml:"created_at,omitempty" structs:",omitempty"`
+	ModifiedAt          *time.Time                     `json:",omitempty" yaml:"modified_at,omitempty" structs:",omitempty"`
+	Availability        types.EAvailability            `json:",omitempty" yaml:"availability,omitempty" structs:",omitempty"`
+	ServiceClass        string                         `json:",omitempty" yaml:"service_class,omitempty" structs:",omitempty"`
+	SizeMB              int                            `json:",omitempty" yaml:"size_mb,omitempty" structs:",omitempty"`
+	MigratedMB          int                            `json:",omitempty" yaml:"migrated_mb,omitempty" structs:",omitempty"`
+	Connection          types.EDiskConnection          `json:",omitempty" yaml:"connection,omitempty" structs:",omitempty"`
+	EncryptionAlgorithm types.EDiskEncryptionAlgorithm `json:",omitempty" yaml:"encryption_algorithm,omitempty" structs:",omitempty"`
+	ConnectionOrder     int                            `json:",omitempty" yaml:"connection_order,omitempty" structs:",omitempty"`
+	ReinstallCount      int                            `json:",omitempty" yaml:"reinstall_count,omitempty" structs:",omitempty"`
+	JobStatus           *MigrationJobStatus            `json:",omitempty" yaml:"job_status,omitempty" structs:",omitempty"`
+	Plan                *DiskPlan                      `json:",omitempty" yaml:"plan,omitempty" structs:",omitempty"`
+	SourceDisk          *Disk                          `json:",omitempty" yaml:"source_disk,omitempty" structs:",omitempty"`
+	SourceArchive       *Archive                       `json:",omitempty" yaml:"source_archive,omitempty" structs:",omitempty"`
+	BundleInfo          *BundleInfo                    `json:",omitempty" yaml:"bundle_info,omitempty" structs:",omitempty"`
+	Storage             *Storage                       `json:",omitempty" yaml:"storage,omitempty" structs:",omitempty"`
+	Server              *Server                        `json:",omitempty" yaml:"server,omitempty" structs:",omitempty"`
 }
 
 // MigrationJobStatus マイグレーションジョブステータス

diff --git a/test/disk_op_test.go b/test/disk_op_test.go
@@ -92,19 +92,21 @@ var (
 	}
 
 	createDiskParam = &iaas.DiskCreateRequest{
-		DiskPlanID:  types.DiskPlans.SSD,
-		Connection:  types.DiskConnections.VirtIO,
-		Name:        testutil.ResourceName("disk"),
-		Description: "desc",
-		Tags:        []string{"tag1", "tag2"},
-		SizeMB:      20 * size.GiB,
+		DiskPlanID:          types.DiskPlans.SSD,
+		Connection:          types.DiskConnections.VirtIO,
+		EncryptionAlgorithm: types.DiskEncryptionAlgorithms.AES256XTS,
+		Name:                testutil.ResourceName("disk"),
+		Description:         "desc",
+		Tags:                []string{"tag1", "tag2"},
+		SizeMB:              20 * size.GiB,
 	}
 	createDiskExpected = &iaas.Disk{
-		Name:        createDiskParam.Name,
-		Description: createDiskParam.Description,
-		Tags:        createDiskParam.Tags,
-		DiskPlanID:  createDiskParam.DiskPlanID,
-		Connection:  createDiskParam.Connection,
+		Name:                createDiskParam.Name,
+		Description:         createDiskParam.Description,
+		Tags:                createDiskParam.Tags,
+		DiskPlanID:          createDiskParam.DiskPlanID,
+		Connection:          createDiskParam.Connection,
+		EncryptionAlgorithm: createDiskParam.EncryptionAlgorithm,
 	}
 	updateDiskParam = &iaas.DiskUpdateRequest{
 		Name:        testutil.ResourceName("disk-upd"),
@@ -113,20 +115,22 @@ var (
 		IconID:      testIconID,
 	}
 	updateDiskExpected = &iaas.Disk{
-		Name:        updateDiskParam.Name,
-		Description: updateDiskParam.Description,
-		Tags:        updateDiskParam.Tags,
-		DiskPlanID:  createDiskParam.DiskPlanID,
-		Connection:  createDiskParam.Connection,
-		IconID:      updateDiskParam.IconID,
+		Name:                updateDiskParam.Name,
+		Description:         updateDiskParam.Description,
+		Tags:                updateDiskParam.Tags,
+		DiskPlanID:          createDiskParam.DiskPlanID,
+		Connection:          createDiskParam.Connection,
+		EncryptionAlgorithm: createDiskParam.EncryptionAlgorithm,
+		IconID:              updateDiskParam.IconID,
 	}
 	updateDiskToMinParam = &iaas.DiskUpdateRequest{
 		Name: testutil.ResourceName("disk-to-min"),
 	}
 	updateDiskToMinExpected = &iaas.Disk{
-		Name:       updateDiskToMinParam.Name,
-		DiskPlanID: createDiskParam.DiskPlanID,
-		Connection: createDiskParam.Connection,
+		Name:                updateDiskToMinParam.Name,
+		DiskPlanID:          createDiskParam.DiskPlanID,
+		Connection:          createDiskParam.Connection,
+		EncryptionAlgorithm: createDiskParam.EncryptionAlgorithm,
 	}
 )
 

diff --git a/trace/otel/go.mod b/trace/otel/go.mod
@@ -5,7 +5,7 @@ go 1.21
 replace github.com/sacloud/iaas-api-go => ../../
 
 require (
-	github.com/sacloud/api-client-go v0.2.9
+	github.com/sacloud/api-client-go v0.2.10
 	github.com/sacloud/iaas-api-go v0.0.0-00010101000000-000000000000
 	github.com/stretchr/testify v1.8.4
 	go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace v0.45.0
@@ -23,26 +23,26 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/fatih/structs v1.1.0 // indirect
 	github.com/felixge/httpsnoop v1.0.3 // indirect
-	github.com/fsnotify/fsnotify v1.6.0 // indirect
+	github.com/fsnotify/fsnotify v1.7.0 // indirect
 	github.com/go-logr/logr v1.2.4 // indirect
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
-	github.com/hashicorp/go-retryablehttp v0.7.4 // indirect
+	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
 	github.com/mitchellh/go-homedir v1.1.0 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/sacloud/go-http v0.1.7 // indirect
-	github.com/sacloud/packages-go v0.0.9 // indirect
+	github.com/sacloud/packages-go v0.0.10 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.19.0 // indirect
 	go.opentelemetry.io/otel/metric v1.19.0 // indirect
 	go.opentelemetry.io/proto/otlp v1.0.0 // indirect
 	go.uber.org/ratelimit v0.3.0 // indirect
-	golang.org/x/crypto v0.13.0 // indirect
-	golang.org/x/net v0.12.0 // indirect
-	golang.org/x/sys v0.12.0 // indirect
-	golang.org/x/text v0.13.0 // indirect
+	golang.org/x/crypto v0.16.0 // indirect
+	golang.org/x/net v0.18.0 // indirect
+	golang.org/x/sys v0.15.0 // indirect
+	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20230711160842-782d3b101e98 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230711160842-782d3b101e98 // indirect
 	google.golang.org/grpc v1.58.2 // indirect

diff --git a/trace/otel/go.sum b/trace/otel/go.sum
@@ -10,6 +10,7 @@ github.com/felixge/httpsnoop v1.0.3 h1:s/nj+GCswXYzN5v2DpNMuMQYe+0DDwt5WVCU6CWBd
 github.com/felixge/httpsnoop v1.0.3/go.mod h1:m8KPJKqk1gH5J9DgRY2ASl2lWCfGKXixSwevea8zH2U=
 github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4HY=
 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw=
+github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
 github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
 github.com/go-logr/logr v1.2.4 h1:g01GSCwiDw2xSZfjJ2/T9M+S6pFdcNtFYsp+Y43HYDQ=
 github.com/go-logr/logr v1.2.4/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
@@ -31,6 +32,7 @@ github.com/hashicorp/go-hclog v0.9.2 h1:CG6TE5H9/JXsFWJCfoIVpKFIkFe6ysEuHirp4DxC
 github.com/hashicorp/go-hclog v0.9.2/go.mod h1:5CU+agLiy3J7N7QjHK5d05KxGsuXiQLrjA0H7acj2lQ=
 github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA=
 github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
+github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
@@ -45,10 +47,12 @@ github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjR
 github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
 github.com/sacloud/api-client-go v0.2.9 h1:oNZ6usbBre8SeqBp5gpLOKg0ScpvHEwyJOU92Y/47M8=
 github.com/sacloud/api-client-go v0.2.9/go.mod h1:PivzNlDl/8L5pTycvD/KzSAo9hKRl3qlqmVunSqjgJY=
+github.com/sacloud/api-client-go v0.2.10/go.mod h1:Jj3CTy2+O4bcMedVDXlbHuqqche85HEPuVXoQFhLaRc=
 github.com/sacloud/go-http v0.1.7 h1:oBnoTLTlu4afkRJHIQSV6NJMUfIR1S3rB/SQaGzL/3Q=
 github.com/sacloud/go-http v0.1.7/go.mod h1:WV31q5qAUt6Rs7dfqQfGyRprXhf91jS+41FofYHmxUI=
 github.com/sacloud/packages-go v0.0.9 h1:GbinkBLC/eirFhHpLjoDW6JV7+95Rnd2d8RWj7Afeks=
 github.com/sacloud/packages-go v0.0.9/go.mod h1:k+EEUMF2LlncjbNIJNOqLyZ9wjTESPIWIk1OA7x9j2Q=
+github.com/sacloud/packages-go v0.0.10/go.mod h1:f8QITBh9z4IZc4yE9j21Q8b0sXEMwRlRmhhjWeDVTYs=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
@@ -80,15 +84,19 @@ go.uber.org/ratelimit v0.3.0 h1:IdZd9wqvFXnvLvSEBo0KPcGfkoBGNkpTHlrE3Rcjkjw=
 go.uber.org/ratelimit v0.3.0/go.mod h1:So5LG7CV1zWpY1sHe+DXTJqQvOx+FFPFaAs2SnoyBaI=
 golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck=
 golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
+golang.org/x/crypto v0.16.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4=
 golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50=
 golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
+golang.org/x/net v0.18.0/go.mod h1:/czyP5RqHAH4odGYxBJ1qz0+CE5WZ+2j1YgoEo8F2jQ=
 golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o=
 golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
 golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU=
 golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
 golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k=
 golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98 h1:Z0hjGZePRE0ZBWotvtrwxFNrNE9CUAGtplaDK5NNI/g=
 google.golang.org/genproto v0.0.0-20230711160842-782d3b101e98/go.mod h1:S7mY02OqCJTD0E1OiQy1F72PWFB4bZJ87cAtLPYgDR0=

diff --git a/types/disk_encryption_algorithm.go b/types/disk_encryption_algorithm.go
@@ -0,0 +1,48 @@
+// Copyright 2022-2023 The sacloud/iaas-api-go Authors
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package types
+
+// EDiskEncryptionAlgorithm ディスク暗号化アルゴリズム
+type EDiskEncryptionAlgorithm string
+
+// String EDiskEncryptionAlgorithmの文字列表現
+func (c EDiskEncryptionAlgorithm) String() string {
+	return string(c)
+}
+
+var (
+	// DiskEncryptionAlgorithms ディスク接続方法
+	DiskEncryptionAlgorithms = struct {
+		// None unencrypted
+		None EDiskEncryptionAlgorithm
+		// AES256XTS aes256_xts
+		AES256XTS EDiskEncryptionAlgorithm
+	}{
+		None:      EDiskEncryptionAlgorithm("none"),
+		AES256XTS: EDiskEncryptionAlgorithm("aes256_xts"),
+	}
+
+	// DiskEncryptionAlgorithmMap 文字列とDiskEncryptionAlgorithmのマップ
+	DiskEncryptionAlgorithmMap = map[string]EDiskEncryptionAlgorithm{
+		DiskEncryptionAlgorithms.None.String():      DiskEncryptionAlgorithms.None,
+		DiskEncryptionAlgorithms.AES256XTS.String(): DiskEncryptionAlgorithms.AES256XTS,
+	}
+
+	// DiskEncryptionAlgorithmStrings DiskEncryptionAlgorithmに指定できる有効な文字列
+	DiskEncryptionAlgorithmStrings = []string{
+		DiskEncryptionAlgorithms.None.String(),
+		DiskEncryptionAlgorithms.AES256XTS.String(),
+	}
+)