From 279392966b7bef502348e7aa4cc4b6e2327a3e19 Mon Sep 17 00:00:00 2001
From: cid <afonnepaulc@gmail.com>
Date: Thu, 13 Feb 2025 21:28:32 +0100
Subject: [PATCH] Pass agent token to get command results

Change-Id: Iad0d8086e1e79b59da3f9940b83128a3b34d4787
---
 ironic/drivers/modules/agent_client.py                      | 6 ++++++
 ironic/tests/unit/drivers/modules/test_agent_client.py      | 6 +++---
 ...nclude-agent-token-to-get-requests-982bacce85d95ce8.yaml | 5 +++++
 3 files changed, 14 insertions(+), 3 deletions(-)
 create mode 100644 releasenotes/notes/include-agent-token-to-get-requests-982bacce85d95ce8.yaml

diff --git a/ironic/drivers/modules/agent_client.py b/ironic/drivers/modules/agent_client.py
index 55fbe9b40d..c4cb312e9e 100644
--- a/ironic/drivers/modules/agent_client.py
+++ b/ironic/drivers/modules/agent_client.py
@@ -316,9 +316,15 @@ class AgentClient(object):
         url = self._get_command_url(node)
         LOG.debug('Fetching status of agent commands for node %s', node.uuid)
 
+        request_params = {}
+        agent_token = node.driver_internal_info.get('agent_secret_token')
+        if agent_token:
+            request_params['agent_token'] = agent_token
+
         def _get():
             try:
                 return self.session.get(url,
+                                        params=request_params,
                                         verify=self._get_verify(node),
                                         timeout=CONF.agent.command_timeout)
             except (requests.ConnectionError, requests.Timeout) as e:
diff --git a/ironic/tests/unit/drivers/modules/test_agent_client.py b/ironic/tests/unit/drivers/modules/test_agent_client.py
index 33516292bc..280bdebfc9 100644
--- a/ironic/tests/unit/drivers/modules/test_agent_client.py
+++ b/ironic/tests/unit/drivers/modules/test_agent_client.py
@@ -552,7 +552,7 @@ class TestAgentClient(base.TestCase):
             params={'wait': 'false'},
             timeout=60,
             verify=True)
-        self.client.session.get.assert_called_with(url, timeout=60,
+        self.client.session.get.assert_called_with(url, params={}, timeout=60,
                                                    verify=True)
         mock_sleep.assert_called_with(CONF.agent.command_wait_interval)
 
@@ -571,7 +571,7 @@ class TestAgentClient(base.TestCase):
             '%(agent_url)s/%(api_version)s/commands/' % {
                 'agent_url': agent_url,
                 'api_version': CONF.agent.agent_api_version},
-            verify=True, timeout=CONF.agent.command_timeout)
+            params={}, verify=True, timeout=CONF.agent.command_timeout)
 
     def test_get_commands_status_retries(self):
         res = mock.MagicMock(spec_set=['json'])
@@ -608,7 +608,7 @@ class TestAgentClient(base.TestCase):
             '%(agent_url)s/%(api_version)s/commands/' % {
                 'agent_url': agent_url,
                 'api_version': CONF.agent.agent_api_version},
-            verify='/path/to/agent.crt',
+            params={}, verify='/path/to/agent.crt',
             timeout=CONF.agent.command_timeout)
 
     def _test_install_bootloader(self, root_uuid, efi_system_part_uuid=None,
diff --git a/releasenotes/notes/include-agent-token-to-get-requests-982bacce85d95ce8.yaml b/releasenotes/notes/include-agent-token-to-get-requests-982bacce85d95ce8.yaml
new file mode 100644
index 0000000000..889da39746
--- /dev/null
+++ b/releasenotes/notes/include-agent-token-to-get-requests-982bacce85d95ce8.yaml
@@ -0,0 +1,5 @@
+---
+fixes:
+  - |
+    Includes the agent token parameter in get command status requests as
+    the endpoint now requires authentication.