<fix>[compute]: ZSV-6589 validate local storage mount point before mounting

[zstack-robot-2]

Summary

MountBlockDevice now rejects a mount point that is already used by local primary storage attached to the host's cluster, so the API fails before mounting or formatting the block device.

Changes

• Add cluster lookup to ProxyHardwareFactory and KVMHostFactory.
• Validate APIMountBlockDeviceMsg mountPoint before proxy hardware retrieval.
• Check existing local primary storage URLs in the resolved cluster and return API error on conflict.

Testing

• rtk mvn -pl header,compute,plugin/kvm -am -DskipTests compile
• rtk git -C zstack diff --check -- zstack/header/src/main/java/org/zstack/header/agent/ProxyHardwareFactory.java zstack/plugin/kvm/src/main/java/org/zstack/kvm/KVMHostFactory.java zstack/compute/src/main/java/org/zstack/compute/host/HostApiInterceptor.java
• CI pipeline

Resolves: ZSV-6589

sync from gitlab !10301

[coderabbitai]

Warning

Review limit reached

@MatheMatrix, we couldn't start this review because you've reached your PR review rate limit.

More reviews will be available in 27 minutes and 55 seconds. Learn how PR review limits work.

Your organization has used up its prepaid credits, and credit purchases are no longer available. Enable the review add-on in the billing tab to keep reviews running — you're only billed for reviews past your plan's rate limits ($0.25/file).

⌛ How to resolve this issue?

After more reviews become available, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based credits.

🚦 How do rate limits work?

CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability.

For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window.

Please see our Fair Usage Limits Policy for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: bcddefcb-f17f-4e98-a54c-384ee6b08566

📥 Commits

Reviewing files that changed from the base of the PR and between 56d7771 and 7b35aad.

📒 Files selected for processing (3)

• compute/src/main/java/org/zstack/compute/host/HostApiInterceptor.java
• header/src/main/java/org/zstack/header/agent/ProxyHardwareFactory.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMHostFactory.java

Walkthrough

新增挂载块设备请求的前置校验顺序，补充 path 与 mountPoint 的格式/绝对路径检查，并按主机所属集群查询本地主存储占用情况；同时新增主机到集群 UUID 的接口与 KVM 实现。

Changes

挂载块设备校验

Layer / File(s)	Summary
集群 UUID 查询契约 header/src/main/java/org/zstack/header/agent/ProxyHardwareFactory.java, plugin/kvm/src/main/java/org/zstack/kvm/KVMHostFactory.java	ProxyHardwareFactory 新增 getClusterUuid，KVMHostFactory 按 managementIp 查询并返回 clusterUuid。
本地主存储占用校验 compute/src/main/java/org/zstack/compute/host/HostApiInterceptor.java	新增 SQL 和 PrimaryStorageConstants 依赖，并通过集群 UUID 统计同 url 下的本地主存储条目数量，命中时抛出拦截异常。
挂载请求前置校验顺序 compute/src/main/java/org/zstack/compute/host/HostApiInterceptor.java	validate(APIMountBlockDeviceMsg) 现在先执行 path、mountPoint 和占用校验，再进入后续密码与代理硬件处理。

Sequence Diagram(s)

sequenceDiagram
  participant HostApiInterceptor
  participant ProxyHardwareFactory
  participant KVMHostFactory
  participant Database
  HostApiInterceptor->>HostApiInterceptor: validate path and mountPoint
  HostApiInterceptor->>ProxyHardwareFactory: getClusterUuid(hostname)
  ProxyHardwareFactory->>KVMHostFactory: getClusterUuid(hostName)
  KVMHostFactory-->>ProxyHardwareFactory: clusterUuid
  ProxyHardwareFactory-->>HostApiInterceptor: clusterUuid
  HostApiInterceptor->>Database: count LOCAL_STORAGE_TYPE by url and clusterUuid
  Database-->>HostApiInterceptor: count
  HostApiInterceptor->>HostApiInterceptor: reject when mountPoint is occupied

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~45 minutes

Poem

我是一只兔兔，蹦进校验林，
先看 path，再看 mountPoint 乖不乖。
集群 UUID 一跳就找到，
本地主存储别把路口占满。
轻轻一蹦，挂载更安稳 🐰

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	Write docstrings for the functions missing them to satisfy the coverage threshold.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	标题准确概括了本次变更：在挂载前校验本地主存储挂载点冲突。
Description check	✅ Passed	描述与代码变更一致，涵盖了集群查询、挂载点校验和本地主存储冲突检查。
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch sync/tao.gan/fix/ZSV-6589-mount-block-device-path-check

---

_{Comment @coderabbitai help to get the list of available commands.}

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@compute/src/main/java/org/zstack/compute/host/HostApiInterceptor.java`:
- Around line 253-265: Local storage mount-point matching is using the raw URL,
so the occupancy check can miss equivalent paths that differ only by a trailing
slash. Update the normalization flow in LocalStorageFactory.createPrimaryStorage
and LocalStorageApiInterceptor so the stored/queryable URL is canonicalized
consistently, and adjust HostApiInterceptor’s occupancy query to compare against
the normalized mount point instead of ps.url = :url on the raw value. Use the
existing createPrimaryStorage and LocalStorageApiInterceptor handling as the
reference points so both write and read sides stay aligned.

In `@header/src/main/java/org/zstack/header/agent/ProxyHardwareFactory.java`:
- Line 6: The new ProxyHardwareFactory.getClusterUuid method needs Javadoc
describing the hostName matching semantics and whether returning null is allowed
when no cluster is found. Add a proper Javadoc comment directly on
getClusterUuid so the interface contract is explicit and compliant, and keep the
method declaration free of extra modifiers.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 13f7ed18-25d7-4566-a06c-7460afc64157

📥 Commits

Reviewing files that changed from the base of the PR and between da7f310 and 56d7771.

📒 Files selected for processing (3)

• compute/src/main/java/org/zstack/compute/host/HostApiInterceptor.java
• header/src/main/java/org/zstack/header/agent/ProxyHardwareFactory.java
• plugin/kvm/src/main/java/org/zstack/kvm/KVMHostFactory.java

[coderabbitai]

📐 Maintainability & Code Quality | 🟡 Minor | ⚡ Quick win

为新增接口方法补充 Javadoc。

接口新增契约缺少说明，建议明确 hostName 的匹配语义以及找不到集群时是否允许返回 null。

建议修改

+    /**
+     * Returns the cluster UUID for the host identified by {`@code` hostName}, or {`@code` null} when it cannot be resolved.
+     */
     String getClusterUuid(String hostName);

按路径规则，“接口方法不应有多余的修饰符（例如 public），且必须配有有效的 Javadoc 注释。”

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	String getClusterUuid(String hostName);
	/**
	* Returns the cluster UUID for the host identified by {`@code` hostName}, or {`@code` null} when it cannot be resolved.
	*/
	String getClusterUuid(String hostName);

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@header/src/main/java/org/zstack/header/agent/ProxyHardwareFactory.java` at
line 6, The new ProxyHardwareFactory.getClusterUuid method needs Javadoc
describing the hostName matching semantics and whether returning null is allowed
when no cluster is found. Add a proper Javadoc comment directly on
getClusterUuid so the interface contract is explicit and compliant, and keep the
method declaration free of extra modifiers.

Source: Path instructions