Fix test failures

vishesh92 · vishesh92 · commit 2c49e926323b · 2026-03-23T14:14:11.000+05:30
diff --git a/engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSKeyDao.java b/engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSKeyDao.java
@@ -30,4 +30,6 @@ public interface KMSKeyDao extends GenericDao<KMSKeyVO, Long> {
     List<KMSKeyVO> listByZone(Long zoneId, KeyPurpose purpose, Boolean enabled);
 
     long countByHsmProfileId(Long hsmProfileId);
+
+    KMSKeyVO findByNameAndAccountId(String name, long accountId);
 }
diff --git a/engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSKeyDaoImpl.java b/engine/schema/src/main/java/org/apache/cloudstack/kms/dao/KMSKeyDaoImpl.java
@@ -33,6 +33,7 @@ public class KMSKeyDaoImpl extends GenericDaoBase<KMSKeyVO, Long> implements KMS
 
     public KMSKeyDaoImpl() {
         allFieldSearch = createSearchBuilder();
+        allFieldSearch.and("name", allFieldSearch.entity().getName(), SearchCriteria.Op.EQ);
         allFieldSearch.and("kekLabel", allFieldSearch.entity().getKekLabel(), SearchCriteria.Op.EQ);
         allFieldSearch.and("domainId", allFieldSearch.entity().getDomainId(), SearchCriteria.Op.EQ);
         allFieldSearch.and("accountId", allFieldSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
@@ -71,4 +72,12 @@ public long countByHsmProfileId(Long hsmProfileId) {
         Integer count = getCount(sc);
         return count != null ? count : 0;
     }
+
+    @Override
+    public KMSKeyVO findByNameAndAccountId(String name, long accountId) {
+        SearchCriteria<KMSKeyVO> sc = allFieldSearch.create();
+        sc.setParameters("name", name);
+        sc.setParameters("accountId", accountId);
+        return findOneBy(sc);
+    }
 }
diff --git a/engine/schema/src/main/resources/META-INF/db/schema-42210to42300.sql b/engine/schema/src/main/resources/META-INF/db/schema-42210to42300.sql
@@ -164,7 +164,7 @@ CREATE TABLE IF NOT EXISTS `cloud`.`kms_keys` (
     `name` VARCHAR(255) NOT NULL COMMENT 'User-friendly name',
     `description` VARCHAR(1024) COMMENT 'User description',
     `kek_label` VARCHAR(255) NOT NULL COMMENT 'Provider-specific KEK label/ID',
-    `purpose` VARCHAR(32) NOT NULL COMMENT 'Key purpose (VOLUME_ENCRYPTION, TLS_CERT, CONFIG_SECRET)',
+    `purpose` VARCHAR(32) NOT NULL COMMENT 'Key purpose (VOLUME_ENCRYPTION, TLS_CERT)',
     `account_id` BIGINT UNSIGNED NOT NULL COMMENT 'Owning account',
     `domain_id` BIGINT UNSIGNED NOT NULL COMMENT 'Owning domain',
     `zone_id` BIGINT UNSIGNED NOT NULL COMMENT 'Zone where key is valid',
@@ -261,7 +261,7 @@ CREATE TABLE IF NOT EXISTS `cloud`.`kms_database_kek_objects` (
     `always_sensitive` BOOLEAN NOT NULL DEFAULT TRUE COMMENT 'PKCS#11 CKA_ALWAYS_SENSITIVE - key was always sensitive',
     `never_extractable` BOOLEAN NOT NULL DEFAULT TRUE COMMENT 'PKCS#11 CKA_NEVER_EXTRACTABLE - key was never extractable',
     -- Key Metadata
-    `purpose` VARCHAR(32) NOT NULL COMMENT 'Key purpose (VOLUME_ENCRYPTION, TLS_CERT, CONFIG_SECRET)',
+    `purpose` VARCHAR(32) NOT NULL COMMENT 'Key purpose (VOLUME_ENCRYPTION, TLS_CERT)',
     `key_bits` INT NOT NULL COMMENT 'Key size in bits (128, 192, 256)',
     `algorithm` VARCHAR(64) NOT NULL DEFAULT 'AES/GCM/NoPadding' COMMENT 'Encryption algorithm',
     -- Validity Dates (PKCS#11 CKA_START_DATE, CKA_END_DATE)
diff --git a/server/src/main/java/org/apache/cloudstack/kms/KMSManagerImpl.java b/server/src/main/java/org/apache/cloudstack/kms/KMSManagerImpl.java
@@ -392,6 +392,9 @@ KMSKey createUserKMSKey(Long accountId, Long domainId, Long zoneId,
         if (profile == null) {
             throw KMSException.invalidParameter("HSM Profile not found");
         }
+        if (kmsKeyDao.findByNameAndAccountId(name, accountId) != null) {
+            throw new InvalidParameterValueException("A KMS key with name " + name + " already exists in this account");
+        }
 
         KMSKeyVO kmsKey = new KMSKeyVO(name, description, "", purpose,
                 accountId, domainId, zoneId, "AES/GCM/NoPadding", keyBits);
diff --git a/test/integration/smoke/test_kms_lifecycle.py b/test/integration/smoke/test_kms_lifecycle.py
diff --git a/tools/marvin/marvin/lib/base.py b/tools/marvin/marvin/lib/base.py

Original file line number	Diff line number	Diff line change
`@@ -30,4 +30,6 @@ public interface KMSKeyDao extends GenericDao<KMSKeyVO, Long> {`
`30`	`30`	`List<KMSKeyVO> listByZone(Long zoneId, KeyPurpose purpose, Boolean enabled);`
`31`	`31`
`32`	`32`	`long countByHsmProfileId(Long hsmProfileId);`
	`33`	`+`
	`34`	`+ KMSKeyVO findByNameAndAccountId(String name, long accountId);`
`33`	`35`	`}`
Original file line number	Diff line number	Diff line change
`@@ -392,6 +392,9 @@ KMSKey createUserKMSKey(Long accountId, Long domainId, Long zoneId,`
`392`	`392`	`if (profile == null) {`
`393`	`393`	`throw KMSException.invalidParameter("HSM Profile not found");`
`394`	`394`	`}`
	`395`	`+ if (kmsKeyDao.findByNameAndAccountId(name, accountId) != null) {`
	`396`	`+ throw new InvalidParameterValueException("A KMS key with name " + name + " already exists in this account");`
	`397`	`+ }`
`395`	`398`
`396`	`399`	`KMSKeyVO kmsKey = new KMSKeyVO(name, description, "", purpose,`
`397`	`400`	`accountId, domainId, zoneId, "AES/GCM/NoPadding", keyBits);`