Fix infrastructure leak in template from volume creation error message

[erikbocks]

Description

Currently, if an error occurs when trying to obtain a secondary storage for the creation of a template from a volume, or when uploading a volume, the message from the thrown exception exposes the zone's internal ID. Thus, the exception message was changed, and the descriptive message was moved to the logs.

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)
• Build/CI
• Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Screenshots (if appropriate):

How Has This Been Tested?

In an environment with only one secondary storage, I set it as read-only. Then, I tried to create a template from a volume. An exception was thrown, informing that an error had occurred, but no infrastructure leak was present. I accessed the logs, and validated that the log with more information was shown, as well as the new exception message.

2026-02-16 13:01:37,560 ERROR [c.c.t.TemplateManagerImpl] (API-Job-Executor-11:[ctx-5f80938b, job-46, ctx-c87d05bc]) (logid:8879f16f) Cannot find an image store for zone [1].


2026-02-16 13:01:37,576 ERROR [c.c.a.ApiAsyncJobDispatcher] (API-Job-Executor-11:[ctx-5f80938b, job-46]) (logid:8879f16f) Unexpected exception while executing org.apache.cloudstack.api.command.admin.template.CreateTemplateCmdByAdmin com.cloud.utils.exception.CloudRuntimeException: Failed to create template. Please contact the cloud administrator.

[codecov]

Codecov Report

❌ Patch coverage is 50.00000% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 17.94%. Comparing base (9ae696d) to head (daa3813).
⚠️ Report is 619 commits behind head on main.

Files with missing lines	Patch %	Lines
...n/java/com/cloud/template/TemplateManagerImpl.java	50.00%	2 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main   #12650      +/-   ##
============================================
+ Coverage     16.26%   17.94%   +1.67%     
- Complexity    13428    16165    +2737     
============================================
  Files          5660     5939     +279     
  Lines        499963   533017   +33054     
  Branches      60708    65218    +4510     
============================================
+ Hits          81330    95650   +14320     
- Misses       409559   426639   +17080     
- Partials       9074    10728    +1654     

Flag	Coverage Δ
uitests	3.67% <ø> (-0.50%)	⬇️
unittests	19.05% <50.00%> (+1.93%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Copilot]

Pull request overview

This PR updates error handling around selecting an image (secondary) datastore so that API-facing exceptions no longer expose internal zone IDs, moving the detailed context into server logs instead.

Changes:

• Replace zone-ID-containing exception messages with a sanitized, user-facing CloudRuntimeException message.
• Add error logging that retains the detailed context (zone ID) for operators.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

getImageStore is used for both template creation and volume upload (e.g., VolumeApiServiceImpl.uploadVolume calls _tmpltMgr.getImageStore(...)). Throwing "Failed to create template..." here will surface an incorrect error message to volume-upload callers. Consider using an operation-neutral message (e.g., "Failed to find an image store. Please contact the cloud administrator."), or passing a caller-specific context string into getImageStore so each API reports the right high-level failure without exposing the zone ID.

Suggested change

	throw new CloudRuntimeException("Failed to create template. Please contact the cloud administrator.");
	throw new CloudRuntimeException("Failed to find an image store. Please contact the cloud administrator.");

[Copilot]

There are existing unit tests for getImageStore in TemplateManagerImplTest, but they currently only assert that an exception is thrown. Since this change is specifically about preventing infrastructure/zone ID leakage via exception messages, please add assertions that the thrown CloudRuntimeException message does not include the zone ID (and matches the new sanitized message).

[Copilot]

The same log+throw pattern and user-facing message is now duplicated here and in getImageStore. To avoid the two sites drifting (especially if you later tweak the sanitized message), consider factoring this into a small helper (e.g., throwImageStoreNotFound(zoneId, operation)), which logs the detailed message and throws the sanitized exception.