We're trying to drop out the old images based on buster and 3.7 which
storyboard has based its images on. Update storyboard to bullseye and
python3.9 now that they have both been out for a while.
Depends-On: https://review.opendev.org/c/opendev/storyboard/+/838409
Change-Id: Ibf5f3eb63e22eb5b37cdfa74fe3bb6ce1f31bb62
Linting fails due to two different hacking rules: H214 and H216. We fix
H214 by using assertNotIn and assertIn over assertFalse(foo in bar) and
assertTrue(foo in bar). We ignore H216 as it says don't use the mock
library but storyboard actually does use mock and updating to use
unittest.mock appears to be a fair bit of work.
In the sqlaclhemy models we move some classes around to address this
error:
sqlalchemy.exc.InvalidRequestError: When initializing mapper mapped
class Story->stories, expression 'TimeLineEvent' failed to locate a
name ('TimeLineEvent'). If this is a class name, consider adding this
relationship() to the <class 'storyboard.db.models.Story'> class after
both dependent classes have been defined.
In the project loader we switch to using yaml.safe_load() to avoid the
missing Loader argument to yaml.load().
We pin jinja2 to < 3.0.0 as the old sphinx we've pinned to uses
contextfunction which appears to have been replaced in jinja2 3.0.0.
We should probably attempt to update the doc toolchain for storyboard
when we have time.
We pin MarkupSafe for similar reasons to the jinja2 pin. Version 2.1.0
of MarkupSafe removed the soft_unicode name which is used by sphinx.
Finally we run the python 3.6 and 3.7 jobs on ubuntu-bionic.
Change-Id: Ifcb6660ce2c89c21ba867aa88d942461bcff125d
Currently there is no easy way to find the set of Project Groups that a
specific Project belongs to. This commit adds a parameter to the Project
Groups browse endpoint to enable filtering by Project ID to add this
functionality.
Change-Id: I7b09665bb554c19e8cc4074ce0d1813f3adc4218
The password in the storyboard-opendev-dockerhub Zuul secret was
encoded incorrectly. Reencrypt it the right way.
Change-Id: I7477c5b86a7e51121d2ec6da4250fad27986567e
The `story_get_all` function currently constructs a query which perfoms
very poorly, making search in StoryBoard painful to the point of being
almost unusable with only ~30000 stories in the database. There are a
number of reasons for the poor performance, but the most impactful is
the fact that we join two subqueries, one of which contains the entire
stories table, and the other which contains a filtered list of story
IDs to implement most of the filtering.
This commit removes all of the subquerying, and just does simple
filtering in a single WHERE clause. Basic comparison of the two queries
shows around an 85% - 90% speedup in the execution time using the new
approach, from ~100ms for the current query, and ~10-15ms for the new
query (using a test dataset containing 10000 stories).
This approach adds a bit of code complexity around filtering stories by
story status, but this is a cost worth paying for the performance
improvement. The new approach will also allow extra flexibility in the
meaning of the story statuses, making it easier to have per-project
statuses for example.
Story: 2005845
Task: 33627
Change-Id: I7c19372506017726e4fc61ffb09d3cfb9c6b36d3
The pinned versions of webob and hacking weren't functioning properly
with modern Python, so they are unpinned.
Unpinning hacking brought a number of extra rules into use, so this
commit also contains a number of code style fixes.
There was also an incompatibility in the test_setup.sh script, which
meant it doesn't work with MySQL 8.0 (which is in Ubuntu 20.04). This
is also fixed in this commit.
Change-Id: I0889bc35f8babfeec42f6f577d302bb5fbce1c95
Python 2.7 is deprecated now, and some dependencies have dropped their
support for it. We should also just drop support for it rather than
pinning the dependency versions.
This commit also switches to a generic Python 3 tox environment,
adds additional test jobs for more Python 3 versions, and cleans up
some Python 2 compatibility cruft.
Change-Id: I3e7cc1713dec1bada4a85f75362c4fa4f89ceae6
Rather than rely on the implicit docker-image provides/requires
list explicit per-image requirements for related jobs to reduce,
unecessarily serialization in change queues.
Depends-On: https://review.opendev.org/711119
Change-Id: Ie6b033652833bee84d2954b02a9014061756352f
To simplify the launchpadlib dependency installation for the
storyboard-migrate utility, use a separate tox testenv specifically
for this purpose and put that as its only additional runtime
requirement. Name the testenv "lpimport" with the expectation that
in time we may also rename the storyboard-migrate utility similarly
(so as to disambiguate it from the Alembic migrations we rely on
for database schema upgrades).
Change-Id: I8bd36bf69c235c8957ae4a161fd22cbe80028cf4
In-tree zuul configuration does not need any project name stanza, remove
it.
Having it in, will make project renames difficult, so we do not want
these in.
Change-Id: I0871ba31ba89882271346398134258ca316ec7d7
We need to mark several things in the bindep file with the compile
tag so that we don't install them into the final image. Also, clean
up some of the extra things in the bindep file that are almost
certainly not needed.
Change-Id: I6e42d0191fd1db8482a4a0fbe208b669ef33bfee
The py35 env is unhappy on bionic. So we either need to update
that to use xenial nodes - or just update to 3.6 which is better
anyway.
Change-Id: Id2116657b9f497e213818bd905db7485c915ec0d
Add a boolean representing whether or not attachments are enabled (and
therefore the API endpoints are available) to the /v1/systeminfo
endpoint. This allows clients to check whether attachments can be used
without having to have separate backend-specific configuration
themselves.
Change-Id: I949200d35e8591d1d670fd987ae7be7911aab983
This commit adds a method to the attachments endpoint to handle POST
requests for creating a record of an attachment on a particular story.
Change-Id: Id0c653d15b18644a05daa1aaf881982eb594f18e
Story: 2000679
Task: 29122
This commit adds support for getting details about a specific
attachment, and for getting a list of attachments related to a
specific story, to the attachments endpoint.
Change-Id: Ic4c945167fad77c304f46efc677eaec04426d49b
Story: 2000679
Task: 29116
This commit adds a model and migration for storing links to and metadata
about attachments in the StoryBoard database.
Change-Id: Ib2e291f5cc80222b226627d076ba3e1f5b88a454
Story: 2000679
Task: 3146
This endpoint currently supports returning an upload URL
for the configured storage backend.
Change-Id: I637cf5897f281a4e6b66be6495938aa999a8d3ac
Story: 2000679
Task: 29115
This implements the storage backend interface added in the previous
commit using Swift. It also adds some example configuration to the
sample config file, and some setup to initialise a storage backend
if one is configured.
Change-Id: I8467486ed42f8674e2b1db635789e88bf4113850
Currently the /v1/systeminfo endpoint is largely useless and just
returns the version of the API as specified in setup.cfg. This commit
adds functionality to also return information about which features are
enabled in a specific backend's configuration.
Change-Id: I9934f656643bb764edc986231b198d92ddc66934
This switches out the docker image used for Swift in our docker-compose
setup. It also adds a small script to modify the default config in that
image to allow it to be used with a StoryBoard development instance.
Change-Id: I6371eef0b54df16a8855f8cbcfcead4dd4234d10
Make it possible for allowed_origins and valid_oauth_clients to
include regular expressions, for cases where part or all of the
domain/URL cannot be predicted or easily enumerated.
Change-Id: I9cfc729547560438e0fa1e47cc90cd5579168c73
Some OpenID providers make a POST request to the `return_to` URL if the
query string would be too long. This commit adds support for POST
requests to this endpoint.
The change in notification_hook.py is to stop attempting to parse the
empty string as JSON when receiving this POST request.
Change-Id: I34d7032d795a5d36799bffc51864e63e585c6eb1
After spending the PTG and subsequent meetings triaging
the entire backlog of active StoryBoard stories, we have
settled on a list of tags that we will use moving forward
to help sort and organize work.
Change-Id: I5eccbbaeb025ac0604774a1270663edf113c9be3
Boards were also iterating over lists of User IDs to populate the team
permissions. This commit fixes them to use the correct variables too.
Change-Id: I2c9bc645a5e02a307f3ff3549adf00a72b5d2f26
The team_get() method needs to iterate over our list of team owners
and team users, so pass in elements from the correct list names.
Change-Id: I7b18378577e818989fc89118d6b1d947cc7a5682
In order to be able to upload to PyPI we need to avoid the name
clash with another existing "storyboard" project which is still
active there, in use and is understandably disinclined consider
renaming (they were there first). We can eventually consider
renaming our project fully to storyboard-api along with its Git
repository and all, but for now simply publishing under an
alternative distribution name will suffice.
While we're in there, add some additional Python package metadata,
correct some more, and remove an invalid trove classifier which
would have prevented uploading. Also mark the resulting wheel as
"universal" (supporting both Python 2 and 3). Bump the minimum PBR
version to accommodate the project_urls and description-content-type
options.
Change-Id: I365ad340ec875f8603e088fa114e7de8aff191c9
Having to update the whole Story in order to add/remove a single
permission entry is quite limiting. This commit addresses this
flaw by adding subcontrollers to retrieve and modify the lists of
Users and Teams who have access to a Story, without having to
modify the whole Story.
This allows much simpler use for clients in situations where
only the ACL needs modification.
Change-Id: I2ecee2c38456c5a23ae1dc7bdecb94efb2daac04
This is more specific than "private" and can therefore be sensibly used
for automating ACLs based on projects/teams affected by the story.
Change-Id: Ib8ff53d11ba3977b15d735cef420ac44fd9aa288
Story: 2000568
Task: 29891