This introduces a new pipeline_factory so that we can use a single
entry to define pipeline for each deployment flavor.
Change-Id: Ia9b251f0e48f69baa0c5c988b91b216a627ed028
When version detection broke for v2.10, only 2.10 was changed to
be enclosed between single quotes but all of them should be the same
format, a string. In this case, some of the versions are floats
and converted to strings in build_version_object which is not pretty.
Change-Id: I3f67671c4426ff7f0080ccc5bcfb69e7f386c9fc
Closes-bug: #2008116
As per the revised SRBAC community goals, glance service is now
switching to new defaults by default hence removing the deprecated
``enforce_secure_rbac`` option which is no longer needed.
The ``enforce_secure_rbac`` option was introduced EXPERIMENTAL in
Wallaby release for operators to opt into enforcing authorization
based on common RBAC personas.
Related blueprint secure-rbac
Change-Id: I273527c85d30c1c09c086c73c892aaa6d127df6b
Add a new import method called glance-download
that implements a glance to glance download in
a multi-region cloud with a federated Keystone.
This method will copy the image data and
selected metadata to the target glance, checking
that the downloaded size match the "size" image
attribute in the source glance.
Implements: blueprint glance-download-import
Co-Authored-By: Victor Coutellier <victor.coutellier@gmail.com>
Change-Id: Ic51c5fd87caf04d38aeaf758ad2d0e2f28098e4d
This patch extends the functionality of the API
``GET /v2/info/stores/detail`` to expose store details
of other stores. Currently the ``stores-detail`` API
exposes store details of RBD backend.
Implements: blueprint expanding-stores-detail
Change-Id: I0c7bbc315b56dc0e40397b4ed8a68d1668203c44
Fix the following deprecation warning.
* DeprecationWarning: setDaemon() is deprecated,
set the daemon attribute instead
Change-Id: I7af41eddf597e1ac78e8835a5af2e029d65a302a
Closes-Bug: 1987191
Signed-off-by: Takashi Natsume <takanattie@gmail.com>
Till now glance was dependent on periodic job to get image
cached locally and also has dependency on ``cachemanage``
middleware for the same.
This patch removes the periodic job and dependency of
``cachemanage`` middleware and initiates immediate caching
of an image via ``PUT /cache/image_id`` API call.
Co-Author: Dan Smith <dms@danplanet.com>
Implements: blueprint instant-caching
Change-Id: I9ab3f1b7595e22dbb03af95168314352a44eb930
These URLs are now in the form docs.openstack.org/$project/latest. Make
sure to use always use https for these URLs.
Change-Id: I4a75bb6097399efca373d2f9a0e8697eb92312a7
DELETE /v2/cache/{image_id} and /v2/cache returns HTTP 200 response
code to user but as per proposal it should be HTTP 204. This change
returns HTTP 204 response to user.
Closes-Bug: #1980049
Change-Id: I9d1c25638584fe346e3937d0536413d548d46e8e
In Xena we have mangaed to move all policy checks to API layer,
now removing the dead code from policy and authorization layer
NOTE: Some of the code is still being used from policy layer,
hence keeping it there only at this moment.
Change-Id: Ibee749cde20687d8c243cf84ae80b4de67d8ef3d
This API version increment is due to change I6a875a38bef5, which
corrected the response code for the admin-only API call:
PUT /v2/cache/{image_id}
The call now returns 202 upon success (it had been returning 200).
The intent of this version bump is to get the attention of operators
to take note of this change; from now on, the call always returns 202
upon success regardless of what API version you request.
Additionally, cleaned up some version tests that had gotten out of
date and were not thoroughly testing version negotiation.
Also, corrected the version negotiation code around the v2.13 API.
The versions response had been modified by change I6882fd2381e6 to
only include v2.13 when the 'enabled_backends' config option had a
value, but the versions negotiation code was not updated to reflect
that.
Change-Id: I0cf35ed7e21497826cd581e59aa58774f030b9f6
Related-bug: #1971521
If a namespace is deleted by another client while we are doing a
namespace list operation, we will fail the list with NotFound if we
try to pull the resource_type_associations list. The latter re-queries
the DB for the namespace and will raise NotFound to us. This is
especially bad because the namespace being deleted need not even
belong to the caller of the list, as is the case in a tempest run.
This makes us catch the failure and continue the operation, reporting
no associations so that the client gets a consistent view and no
error.
Closes-Bug: #1973631
Change-Id: I09fc9164a08f42507d2aec44c5b382a72f232571
This was already fixed in 4889dc1814 but
we did not enforce this rule and reintroduced "bad" string
interpolations. This patch adds a hacking rule to prevent us from doing
this again in the future.
Change-Id: I96d9a157d3887286542859d67138ffdae5a589f1
PUT /v2/cache/{image_id} returns HTTP 200 response code to user but as per
proposal it should be HTTP 202. This change returns HTTP 202 response to
user.
Closes-Bug: #1971521
Change-Id: I6a875a38bef5beafe352ab3320f3fd199db89aa1
This patch adds a new API to glance ``GET /v2/info/stores/detail``
to expose the stores specific details about the store like store
type and other specific store properties.This operation
will be admin only and validated by the new policy rule
``stores_info_detail`` which defaults to admin only
Implements: blueprint expose-store-specific-info
Change-Id: I6882fd2381e6ae245fd8c61bf9f4d52df2b216f5
It was observed that md-tag-create-multiple
(/v2/metadefs/namespaces/{namespace_name}/tags) API overwrites
existing tags for specified namespace rather than creating new one
in addition to the existing tags.
This patch resolves the issue by introducing a header 'X-Openstack-Append'
which on being True will append the new tags to existing ones and
if False will continue to overwrite the tags.
Implements: blueprint append-tags
Closes-Bug: #1939169
Change-Id: I29448746b14c542e5fbf0283011968ae1516642e
This adds a /v2/info/usage API endpoint which exposes to the user
their current limits and usage.
The discovery API does not (appear to) have existing tests, so this
adds a module for that, although only usage tests are added currently.
Implements: blueprint quota-api
Change-Id: I50c98bac50f815bdb9baae024e77afd388f74554
We also update docs since guidance has necessarily changed here.
Change-Id: I7c24a1aa3545f3499a7a2ce30b73e2656666c764
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
This is a rather beefy change due to the number of usages of this
import. The changes are trivial though.
Change-Id: I7badeeaca438b0291f4ed86670e7f217e6372c61
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
The image state diagram shows that for v2, any image upload failure
results in the image going back to 'queued' state. The old v1 path
used the 'killed' state, which is no longer value in image list
operations for v2. The signature verification error was sending the
image back to killed state still, which results in the user losing
visibility to the image entirely.
This removes the one last way we can get an image into killed state,
but there may still be images in the DB that have been orphaned in
this way, so some cleanup routine will be necesssary.
Change-Id: I9330cc42900dd019e9132c1f4e49eb9eff4f3fc9
Related-Bug: #1924612
This patch enforces policy checks required for caching images
in API layer.
Partially-Implements: blueprint policy-refactor
Depends-On: https://review.opendev.org/c/openstack/nova/+/688802
Change-Id: Ie17b8f5bf308b8f07915ea18ace9b49955b8f0f0
Moved policy checks for metadef tags in the API layer.
Added additional functional tests for coverage.
Partially implements: blueprint policy-refactor
Depends-On: https://review.opendev.org/c/openstack/nova/+/688802
Change-Id: I22864ddb30b7a9a33a68b2c53606cbead32fa23f
Made provision to enforce metadef property related policy
checks in API.
Partially implements: blueprint policy-refactor
Depends-On: https://review.opendev.org/c/openstack/nova/+/688802
Change-Id: I6440462d16006204a5cd46a826dc281fe23ab992
This patch enforces policy checks required for fetching task
information for image in API layer.
Partially-Implements: blueprint policy-refactor
Depends-On: https://review.opendev.org/c/openstack/nova/+/688802
Change-Id: I8f59b8405d9c55b5f69294d3f9bd7bcbc064203f
This patch enforces policy checks required for adding/deleting tags
for image in API layer.
Partially-Implements: blueprint policy-refactor
Change-Id: I7b5bcbce9375df5b0826120df5cdf5d4cb788af2
This patch enforces policy checks required for importing/copying image
data to store in API layer.
Partially-Implements: blueprint policy-refactor
Change-Id: I18a5187d80bf76c0dc6f22dd8c96a8ffa0f46dc1