Commit Graph

39 Commits

Author SHA1 Message Date
Ghanshyam Mann 49cbb92ed6 Drop lower-constraints.txt and its testing
As discussed in TC PTG[1] and TC resolution[2], we are
dropping the lower-constraints.txt file and its testing.
We will keep lower bounds in the requirements.txt file but
with a note that these are not tested lower bounds and we
try our best to keep them updated.

[1] https://etherpad.opendev.org/p/tc-zed-ptg#L326
[2] https://governance.openstack.org/tc/resolutions/20220414-drop-lower-constraints.html#proposal

Change-Id: I703229320320295b4a90e72c543f8959f85daaa9
2022-04-30 15:41:05 -05:00
bshephar 9af3af156b Bump lower constraints for OSC
In support of the OSC migration, we need
to bump the lower-constraint for the
openstacksdk to allow for feature parity.

Change-Id: Ide69f84a76f06814cf74b73b57729f23dea1062b
2022-01-12 03:17:59 +00:00
Andrii Ostapenko 5d27ba3c8f
Remove python-ceilometerclient from requirements
Component is not used in code base and was recently removed from
global upper constraints [0]

[0] https://review.opendev.org/c/openstack/requirements/+/809975

Change-Id: I1555a3db15c9a560e945c3479b44cd6d3f036d79
2021-10-12 19:42:24 -06:00
Brendan Shephard 9131940ebb Drop six library
The six library was introduced to bridge the gap
between Python2 and 3. This is no longer necessary
on branches where we are not supporting Python2.

Change-Id: I7736373d03c23884158e4a1d41defafb4e2b8a4c
2021-10-05 02:50:03 +00:00
Ghanshyam Mann 157f358057 [goal] Deprecate the JSON formatted policy file
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:

1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.

2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.

Also replace policy.json to policy.yaml ref from doc and code.

[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html

Change-Id: I1aa12bcd2638390f25d57ce8abeeec248121dc02
2021-06-17 01:35:45 +08:00
Rico Lin 7230082f87 Fix avoid deprecation warnings from policy
We received huge amount of warnings during service start.
Most about stop using `deprecated_reason` and `deprecated_since` by
`policy.DocumentedRuleDefault` directly. And should use them under
`policy.DeprecatedRule instead.

This patch apply for above suggestion.
Also bump oslo.policy lower-constraints and requirements to `3.7.0` to alias
policy behavior.

Story: 2008707
Task: 42041

Change-Id: Iefcfc30a051fe25ccc5121c7ddb817e8c271fcb6
2021-03-12 20:46:17 +08:00
Lance Bragstad 93594c30ec Implement secure RBAC
This commit updates default policies to account for system scope
and default roles. This is part of a broader change to provide a
consistent and secure authorization experience across OpenStack
projects.

- Introduces basic/reusable check strings in base.py
- Implements secure RBAC for build info API
- Implements secure RBAC for the action API
- Implements secure RBAC for cloud formations
- Implements secure RBAC for events
- Implements secure RBAC for the resource API
- Implements secure RBAC for the service API
- Implements secure RBAC for software configs
- Implements secure RBAC for software deployments
- Implements secure RBAC for stacks
- Adds unit tests for legacy and new secure-rbac policies.

Change-Id: Iff1e39481ea3b1f00bd89dba4a00aed30334ecec
2021-03-02 09:32:41 +05:30
Zuul d06e850627 Merge "Update doc8 version" 2021-01-19 16:07:41 +00:00
Lance Bragstad 042345703f Bump requirements to support secure RBAC effort
The broader OpenStack community is working towards implementing secure
RBAC, which is a common set of personas (role and scope permutations)
that deliver the most common asks for custom policies. It also addresses
long-standing issues with tenancy and enforce scope checking.

This commit updates the requirements for oslo.log, oslo.context,
oslo.i18n, oslo.policy, oslo.serialization and keystonemiddleware, which
are necessary for implementing this work. Subsequent patches will go
through and update the default policies.

Change-Id: Ib28f1b333f032b8c9f960a2510e4d23487541631
2021-01-11 18:23:23 +05:30
wangzihao f616f43ced Update doc8 version
The doc8 lib supports Py36 starting from version 0.8.1

Change-Id: Ie6d64485622381031130fa12f963eab5a6a9c555
2021-01-06 16:28:32 +08:00
Rabi Mishra 4370af1572 Align lower-constraints for new pip
New pip version is quite strict and does not allow conflicting
minimum version deps in lower-constraints.

Change-Id: Ie524c54e3b982bc6b0786c875d34d177444ec6fc
2020-12-09 10:04:52 +05:30
Emilien Macchi 17a491449f Fix lower-constraints errors
This patch changes the lower-constraint requirements to make them
py3.8 compatible. See https://bugs.launchpad.net/nova/+bug/1886298

Markupsafe==1.1.1
PyMySQL==0.8.0
PyYAML==3.13
cffi==1.14.0
greenlet==0.4.15
kombu==5.0.1
lxml==4.5.0
oslo.db==6.0.0
paramiko==2.7.1
psycopg2==2.8
sqlalchemy-migrate==0.13.0
tenacity==6.1.0

Also update the test-setup.sh to work with recent version of mysql.

Change-Id: Ibe60d1e536f0e887eceea32b7cb4eec6318e96af
Partial-Bug: #1886298
2020-09-10 14:19:03 -04:00
Rabi Mishra 2aea5c9b32 Use correct attribute from entrypoint
The type of the entry point objects returned in stevedore has
been changed from`pkg_resources.EntryPoint` to
`importlib.metadata.EntryPoint`[1] and it does not have module_name
attribute.

It also bumps requirements/lower-constraints as stevedore==3.1.0 is
not backward compatible.

[1] https://review.opendev.org/#/c/740515/
Task: 40355
Change-Id: Icd68f6eab73e44406f2ff5073636dcdd111e00ea
2020-07-15 17:51:57 +05:30
Hervé Beraud eab4382df8 Use unittest.mock instead of mock
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.

Change-Id: Ie0e43904d375e542ca00cd43b3c84c7afb31ee85
2020-06-10 13:50:56 +02:00
Andreas Jaeger a27dc56f52 Update hacking for Python3
The repo is Python 3 now, so update hacking to version 3.0 which
supports Python 3.

Update local hacking checks for new flake8.

Ignore new warnings, they will be fixed in followup.

Remove hacking and friends from lower-constraints, they are not needed
to be installed at run-time.

Add Pygments to lower-constraints to pass requirements-check.

Change-Id: I20da1309e4d65707130fe517f013d3ed625bf94c
2020-04-16 08:41:49 +02:00
ricolin 5b35225d16 Add ironic client plugin support
Change-Id: I2f3ee94424c4dab75fbcef6f8b32e565b45684e4
Task: 36285
2020-04-09 14:14:38 +08:00
ricolin 6a2a4000b9 Sync lower contraint with test-requirement
Change-Id: Ic2b9387efa9c98f8720d471f653cf55530cfc19b
2020-04-09 11:33:13 +08:00
Zuul a7b554cd80 Merge "New resource OS::Neutron::ExtraRouteSet" 2020-01-22 07:50:45 +00:00
Gregory Thiemonge 68a8219315 Add support for Octavia's Flavor and FlavorProfile resources
Added OS::Octavia::Flavor and OS::Octavia::FlavorProfile support.
Added flavor parameter in OS::Octavia::LoadBalancer.

Flavor and FlavorProfile allow to configure/tune Load Balancer
capabilities (enable/disable HA, etc...)

Story: 2007081
Task: 37993

Change-Id: If31a888e5867ac6941ff0d515d4b88894fb97572
2020-01-20 18:57:37 +01:00
Bence Romsics e0a69202d2 New resource OS::Neutron::ExtraRouteSet
I hope I remembered all the discussion points we had about how to design
this plugin, so:

* Instead of changing OS::Neutron::ExtraRoute we introduce
  OS::Neutron::ExtraRouteSet so we can take advantage of Neutron API's
  ability to add/remove multiple extra routes at once.

* Addition and removal of extra routes is supposed to be atomic with
  Neutron extension 'extraroute-atomic'. An update involves a removal
  and an addition, therefore an update is not atomic operation. However
  unless the responsibility for an extra route is moved from one stack
  to another that should not be a problem.

* Sharing the responsibility for an extra route between stacks (that is
  multiple stacks defining the same extra route) is not supported due
  to the Neutron API not allowing this.

Let me know what did I forget.

Example template:

resources:
  extrarouteset0:
    type: OS::Neutron::ExtraRouteSet
    properties:
      router: { get_resource: router0 }
      routes:
        - destination: 10.0.0.0/24
          nexthop: 10.0.0.10
        - destination: 10.0.1.0/24
          nexthop: 10.0.0.11
  ...

Change-Id: Ic1fe593d9821d844fd124b0212d444f6e3a0015e
Depends-On: https://review.opendev.org/675900
Story: #2005522
Task: #36264
2020-01-17 09:41:00 +00:00
Ifat Afek ab584e500e Added a Vitrage client
Story: 2002684
Task: 23116
Change-Id: If05f0907d8f43f64327c7774170e5b559286fc06
2019-12-19 15:25:30 +00:00
Rabi Mishra 54f1119d69 Use client_retry_limit for keystone connection retry
Use the existing client_retry_limit option.

Change-Id: If3dd260cad088c9783e4c31ba18d7f261f7d68c9
Closes-Bug: #1840235
Task: 36287
2019-12-03 09:35:08 +05:30
Hongbin Lu 57680e547c Bump lower constraint of python-zunclient
Projects that depends on python-zunclient should use the latest
version as lower constraint.

Change-Id: I0d90720fab98192a191bb9ce5dae5190f2d23051
2019-09-01 22:33:28 +00:00
Rabi Mishra 87b4a92a62 Fix lower-constraints tox env to use proper constraints
- Bumps some of the lower constraints
- Fixes common/endpoint_utils.py to fallback to use auth_uri.

Change-Id: Ief0868d5feef3ee6b0689c6be27649ff009fbbcc
2019-04-10 09:11:56 +05:30
Kazunori Shinohara 809ac97439 Add a Blazar Lease resource
Add a OS::Blazar::Lease resource plugin to support Blazar which is a
resource reservation services in OpenStack.

Co-author: Asmita Singh <Asmita.Singh@nttdata.com>

Change-Id: I7683599d9e9443372d1f585985cee7c10fd08581
Task: 22882
Story: 2002085
2019-02-18 06:35:05 +00:00
whoami-rajat ba4e54589d Add heat-status upgrade check command framework
This adds basic framework for heat-status upgrade
check commands. For now it has only "check_placeholder"
check implemented.
Real checks can be added to this tool in the future.

Change-Id: I83629184b49a6cf91928df702db23156433d99f6
Story: 2003657
Task: 26131
2018-10-22 14:19:36 +00:00
Zuul 53188f7e92 Merge "Clean up test requirements" 2018-08-03 07:43:35 +00:00
Zuul 5e52ee706c Merge "Enhancements to CIDR and IP address constraints." 2018-07-27 22:56:55 +00:00
Zuul 1ebf414c73 Merge "zun: use containers.update for renaming" 2018-07-27 19:18:12 +00:00
Pavlo Shchelokovskyy 51f566c56c Clean up test requirements
remove os-testr and testrepository in favor of stestr,
and remove qpid-python (does not seem to be imported anywhere).

Also adjust docs to describe running tests with stestr instead of
testrepository.

Change-Id: I12088ea2bf2475963db58d6e8e83fd6abe6f9b3f
2018-07-27 13:38:27 +00:00
Zuul 158636e94f Merge "Add Blazar client plugin to Heat" 2018-07-27 05:58:34 +00:00
Dao Cong Tien e8824a2c93 Adds doc8 check to pep8
This patch adds doc8 check for .rst files to pep8.
Files that fail doc8 check are also fixed.

Ignore D001 of doc8 check. This requires lot of changes and
should be done in a separated patch.

Change-Id: I7732abc55ec27026efbf56663ba02ff27e8ec847
2018-07-26 14:57:58 +07:00
Nakul Dahiwade 9592bcb591 Enhancements to CIDR and IP address constraints.
Currently the constraints do not reject an ipaddress for ipv4 which have
fewer than 3 dots such as 'a' or 'a.b' or 'a.b.c'.
This enhancement provides an extra check that an ipv4 address has syntax:
'a.b.c.d'

This also applies to CIDR

Change-Id: Ia7ec8bf107abd169b6b6a91d0b8bb913fc3cc7b9
Story: 2002552
Task: 22114
2018-07-25 18:11:10 +00:00
Hongbin Lu de549a931c zun: use containers.update for renaming
The old way of renaming is duplicated [1]. This patch uses the
new way to rename a container. In addition, this patch also
bump the version of python-zunclient to 2.0.0

[1] https://review.openstack.org/#/c/557595/

Change-Id: I4ef36a3c4a805b3e041fcb9456c297e59865485c
2018-07-24 17:43:11 +00:00
ricolin e49e53af0e Bump monascaclient to at less 1.12.0
Bump mocascaclient to avoid issue in story 2002978

Change-Id: Ibe5d6469de8d18f08eeb2bfb48dfdd57b63eb62d
2018-07-18 10:22:55 +08:00
kaz_shinohara 64a60dd040 Add Blazar client plugin to Heat
Add a Blazar client plugin which will be used by a couple of Balazar
resources under development.

Change-Id: I0f68fc0525db3ba299d77019a102f24b9d3cea87
Task: 19754
Story: 2002085
2018-07-12 11:43:45 +09:00
Zane Bitter 170e47d072 Destroy mox forever
Change-Id: Ib983af3392760367c4ce6256456de70d1078fbba
2018-07-05 14:46:21 -04:00
Zane Bitter 50c634935d Fix lower-constraints
In the course of switching over to lower-constraints, the lower
constraints got out of sync with the requirements. This change fixes the
constraints using the script mentioned in
http://lists.openstack.org/pipermail/openstack-dev/2018-April/129056.html

Change-Id: Iae317fa745862ebde4115ca8e77a26c6c9be20ac
2018-04-11 14:49:38 -04:00
Doug Hellmann 337d83ccde add lower-constraints job
Create a tox environment for running the unit tests against the lower
bounds of the dependencies.

Create a lower-constraints.txt to be used to enforce the lower bounds
in those tests.

Add openstack-tox-lower-constraints job to the zuul configuration.

See http://lists.openstack.org/pipermail/openstack-dev/2018-March/128352.html
for more details.

Change-Id: I72fd5f8c87133713cd272de210b7e957880f48f9
Depends-On: https://review.openstack.org/555034
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
2018-03-22 12:40:31 -04:00