Sync with ironic configuration to fix grenade job
Drop lower-constraints.txt and its testing (was [1])
Fix ironic-inspector-tempest-managed-non-standalone sine we're here
[1] https://review.opendev.org/c/openstack/ironic-inspector/+/840075
Change-Id: I9b08c6e61c39a0e5616e51256f76a19dc5fd00c0
The lower-constraints test was removed because of an issue where pip
could not correctly determine the required packages versions to install,
ending in an almost infinite loop that would end up in timeout, failure,
and general mayhem.
Recently the issue has been fixed and, if properly configured, the
lower-constraints test can provide good indication of which minimum
versions are required to support the current code.
This patch adds the test back to the current development branch, and it
runs only on master.
The lower-constraints file will stay in the future stable branches.
Change-Id: I2e247ff2d68705d04d40c7ea653a8d3e0daf17d8
As discussed during the upstream ironic community meeting on
Monday Dec 14 2020, the lower-constraints job is being removed.
Change-Id: I943b63b9c6a980011b35bb028c64bee18d772750
Remove pep8 dependencies from test-requirements, they're not
needed there and are hard to constraint properly.
Change lower-constraints to make pip happy and not require infinite
time to calculate dependencies.
Change-Id: Id524ad2bd2994fefadd6a3ad728123a0a1a49dc8
Also fixing user creation with GRANT in MySQL 8.0(Ubuntu Focal)
Ubuntu Focal (20.04) has mysql 8.0 and with mysql 8.0 there
is no implicit user creation with GRANT. We need to
create the user first before using GRANT command.
Change-Id: I4c0469628e82e86b4023a9b011d09f20f9b66aac
We are replacing all usages of the 'retrying' package with
'tenacity' as the author of retrying is not actively maintaining
the project. Tenacity is a fork of retrying, but has improved the
interface and extensibility (see [1] for more details). Our end
goal here is removing the retrying package from our requirements.
[1] https://github.com/jd/tenacity
Change-Id: I660192549918b9cd9738810cbfaf3dc4456f97fa
Story: #1635390
Task: #40647
When sending a literal empty response, Flask does not include a
ContentType in the response. While in many cases, we don't need
need a ContentType nor expect one on the API client, Apache
webserver can treat this as an error and generate an Error
indicating a Bad Gateway. When doing this, we also now include
an empty JSON body in the response for 202 messages. For 204
message errors, the message body is expected to be empty.
However, when this Bad Gateway error occurs, the API/Conductor
were proceeding like there was no issue. The API client on the
other hand thinks that a hard failure has occured.
Also adds some additional catches to provide additional logging
which turned out not to be needed in this case, but it would be
useful for others.
Change-Id: If2e7697e3fde58ab0a4193787e29d3acdca81ebf
This change documents configuring inspector for client-side
authentication with a standalone Ironic API service.
Since this documention refers to a keystone auth feature which is
about to be released, requirements and lower-constraints are updated
to reflect the required release (see https://review.opendev.org/737365 ).
Change-Id: I567fc8c7f2147339856563ad880334791f93d99b
The mock third party library was needed for mock support in py2
runtimes. Since we now only support py36 and later, we can use the
standard lib unittest.mock module instead.
Change-Id: Iccf78a04a66dcef383d9e38ac3990f3c838bdf84
When the config option ``auth_strategy`` is set to ``http_basic`` then
non-public API calls require a valid HTTP Basic authentication header to be
set. The config option ``http_basic_auth_user_file`` defaults to
``/etc/ironic-inspector/htpasswd`` and points to a file which supports the
Apache htpasswd syntax[1]. This file is read for every request, so no
service restart is required when changes are made.
The only password digest supported is bcrypt, and the ``bcrypt``
python library is used for password checks since it supports ``$2y$``
prefixed bcrypt passwords as generated by the Apache htpasswd utility.
To try basic authentication, the following can be done:
* Set ``/etc/ironic-inspector/inspector.conf`` ``DEFAULT`` ``auth_strategy``
to ``http_basic``
* Populate the htpasswd file with entries, for example:
``htpasswd -nbB myName myPassword >> /etc/ironic-inspector/htpasswd``
* Make basic authenticated HTTP requests, for example:
``curl --user myName:myPassword http://localhost:6385/v1/introspection``
[1] https://httpd.apache.org/docs/current/misc/password_encryptions.html
Change-Id: If50dfbfc18445ad9fe27e17cb0ee1b317ff25a0b
Depends-On: https://review.opendev.org/729070
Story: 2007656
Task: 39826
flake8 new release 3.8.0 added new checks and gate pep8
job start failing. hacking 3.0.1 fix the pinning of flake8 to
avoid bringing in a new version with new checks.
Though it is fixed in latest hacking but 2.0 and 3.0 has cap for
flake8 as <4.0.0 which mean flake8 new version 3.9.0 can also
break the pep8 job if new check are added.
To avoid similar gate break in future, we need to bump the hacking min
version.
- http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014828.html
Change-Id: I2a903c90d72cd596ef976d9aab478f96a2750680
Switch to openstackdocstheme 2.2.0 and reno 3.1.0 versions. Using
these versions will allow especially:
* Linking from HTML to PDF document
* Allow parallel building of documents
* Fix some rendering problems
Update Sphinx version as well.
Set openstackdocs_pdf_link to link to PDF file. Note that
the link to the published document only works on docs.openstack.org
where the PDF file is placed in the top-level html directory. The
site-preview places the PDF in a pdf directory.
Set openstackdocs_auto_version to not auto-version the documents.
Set openstackdocs_auto_name to use 'project' as name.
Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.
openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.
Change-Id: I9591e0f0215e9eb790ec2e3ea1a7ccbd55bb76d0
Full py3 compatible version.
Add all Python3 modules to stdlib list.
Also includes fix to an enum34 dependency bug.
Change-Id: I26bc2d06e04f85fff05e4af5e0d16e7f9db3a1e7
This repo is now testing only with Python 3, so let's make
a few cleanups:
- Remove python 2.7 stanza from setup.py
- Add requires on python >= 3.6 to setup.cfg so that pypi and pip
know about the requirement
- Remove obsolete sections from setup.cfg
- Update classifiers
- Update requirements, no need for python_version anymore
- Switch to using sphinx-build with apidoc extension
- Use newer openstackdocstheme version
- Remove Babel requirement, this is not needed.
Change-Id: I4176d8002d45449171aa5f7a7caef196ab7900d0
This patches removes the ironic-client dependency from the
ironic module in favor of openstacksdk.
Increase minimum required version of openstacksdk to use
recent added features.
Change-Id: I31964179835ad454e8205a59f483b419de4fb62d
Latest version of Werkzeug (1.0.0 at the moment) broke
compatibility with older Flask, actually causing issues when
running lower-constraints tests, since Flask will install
highest version of Werkzueg after 0.7.
With this patch we require Flask to be at least version 1.0
to re-establish compatibility.
See failed test https://review.opendev.org/706701 or run
lower-constraints test locally for confirmation.
Change-Id: Id05b4a205379fdf1b26cb239757bd370f3fe88e3
Since we've dropped support for Python 2.7, it's time to look at
the bright future that Python 3.x will bring and stop forcing
compatibility with older versions.
This patch removes the six library from requirements, not
looking back.
Change-Id: Ic443c7e4d5a5a849c4dc220207f8957e4c90bf53
Also increasing lower version of keystoneauth1 to a recommended
version for openstacksdk >= 0.30.0
Change-Id: Ifb9bbb8d091f28a8d65444caaeba301e2f707a14
oslo.db was not compatible with Python 3.7 until version 4.40.0
because Python 3.7 makes "async" a keyword [1].
To prevent bad surprises, this patch increases the minumum version
required for oslo.db to 4.40.0.
[1] https://review.opendev.org/574833
Change-Id: I6b915a0b0f78690defa962be96c8ae9d35d69345
The job uses memcached for coordination backend, etcd3gw still has issue
on retrieving members.
Story: 2001842
Task: 30376
Change-Id: I76c359d6835e435968cbfb1a3f4318e73f0203ec
Fix testenv which only installs test-requirement, also updated
upper constraint url.
mock minimum version is bumped to 3.0.0,
keystonemiddleware minimum version is bumped to 4.18.0.
Change-Id: I162bcf372598c2268c9c5e30947e49eedb0147e3
This change replaces the swiftclient dependency with openstacksdk.
The ultimate goal is to use only openstacksdk for all cross-service
interactions.
The configuration option max_retires has been broken for several
releases since commit 7e8cdc0d0f,
this change deprecates it.
Change-Id: I635519f88e90f4267ff7a9cb063a697ff39e4710
This change adds an option to publish the endpoint via mDNS on start
up and clean it up on tear down.
Story: #2005393
Task: #30384
Change-Id: Ia9407cb065979aac6761d3e4122d3884e45b559d
This patch is part of inspector HA work, which wraps inspector api into
oslo service.
oslo.service has also provided support to signal processing like SIGHUP or
SIGTERM, so these code were removed in this patch.
Deprecated current SSL cert/key options used by ironic-inspector, code
manually creates ssl context were removed. These options will be fed
from [ssl] section.
Change-Id: Ia5e16fcb9104556d62c90f5507f17b41f73a5208
Story: #2001842
Task: #12609
Add initial API reference, which covers all inspector endpoits.
The conf.py and the tox environment are stolen from ironic.
Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com>
Change-Id: I5009e8708dcad8ab25380f7bf574125d6e758ef5
https://review.openstack.org/#/c/460938 switched from pydot2
to pydot3, but also removed the last remaining use of pydot2/3.
Drop the dependency alltogether.
Change-Id: I678cbe65a283b7562bef399c34ddde02c500648f
According to Openstack summit session [1] stestr is maintained project
to which all Openstack projects should migrate.
Let's switch it then.
Also adjust requirements to pass the gate.
[1] https://etherpad.openstack.org/p/YVR-python-pti
Change-Id: I79b2220c20a04e2e33360bc330b5b4b4124caf71
Signed-off-by: Chuck Short <chucks@redhat.com>
Adds oslo.messaging to ironic-inspector, and convert
inspect, abort and reapply to synchronized rpc calls.
This is the first step of API and worker seperation.
Change-Id: I15e86d7feb623b6b2889891b9700e5de6b3164cd
Story: #2001842
Task: # 12609
Fix the lower constraints settings to match the expected values.
We will manage the eventlet version using constraints now. See the
thread starting at
http://lists.openstack.org/pipermail/openstack-dev/2018-April/129096.html
for more details.
Change-Id: Ic44a750002943920c2f517f22df670989460dbc9
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Create a tox environment for running the unit tests against the lower
bounds of the dependencies.
Create a lower-constraints.txt to be used to enforce the lower bounds
in those tests.
Add openstack-tox-lower-constraints job to the zuul configuration.
See http://lists.openstack.org/pipermail/openstack-dev/2018-March/128352.html
for more details.
Change-Id: I8a5c47cb8e4d623776cd4335754184f6f7f0d398
Depends-On: https://review.openstack.org/555034
Signed-off-by: Doug Hellmann <doug@doughellmann.com>