* Update neutron-lib from branch 'master'
to 625ae19e29758da98c5dd8c9ce03962840a87949
- Merge "Enable filtering flag in subnet 'router:external' field"
- Enable filtering flag in subnet 'router:external' field
This flag was incorrectly set to False in the API extension
implementation. This extension is still not implemented in Neutron.
Change-Id: I87ea4e8bf4b4bc6a6934a349ac28765107c1536a
Related-Bug: #2051831
* Update neutron-lib from branch 'master'
to b4cc4bb090fb54de837546972f57bad5644daf67
- Update master for stable/2024.1
Add file to the reno documentation build to show release notes for
stable/2024.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.1.
Sem-Ver: feature
Change-Id: I2f2b4e4eb87d05106561538e8ac9c538e268f8dc
* Update neutron-lib from branch 'master'
to 35fc7b98b1d354abb2921989f2efd7ffac82b1cf
- Merge "reno: Update master for unmaintained/victoria"
- reno: Update master for unmaintained/victoria
Update the victoria release notes configuration to build from
unmaintained/victoria.
Change-Id: I6f6a5f561914963dddb946a48489b14646d82e3b
* Update neutron-lib from branch 'master'
to 2be28d34b01c96c23300228785fded841aa508ce
- Merge "reno: Update master for unmaintained/wallaby"
- reno: Update master for unmaintained/wallaby
Update the wallaby release notes configuration to build from
unmaintained/wallaby.
Change-Id: I3343df41c334e6894fad904509e7e285c5f9507e
* Update neutron-lib from branch 'master'
to 761ffd8001981ddd8d49d2dd681c6863a432971c
- reno: Update master for unmaintained/xena
Update the xena release notes configuration to build from
unmaintained/xena.
Change-Id: I383d259255073e24e4a2d1de61400c6b5522b987
* Update neutron-lib from branch 'master'
to 3a9e39b9ef4d73cc60b534411bc5255e7d280bef
- [netaddr>=1.0.0] Do not use netaddr.core.ZEROFILL flag with IPv6
The flag "netaddr.core.ZEROFILL" cannot be used with IPv6 addresses
with netaddr>=1.0.0
Change-Id: I116ea2abbee13a73302ebca9c65707f427a7d9d0
Closes-Bug: #2055173
* Update neutron-lib from branch 'master'
to f0724e9cf1dd761bd14abfcd8b7e16369387c23a
- Skip the enforcer undefined rule check
That will avoid unnecessary warning messages in the logs. The
role enforcer only loads the following 3 rules:
* _ADMIN_CTX_POLICY = 'context_is_admin'
* _ADVSVC_CTX_POLICY = 'context_is_advsvc'
* _SERVICE_ROLE = 'service_api'
This functionality was implemented in [1]. oslo.policy library
is bumped to version 4.3.0 that contains this patch.
[1]https://review.opendev.org/c/openstack/oslo.policy/+/907196
Closes-Bug: #2048198
Change-Id: I1581b95035c4afebf63518b64c35bc0c61c292e9
* Update neutron-lib from branch 'master'
to d131b53403b4dc4c1e4730cb723e75b8668b894d
- Merge "Add extension "subnet-external-network""
- Add extension "subnet-external-network"
This extension adds a new field to the "subnet" resource:
"router:external". This boolean field, that is False by default,
represents if the subnet belongs to an external network.
Related-Bug: #2051831
Change-Id: I75a9c30f1e8031d40a548df345b02fbe0bc47706
* Update neutron-lib from branch 'master'
to b3fe0ead287126a36e66211a6f1244c49390f504
- Merge "Add "socket" NUMA affinity policy"
- Add "socket" NUMA affinity policy
The "socket" NUMA affinity policy has been supported in Nova since [1].
[1]https://review.opendev.org/c/openstack/nova/+/773792
Related-Bug: #2052786
Change-Id: Id84f3f5c83a1452875f2d7adf4611db319c240ce
* Update neutron-lib from branch 'master'
to df103c9ee826ac00c037e5a5c438bd09cee5b235
- Merge "rpc: initialize notifier when get_notifier is called"
- rpc: initialize notifier when get_notifier is called
This is to mimic other get_ (server, client) entry points.
Change-Id: Iabcf6e43fca40e7dbdd83345b2cd6d32cb25d3d8
* Update neutron-lib from branch 'master'
to 3aec8fdfeeb469419c9a6760355e203a1bc8a790
- [S-RBAC] Add note about port:binding:profile field and SERVICE role
With new default API policies binding:profile attribute of the port can
be only set or updated by the SERVICE user. This patch adds small note
about this to the Neutron API-REF document.
Related-Bug: #2052937
Change-Id: I0b2f2225e29537c9fd2de53b0945a451b9bcdde3
* Update neutron-lib from branch 'master'
to 1fedbae8336aa077cdbc1ba6e2819f5da04cd39c
- rpc: don't explicitly pass access_policy
The passed value is the default in oslo.messaging, so the argument is
redundant.
Change-Id: Iaa82d6141cfc300705bb2c4f430df2a092ec5aee
* Update neutron-lib from branch 'master'
to 8169a79a4d5bff34d838b0e86fc007b46e67ad5c
- rpc: explain how get_notifier arguments actually work
Arguably, using `None` as service name by default is probably wrong, but
I don't think we can safely change it now.
Change-Id: Iad19f1af0019b40fc5618fc55647ccd7553f2272
* Update neutron-lib from branch 'master'
to 23b1fbc3b37f2b53061500b2a5034cf5d074abad
- rpc: fix some typos
Change-Id: I3669e11839a99e7d1f60b5be16f1097295196628
* Update neutron-lib from branch 'master'
to 35455d101bb09ca71620216f9b573baa5666a961
- Merge "Replace CRLF by LF"
- Replace CRLF by LF
... because LF is now commonly used as newline code.
Change-Id: I671bc10cb7cbe6e64e9ef96da859242631cc0eeb
* Update neutron-lib from branch 'master'
to 493609c019bed6fb60a62f2c032381ce19648208
- Merge "reno: Update master for unmaintained/yoga"
- reno: Update master for unmaintained/yoga
Update the yoga release notes configuration to build from
unmaintained/yoga.
Change-Id: I436088f5744eaa8b1119c0f261dc4f10d3d1cab4
* Update neutron-lib from branch 'master'
to b04be1b99948d0cc21fbb11ecc86b7abdee068de
- Merge "tox: Drop envdir"
- tox: Drop envdir
tox now always recreates an env although the env is shared using envdir
options.
~~~
$ tox -e genpolicy
genpolicy: recreate env because env type changed from
{'name': 'genconfig', 'type': 'VirtualEnvRunner'} to
{'name': 'genpolicy', 'type': 'VirtualEnvRunner'}
~~~
According to the maintainer of tox, this functionality is not intended
to be supported.
https://github.com/tox-dev/tox/issues/425#issuecomment-1011944293
Change-Id: I0321ceed864ccdb8fb78d6fb119b09640bb97896
* Update neutron-lib from branch 'master'
to a5d8a6fd7c420e0580ff9258f873b860577bd0fb
- Merge "Remove unused reno from test requirements"
- Remove unused reno from test requirements
This library is used only when generating release notes.
Change-Id: Ibca0cb324df8abfddf5bdb3478708dce0f764709
* Update neutron-lib from branch 'master'
to 8c5dd8d373813a6bfd3f444e91e093f4ee12ec2d
- Merge "Add some neutron constants"
- Add some neutron constants
Copied some constants and an exception based on TODO
comments, so we can consume in the future.
TrivialFix
Change-Id: Iac9070c840a3276b5805d8c58437da3363890f67
* Update neutron-lib from branch 'master'
to ba24f0841ed7545f4cfe65c09dac2937c7bf7c52
- Merge "Add Tap Mirror exception"
- Add Tap Mirror exception
Add TapMirrorNotFound and TapMirrorTunnelConflict to
taas exceptions.
Change-Id: I96413cdeaa85f8f52c80a5e6dd72e0ddaa2e10ed
Related-Bug: #2015471
* Update neutron-lib from branch 'master'
to 06ed5488a7452647740610e2d80fa958ab3222d2
- Merge "Tap mirror API def and API ref"
- Tap mirror API def and API ref
Change-Id: Ifa1bf6abbf5d25769820b545d8d3bab195b146d3
Related-Bug: #2015471
* Update neutron-lib from branch 'master'
to c8754d1e5d9a358fe6687229ec16046cf44ce7b7
- Python-3.12: do not use datetime.datetime.utcnow()
This is deprecated in the favor of:
oslo_utils.timeutils.utcnow()
Change-Id: Iaf95c602b4ead7128850625140b7b3bde132ebf6
* Update neutron-lib from branch 'master'
to c69701eb73fa478dc96449230353dfa6172e9d5d
- Bump hacking
hacking 3.0.x is really old. Let's bump it to the latest version
available.
This also fixes some errors detected but some rules are excluded now.
See the comments in tox.ini for further details.
Change-Id: I2565e5f5e791dfdd9bbc1890b35c413965d83626
* Update neutron-lib from branch 'master'
to 27689c9ce535fa87615ca5632afa1900b9df5393
- Cleanup setup.py and requirements
- Python 2 is no longer supported
- setup.py is no longer managed by the global tooling
- Recent pip does not require appropriate order in requirement files
Change-Id: I29e2375b68dc01f6e042717a6da3861cc0bd8f88
* Update neutron-lib from branch 'master'
to b2aca167054181675837ab0e1465d8e683cbad0b
- Add api-ref about SG rule bulk create
Neutron support bulk create of security group rules, but that's
undocumented in the api-ref. This commit fixes that by adding the docs
and examples of these calls.
Change-Id: I32ce8b3501a01552fed67ba24602e891c3c01cd4
* Update neutron-lib from branch 'master'
to 9e3a3a608670d2d7bc0ae98fd39551920e563efe
- Merge "Update default for BFD/ECMP router extra attributes"
- Update default for BFD/ECMP router extra attributes
During review of the series it was requested to make the default
values for 'enable_default_route_bfd' and
'enable_default_route_ecmp' configurable.
In order to determine the correct value at runtime, Neutron needs
the attributes to be filled with something other than 'True' or
'False' when not provided in the request.
Needed-By: I581f4c5e5cfa275f8a6f0adec405f205e877ac55
Related-Bug: #2002687
Change-Id: I9096685fb79a84e11a8547a5aaa16f7f2df48a56
* Update neutron-lib from branch 'master'
to d6988065632553515f35682d08e8895323728853
- Merge "api-ref: Document only unbound ports vnic_type updates"
- api-ref: Document only unbound ports vnic_type updates
The Neutron patch linked below changes behavior of API update requests
to vnic_type port binding attribute on bound ports. It's no longer
allowed to update the vnic_type if the port is already bound.
Depends-On: https://review.opendev.org/c/openstack/neutron/+/892815
Related-bug: #2033090
Change-Id: Ic5c6d54a1e5e57e977623ac6a4e2e6278f7237b7
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
* Update neutron-lib from branch 'master'
to 64c693721616f804a56db89678764e5ae9d3c50a
- Merge "Add the "cancellable" flag to the ``CallbacksManager`` events"
- Add the "cancellable" flag to the ``CallbacksManager`` events
The ``CallbacksManager`` class considers, by default, that the events
starting with "before_" and "precommit_" can raise an Exception
(``CallbackFailure``) in case that the callbacks associated to these
methods exit with an error.
However there are some other events (those started with "after_") that
won't generate an exception in case of error. The error will be logged
but the process will continue.
This new functionality adds the possibility of adding any kind of event
and mark is as "cancellable". The ``CallbacksManager`` instance will check
the errors returned by the callback methods and if any of them is marked
as "cancellable", the manager will raise a ``CallbackFailure`` exception,
terminating the process.
In case of being a Neutron worker, for example, the
``oslo_service.service.Services`` class will restart the process again.
Related-Bug: #2036607
Change-Id: Ie1e7be6d70cca957c1b1b6c15b402e8bc6523865
* Update neutron-lib from branch 'master'
to 490b78f7ba641786eaa06fedeafcd1a767744d6c
- Merge "Switch to py311 sqlalchemy master job"
- Switch to py311 sqlalchemy master job
The job is updated in neutron repo with the Depends-On,
let's update here too. Also drop the timeout override
which is not required for neutron-lib.
Depends-On: https://review.opendev.org/c/openstack/neutron/+/899746
Change-Id: Ia21694834518c32108a22422e65f2b8b4c61d077
* Update neutron-lib from branch 'master'
to 39adee609cc7ef3b555614373f9d27bf6debb972
- Merge "Remove unmaintained API report tooling"
- Remove unmaintained API report tooling
This tool has not get any meaningful update for 7 years and looks
unmaintained.
Change-Id: I80ed6035f5a54cd97d2af574138a35893ddac65d
* Update neutron-lib from branch 'master'
to 06b602d6a1d626450081b937f13984808a56d9a3
- Merge "Change test_sqlalchemytypes.py to support sqlalchemy 2.0"
- Change test_sqlalchemytypes.py to support sqlalchemy 2.0
With the move to sqlalchemy 2.0 some of the API methods
have changed, but these tests were never updated.
Also added an sqlalchemy-master job so we do not regress.
Depends-on: https://review.opendev.org/c/openstack/requirements/+/900517
Closes-bug: #2043141
Change-Id: I9e1c796dcda725844ea6b7a0d5c8a8c11560b2b3
* Update neutron-lib from branch 'master'
to 46987a9ce8929e61f75ee93bbbe0630e2804c2a5
- Merge "vpnaas: add support for more ciphers (auth, encryption, pfs modes)"
- vpnaas: add support for more ciphers (auth, encryption, pfs modes)
Encryption algorithms: add AES CCM mode and AES GCM mode variants
for 128/192/256 bit keys and 8/12/16 octet ICVs.
Auth algorithms: add aes-xcbc and aes-cmac.
PFS: add Diffie Hellman groups 15 to 31.
Related-Bug: #1938284
Change-Id: Iba86fe9a1bbf88223b57a45fb89349c6b1858015
* Update neutron-lib from branch 'master'
to 1da71876b87647e3e9b7faf118ad38856a223e63
- Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
Change-Id: I08764d0494ac862239b0325a9eb410182b269165
* Update neutron-lib from branch 'master'
to bdebe1de3c9e4032a7a40785846065b676b45b64
- Update master for stable/2023.2
Add file to the reno documentation build to show release notes for
stable/2023.2.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.2.
Sem-Ver: feature
Change-Id: I93d2f0751bb2bf4728a6d361044c1c73b4b4e4b7
* Update neutron-lib from branch 'master'
to 8c72e2eee9ba1e5be1bf6423ad7f873e94436110
- Merge "Revert "Add "network" to the EXT_PARENT_RESOURCE_MAPPING""
- Revert "Add "network" to the EXT_PARENT_RESOURCE_MAPPING"
This reverts commit a0147209123542c4b237b3e3dddea880be27a5af.
Reason for revert: It is not needed to have network in the EXT_PARENT_RESOURCE_MAPPING as we will keep NET_OWNER rules and use
them for subnets and ports API.
Please see [1] for more detailed explanation why it's better to keep NET_OWNER rules for those policies.
[1] https://review.opendev.org/c/openstack/neutron/+/889153
Change-Id: Ia2cd6301e04ac502888ee2b8042ea8c19873a95a
* Update neutron-lib from branch 'master'
to 3bc1219d56d99edeee8f5ecd02dc9e4fc79aa1c9
- Merge "Fix the default value for ``hardware_offload_type`` field"
- Fix the default value for ``hardware_offload_type`` field
In the 'port-hardware-offload-type' extension, the default value for
``hardware_offload_type`` should be ATTR_NOT_SPECIFIED, in case this
value is not defined in the API call when creating a new port.
NOTE: this extension is still under development thus it is legit to
modify it.
Related-Bug: #2013228
Change-Id: I7aadac451c59388c3d647f4ec5380e18a72c67be
* Update neutron-lib from branch 'master'
to c958933fa023732200d96e12bb2a817389d6d9ac
- Add new callbacks event for resouce status update
A new event AFTER_STATUS_UPDATE is added, that will be published to
callbacks when a resource's status is updated in the DB. The first use
of this new event is to indicate when the L3 DB layer has updated
floating IPs status.
Change-Id: I1a85d1af7b4f50a5319c64e47c52ccdaa345e362
Partial-Bug: #2020823
* Update neutron-lib from branch 'master'
to 8e5b6955d21def2b5223b1e1a32130c57b61b2f4
- Merge "Removed ``HasProjectPrimaryKeyIndex`` class"
- Removed ``HasProjectPrimaryKeyIndex`` class
A column that is primary key creates an index by default. There is no
need to create another one by passing index=True.
Related-Bug: #2024044
Change-Id: Ie74934754598292b125d2be7edb4bbcbb898a230
* Update neutron-lib from branch 'master'
to 8ccdecc7d1599119e3f020051449b547db89ee3e
- Add is_service_role property to the context class
As we are moving to the new S-RBAC policies, we want to use "service"
role for all service to service communication. See [1] for details.
This require from Context class property similar to old "is_advsvc" but
with new naming convention and using new policy rule.
This patch adds this new property together with all required policies
and rules.
For now "ContextBase.is_advsvc" property will return True if one of the
advsvc OR service_role will be True to make it working in the same way
with both old and new policies but once we will get rid of the old
policies we should also remove is_advsvc property from the ContextBase
class.
[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#phase-2
Change-Id: Ic401db8b4e2745234e61fe2c05afd5b4ab719a03
* Update neutron-lib from branch 'master'
to d5acebbe7bf8f987cd06e93b1740a76c50e78af4
- Merge "Add port hardware offload extension"
- Add port hardware offload extension
This new new port extension allows to create ports with hardware
offloaded capabilities.
Spec: https://review.opendev.org/c/openstack/neutron-specs/+/882272
Related-Bug: #2013228
Change-Id: I0c9863ff21f3dee6120f1c8424a69ded6c3612b1
* Update neutron-lib from branch 'master'
to c965b1892f71c286a8a1c9f1df25447aeef53943
- Add short warning about UUIDs in the SG rule templates api
SG rule template API accepts any string (any uuid) as remote group id or
remote address group id. It may be something what's not existing in the
time of the creation of template and that's fine. But if it will be not
existing when regular SG will be created for project it will fail making
SG for that project.
This patch adds small warning about this to the default SG rules
template api-ref.
Additionally this patch updated some small issues in the "create
default security group rule" section.
Related-Bug: #1983053
Change-Id: I9bad07d8ed11796047883f87b45a7da0799cdcb1
* Update neutron-lib from branch 'master'
to 93a97d3be0bb9d0b9d126521a5480bcff57adda6
- Merge "Add "network" to the EXT_PARENT_RESOURCE_MAPPING"
- Add "network" to the EXT_PARENT_RESOURCE_MAPPING
It's needed so network can be used as ext_parent for e.g. subnets in
the API policy rules.
Related-bug: #2023679
Change-Id: Ib446dffcd60e18b578a4d816ab5881e2fabc3e51
* Update neutron-lib from branch 'master'
to e993a7bf0a29e24ccdba251823c18a1e0242b7ea
- Merge "Remove unnecessary required extension for "network_ha" extension"
- Remove unnecessary required extension for "network_ha" extension
The L3 "router" extension is not needed for "network_ha". Furthemore,
this L3 "router" extension cannot be used with all ML2 plugins (for
example ML2/OVN uses "ovn-router" instead)
Related-Bug: #2016198
Change-Id: I949cbd7e27b2183200b58878b45ed7c1d7b3d7a7
* Update neutron-lib from branch 'master'
to 95b6a4bb47347bbd442ac686a805e6bb5c727d56
- Merge "Add new SG rule ext. ``security-groups-rules-belongs-to-default-sg``"
- Add new SG rule ext. ``security-groups-rules-belongs-to-default-sg``
Added a new API extension
``security-groups-rules-belongs-to-default-sg`` that adds a new
read only field ``belongs_to_default_sg`` in the security group
rules. This flag determines if this security group rule belongs
to the project's default security group.
Related-Bug: #2019960
Change-Id: Ibd8f57d82b28f5cdb8874f1ae22cb35adcd8e880