Commit Graph

45 Commits

Author SHA1 Message Date
OpenDev Sysadmins 78ce49cf96 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:51:57 +00:00
Corey Bryant 233e1c204b In test cleanup, only delete DB if it exists
Change-Id: I3006fa24fb093c071f988260db5393fd4d40cfac
2017-10-25 16:21:15 -04:00
Corey Bryant bfb10ff85d Add support for keystone memcache deployments
Change-Id: Ibdc140a35e80b9d390ffea56208ba517efcb12fd
2017-10-13 07:41:14 -04:00
Pete Vander Giessen c65409831d Added config files to snapstack_test.
This helps us not break when transitioning to using the new version of
snapstack, with the config files for each snap in the individual
steps, rather than in a config step.

Change-Id: If845bff36ed7f1256a8150ec806a13d6fb08a05e
2017-08-11 21:03:24 +00:00
Jenkins 57a0d06aac Merge "Added config files to snap." 2017-08-11 15:02:57 +00:00
Pete Vander Giessen 416723f1f1 Added config files to snap.
This is part of a transition to storing the config files in the snap,
rather than in snapstack.

Also updated .gitignore to ignore emacs temp files and snapcraft
cruft.

Change-Id: I30a5421faec0a976741f3dd0d5452f2437e19503
2017-08-10 19:28:29 +00:00
Corey Bryant e6c462597b Update README snap install command
This snap is now being published to ocata/edge only.

Change-Id: Ia96d3d7fca824d2963581b15ebf8c72de502a1ec
2017-08-09 17:05:25 -04:00
Pete Vander Giessen a1e372560b Updated proxy env var passthrough in tox.ini
We made a breaking change to snapstack. SNAP_BUILD_PROXY ->
SNAPSTACK_HTTP/S_PROXY.

Change-Id: Ibbcb5873cb11d884469409f3885041cc4577c360
2017-08-08 13:17:38 +00:00
Pete Vander Giessen aac40bec0e Added snapstack test.
Tweaked tox.ini to invoke snapstack, and added test_snapstack.py to
tests dir.

Also added keystone.sh to keystone/tests, as part of the plan to move
those scripts from snap-test to the individual snaps.

Change-Id: Id39209ee1534670506f0d97bb3dcb34a173ebc92
2017-07-27 18:51:48 +00:00
Corey Bryant 3067720cbb Use auto-alias for keystone-manage
The current snaps now have well-known aliases defined at install time
for commands [1]. This means we can drop the manual alias definition
from snapcraft.yaml and the instructions for setting it up.

When building/installing locally users can still create the alias
with 'snap alias'.

[1] https://forum.snapcraft.io/t/auto-aliases-for-openstack-base-snaps/1146/6

Change-Id: I6ca747b83e8a930c9ba65cdfb36f8fc67609bd54
2017-07-11 20:22:12 +00:00
Jenkins 5b39d055b1 Merge "s/nova/keystone cut and paste error" 2017-06-23 12:37:34 +00:00
Jenkins 25add29bd9 Merge "Drop browser-support plug from nginx" 2017-06-23 12:36:53 +00:00
Saverio Proto 0491561ba3 s/nova/keystone cut and paste error
Change-Id: I25f1c6071edcbccd8b6739d9ed0ba886b56f37fe
2017-06-23 11:41:06 +02:00
Corey Bryant 223d507227 Drop browser-support plug from nginx
The browser-support plugs doesn't appear to be necessary for nginx.

Change-Id: Ifc79387e6070afa756d38e71266019af26e7b10b
2017-06-22 23:52:56 +00:00
David Ames 29619d4234 Enable Nginx SSL
Without ssl at compile time Nginx cannot run SSL sites.
Use the --with-http_ssl switch at compile time.

Change-Id: I6210671665c4509382c6621cabb4612e2ba15ee9
2017-06-22 11:55:17 -07:00
Corey Bryant 50b51c6f75 Connect admin/public ports to correct sockets
The admin port was connecting to the public socket and the public
port was connecting to the admin socket to communicate with uwsgi.
The config is updated to connect the correct ports and sockets.

Thanks to David Ames <david.ames@canonical.com> for figuring this
out.

Change-Id: I3a909a0982513923c35ab4103b6eee57753b0595
2017-06-22 15:34:30 +00:00
Corey Bryant 9d491f55a8 Switch back to strict confinement
The following are included in the switch to strict confinement:
* Set snapcraft.yaml confinement to strict and restore/update plugs
* Drop building of python as it's not required for strict snaps
* Patch setgroups from ngnix since it's not covered by a plug
* Switch back to running apps under root
* Build libxml into snap

Change-Id: I3f73f79844728ffc8e12632e14595e1cd7c375cf
2017-06-22 00:30:20 +00:00
Corey Bryant 5b57aeb0fc Patch (_COMMON) dirs into oslo.config defaults
Change-Id: If14550c64462c36417bb95ce1a27f957c2a73bb8
2017-06-21 20:25:40 +00:00
Corey Bryant 7405d57bfc Switch from conf.d to <project>.conf.d
This aligns with the extension that oslo.config expects.

Change-Id: I3ab06df832857ee3ceb649f45e1ecd39d7c6d774
2017-06-14 15:27:50 +00:00
Corey Bryant de08688212 Enable override of config files
Enable the ability for default config files to be overridden for each
entry point type (simple, uwsgi, and nginx).

Also refresh the README while documenting how default config files can
be overridden.

Change-Id: I2b2479df2ca93eb6b82d115efafb62081e6e28c2
2017-06-05 13:56:07 +00:00
Corey Bryant f3614a9776 Drop copyfiles for nginx
Drop copyfiles from snap-openstack.yaml for nginx, and modify the nginx
template files such that we can install them in $SNAP_COMMON while pointing
them at additional default config files in $SNAP.

Change-Id: I82c71c0ca25385eccbffee38a80a31a5b6275608
2017-05-24 18:16:51 -04:00
Jenkins c30e9203b2 Merge "Use keystone.conf from both SNAP and SNAP_COMMON" 2017-05-19 08:56:49 +00:00
Jenkins 5b78a19ccd Merge "Add alias for keystone-manage" 2017-05-19 08:55:08 +00:00
Corey Bryant 91aabb8aa8 Use keystone.conf from both SNAP and SNAP_COMMON
As part of this change, the pyargv uwsgi option is dynamically
created. This is needed because specifying hard-coded config
files via the uwsgi pyargv option caused failures when a file
didn't exist. Now, when dynamically creating pyargv, if an
OpenStack config file doesn't exist, it won't be added.

This change requires that the uwsgi templated configuration be
rendered as part of the entry point, rather than globally for
the snap.

Change-Id: I99541fbf1292a3a4d118c0a8da8dd34891337c88
2017-05-19 09:21:17 +01:00
Corey Bryant c10ad0d9eb Drop privileges when running commands
Drop privileges to a regular user when running commands defined
by this snap. In most cases this is done prior to executing the
command.

NGINX is an exception in that the command will be run as root,
allowing the the master process to bind to ports. The nginx.conf
template is configured to then drop privileges for worker processes,
which do all work, such as handling network connections, r/w to
disk, and communication with servers.

Change-Id: If9bf24fc65412b90b8b1890944a469de23888c32
2017-05-18 16:12:11 +00:00
Corey Bryant e1ddca5d4e Compile nginx from source
Compile nginx from source and cleanup nginx.conf template.

Change-Id: Ia42574c3e54ca5bb1c51738367522e658d84f040
2017-05-18 15:29:20 +00:00
James Page 61d1a258c4 Add alias for keystone-manage
Add alias for the keystone-manage command to be inline with
actual command naming and documentation.

Change-Id: If04c1d168a0001a777b56aafeb17e6f16427a0af
2017-05-03 17:38:40 -04:00
Corey Bryant dd8b5372c4 Add mysqldb deps as they can be referenced by sqlalchemy
Change-Id: I484df42987328b4b76a3485a2cac5ec9ed23e459
2017-05-03 15:33:08 +00:00
Corey Bryant cbd06671b6 Add sqlite deps as they can be referenced by sqlalchemy
Change-Id: I97892f2dadd4504d14c95c08c80bc028fd295df0
2017-05-02 12:32:49 +00:00
Corey Bryant 3bed732c4e Base this snap on stable Ocata tar file
Change-Id: I3c1ae531222a53365643f32299cefafff7d2ef18
2017-05-02 12:30:17 +00:00
Corey Bryant 2cec474532 Go back to installing files to SNAP_COMMON
The install setup key is dropped, and SNAP_COMMON is used as the
root directory where setup dirs, templates, and copyfiles are
installed. This aligns better with how snaps should behave.

Change-Id: I6a7b60ad22739bca55a556d936731f37788f623e
2017-04-21 21:04:53 +00:00
Corey Bryant afc99a1e8c Compile python and drop environment dictionary
Classic python snaps require python to be compiled from source.
Additionaly, move away from using the environment dictionary
until it is fully supported by snapd. Finally, use a fixed python
path in order to get the correct site-specific config.

These changes were recommended in the following bug:
https://bugs.launchpad.net/snapcraft/+bug/1675479

Change-Id: I61be2595bd063f9d7605450e556066b9d72cc90f
2017-04-21 11:40:31 +00:00
Corey Bryant 8d576d0abb Add LD_LIBRARY_PATH to access snap's DLLs
When this snap is built on xenial, ngnix is unable to find libgd.so.3.
Updating LD_LIBRARY_PATH to include the path to libgd.so.3 fixes this.

Change-Id: I1920e84b4888369d56bd46869381c9649934a311
2017-04-19 14:25:57 +00:00
Corey Bryant 9d6d47d1c4 Touch namespace package __init__.py files
This is a work-around for https://bugs.launchpad.net/bugs/1675479,
where namespace packages aren't installed correctly.

Change-Id: If97986f63e666047f9cf482825ada4acbd6808ac
2017-04-19 14:12:23 +00:00
Corey Bryant 136d93f924 Isolate nginx/uwsgi files to unique directories
There will be multiple OpenStack snaps that have their own nginx/uwsgi files,
such as nginx.conf template, systemd unit files, pid files, log files, and
more. This change isolates the keystone directories for nginx and uwsgi so
that they won't conflict with other OpenStack snaps that use nginx and uwsgi.

Change-Id: Ia558bed548580f4b82a85b65ec029fd534334e2c
2017-04-05 20:09:42 +00:00
Corey Bryant aa96f0f0bc Add uwsgi+nginx API support
With this patch we use nginx as the web server for API requests,
and continue to run the keystone API wsgi apps under uwsgi.

Change-Id: I637daec2424ef4c377dac249fcc03f43db70a2fe
2017-04-05 12:21:31 +00:00
Corey Bryant 3394be995d Add install setup key and drop symlinks
The install setup key is introduced to determine the root directory
where setup dirs, templates, and copyfiles are installed. We set
the install key to 'classic' in snap-openstack.yaml, which results
in using / as the root directory. This is used in favor of symlinks
which are dropped in this change.

Additionally PYTHONPATH is updated as that is required in later
snapcraft versions, and /etc/keystone/keystone.conf.d is moved
to /etc/keystone/conf.d to align with the other OpenStack snaps.

Change-Id: I62ba36d6f3efd3493a8e268bf1babfe232b41764
2017-04-03 17:27:02 +00:00
Corey Bryant e62cd74e7e Switch to classic confinement
Classic confinement allows the snap to behave like a traditionally
packaged application with full access to the system, and enables the
use of traditional directories such as /etc and /var/log.

We will continue to store all of the snap's files in $SNAP* directories.
This enables the snap to cleanup after itself if it is removed. However,
traditional directory locations are symlinked to their corresponding
$SNAP* directories.

For example, keystone configs are installed in $SNAP_COMMON/etc/keystone
which has a symlink at /etc/keystone.

The keystone apps then use the traditional directories when running
commands and services.

Change-Id: Ib33d958adab660a092110c4beae928dc9661d0c6
2017-03-16 15:22:38 +00:00
James Page 8264c3bcaf Drop secure_proxy_ssl_header default option
This option is deprecated for removal, and the default behaviour
from >= mitaka is OK.

Change-Id: Ib0bf9573b97a1eeb78a0f24e17407f3811d0004b
2017-01-04 11:27:17 +00:00
Corey Bryant 9f6787c1f4 Log file updates for keystone and uwsgi
Enable the uwsgi log file in snap-openstack.yaml and enable the keystone
log file in the uwsgi templates.

Update bindep and requirements to use snapcraft from packages until
fully installable from git source.

Change-Id: I6342254a5ebd322e430ea90df5f7ec2d29ae6704
2017-01-04 09:17:03 +00:00
James Page 021c395f2a Revert "Update uwsgi templates - disable lazy-apps and thunder-lock"
This reverts commit 62940860eb.
2016-12-01 10:24:27 +00:00
James Page 62940860eb Update uwsgi templates - disable lazy-apps and thunder-lock 2016-12-01 09:19:13 +00:00
James Page 13f93aabe4 Hygiene tidy 2016-11-24 16:33:10 +00:00
James Page 5f03bd2306 Rename uwsgi->api service 2016-11-21 18:05:26 +00:00
James Page afa09086cc Baseline standalone snap 2016-11-21 15:07:30 +00:00