dnspython, as of 2.5.0, has switched to hatchling (from poetry) for
module installation. For source based reactive charms, this means that
the calver and hatchling dependencies need to be present in the
wheelhouse of the built charm for it to install.
Change-Id: Ie9fb6ff19753cfb9c61f8027c9dee47dfb9739fd
This change adds the haproxy options if defined by the
charm class to enable HTTP checks to the HAProxy
configuration, instead of the default TCP connection
checks.
options.ssl check if the environment is using http or
https mode. We disable certificate verification because
we are only interested in the health of the service.
Fix for tox4 compability
Closes-Bug: #1880610
Change-Id: Ie091fdfe560b6a060f0c29c6b92a99f5e564eddf
The commit f9a11fd unpinned dnspython, the newer version of it requires
poetry-core to be built and 'pip download' doesn't capture that
requirement. Some charms have been migrated to binary charms, but not
all of them have been migrated, this change gives those more time to
transition.
Change-Id: I0656d8a902eeede56fe0315a9db782b1c707c26c
Commit 1a2962cd69 pinned dnspython
in order to retain Python 3.5 (Trusty/Xenial) support.
Since then, the aforementioned releases has gone EOL and our
charms no longer support them.
This pin is now prohibiting foreward movement into Python 3.10
on Jammy and as such we should remove it.
Closes-Bug: #1989066
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Change-Id: Ifb2c807e6522a314f667b8b29094888132d4e4bb
Tempita should be removed as much as possible and having it in a
low level layer like this causes it to be installed in charms
which do not require it.
Change-Id: I7d06601ff4c316cf4325196116b10e108dc17eed
The certificate handler code does a bit of work and should not
run during the update-status hook.
As documented in the charms.reactive dispatch [0] function
handlers registered with the @hook decorator will execute before
other handlers. So we can rely on the 'is-update-status-hook'
flag being consistently set when in update-status hook before
other handlers are evaluated for dispatch.
0: 3d27f3d24a/charms/reactive/bus.py (L325)
Closes-Bug: #1954748
Change-Id: I4a3aa544f98049c83db576f95de826038e8e1afc
The previous config didn't actually log anything, and it has been fixed
for classic OpenStack API charms through charm-helpers. We need to
update layer-openstack as well to reflect those changes to reactive
OpenStack API charms.
Closes-Bug: #1697002
Related-Bug: #1940037
Change-Id: I523369673471f63346428f7f739a2429aa5084b3
Apache2's default value for KeepAliveTimeout is 5 seconds, which is okay
for general web-page serving use cases. However, sessions and connection
pools created by keystoneauth1.session.Session can be terminated
unnecessarily during multiple API calls in a session due to the short
KeepAliveTimeout.
Let's ease KeepAliveTimeout to 75 seconds, which is fairly standard for
API services behind a reverse proxy since it's the default value of
nginx.
Closes-Bug: #1947010
Change-Id: I752a836676d895ef783362810ed6764980e8574b
Osci runs the CI jobs on Bionic, this version of tox (2.5) will
automatically upgrade the packages at virtualenv creation and any
pinning won't have effect since the virtualenv created is upgraded to
the latest versions of pip and setuptools. This behavior was changed in
tox 3.10 with the addition of the 'download' directive[0]
Setuptools 58.0 dropped the support for use_2to3=true which is needed to
install blessings (an indirect dependency of charm-tools) since then
the gate got broken.
This is similar to:
https://github.com/openstack-charmers/release-tools/pull/156https://github.com/openstack-charmers/release-tools/pull/157
Change-Id: I7f22cd744a7aa5747cca49f094a5efd041481a80
Co-authored-by: Felipe Reyes <felipe.reyes@canonical.com>
When actions are run the reactive run_at{start,exit} methods are not
implicit run. This means that some data associated with endpoints
is missing. For example reactive.Endpoint.all_joined_units is always
None.
Change-Id: I565fb534612a06d76e6688ed4f06ad64bc42e512
For principal - subordinate plugin type relations where the
principal Python payload imports code from packages managed by a
subordinate, upgrades can be problematic.
This change will allow a subordinate charm that have opted into the
feature to inform its principal about all implemented release -
packages combinations ahead of time. With this information in place
the principal can do the upgrade in one operation without risk of
charm relation RPC type processing at a critical moment.
Related-Bug: #1806111
Change-Id: I2df0abed25825448569581273aee4e79a6003dad
Currently the template hardcodes the `project_name` to `services`
which is not necessarily correct. Instead the template should use the
`identity_service.service_tenant`.
Closes-Bug: #1908945
Signed-off-by: Nicolas Bock <nicolas.bock@canonical.com>
Change-Id: Idd2a7c436f5448505bdfe5a53738a8e2071ed272
The last update was 2016, and it's time to drop TLSv1 and TLSv1.1 as the
base configuration recommended by Mozilla.
https://wiki.mozilla.org/Security/Server_Side_TLS
This is equivalent to a charm-helper's change:
27d6ceb385
Change-Id: Ic7c3751d5cfce33517072bfca865e03f6f84f423
Closes-Bug: #1886630
This flag is to enable charms.openstack / layer-openstack charms to have
a way to determine if the current hook is update-status from a flag. By
being a flag, it means that charm reactive handler code doesn't have to
check for the the hook in every handlers, but can declare "don't run
this if it's an update-status hook". The flag is guaranteed to not be
set during a not update-status hook (in that, if it is set, then it gets
cleared and the handlers can therefore run), or to be set during an
update-status hook. To speed things up, the code also removes the flag
at the end of the update-status handler.
The intended use of this flag is to guard 'expensive' handlers from
being run during update-status.
Change-Id: I7ca97db646ada95d7f5541ca4e2cf14013c0d7a6
When debugging a charm uprade issue with ovn_chassis, it was noticed
that the upgrade hook failed as the concrete charm class wasn't
found and instantiated. This patchset ensures that the concrete charm
class is found and thus can be instantiated.
Change-Id: Ic9cdc2f470e4c7e1f6fc17a4d6246ca79fc48bd7
The placement config may be useful among more than one charm as
more services start to use the placement service. This patch adds
a single source of placement sectional config.
Change-Id: Id99e750f7b43dd0c893790eaa6fb79f7ce064f12
Related-Bug: 1850691
These where moved up to this layer from ``layer-openstack-api``,
removal counterpart: I007275c041ca5465664a6b5d441e56c0316c405d
Guard the default handlers behind check for
'charms.openstack.do-default-certificates.available' flag. This
flag is activated when the consumer charm makes a call to
charm.use_defaults('certificates.available') from its reactive
handler. Previously it was always activated for all consumers of
the ``openstack-api`` layer, it should be up to the charm
implementation to choose.
We do not add back ``layer-tls-client``, the reason being that
the reactive bits in ``layer-openstack`` in conjunction with
helpers in ``charms.openstack`` is managing both the server and CA
certificates and rely on the same flags to detect changes.
If we one day offload those tasks to the ``layer-tls-client``
we should add it back in conjunction with removing our code for
this. At the time of this writing it would not be possible as
``layer-tls-client`` is not spaces aware.
With the above mentioned change we can stop relying on the now
deprecated ``certificates.batch.cert.available`` flag.
We also do not add back the Keystone certificates handling code
as this has been removed from the Keystone charm reference:
openstack/charm-keystone/commit/17b24e7fde8e4c8c276a4f392cbae0d1d0ed2615
Needed-By: I007275c041ca5465664a6b5d441e56c0316c405d
Needed-By: I8a72acd451dd21e1b042b7f71f6d98e164737ac1
Closes-Bug: #1840899
Change-Id: I12f45236632b608e07fdd35d31b90b84ca92eb1f
- removing sitepackages in tox.ini to avoid test env pollution
- skip_missing_interpreters in tox.ini set to False to avoid false
positives by skipping missing interpreters.
Change-Id: I370fbffa06544c66fcae7a24b15f37b01cbd7d7a
Add empty series list to metadata.yaml to get around charm-tools
now mandating a series list to be present.
This list will always be overridden by charms but building the
layer is part of our gate and we need to unblock it.
Update tox basepython, the build will no longer succeed in the gate
with py27.
Change-Id: If81441d5fb0ed3b8819c4a2814dc20c5e47a8eff
Move workdir to avoid charm build error in gate test. Move built
artifact back so CI can inspect it. (The layer build-only job in
CI should get an update to cope with this itself)
Change-Id: Icee40b83e6924a6adc9ee1f97eff04522121d5fa
Closes-Bug: #1823729
Add a default handler for storage-backend relation. This is part
of the work to push cinder plugin bolierplate code into supporting
layers.
Change-Id: Icad5f72939b1e33d15adf2638f8e344235a9318b
Current versions of OpenStack use the transport url rather than
rabbit_hosts and various other configuration settings.
Adding a new template for transport url and current
oslo-messaging-rabbit settings.
Allow the setting ssl_ca at the OpenStack principle layer.
Depends-On: Ie17b481bce3e3bfdf71b15ca7667f8688739d608
Change-Id: I6bb56a59cd65310d644aa25ae203996b22ec4b4e
Partial-Bug: #1807233
Adds an action to charms to trigger a service restart.
Depends-On: Ic3521c08cdaa207e1391a32e03e53b276c51b309
Change-Id: I1d509d0bc2c3fb77348edef6810fcdc30cdc9ab8
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.
We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.
We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.
Change-Id: I360fc2d49b9e737fd36442ac291a1f532f98b3e7
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Add generic action code that utilises charms_openstack.bus.discover()
so that the top level charm does not need to make any changes to
inherit generic actions.
Change-Id: I8b3422b915e2477d936e5cdd2d883c6815487577
The current implementation forces a charm to define its own
pause/resume actions and charm lint will fail if they do not. This
breaks charms in an unpleasant way so instead work is ongoing
to make pause/resume code standalone in this layer. For the moment
backout actions to unbreak charms.
Change-Id: I04f313097f632d7fa89e1734b966d12bda21656c
Add pause and resume actions to the Openstack charms. To use these
actions the charm author needs to add an os_actions.py file (which
imports the charm class) and needs to create action symlinks.
Change-Id: Ib882a506b8de6588c556187d526a4028586e5217
This is a mechanically generated patch to complete step 1 of moving
the zuul job settings out of project-config and into each project
repository.
Because there will be a separate patch on each branch, the branch
specifiers for branch-specific jobs have been removed.
Because this patch is generated by a script, there may be some
cosmetic changes to the layout of the YAML file(s) as the contents are
normalized.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I7edc286297023c066d496ce77de72dfd6c2b9ef9
Story: #2002586
Task: #24317
Ensure that oslo.middleware parses any proxy information
forwarded from haproxy/apache with regards to protocol;
this ensures that https connections are correctly detected.
Change-Id: I16a9e8a74cdf6c56ad64902343f79b0ed51ccb6f
Closes-Bug: 1758675
Hard coded default domain causes problem sometimes
Adding code for supporting service_domain
Please note that each charm using
layer openstack charm also need to be fixed
if you want to use service_domain instead of default
Change-Id: I1d56359a64c23019151c9c9186ca0c7374735536
This is due to bug 1767328, which is due to setuptools_scm using
the 'git' command to find the version number when charms.openstack
is installed (via the wheelhouse.txt) from git+https://...
This only happens on trusty as xenial+ already have git installed.
The script only tries to install git once and then uses a local
flag file to stop it trying thereafter on every hook.
Change-Id: I8a7daa0fff3d5bc7b11f70cde246975987c7cb66
Closes-Bug: #1767328