Commit Graph

127 Commits

Author SHA1 Message Date
Alex Kavanagh 7c671b0696 Add calver abd hatchling dependencies for dnspython>=2.5.0
dnspython, as of 2.5.0, has switched to hatchling (from poetry) for
module installation. For source based reactive charms, this means that
the calver and hatchling dependencies need to be present in the
wheelhouse of the built charm for it to install.

Change-Id: Ie9fb6ff19753cfb9c61f8027c9dee47dfb9739fd
2024-02-08 12:22:22 +00:00
Gabriel Cocenza 1c9e662d78 Add support for HAProxy L7 checks
This change adds the haproxy options if defined by the
charm class to enable HTTP checks to the HAProxy
configuration, instead of the default TCP connection
checks.

options.ssl check if the environment is using http or
https mode. We disable certificate verification because
we are only interested in the health of the service.

Fix for tox4 compability

Closes-Bug: #1880610
Change-Id: Ie091fdfe560b6a060f0c29c6b92a99f5e564eddf
2023-02-03 18:19:20 -03:00
Felipe Reyes 8b31ef19e4 Add poetry-core to build dnspython
The commit f9a11fd unpinned dnspython, the newer version of it requires
poetry-core to be built and 'pip download' doesn't capture that
requirement. Some charms have been migrated to binary charms, but not
all of them have been migrated, this change gives those more time to
transition.

Change-Id: I0656d8a902eeede56fe0315a9db782b1c707c26c
2022-10-20 22:15:04 -03:00
Frode Nordahl f9a11fde2e
Unpin dnspython
Commit 1a2962cd69 pinned dnspython
in order to retain Python 3.5 (Trusty/Xenial) support.

Since then, the aforementioned releases has gone EOL and our
charms no longer support them.

This pin is now prohibiting foreward movement into Python 3.10
on Jammy and as such we should remove it.

Closes-Bug: #1989066
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Change-Id: Ifb2c807e6522a314f667b8b29094888132d4e4bb
2022-09-08 09:16:43 +02:00
Liam Young 79dbe21f57 Remove Tempita as it is unsupoorted
Tempita should be removed as much as possible and having it in a
 low level layer like this causes it to be installed in charms
which do not require it.

Change-Id: I7d06601ff4c316cf4325196116b10e108dc17eed
2022-08-04 16:55:45 +00:00
Edward Hope-Morley e0f700eacb Add service_type to keystone template
Related-Bug: #1965967
Change-Id: I7c27d404b042eb2bef09e25ca24ac9c093709172
2022-04-01 12:07:40 +01:00
Liam Young 3fa6597d17 Pin Tempita to fix build error
Change-Id: I1139634986a88d6810d880174919a3e5389dddf6
2022-03-31 12:01:59 +00:00
Frode Nordahl 93bc9e1837
Do not execute certificate handlers in update-status hook
The certificate handler code does a bit of work and should not
run during the update-status hook.

As documented in the charms.reactive dispatch [0] function
handlers registered with the @hook decorator will execute before
other handlers.  So we can rely on the 'is-update-status-hook'
flag being consistently set when in update-status hook before
other handlers are evaluated for dispatch.

0: 3d27f3d24a/charms/reactive/bus.py (L325)

Closes-Bug: #1954748
Change-Id: I4a3aa544f98049c83db576f95de826038e8e1afc
2021-12-14 11:48:39 +01:00
Nobuto Murata 5999eeaa5d Align haproxy logging config with charm-helpers
The previous config didn't actually log anything, and it has been fixed
for classic OpenStack API charms through charm-helpers. We need to
update layer-openstack as well to reflect those changes to reactive
OpenStack API charms.

Closes-Bug: #1697002
Related-Bug: #1940037
Change-Id: I523369673471f63346428f7f739a2429aa5084b3
2021-10-15 18:14:15 +09:00
Nobuto Murata 1ff51a9bf3 Ease KeepAliveTimeout in line with keystoneauth1.session.Session
Apache2's default value for KeepAliveTimeout is 5 seconds, which is okay
for general web-page serving use cases. However, sessions and connection
pools created by keystoneauth1.session.Session can be terminated
unnecessarily during multiple API calls in a session due to the short
KeepAliveTimeout.

Let's ease KeepAliveTimeout to 75 seconds, which is fairly standard for
API services behind a reverse proxy since it's the default value of
nginx.

Closes-Bug: #1947010
Change-Id: I752a836676d895ef783362810ed6764980e8574b
2021-10-14 09:50:25 +09:00
Aurelien Lourot 4793ceba5f Wrap pip to force pip<20.3 and setuptools<50.0.0
Osci runs the CI jobs on Bionic, this version of tox (2.5) will
automatically upgrade the packages at virtualenv creation and any
pinning won't have effect since the virtualenv created is upgraded to
the latest versions of pip and setuptools. This behavior was changed in
tox 3.10 with the addition of the 'download' directive[0]

Setuptools 58.0 dropped the support for use_2to3=true which is needed to
install blessings (an indirect dependency of charm-tools) since then
the gate got broken.

This is similar to:
https://github.com/openstack-charmers/release-tools/pull/156
https://github.com/openstack-charmers/release-tools/pull/157

Change-Id: I7f22cd744a7aa5747cca49f094a5efd041481a80
Co-authored-by: Felipe Reyes <felipe.reyes@canonical.com>
2021-10-13 10:15:47 +02:00
Liam Young 207bac8bec Ensure endpoints are populated within actions
When actions are run the reactive run_at{start,exit} methods are not
implicit run. This means that some data associated with endpoints
is missing. For example reactive.Endpoint.all_joined_units is always
None.

Change-Id: I565fb534612a06d76e6688ed4f06ad64bc42e512
2021-05-11 08:06:09 +00:00
Frode Nordahl ba152d41b4
Publish releases packages map to opt-in endpoints
For principal - subordinate plugin type relations where the
principal Python payload imports code from packages managed by a
subordinate, upgrades can be problematic.

This change will allow a subordinate charm that have opted into the
feature to inform its principal about all implemented release -
packages combinations ahead of time. With this information in place
the principal can do the upgrade in one operation without risk of
charm relation RPC type processing at a critical moment.

Related-Bug: #1806111
Change-Id: I2df0abed25825448569581273aee4e79a6003dad
2021-03-22 13:49:32 +01:00
Nicolas Bock 91e6caf3be
Use the project_name from the identity_service
Currently the template hardcodes the `project_name` to `services`
which is not necessarily correct. Instead the template should use the
`identity_service.service_tenant`.

Closes-Bug: #1908945
Signed-off-by: Nicolas Bock <nicolas.bock@canonical.com>
Change-Id: Idd2a7c436f5448505bdfe5a53738a8e2071ed272
2020-12-23 10:28:14 -07:00
Nobuto Murata 0a24820971 Refresh cipher suites and protocols
The last update was 2016, and it's time to drop TLSv1 and TLSv1.1 as the
base configuration recommended by Mozilla.
https://wiki.mozilla.org/Security/Server_Side_TLS

This is equivalent to a charm-helper's change:
27d6ceb385

Change-Id: Ic7c3751d5cfce33517072bfca865e03f6f84f423
Closes-Bug: #1886630
2020-08-24 11:37:22 +09:00
Zuul 8f80afe8c3 Merge "Add a 'is-update-status-hook' flag to the layer" 2020-08-21 10:41:16 +00:00
Alex Kavanagh 49b1075506 Add a 'is-update-status-hook' flag to the layer
This flag is to enable charms.openstack / layer-openstack charms to have
a way to determine if the current hook is update-status from a flag.  By
being a flag, it means that charm reactive handler code doesn't have to
check for the the hook in every handlers, but can declare "don't run
this if it's an update-status hook".  The flag is guaranteed to not be
set during a not update-status hook (in that, if it is set, then it gets
cleared and the handlers can therefore run), or to be set during an
update-status hook.  To speed things up, the code also removes the flag
at the end of the update-status handler.

The intended use of this flag is to guard 'expensive' handlers from
being run during update-status.

Change-Id: I7ca97db646ada95d7f5541ca4e2cf14013c0d7a6
2020-08-20 14:17:56 +01:00
Aurelien Lourot 1a2962cd69 Fix installation of dnspython on python 3.5
Change-Id: I1e75e11a08d7446efbbc464004d44e31413fbecf
Closes-Bug: #1888225
2020-07-21 11:19:21 +02:00
Frode Nordahl 99932f1aeb
Do not run config.rendered handlers when paused
Change-Id: Ie55422148e2824a30af51ffc121f88380bade06f
Closes-Bug: #1885121
2020-06-25 15:38:59 +02:00
Ghanshyam Mann 117ca6b979 [ussuri][goal] Updates for python 2.7 drop
OpenStack is dropping the py2.7 support in ussuri cycle.

charm repos need few updates on either py2 drop or updating
ussuri python template, tox.ini etc.

Complete discussion & schedule can be found in
- http://lists.openstack.org/pipermail/openstack-discuss/2019-October/010142.html
- https://etherpad.openstack.org/p/drop-python2-support

Ussuri Communtiy-wide goal:
https://governance.openstack.org/tc/goals/selected/ussuri/drop-py27.html

Change-Id: Iff776d6f2cc57d7c37021e7e6966e65a96f1ba9e
2020-02-27 22:30:27 -06:00
Alex Kavanagh 30166f7835 Ensure that concrete charm class is found for default handlers
When debugging a charm uprade issue with ovn_chassis, it was noticed
that the upgrade hook failed as the concrete charm class wasn't
found and instantiated.  This patchset ensures that the concrete charm
class is found and thus can be instantiated.

Change-Id: Ic9cdc2f470e4c7e1f6fc17a4d6246ca79fc48bd7
2020-01-30 14:04:05 +00:00
Zuul c793703259 Merge "Add list of files to exclude on layer consumption" 2019-12-19 12:33:47 +00:00
Frode Nordahl 90eb19ec97
Add default handler for ``config.rendered`` state
Depends-On: I5b8839dc875e413ce3c6611f540fb4919ae86d70
Change-Id: I510efbcc2d8b889fe5c41679c8ab391bf1374bd4
Closes-Bug: #1854313
2019-11-28 08:49:52 +01:00
Frode Nordahl 42f82ffaa8
Add list of files to exclude on layer consumption
Change-Id: I4791f29f850e809a35c40b562e018a2f743e22d1
Closes-Bug: #1852424
2019-11-13 14:05:18 +01:00
Corey Bryant c44ae96eff Add section-placement
The placement config may be useful among more than one charm as
more services start to use the placement service. This patch adds
a single source of placement sectional config.

Change-Id: Id99e750f7b43dd0c893790eaa6fb79f7ce064f12
Related-Bug: 1850691
2019-10-31 18:50:23 +00:00
Zuul 34af2ff514 Merge "Add default certificates relation handlers" 2019-09-03 06:46:01 +00:00
Frode Nordahl 1df85ff800
Add default certificates relation handlers
These where moved up to this layer from ``layer-openstack-api``,
removal counterpart: I007275c041ca5465664a6b5d441e56c0316c405d

Guard the default handlers behind check for
'charms.openstack.do-default-certificates.available' flag.  This
flag is activated when the consumer charm makes a call to
charm.use_defaults('certificates.available') from its reactive
handler.  Previously it was always activated for all consumers of
the ``openstack-api`` layer, it should be up to the charm
implementation to choose.

We do not add back ``layer-tls-client``, the reason being that
the reactive bits in ``layer-openstack`` in conjunction with
helpers in ``charms.openstack`` is managing both the server and CA
certificates and rely on the same flags to detect changes.

If we one day offload those tasks to the ``layer-tls-client``
we should add it back in conjunction with removing our code for
this.  At the time of this writing it would not be possible as
``layer-tls-client`` is not spaces aware.

With the above mentioned change we can stop relying on the now
deprecated ``certificates.batch.cert.available`` flag.

We also do not add back the Keystone certificates handling code
as this has been removed from the Keystone charm reference:
openstack/charm-keystone/commit/17b24e7fde8e4c8c276a4f392cbae0d1d0ed2615

Needed-By: I007275c041ca5465664a6b5d441e56c0316c405d
Needed-By: I8a72acd451dd21e1b042b7f71f6d98e164737ac1
Closes-Bug: #1840899
Change-Id: I12f45236632b608e07fdd35d31b90b84ca92eb1f
2019-08-29 12:44:49 +02:00
Camille Rodriguez 72b4ea469e Avoid pollution and false positives with tox.ini
- removing sitepackages in tox.ini to avoid test env pollution
- skip_missing_interpreters in tox.ini set to False to avoid false
positives by skipping missing interpreters.

Change-Id: I370fbffa06544c66fcae7a24b15f37b01cbd7d7a
2019-08-27 09:56:57 -04:00
Frode Nordahl aa5bc57aea
Update layer wheelhouse with common dependencies
Add empty series list to metadata.yaml to get around charm-tools
now mandating a series list to be present.

This list will always be overridden by charms but building the
layer is part of our gate and we need to unblock it.

Update tox basepython, the build will no longer succeed in the gate
with py27.

Change-Id: If81441d5fb0ed3b8819c4a2814dc20c5e47a8eff
2019-08-21 16:11:42 +02:00
OpenDev Sysadmins 5b0928f669 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:33:01 +00:00
Frode Nordahl 15c2ae30bb
Use ``uri`` property
Move workdir to avoid charm build error in gate test.  Move built
artifact back so CI can inspect it. (The layer build-only job in
CI should get an update to cope with this itself)

Change-Id: Icee40b83e6924a6adc9ee1f97eff04522121d5fa
Closes-Bug: #1823729
2019-04-08 20:15:17 +02:00
Liam Young bfda016be4 Add default handler for storage-backend
Add a default handler for storage-backend relation. This is part
of the work to push cinder plugin bolierplate code into supporting
layers.

Change-Id: Icad5f72939b1e33d15adf2638f8e344235a9318b
2019-01-11 14:10:50 +00:00
David Ames cb4d058c0b Update deprecated rabbitmq messaging configuration
Current versions of OpenStack use the transport url rather than
rabbit_hosts and various other configuration settings.

Adding a new template for transport url and current
oslo-messaging-rabbit settings.

Allow the setting ssl_ca at the OpenStack principle layer.

Depends-On: Ie17b481bce3e3bfdf71b15ca7667f8688739d608
Change-Id: I6bb56a59cd65310d644aa25ae203996b22ec4b4e
Partial-Bug: #1807233
2018-12-06 11:35:40 -08:00
Liam Young 701cf8d2c4 Add action to restart services
Adds an action to charms to trigger a service restart.

Depends-On: Ic3521c08cdaa207e1391a32e03e53b276c51b309
Change-Id: I1d509d0bc2c3fb77348edef6810fcdc30cdc9ab8
2018-11-30 15:36:26 +00:00
Zuul c3cc2414ce Merge "fix tox python3 overrides" 2018-11-02 08:25:01 +00:00
Liam Young 595f4fca1b Enable series upgrade
Change-Id: Ib7b914d6e70d632ca1d505c5d16f53ac3c2a73a5
2018-09-28 15:02:42 +00:00
Doug Hellmann 9a3807eeb3 fix tox python3 overrides
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.

We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.

We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.

Change-Id: I360fc2d49b9e737fd36442ac291a1f532f98b3e7
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
2018-09-26 18:39:32 -04:00
Liam Young 8b39ad9763 Remove the 'debug' action
Remove the 'debug' action which was introduced in error.

Change-Id: I3c512084f9bfc7420c05a019ec15936fb9c85700
2018-09-20 15:40:58 +00:00
Liam Young 7fa96de883 Add generic action code.
Add generic action code that utilises charms_openstack.bus.discover()
so that the top level charm does not need to make any changes to
inherit generic actions.

Change-Id: I8b3422b915e2477d936e5cdd2d883c6815487577
2018-09-20 13:00:04 +00:00
Liam Young 36ab4e52cd Backout actions.yaml as a tactical fix.
The current implementation forces a charm to define its own
pause/resume actions and charm lint will fail if they do not. This
breaks charms in an unpleasant way so instead work is ongoing
to make pause/resume code standalone in this layer. For the moment
backout actions to unbreak charms.

Change-Id: I04f313097f632d7fa89e1734b966d12bda21656c
2018-09-20 07:00:42 +00:00
Liam Young 91caccf8e5 Pause/Resume action for reactive charms
Add pause and resume actions to the Openstack charms. To use these
actions the charm author needs to add an os_actions.py file (which
imports the charm class) and needs to create action symlinks.

Change-Id: Ib882a506b8de6588c556187d526a4028586e5217
2018-09-18 11:26:13 +00:00
Doug Hellmann d6c8112a71 import zuul job settings from project-config
This is a mechanically generated patch to complete step 1 of moving
the zuul job settings out of project-config and into each project
repository.

Because there will be a separate patch on each branch, the branch
specifiers for branch-specific jobs have been removed.

Because this patch is generated by a script, there may be some
cosmetic changes to the layout of the YAML file(s) as the contents are
normalized.

See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html

Change-Id: I7edc286297023c066d496ce77de72dfd6c2b9ef9
Story: #2002586
Task: #24317
2018-09-11 13:15:14 -04:00
Zuul 7161d3e341 Merge "fix a typo in layer_openstack.py" 2018-07-12 17:05:41 +00:00
Zuul 2fc0f3e898 Merge "Support service_domain for reactive charm" 2018-07-12 16:08:19 +00:00
Nguyen Van Duc 4185336cf6 Add py36 testenv
Python 3.6 is installed by default in Ubuntu 18.04 LTS.
Therefore, according to Transition Plan [1],
it'll be handy to have py36 testenv.

For more details, please check Python2 Deprecation Timeline [2]
and Python3-first Goal - Completion Criteria [3].

[1] https://wiki.ubuntu.com/Python/Python36Transition
[2] https://governance.openstack.org/tc/resolutions/20180529-python2-deprecation-timeline.html
[3] https://review.openstack.org/#/c/575933/8/goals/stein/python3-first.rst@42

Change-Id: I9ef19ce60935999b386165f51a83b6be9714266e
2018-07-12 16:15:21 +07:00
Nobuto Murata 2d4e6c8fa5 Enable proxy header parsing
Ensure that oslo.middleware parses any proxy information
forwarded from haproxy/apache with regards to protocol;
this ensures that https connections are correctly detected.

Change-Id: I16a9e8a74cdf6c56ad64902343f79b0ed51ccb6f
Closes-Bug: 1758675
2018-06-28 13:10:00 +09:00
Seyeong Kim 2de0033f2a Support service_domain for reactive charm
Hard coded default domain causes problem sometimes
Adding code for supporting service_domain
Please note that each charm using
layer openstack charm also need to be fixed
if you want to use service_domain instead of default

Change-Id: I1d56359a64c23019151c9c9186ca0c7374735536
2018-06-27 15:25:51 +09:00
melissaml 0379563ca4 fix a typo in layer_openstack.py
Change-Id: I66a8321b1f4686c06692f4db0e89f4071a855f2e
2018-05-24 16:02:13 +08:00
Alex Kavanagh ff5f2d22ed Ensure git is installed for all reactive openstack charms
This is due to bug 1767328, which is due to setuptools_scm using
the 'git' command to find the version number when charms.openstack
is installed (via the wheelhouse.txt) from git+https://...

This only happens on trusty as xenial+ already have git installed.
The script only tries to install git once and then uses a local
flag file to stop it trying thereafter on every hook.

Change-Id: I8a7daa0fff3d5bc7b11f70cde246975987c7cb66
Closes-Bug: #1767328
2018-05-10 12:36:36 +01:00
Jakub Rohovsky 9ce9db2466 This patch enables haproxy stats by properly listening on address:port
Change-Id: Ie285fcc34cda6c206dd7bef47faf1874c7ff93c4
Closes-Bug: 1737720
2017-12-12 13:35:53 +01:00