Starting from Openstack Bobcat (2023.2) Multi Factor Authentication
was added for Horizon. This change introduced a new variable called
OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED, which if set to True will display
a new form requesting for the user's TOTP code for MFA enabled users.
This change provides the missing OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED
config option for the charm, allowing the user to enable from the
charm's configuration. If the value is set to True, the new bobcat
template will render the following values:
OPENSTACK_KEYSTONE_MFA_TOTP_ENABLED = True
AUTHENTICATION_PLUGINS = [
'openstack_auth.plugin.totp.TotpPlugin',
'openstack_auth.plugin.password.PasswordPlugin',
'openstack_auth.plugin.token.TokenPlugin'
]
Closes-Bug: #2058689
Change-Id: Ifedf587356693b58612b1fc4d7404f0f446158ce
This is so we can register extra region endpoints in horizon,
in situations where the keystone for the extra regions cannot be
integrated via juju (for example, completely separate deployment).
Closes-Bug: #1714926
Change-Id: I52cecec88437fd2bc5a012653f24471039e6b819
If network calls to retrieve ports and floating IPs take too long,
then the project > instances page cannot be loaded. This config
allows disabling the network calls when loading the page with
minor side-effects, as a workaround to avoid downtime while other
performance optimizations can be done on the side to allow
the page the load so the workaround is no longer needed.
Closes-bug: #2051003
Related-bug: #2045168
Change-Id: Iedad6ef48cbe0b776594f4ad8276d3d713cd360c
Bug LP 1863232 introduced a new Apache configuration option called
WSGISocketRotation which allows users to disable wsgi socket
rotation. This patch makes this configurable with a new
wsgi-socket-rotation config option that defaults to the Apache
default and can optionally be set to False.
Closes-Bug: #2021550
Change-Id: I671f4b7f655f12cc558fc64116e31f16560dd2e7
* sync charm-helpers to classic charms
* change openstack-origin/source default to zed
* align testing with zed
* add new zed bundles
* add zed bundles to tests.yaml
* add zed tests to osci.yaml and .zuul.yaml
* update build-on and run-on bases
* add bindep.txt for py310
* sync tox.ini and requirements.txt for ruamel
* use charmcraft_channel 2.0/stable
* drop reactive plugin overrides
* move interface/layer env vars to charmcraft.yaml
Change-Id: I2cb698f719106e54b06009f24ea47259419e9cad
Since we are running haproxy in L4, we are tracking the incoming
byte rate from client IPs and rejecting TCP connections in a
sliding window.
This approach limits the incoming HTTP requests however image uploading
through the horizon web app is unaffected.
Change-Id: Ie40d28acb2dc2983fc9edbbeacfd671b380a8f6d
Closes-Bug: #1836514
Signed-off-by: Mert Kırpıcı <mert.kirpici@canonical.com>
This patch adds an option of enabling/disabling router panel view
in the horizon. To hide the router/floatin-ip panel, set the config
option 'enable-router-panel=False'. Default value is True.
Closes-Bug: #1966815
Change-Id: If6fb3b57f05a1ab6342077d2142bd47cfce57948
- Add 22.04 to charmcraft.yaml
- Update metadata to include jammy
- Remove impish from metadata
- Update osci.yaml to include py3.10 default job
- Modify tox.ini to remove py35,py36,py37 tox target and add py310
target.
- ensure that the openstack-origin is yoga
- Fix mocking on unit tests for install.real hook
Change-Id: I7bf692965341c0cc1c84c7d3c77cce63a6cb6cbc
Make the following values configurable:
- SITE_BRANDING
- SITE_BRANDING_LINK
- HORIZON_CONFIG["help_url"]
Closes-Bug: #1959366
Change-Id: I34716bd68cc50b53dd28f6bb7a19409ece355465
The unstable unit tests affected by list order were fixed by comparing the sorted region lists.
Additionally, a whitespace fix was implemented.
Change-Id: I2c67f7405a3f533d25111d7c3920ca31380de35a
The configuration option hide-create-volume was added and is passed into the horizon configuration as hide_create_volume.
Closes-Bug: #1939079
Change-Id: I639810d5908cc58f41907f9a3bd66dc78b9517d6
Homer[1] is static web server and provides one stop shop UI,
which a single URL and be able to click on a link to get to
the LMA stack and other sites (like MAAS, other support portal).
The application is registered to Homer dashboard via application-dashboard
relation.
By adding registration relation in openstack-dashboard charm,
we can register Horizon in Homer dashboard after creating relation
between openstack-dashboard charm and Homer charm
[1]. https://github.com/bastienwirtz/homer
Closes-Bug: 1945725
Change-Id: Ieeacd8f1dda7e88a1f3f7b332163b2b42f1fee41
This patch adds a configuration option that instructs
openstack-dashboard to configure Horizon using the internal host
exposed by the keystone charm, this behavior is already present in
other charms like nova-cloud-controller.
Change-Id: Ic372a2c65c52a77229c5c2867919aa318e9ac0a1
Closes-Bug: #1812361
Depends-On: https://review.opendev.org/c/openstack/charm-keystone/+/696997
This is needed to align with recent changes in the keystone
charm to use keystone bootstrap.
Change-Id: I35a08c483e970712d4db4ebe049f5b135ffb5637
Closes-Bug: #1879783
Adds config item to add HORIZON_CONFIG['disable_password_reveal'] = True
option to Horizon's local_settings.py, from Mitaka onwards. This
prevents the reveal password button from being displayed.
Change-Id: I299f6a6388c3a2ab68cabaeb16e5104ec319e144
Closes-bug: #1840251
This patchset adds the disable-instance-snapshot config item that
controls the "disable_instance_snapshot" dictionary item in the
LAUNCH_INSTANCE_DEFAULTS setting in local_settings.py
Change-Id: Ic15f60517ed8a7f67704b15f4b42baabe74f83c6
Closes-Bug: #1818221
Cinder consistency group support was removed from upstream horizon
as of Train, and has been replaced by the generic group feature.
Change-Id: Iebf4d441b36e7c31b200205cd9bbee0d1fb9a47c
Closes-Bug: #1841188
Cinder by default does not enable Consistency Groups, but Horizon always
show its tabs and there is not an option to hide them. This patch adds a
config option to change the policy file to hide or show those tabs.
Change-Id: Ia2fb52650201524acbb8d6aafe37e7c0ea26e99e
Closes-bug: #1684113
This change implements a new option dropdown-max-items, that
sets the DROPDOWN_MAX_ITEMS of horizon.
Change-Id: I2ac03b406cc8b787424747c0bfeeedffd7712c9f
This change implements a new option in config.yaml that enables
a specific session timeout to be defined.
Change-Id: I4a521c672347e33718fd03427393eaa5356e57cb
Closes-Bug: #1599968
Horizon will by default check that a project has
a router with a port on an external network prior
to allowing floating ips to be attached to
instances. Since it is valid to use a shared
router from a different project we make this
configurable to allow disabling this check.
Closes-Bug: #1815032
Change-Id: I5c3e44e5daa683e14ac39979d6e9a7c2238dd120
os-hostname-{internal|admin} where deprecated in January 2018.
Drop configuration option to avoid confusion for users.
Change-Id: I365b740935dab976b3573be1f258af5920cc05ed
Related-Bug: 1748527
Adds a setting custom-theme which operats similar to ubuntu-theme and
default-theme. The provided resource is placed in the themes folder and
apache is setup to serve static content for the theme. This leaves the
default theme untouched allowing the custom theme to override files
based on the built in horizon theme capabilities. For details on theming
capabilities see:
https://docs.openstack.org/horizon/latest/configuration/themes.html
gnuoy: retry logic for unrelated test updated after a number of CI
failures.
Closes-Bug: #1778284
Change-Id: I91ad19e8aad5c0e0773d42fa4f085cbcecb82458
In clouds with many containers or objects, listing them via Horizon
can cause a signficant increase of system load.
This patch enables configuration of the API_RESULT_LIMIT setting within
Horizon. This limits the maximum number of objects to display on a
single page before providing a paging element to paginate results.
Change-Id: Ifaf39d6c9bf549428afd7653243c82cd719956f6
Closes-Bug: 1775002
Automatically configure WSGI worker processes inline with other
charms using the worker-multiplier configuration option and the
WSGI worker configuration context from charm-helpers.
Change-Id: Ib8af4a5a54fcff13a05ba4f4094bf123d5282c4a
This binding is required so that the DNS-HA code can find the
address to use for the hostname specified by os-public-hostname.
This also deprecates the os-internal-hostname and os-admin-hostname
options, as there is no binding to use them with.
Change-Id: I57609c5ab641e2ae6377c6fbad5c9e7b8cf6495c
Closes-Bug: #1742548
Drop support for deployment from Git repositories, as deprecated
in the 17.02 charm release. This feature is unmaintained and has
no known users.
Change-Id: I19732b50483ab7284723f847f182fd1cfa67e425
The default HAProxy timeout values are fairly strict. On a busy cloud
it is common to exceed one or more of these timeouts. The only
indication that HAProxy has exceeded a timeout and dropped the
connection is errors such as "BadStatusLine" or "EOF." These can be
very difficult to diagnose when intermittent.
This charm-helpers sync pulls in the change to update the default
timeout values to more real world settings. These values have been
extensively tested in ServerStack. Configured values will not be
overridden.
Partial Bug: #1736171
Change-Id: Ida7949113594b9b859ab7b4ba8b2bb440bab6e7d
Now that Horizon upstream added the ability to configure the default
"create volume" value when launching an instance (See. LP: #1678109),
expose it as a new charm config.
Change-Id: I68a6f199a72c11ad4eff2b587cb4279c91da52ae
Closes-Bug: #1711342
Horizon tries to inhibit browsers' password autocompletion by default.
Offer a configurable option in the charm so that admin can allow
password autocompletion if necessary.
Change-Id: I461752d1d1175f777de5bff26953b200efb17137
Closes-Bug: 1714676