- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
cookbooks
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/heat/heat.conf] to
resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Add missing ChefSpec tests
- Switch package installations to send packages as arrays instead of individual
package resources. This generally speeds up chef runs.
- Cleanup array syntax using %w() instead of []
Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706101
Depends-On: https://review.opendev.org/706151
Depends-On: https://review.opendev.org/706157
Depends-On: https://review.opendev.org/708059
Depends-On: https://review.opendev.org/713285
Change-Id: Ifb3a9de9eecc370e46f43a73ed77008a7b21594b
This updates all references of let(:chef_run) to cached(:chef_run) to
speed up tests. By doing this, we have to create a new cached(:chef_run)
block whenever we need to adjust node attributes for testing.
Speed was improved from 5 minutes 36 seconds to 48.07 seconds
Change-Id: I4e88431d863450b6f41d6711612bfb12d4024683
In the keystone_authtoken section, the key has already been changed
from auth_plugin to auth_type. This patch does the same for the trustee
section (see [1]).
[1] https://docs.openstack.org/heat/pike/install/install-ubuntu.html
Change-Id: Idd82170107043bc2497261c34859844343e783a1
- currently non-admin user aren't able to create stacks with i.e.
Resource OS::Heat::SoftwareDeployment
- added heat domain
heat domain_admin
heat_stack_owner and user role
- added missing configuration options
- fixed some smaller ruby /cookstyle offenses
Change-Id: I6ae544dcc6260050304e66e227383e0e944a6bb6
- Switched default linter to cookstyle
- Renamed rake tasks to better conform with Chef conventions
- Normalized template banner
Change-Id: Icc3eca4b2d17a6d1ef66c1c7e75513de0ee3cac9
- Now use cookbook-openstackclient to create endpoints role service and
user
- added domain creation and access granting
- added values to work with identity_v3
- rewrote specs to work again
- updated readme
Change-Id: If5c3758c786b2d11cec6d64dc57530367acd2976
Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1
In contrast to other identity URIs, the auth_uri in the client_keystone
section of heat.conf must be the unversioned identity endpoint,
otherwise most resources will not work.
Change-Id: I9888e0b69c3ba2a60e3ac7bb84261ace6688b9e3
* use new logic for heat.conf template
* move all attributes that are used in heat.conf to
attributes/heat_conf.rb
* remove all attributes that are just setting default values
* add new default attributes so that the authorisation setup will be
functional again
* refactored endpoint and bind_service logic to fit the new common
cookbook
* adapt specs accordingly
* removed qpid as a messaging option (can be included in a wrapper)
* removed fedora as supported platform
* removed deprecated Gemfile
* removed logic for setting up a dedicated domain for Heat, should be
done in a wrapper
* update README.md accordingly (still incomplete)
Implements: blueprint cookbook-refactoring
Change-Id: I16a29e28068d106f0edcbe04cb529aabbbed1ac5
In order to allow components to better handle and respond to mq failures,
oslo has some heartbeat options that are useful.
Change-Id: I453b04c90e6caba7c00cf239035af05199bb5c36
Partial-Bug: #1462438
Oslo.message using rabbit_max_retries and rabbit_retry_interval to
define reconnect rabbitmq server times and interval when can not
connect to rabbitmq server.
Change-Id: I261d3f31aa89f845d88ee4cbd1acb56c9131ba47
Closes-bug: #1439968
Cleaned up all the minor rubocop issues, the ones left relate to
complex logic and what I think is a bug in rubocop for nested
vs compact modules/class definitions.
Change-Id: I75515d7b1faadb6de6377081fc7d5281a4c64c7d
Allow the various workers to be configured as attributes.
The engine one is based upon cpu, so default is nil just like
in Compute. The others default to zero, so used that.
Change-Id: Id7382ceeb4daeb6136e4b10546eed26901fbc3eb
Closes-Bug: #1452734
When use_syslog is false, heat will use log_dir to store log files,
but default value of log_dir is none in heat, so heat will output
log to stdout.
This patch set the log_dir's default value to /var/log/heat/.
Closes-Bug: #1446963
Change-Id: Ia53b557d56662994e095ccd1e2c3ca583460b55d
Move rabbit related options to section [oslo_messaging_rabbit],
and qpid related options to section [oslo_messaging_qpid].
Change-Id: I4b3e66ec445b2f242c8b1ab8a4bb6006cb7d076a
Closes-Bug: #1439981
Remove deprecated keys and use identity_uri via the new transform
helper method.
Change-Id: I988a902d42942109047bcc69d4b02ec4ba66ae41
Implements: blueprint identity-uri
Add attribute for newly option stack_scheduler_hints, related
commit is https://review.openstack.org/#/c/96889/ .
Change-Id: Ib02ff0ec8e1713f701737fa7ac95a91dd810eb01
Since we have no attribute overrides for api-paste.ini, no
need to have a template resource for it. Until we need to
have some attribute, removing this will take away burden of
keeping in sync with base openstack code.
Change-Id: I4cb0aec2dc39c9b7f4c8096f24acc28399ae95a8
Closes-Bug: #1433152
We should switch to using deferred_auth_method=trusts by default,
for the following reasons:
- It's more secure, we won't have to store username/password anymore
- It's better for users, because they won't have to provide a
username/password anymore, e.g the box in horizon where we force
them to enter a password even though horizon is already passing
us a token.
Change-Id: I04634d065c785a13991a9a4ac76e544d7a6f34fe
Closes-Bug: #1429722
when rabbit ha enabled, add rabbit_ha_queues=True like is done in
the other cookbooks
Change-Id: I1b782d874a547954ebd352beae118b0bb61989b8
Partial-Bug: #1408705
This commit makes the [clients_XXX] section in heat.conf configurable.
They will get set with the default values from [clients] section.
Closes-Bug: #1386125
Change-Id: I6d4d4a79e038f5533b46ce555f5838efb0c8f1c8
This commit modifies the schemes of heat_metadata_server_url,
heat_waitcondition_server_url and heat_watch_server_url
so that they do not always use the hardcoded http.
Change-Id: I8dcc8ec53b25dd4f2c53f662c0af821ee653a014
Closes-Bug: #1385046
This commit adds some clients configurations for Heat into cookbook
so that they are configurable.
Change-Id: Ie8db8238cd75e99bd4c6942a82f1734777c91966
Closes-Bug: #1381907
To setup heat for template defined users, several identity registration
steps need to happen. The first is creating the role for it.
This can be done with the current identity registration provider.
The next three steps (doc in the code as todo) deal with the domain and
requires keystone v3 (bug-1267137). These are handled by a script shipped
with heat, heat-keystone-setup-domain.
Change-Id: I74154ccae609526ec92b916bac4ff8bc60aed170
Related-Bug: #1369654