Commit Graph

100 Commits

Author SHA1 Message Date
Ghanshyam Mann 7696ada9d2 Retire openstack-chef: remove repo content
OpenStack-chef project is retiring
- https://review.opendev.org/c/openstack/governance/+/905279

this commit remove the content of this project repo

Depends-On: https://review.opendev.org/c/openstack/project-config/+/909134
Change-Id: Ifae4bf9ef4e6b4c89571f9fc3c45ef3f5349fb4d
2024-02-17 20:49:42 -08:00
Lance Albertson 8343638fc1 CentOS 8 support
- ChefSpec updates

Depends-On: https://review.opendev.org/c/openstack/cookbook-openstack-identity/+/815147
Depends-On: https://review.opendev.org/c/openstack/cookbook-openstack-compute/+/815173
Change-Id: I17fc8fafd977c8412f8e9519642ccbcd427c2949
Signed-off-by: Lance Albertson <lance@osuosl.org>
2021-10-24 12:03:51 -07:00
Lance Albertson 5178e1c937 Cookstyle 6.19.5 fixes
Depends-On: https://review.opendev.org/756168
Change-Id: Idfa343580b1dce6860d522ca62b63b818353aab8
Signed-off-by: Lance Albertson <lance@osuosl.org>
2020-10-05 17:29:04 -07:00
Lance Albertson 0d15f40999 Stein fixes
- Cookstyle fixes
- Refactor Berksfile to use groups so we can exclude integration testing
  cookbooks
- Update documentation
- Cleanup line wraps
- Enable sensitive resources for the template[/etc/heat/heat.conf] to
  resources improve security.
- Update delivery configuration to exclude integration cookbooks
- Fix ChefSpec output.
- Add missing ChefSpec tests
- Switch package installations to send packages as arrays instead of individual
  package resources. This generally speeds up chef runs.
- Cleanup array syntax using %w() instead of []

Depends-On: https://review.opendev.org/701027
Depends-On: https://review.opendev.org/706101
Depends-On: https://review.opendev.org/706151
Depends-On: https://review.opendev.org/706157
Depends-On: https://review.opendev.org/708059
Depends-On: https://review.opendev.org/713285

Change-Id: Ifb3a9de9eecc370e46f43a73ed77008a7b21594b
2020-03-19 11:31:45 -07:00
Lance Albertson 8b478fbe41 Improve ChefSpec test speed by enabling caching
This updates all references of let(:chef_run) to cached(:chef_run) to
speed up tests. By doing this, we have to create a new cached(:chef_run)
block whenever we need to adjust node attributes for testing.

Speed was improved from 5 minutes 36 seconds to 48.07 seconds

Change-Id: I4e88431d863450b6f41d6711612bfb12d4024683
2020-01-06 14:59:12 -08:00
Zuul 2a91191afd Merge "Use python3 packages on Ubuntu" 2019-11-25 15:02:39 +00:00
Lance Albertson d98d4a9757 Start heat services in addition to enabling them
I noticed this was missing during some upgrade testing when I noticed the heat
services didn't start back up after shutting them down for the upgrade and
running chef. I'm not sure why this was set to enable only.

Change-Id: I8048270047767bda7414b2baee176f7bc9ab7a8b
Signed-off-by: Lance Albertson <lance@osuosl.org>
2019-10-12 11:25:35 -07:00
Jens Harbott 8dfd60f6ec Use python3 packages on Ubuntu
Python2.7 is going EOL soon, let us deploy python3 for Rocky from the
start, so we avoid having to switch later.

Depends-On: https://review.opendev.org/682918
Change-Id: Ic989d9b4c20b6e578e96394dade4e7bef5ae6b58
2019-09-19 12:15:26 +00:00
Lance Albertson cd52c71b6c Fixes for fog-openstack, admin endpoint and common pkgs on Debian
This provides a collection of fixes required to converge properly:

- fog-openstack-1.x already appends "auth/tokens" so we no longer need
  to do that
- Remove references to deprecated
  node['openstack']['api']['auth']['version'] attribute
- Remove creation of admin deprecated endpoints
- Add python-heat to common packages on Debian system so that the
  heat-manage binary is available
- Remove and refactor use of deprecated identity_uri_transform function

Change-Id: Idfd9aed09ccd5c3871cac71dbe0b51c921f1ec0e
Signed-off-by: Lance Albertson <lance@osuosl.org>
2019-08-05 14:37:22 -07:00
Samuel Cassiba 5d36a509ba starting rocky development patch
Change-Id: Ifcb2cb9d3c3653cb7e41845af42e25ff7fa70772
2018-08-03 06:41:57 -07:00
Samuel Cassiba 0fb71ae5d8 Simplify identity endpoint
Per the Keystone Install Guide[1] the admin endpoint is superseded in
favor of a single public endpoint. As a result, the admin endpoint is no
longer deployed by default.

[1] https://docs.openstack.org/keystone/queens/install/keystone-install-ubuntu.html#install-and-configure-components

Change-Id: Ic70e3adc4615b3a79a49f8cd739d7505efee91ef
Implements: blueprint simplify-identity-endpoint
2018-06-14 19:16:04 -07:00
Samuel Cassiba 5b2632d052 Remove deprecated cloudwatch recipe
* Queens removed cloudwatch outright[0], which has been deprecated since
  Havana.

[0] http://lists.openstack.org/pipermail/openstack-dev/2017-October/123104.html

Change-Id: I4cd53d7aed179787d192d6342ec44fea9332fb66
2018-03-13 08:52:23 -07:00
Samuel Cassiba 40e115b66b Removed unused tests for deprecated RDBMS flavor
Implements: blueprint modern-chef

Change-Id: I6314c58d53c1d9a536191f62bde9cd820ddbfdad
2018-01-30 06:48:10 -08:00
Samuel Cassiba 2bcd59a687 orchestration refactor for Pike and Chef 13
- implemented foodcritic and cookstyle corrections
- deprecated node.foo.bar method access for node['foo']['bar'] bracket syntax
- added interface for internal endpoint
- moved dpkg options to common cookbook

Implements blueprint modern-chef

Change-Id: I361aed3d84a6e7225d7d803f1855ce37da568eac
2017-12-10 12:32:19 -08:00
Roger Luethi dc2d594b05 Grant admin role in heat domain to heat_domain_admin
This patch grants heat_domain_admin the admin role in the heat domain
(rather then in the service project).

We use :grant_domain instead of :grant_role, because we are setting a
role in a domain, not in a project.

Note that for the user to actually exist in the heat domain, a
sufficiently recent openstackclient cookbook is required -- otherwise
the domain_name attribute is ignored during user creation.

Also, we remove the user_name attribute (gets ignored by resource
action).

Change-Id: I747e2dedbc517cc3deb2675590fb982459c560a0
2017-11-15 21:36:05 +00:00
Roger Luethi 00341ef50a Remove domain role from heat service user
This patch removes the openstack_user resource with :grant_domain
action. A user is always created within a specific domain; such a
membership cannot be tacked on later. This resource gave the heat user
the role intended for its project for the domain (i.e., for the Default
domain instead of for the service project).

We add the domain_name attribute that creates the heat user in the
desired domain. Note that this change needs a sufficiently recent
openstackclient cookbook -- otherwise the domain_name attribute is
ignored (which does not matter as long as the heat user is to be created
in the Default domain).

Change-Id: Ifa3d344a3d9094dd1272b126a4dc9ab951c00972
2017-11-13 15:07:33 +00:00
Roger Luethi b3983a8bd6 Add spec test for creation of stack domain admin
Change-Id: I05179189cc71fb2d09ad67291e61fae1708ae4b5
2017-11-13 09:39:16 +01:00
Roger Luethi 48fdd181f9 Remove superfluous role_name arguments
This patch removes the role_name when using openstack_user's :create
action (it gets ignored by the target method).

Note that the spec test would still pass if only the line in
identity_registration.rb (but not the test) were changed, because the
code that actually does grant the role to the resource is executed right
after user creation and before any tests check the resource for the
existence of the role_name attribute. In other words: if the argument
were required in a call but only supplied in another call, the spec
tests would not catch it. Something to watch out for.

Change-Id: Ic45dd42453d9f8ae2a8c4d04f830cff67740cac6
2017-11-13 09:34:17 +01:00
Roger Luethi fb1c143c65 Change deprecated auth_plugin to auth_type
In the keystone_authtoken section, the key has already been changed
from auth_plugin to auth_type. This patch does the same for the trustee
section (see [1]).

[1] https://docs.openstack.org/heat/pike/install/install-ubuntu.html

Change-Id: Idd82170107043bc2497261c34859844343e783a1
2017-11-02 16:12:00 +01:00
Christoph Albers cb26f25be4 Heat Fixes
- currently non-admin user aren't able to create stacks with i.e.
  Resource OS::Heat::SoftwareDeployment
- added heat domain
        heat domain_admin
        heat_stack_owner and user role
- added missing configuration options
- fixed some smaller ruby /cookstyle offenses
Change-Id: I6ae544dcc6260050304e66e227383e0e944a6bb6
2017-10-06 10:21:54 +02:00
Samuel Cassiba 032dd3c51a Initial orchestration Pike updates
- Switched default linter to cookstyle
- Renamed rake tasks to better conform with Chef conventions
- Normalized template banner

Change-Id: Icc3eca4b2d17a6d1ef66c1c7e75513de0ee3cac9
2017-08-25 10:08:57 -04:00
Samuel Cassiba df79bb4fe9 Reordered metadata.rb for readability, satisfy foodcritic/rubocop
Change-Id: Ib1a753696982f2e3cce133bd6bd56c4c8fa25bc5
2017-08-17 18:00:09 -04:00
Christoph Albers 4f2e23c62d Newton / Identity V3 fix
- added user_domain_name attribute for trustee section

Change-Id: Ie88e3c3288fb7d4b3f9c2ef91e668e5fe4149062
2017-01-02 15:02:23 +01:00
Christoph Albers e00cf744d2 RPC_backend / transport_url workover
- removed deprecated rabbitmq attributes
- added rabbit_transport_url

Change-Id: Id1fa34e55c556ffae2a6200bb7138f11808a3abf
2016-12-20 11:45:40 +00:00
Samuel Cassiba b547aaa80c Deprecated python-heatclient
- deleted client.rb
- deprecated python-heatclient references

Implements blueprint newton-xenial

Change-Id: I54d8190f77b7731dfb518871f080f62718cedc47
2016-12-14 20:06:29 -08:00
Christoph Albers f2c3db560e use_cookbook-openstackclient/identity_v3
- Now use cookbook-openstackclient to create endpoints role service and
  user
- added domain creation and access granting
- added values to work with identity_v3
- rewrote specs to work again
- updated readme

Change-Id: If5c3758c786b2d11cec6d64dc57530367acd2976
Depends-On: I0f8955f05de9b33711c54b9a198f45018cceb8e1
2016-09-30 11:59:53 +02:00
Samuel Cassiba 1e41bc7811 Style and lint fixes to support newer ChefDK
Change-Id: Iccd706e2b804065c343c317f63783592e091c415
Depends-On: I6ce4587caa3ae68ddbd3ef1a521aaf46f4840b2c
Depends-On: I34e4c7b29ff7c36c91245d90fb0b6897847cd22f
2016-07-06 13:23:13 -07:00
Jens Rosenboom 4e99faff68 Fix auth_uri in client_keystone section
In contrast to other identity URIs, the auth_uri in the client_keystone
section of heat.conf must be the unversioned identity endpoint,
otherwise most resources will not work.

Change-Id: I9888e0b69c3ba2a60e3ac7bb84261ace6688b9e3
2016-05-02 10:53:36 +02:00
Mark Vanderwiel d6d787d4b9 Cleanup options deprecated for mitaka
Some options have been deprecated for Mitaka, replace them with the new
variants.

Change-Id: I98e8e82668501a34f27f38f9c9a8770d63ee3604
2016-04-13 14:11:46 -05:00
Jens Rosenboom 5d70ac53fa Refactor using new style
* use new logic for heat.conf template
* move all attributes that are used in heat.conf to
  attributes/heat_conf.rb
* remove all attributes that are just setting default values
* add new default attributes so that the authorisation setup will be
  functional again
* refactored endpoint and bind_service logic to fit the new common
  cookbook
* adapt specs accordingly
* removed qpid as a messaging option (can be included in a wrapper)
* removed fedora as supported platform
* removed deprecated Gemfile
* removed logic for setting up a dedicated domain for Heat, should be
  done in a wrapper
* update README.md accordingly (still incomplete)

Implements: blueprint cookbook-refactoring
Change-Id: I16a29e28068d106f0edcbe04cb529aabbbed1ac5
2016-03-08 12:27:39 +01:00
JJ Asghar 49c1a11b8b Initial Liberty Changes
Metadata changes
- Updated maintainer email
- Updated the version

remove db2 refs

Change-Id: I7744f2b20a0e7d77344f50b791024ecbc4eb2435
2015-08-28 23:10:01 -05:00
Jenkins 411d553f94 Merge "Update centos/redhat/rdo package names" 2015-08-12 07:38:17 +00:00
Mark Vanderwiel 2ae14f7965 Update centos/redhat/rdo package names
Update the package names

Change-Id: Ica917bce1932bca9b88b02c5af4bddc6e746acde
Closes-Bug: #1483812
2015-08-11 18:24:33 +00:00
Mark Vanderwiel 2b3a6fdf89 fix up deprecated sql_connection key
Change to use connection

Change-Id: Ic4e0db71dd4254758ec62248591d7523e1ace960
Closes-Bug: #1483402
2015-08-10 15:43:29 -05:00
Ethan Lynn 0170665c67 Make auth_uri attribute for ec2authtoken section
Make auth_uri attribute for ec2authtoken section

Closes-Bug: #1480818
Change-Id: I6b3018317e6c4890d193aee6f6b5e101d901e687
2015-08-04 12:57:02 +08:00
Mark Vanderwiel b5fac0e02b Replace deprecated get_secret
Use get_password 'token' instead.

Change-Id: I8a6a22751cfd3f262d44adaa7eb33ae0bcf9cffd
Partial-Bug: #1467662
2015-06-22 15:53:14 -05:00
Mark Vanderwiel 2a0e5aadb0 Allow auth_encryption_key to be configured
Change-Id: Ia3b00d0e93df7297a1391d9954048de146d03306
Closes-Bug: #1465926
2015-06-18 10:48:42 -05:00
Mark Vanderwiel 62f41a402f Allow rabbit mq kombu ssl configuration
Add the rest of the kombu ssl configuration options.

Change-Id: I71e50e405d6447229bce23e1b1db67fdfad316a8
Partial-Bug: 1464706
2015-06-16 10:53:03 -05:00
Mark Vanderwiel a84a144339 Allow oslo rabbit heartbeat configuration
In order to allow components to better handle and respond to mq failures,
oslo has some heartbeat options that are useful.

Change-Id: I453b04c90e6caba7c00cf239035af05199bb5c36
Partial-Bug: #1462438
2015-06-15 03:07:37 +00:00
wenchma 5259486ff4 Add rabbitmq max_retries and retry_interval in heat conf
Oslo.message using rabbit_max_retries and rabbit_retry_interval to
define reconnect rabbitmq server times and interval when can not
connect to rabbitmq server.

Change-Id: I261d3f31aa89f845d88ee4cbd1acb56c9131ba47
Closes-bug: #1439968
2015-06-12 15:35:44 +08:00
Mark Vanderwiel e5627ca58b Cleanup minor rubocop offenses
Cleaned up all the minor rubocop issues, the ones left relate to
complex logic and what I think is a bug in rubocop for nested
vs compact modules/class definitions.

Change-Id: I75515d7b1faadb6de6377081fc7d5281a4c64c7d
2015-05-29 12:11:46 -05:00
Mark Vanderwiel ffe3f30c05 Add worker config support
Allow the various workers to be configured as attributes.
The engine one is based upon cpu, so default is nil just like
in Compute.  The others default to zero, so used that.

Change-Id: Id7382ceeb4daeb6136e4b10546eed26901fbc3eb
Closes-Bug: #1452734
2015-05-08 10:09:17 -05:00
Jan Klare c0e89882e5 move from bundler to chefdk
- deprecated Gemfile
- updated TESTING and README
- updated Rakefile to use chef exec instead of bundle exec
- replaces Runner by SoloRunner in specs

Change-Id: Idb2180fb0cfd48b2c2c22e531b1f1320a0ab247b
2015-04-29 10:42:03 +02:00
Ethan Lynn f9b8b4b9ba Set default value for log_dir in heat.conf
When use_syslog is false, heat will use log_dir to store log files,
but default value of log_dir is none in heat, so heat will output
log to stdout.
This patch set the log_dir's default value to /var/log/heat/.

Closes-Bug: #1446963
Change-Id: Ia53b557d56662994e095ccd1e2c3ca583460b55d
2015-04-22 14:17:56 +08:00
Jenkins b47d5e8895 Merge "Move to rhel 7.1" 2015-04-18 03:08:55 +00:00
Jenkins 54d1b0278b Merge "Use identity_uri_transform for identiry_uri support" 2015-04-16 21:20:08 +00:00
Ethan Lynn bd5f271cf3 Move amqp options into correct section
Move rabbit related options to section [oslo_messaging_rabbit],
and qpid related options to section [oslo_messaging_qpid].

Change-Id: I4b3e66ec445b2f242c8b1ab8a4bb6006cb7d076a
Closes-Bug: #1439981
2015-04-09 03:33:32 +00:00
Mark Vanderwiel 32fdf00cf1 Use identity_uri_transform for identiry_uri support
Remove deprecated keys and use identity_uri via the new transform
helper method.

Change-Id: I988a902d42942109047bcc69d4b02ec4ba66ae41
Implements: blueprint identity-uri
2015-04-07 06:12:57 +00:00
Jenkins 01e030abaa Merge "Use new "service" role instead of "admin"" 2015-04-06 15:25:26 +00:00
Jenkins a5117ed3ea Merge "Remove api-paste.ini as it provided by package" 2015-04-02 20:58:03 +00:00