Commit Graph

575 Commits

Author SHA1 Message Date
Eyal 2580e0f4fe uncap json schema
All openstack projects now use this requirement

Change-Id: Idf458b53843ddf2cb4eec211a1fe667c18db5b05
2019-12-30 11:50:42 +02:00
kushalagrawal 8afc9de172 updated to decoded.get to avoid KeyError while getting 'aud'
Change-Id: I33cad322c21677af27b5df39acaa26cddd2f85e1
2019-09-11 16:23:06 +05:30
kushalagrawal 47fd843000 updated Keycloak_auth to use public key for validation
Previously there were 2 ways to validate the access_token
1. define auth_url, which will send the access_token to
keycloak for validation
2. define absolute user_info_endpoint_url to validate the
 custom url

In this patch we have removed the 1st option to validate
 everytime with keycloak instead we are taking keyclaok certs
 and constructing public key with it and then validating using
 access_token using public key and iss(optional).
We are keeping the public key in cache to not to request
 keycloak repeatedly.

Change-Id: Ie0551c2f9f8a37debd50e7aebcf35f7143db44f9
2019-08-09 12:31:17 +05:30
kushalagrawal 5815d94781 Made it compatible to python3.7
Due to https://www.python.org/dev/peps/pep-0479/ stopIteration
will not be caught anymore and needs to be use return instead.
updated with relevant changes.

Change-Id: If25b6ccecd46fed0225a230096041996fb91c0c5
closes-bug: #1837778
2019-07-30 19:42:24 +05:30
Kushal Agrawal ef042bf4e7 updated required_on_activate error message
Change-Id: I5757502995a440b3582d69540c4818a00ad29d4a
2019-07-09 17:43:38 +05:30
Kushal Agrawal aeccc16a7c updated required_on_activate error message
updated message if blob data is not available during
artifact activation.

Change-Id: I028a73d22995e0178ae04735bc37045071e4fe2b
2019-07-08 16:16:50 +05:30
Kushal Agrawal 5395488ad1 Add bindep.txt file for binary dependencies used in unit tests
Change-Id: I2d7fa55e70745a5982205e698f9cec4fe0196bdd
2019-07-08 14:45:00 +05:30
Kushal Agrawal 8f12e33e0b updated log level for version_handling to trace.
Change-Id: Idbad34b2d68a9ff44a3ce6a1fcbbc9b323003ae5
closes-bug: #1832293
2019-06-13 06:41:48 +00:00
OpenDev Sysadmins f75d1c3796 OpenDev Migration Patch
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:

http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html

Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
2019-04-19 19:50:09 +00:00
Ian Wienand 9838aaa219 Merge "Replace openstack.org git:// URLs with https://" 2019-04-10 01:13:29 +00:00
Kushal Agrawal 4f7543a2a0 Added chunked data together in database read
While extracting zip and saving it in database, if any of the fize size
is biggger than 65535 it is getting truncated during save.
It is because of the data which is a LimitingReader object has
BlobIterator as internal content iterator which has internal
chunk limit of 65535.

Change-Id: I3220abcd7cbc38db821478989c4c226a6f3366b5
closes-bug: #1821866
2019-03-27 17:06:33 +05:30
Ian Wienand ae4f031f6b Replace openstack.org git:// URLs with https://
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.

This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.

This update should result in no functional change.

For more information see the thread at

 http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html

Change-Id: I47bddd19f3d28cbecea1617f8da81c98fba4e70c
2019-03-24 20:33:41 +00:00
Idan 26e4184c8d Add patch info to pre_upload_hook.
We got a specific case in which this change
is needed:

An aritifact type that only one instance is
allowed to be in 'active' status.

To enforce that we want to use pre_update_hook,
and check if there is any other artifact in 'active' status.
To do so we need json_patch info (we need to know if the json_patch
change status to "active" or "deactivated". 

This change aim to suuport this case and also support backward 
compatibility.


With this background, if the a user update 'active' artifact
to be with status "deactivated", we must know the patch info.

Change-Id: I6e85ff89144ca6d3a69c7a240de3f41bd1d999e7
2019-01-03 15:19:23 +00:00
Zuul 1cee3290ed Merge "Switch to using stestr" 2018-10-25 18:41:08 +00:00
Zuul 7f49896f1c Merge "fix tox python3 overrides" 2018-10-25 09:44:01 +00:00
Zuul d72e424eee Merge "Removed tpool.execute to prevent upload failure" 2018-10-24 16:18:38 +00:00
Kushal Agrawal 80c2ec1932 Removed tpool.execute to prevent upload failure
As of now there no solution to the issue where thread is getting
stuck in eventlet.
Few other similar incidents and without proper solution:
https://bugs.launchpad.net/cinder/+bug/1694509
https://github.com/eventlet/eventlet/issues/432
https://github.com/eventlet/eventlet/issues/492
https://github.com/eventlet/eventlet/issues/395

Change-Id: Ib278780ccb20b9cbef50f54ba1a1ad33761c8002
closes-bug: #1742729
2018-10-24 19:10:07 +05:30
Kushal Agrawal 0b3583af22 validate folder data before saving it in database
Change-Id: I9c7de8be1b4d9ec65f71131f5a7decd0433d75ae
closes-bug: #1799220
2018-10-23 20:45:09 +05:30
amassalh 63f663b760 make user_info_endpoint_url independent of auth_url
Client should be able to create a token using “auth_url” (e.g. ”https://keycloak:7443/auth”)
Server should be able to validate the token using “user_info_endpoint_url” (e.g. “https://cbnd:9443/something/custom”)
also be backward compatible

Change-Id: I247ae280710cb42c21e0c888f41622fa6dedfe9d
2018-10-17 08:14:52 +00:00
Zuul 4ad07d8d01 Merge "uncap eventlet" 2018-10-04 10:36:21 +00:00
Chuck Short a1e5c1c039 Switch to using stestr
According to Openstack summit session [1] stestr is maintained
project to which all Openstack projects should migrate.
Let's switch it then.

[1] https://etherpad.openstack.org/p/YVR-python-pti

Depends-On: https://review.openstack.org/560493
Change-Id: I7149bd55da66479bda83e8bd2dd2b806e7394342
Signed-off-by: Chuck Short <chucks@redhat.com>
Co-Authored-By: Nguyen Hai <nguyentrihai93@gmail.com>
2018-10-04 10:00:52 +00:00
Zuul 094ec4e72a Merge "Import legacy-glare-dsvm" 2018-09-25 14:21:01 +00:00
Andreas Jaeger f48bec1426 Import legacy-glare-dsvm
Import legacy-glare-dsvm job and rename to glare-devstack following
naming policy.

Change-Id: I74aa695df50887d99ccf2b0348f1912a90e94725
2018-08-29 06:36:57 +00:00
Doug Hellmann 02685b4e4d uncap eventlet
We will manage the eventlet version using constraints now. See the
thread starting at
http://lists.openstack.org/pipermail/openstack-dev/2018-April/129096.html
for more details.

Change-Id: Icdfe7679df3cc7c97685d11d81de3af791cb87c0
Co-Authored-By: Michel Peterson <michel@redhat.com>
Co-Authored-By: Chuck Short <chucks@redhat.com>
2018-07-26 02:00:14 +00:00
huang.zhiping 68e758f2f2 fix tox python3 overrides
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.

We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.

We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.

Change-Id: I90d3b61a00cb3e3da0d0c89e49e1a9278aed43c3
2018-07-26 02:00:03 +00:00
Kushal Agrawal 9883099cc4 field custom metadata
Change-Id: I8ad5fdfee9ff8ec138b1089541c9ab1558e80050
Implements-blueprint: field-custom-attribute
2018-07-04 22:40:43 +05:30
Zuul 0736698c92 Merge "updated to_schema method to include display_name." 2018-06-19 10:21:25 +00:00
Kushal Agrawal a187f2e7e8 updated to_schema method to include display_name.
Change-Id: Ib5f2be2f9b4a4274390c0153e8360b4ba15a4fc5
2018-06-18 22:24:14 +05:30
Zuul a2bb4b1f45 Merge "Fix artifact init case." 2018-06-17 12:11:44 +00:00
idanaroz f7387cbcf6 Fix artifact init case.
In case artifact's field is defined to be
nullable=false and also doesn't have any
default, we had a problem:
While creating new artifact of this type
with a value for this field we got:

"BadRequest <artifact_name> field: <field_name>.
value: [None]. Exception.

That happened although a field value was provided.
This kind of error is expected if the field does
not get any value at creation, but not expected
if value is provided.

The following patch suggest a fix for that.
closes-bug: #1775502

Change-Id: I642249f067ab853b4b7d56a8da4db5809ee414c6
2018-06-17 11:58:50 +00:00
idanaroz 0ae722e3ae Fix artifact init case.
In case artifact's field is defined to be
nullable=false and also doesn't have any
default, we had a problem:
While creating new artifact of this type
with a value for this field we got:

"BadRequest <artifact_name> field: <field_name>.
value: [None]. Exception.

That happened although a field value was provided.
This kind of error is expected if the field does
not get any value at creation, but not expected
if value is provided.

The following patch suggest a fix for that.
closes-bug: #1775502

Change-Id: I642249f067ab853b4b7d56a8da4db5809ee414c6
2018-06-17 07:31:50 +00:00
Kushal Agrawal 9389a33a52 Restructured import os to be effective in monkey_patching
Change-Id: Ib12b1a8d515450a8c3ba39c7494ee9e5de80f24c
2018-05-25 09:10:16 +05:30
Kushal Agrawal 03114fb80c Test_wsgi fix with webob upgrade
Change-Id: Ib5ac8c2663a8c8b31e7f4ee14f3962f726d169e5
2018-05-24 11:34:29 +05:30
Kushal Agrawal 8ebd33cdc9 log typo correction
Change-Id: I616f8c4d6edf2922afe7d054af20a6002c9ad50c
2018-05-10 15:19:50 +05:30
Zuul 1e503d88fc Merge "Tag search update" 2018-05-09 23:03:30 +00:00
Kushal Agrawal 068b471e49 Tag search update
In case Artifact does not have tags associated and query
constain tags/tags-any condition with any other base artifact
field or custom field condition. It used to fail because of
INNER JOIN between glare_artifacts and glare_artifact_tags table.
Replaced "join" with "outerjoin" to rectify this issue.

Change-Id: Ie03520a38d2c726117195ea92c7fbd88c04bff18
2018-05-09 23:01:21 +05:30
Zuul 3e9fba38aa Merge "Retain existing blob in case of pre_upload_hook or save fails" 2018-05-09 10:25:14 +00:00
Kushal Agrawal 39105d2a0a Retain existing blob in case of pre_upload_hook or save fails
While re-uploading blob if pre_upload_hook or store_api throws
exception, Existing content needs to be retained.

Change-Id: I51effe4c76de9a353dec99c634c173840c792198
2018-05-08 16:16:09 +05:30
Kushal Agrawal d1edf09ef5 Moved display_type_name attribute to to each artifact detail object
Change-Id: Id869ea4106bc08fd3fa7c76611474740a694dab0
2018-05-08 11:50:54 +05:30
Zuul 5408124b87 Merge "Search based on tags condition with or condition combiner" 2018-05-06 17:13:17 +00:00
Kushal Agrawal 86d40aa3bf Added few more logs for upload_blob operation.
Change-Id: I3eb6485992ce686944bd94e5dc8c6a2e53f4a8b6
2018-05-03 15:22:27 +05:30
Kushal Agrawal 40d57e0893 Search based on tags condition with or condition combiner
In case of more than one tags values in request query with other
condition it was not using separate alias name for artifact_tag table
to join with glare_artifacts table. To rectify this we have created
aliases beforehand and using it updating the tag search condition.

Change-Id: Ic7afe47fcf8f23a694f2c3d99dbdbd7797d506dd
closes-bug: #1765338
2018-04-30 18:07:23 +05:30
Kushal Agrawal 92bc2ad89f list api with limit and search text issue
If artifact data has multiple properties other than base
artifact properties i.e. which needs to be stored in
glare_artifact_properties table. In that case providing limit will
always result in less no of artifacts then limit.

This issue is not available in sqllite database, therefore no additional
testcase is added.

Change-Id: I933783cabb5b71d92b4d645d340bd9d1c9f6f8b5
closes-bug: #1766537
2018-04-26 12:15:46 +05:30
Kushal Agrawal 06e46b778f Condition based INNER JOIN for artifact_properties table
In case that "artifact data" does not contain properties other
than base artifact properties, query will return no records.
That because of INNER JOIN usage between glare_artifacts and 
glare_artifact_properties tables (as there are no rows in
glare_artifact_properties corresponding to that artifact_id).

Therefore INNER JOIN needed to be added only if there is
any glare_artifact_properties based condition.

Change-Id: Icfcbeb41703771145db5405ffc2609dbb6ca1741
2018-04-25 13:25:47 +00:00
Zuul 1a0c7c01cf Merge "Move Operation bug fix in update API" 2018-04-16 10:26:23 +00:00
Kushal Agrawal 57a589fccd Move Operation bug fix in update API
updating the value of source location in move operation
as part of artifact update.

Change-Id: Ic6912fa9c714762e38ba01793a7a8da1a70a12ba
Closes-bug: #1743971
2018-04-16 13:51:28 +05:30
Zuul edf4db7e72 Merge "Adding WWW-Authenticate info." 2018-04-15 17:14:15 +00:00
Zuul bbb1243104 Merge "and/or query combiner for filter options" 2018-04-11 07:18:02 +00:00
Idan Narotzki 5e60d27376 Adding WWW-Authenticate info.
when glare requests are failing with "401 Unauthorized"
against keycloak, more data can be added to the logs,
to understand the reason better.

In case keycloak return 401 it must provide the www-Authenticate
response header with the reason:
https://www.w3.org/Protocols/HTTP/1.0/spec.html#WWW-Authenticate

This code take care of it by adding the WWW-Authenticate value to
glare api-log.

Change-Id: Ia3966ad00868b559874610f552c8e491d8a01acd
2018-04-10 10:10:14 -06:00
Kushal Agrawal 00bae420b7 and/or query combiner for filter options
With the new changes it is be possible to search tags based on or query.
it can be used with both tags and tags-any filter parameters.

Change-Id: Ib7a0054cb7e220e64d19839d79367b1ac180ea94
Implements: blueprint glare-search-artifact-query-update
2018-04-05 00:20:27 +05:30