Commit Graph

754 Commits

Author SHA1 Message Date
Takashi Kajinami ea9ad2891c Remove dependency on pytz
pytz will be removed from RHEL/CentOS 10 because of the built-in
zoneinfo[1].

Because the current usage of pytz can be very easily replaced, this
removes the dependency on pytz.

[1] https://issues.redhat.com/browse/RHEL-219

Change-Id: Iafcaf2f1095cd7c738dac391a9af10622806e932
2024-01-27 10:42:39 +00:00
Zuul 93bef2405a Merge "[codespell] Fixing Spelling Mistakes" 2024-01-27 00:00:48 +00:00
Zuul 212d0b2a9a Merge "Change policy to enforce only new policy" 2024-01-26 04:03:33 +00:00
Julia Kreger fff80086d6 Change policy to enforce only new policy
Change's inspector's default policy to align with the 2023.2
release goal.

Depends-On: https://review.opendev.org/c/openstack/ironic/+/902009
Change-Id: Iaa271bd13e3a62c4a3b35b6e6b556984f7b1d09c
2024-01-26 01:01:11 +00:00
Sharpz7 98a226b9c6 [codespell] Fixing Spelling Mistakes
This is the first in a series of commits to add support for codespell. This is continuning the process completed in ironic-python-agent.

Future Commits will add a Tox Target, CI support and potentially a git-blame-ignore-revs file if their are lots of spelling mistakes that could clutter git blame.

Change-Id: Icb4e66359c3e79618c916b35793ea7b5f79b030d
2024-01-25 21:22:07 +00:00
Zuul bebf29d4f8 Merge "Fix RBAC access for service/admin user access" 2024-01-18 21:09:24 +00:00
Zuul c4a177c8eb Merge "Handle LLDP parse Unicode error" 2024-01-12 00:10:37 +00:00
Julia Kreger 5523b11cba Fix RBAC access for service/admin user access
This change fixes inspector so a project scoped service role user
can connect to inspector, and a project scoped admin user can also
access inspector as the OpenStack community pivoted it's RBAC
direction after the original RBAC work was done, and inspector
was sort of forgotten about.

Closes-Bug: #2049098
Change-Id: Ide9420843a680b09d682062a99b2c88c0fcf5228
2024-01-11 11:55:11 -08:00
Riccardo Pittau db76af9c86 Handle LLDP parse Unicode error
Closes-Bug: #2044793
Change-Id: I939c80bb309b22e05ba7cc93686f12bbe0d71624
2024-01-03 14:37:41 +01:00
Takashi Kajinami dc5da6722e Suppress logs from stevedore
The stevedore library tends to put large number of logs especially when
debug is enabled.

This suppresses from this library, as is done in oslo.log by default.

Change-Id: I8989bdf132e8498093cbe05a7858a9315e858994
2023-12-18 12:27:22 +09:00
Takashi Kajinami 969cccb0c5 [coordination] backend_url should be secret
The backend_url option can sometimes contain secrets.

For example when redis coordination backend is used and authentication
is enabled in redis, the plain redis password is put as an URL element.

[coordination]
backend_url=redis://:password@127.0.0.1:6379

Closes-Bug: #2012246
Change-Id: If0f142a742d407e5e91e422ef3109002b37c475d
2023-12-14 15:41:54 +09:00
Zuul 85aadd6338 Merge "Drop before_first_request usage of Flask app" 2023-11-22 09:59:16 +00:00
Pavlo Shchelokovskyy ad4664b9ac Drop before_first_request usage of Flask app
Flask 2.3 removed this method, with recommended way of running
startup actions explicitly as part of app initialization.

Change-Id: I5dea1320c9aa63c1ef1742382cb46ea7cc56b10b
2023-11-21 17:58:06 +00:00
Julia Kreger 24733d08bc SQLAlchemy 2.0 - Fix items lost in migration
Seems we forgot some leftovers of autocommit in our unit tests,
and we never updated our unit tests to the newer query style
for sqlalchemy 2.0.

This patch corrects those issues.

Change-Id: I9f3eb1f8efadd8438ac7dd69b06ea545b9a8ee5e
2023-11-08 10:55:27 -08:00
Zuul f957f6fccc Merge "Support LLDP data coming in the new field" 2023-09-20 12:38:54 +00:00
Harald Jensås 278ba52bf9
Handle bracketed IPv6 redfish_address
If redfish_address is in brackets, unwrap it
and check that it is a valid IPv6 address.
If that is the case use the unwrapped address
to avoid "Name or service not known".

Closes-Bug: #2036455
Change-Id: I0d194091be22e8401d379b7ffa720f8004cca3d0
2023-09-19 14:59:44 +02:00
Dmitry Tantsur c2cb0f235a Support LLDP data coming in the new field
Change-Id: Id8d6978035f81215c52ed5ab3406d7adac2c561e
Depends-On: https://review.opendev.org/c/openstack/ironic-python-agent/+/881462
2023-04-25 12:22:33 +02:00
Lon Hohberger 437e743e6c tests: Replace assertItemsEqual with assertCountEqual
The assertItemsEqual API is no longer current.

1. fd4abac1d6
2. https://bugs.python.org/issue17866

Change-Id: I76aab9210de2a1871305d93afc80f1a0542b55f9
2023-03-09 10:23:04 -05:00
Julia Kreger 836ba11b9b Use UTC for the timezone in functional tests
The prior code uses the local time zone, in my case
prsently 'PST' which pytz doesn't grok, however it does
grok UTC, and CI runs in UTC, and the API, as far as I know,
conveys in UTC. So this should just be for consistency.

Change-Id: Ia47b6adfc18be54f8e9623b34ef34b66436828dc
2023-02-21 08:38:26 -08:00
Zuul d65d6020c2 Merge "Rename NodeInfo._lock to avoid conflict with Mock._lock in tests" 2023-01-27 13:12:40 +00:00
Tobias Urdin 84b5f8cc1b Use new get_rpc_client API from oslo.messaging
Use the new API that is consistent with
the existing API instead of instantiating the client
class directly.

This was introduced in release 14.1.0 here [1] and
added into oslo.messaging here [2]

[1] https://review.opendev.org/c/openstack/requirements/+/869340
[2] https://review.opendev.org/c/openstack/oslo.messaging/+/862419

Change-Id: I66bef4d339b5ee2462dc46f626fd1b2c6182b2cd
2023-01-19 21:05:00 +00:00
Dmitry Tantsur cb1e856b9f Rename NodeInfo._lock to avoid conflict with Mock._lock in tests
Starting with https://github.com/python/cpython/pull/98797, Python's
Mock has its own _lock. I hope they rename it to something really
private (e.g. __lock), but for now rename our attribute (and hope that
no downstream plugins relied on it, sigh).

Change-Id: I7ba858fb3f259b8e7a3becde94b7ba6b90615287
2023-01-10 14:29:37 +01:00
Anton Arefiev 3fe42b53fd SQLAlchemy 2.0 Support
Primarily remove the workaround added in
Ia6d512ff2ae417bab938cb095fbb0884d195010a which added
continued use of autocommit, which is incompatible with
SQLAlchemy 2.0.

Also set the environment for unit tests to report compatability
warnings, although it appears none are being reported at this time.

Also cuts out the db upgrade cruft to only use the online database
migration code through oslo_db's enginefacade, which has the smarts
to handle online or offline migrations.

And then, retools unit/functional test data storage to utlize sqlite,
and in that re-tooled the queries to prevent locking conditions
which could exist with queries, and some additional refactoring/cleanup.

Also, don't mock and test time.sleep().

Additionally, it looks like we have discovered the root cause of the
memory/connection leakage issue which has been observed, due to the
way lists of nodes are processed/returned.

This change was based upon the work in
I506da42a9891a245831f325e34bec92e0a3f33f0 which is included in
this commit as the entire database structure and interaction
has been modified for ironic-inspector.

Co-Authored-By: aarefiev <aarefiev@mirantis.com>
Story: 2009727
Task: 44132
Change-Id: Ic88eb9dec5fddc924a72d9a23c17a304954ebf46
2022-12-15 09:28:55 -08:00
Zuul d83454c3d0 Merge "Remove unicode literal from code" 2022-10-27 18:53:21 +00:00
LiZekun fe2abe1130 Remove unicode literal from code
All strings are considered as unicode literal string from Python 3.

This patch drops the explicit unicode literal (u'...')
appearances from the unicode strings.

Change-Id: I662c72686a7e0404da62fb677c666885ff5ac65a
2022-10-27 11:31:43 -07:00
OpenStack Proposal Bot d364e9dc30 Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: Id1a044df75cfbc046a675988e8d1f00da78b928a
2022-10-12 03:16:15 +00:00
Pierre Riteau 3a249b60ba Add missing space to configuration help message
Change-Id: I9ffe108354515f2c80ee57cdeceeae9e5fa2d8b8
2022-10-04 18:22:44 +02:00
Zuul 383f616264 Merge "Introduce skip list to inspector" 2022-09-20 18:12:11 +00:00
Jakub Jelinek 5ab429d528 Introduce skip list to inspector
Follow the same process of root device selection as in IPA
which changed in https://review.opendev.org/c/openstack/ironic-python-agent/+/850861
The change introduces 'skip_block_devices' field into properties which
contains a list of hints pointing to devices that cannot be root devices

Change-Id: I94c8607ef9c610eadf1b5bce4fb154e97939a643
2022-09-20 11:18:36 +01:00
Zuul a2204eaea4 Merge "Ignore connection errors when getting ironic ports" 2022-09-20 02:32:00 +00:00
Dmitry Tantsur 493cee3531 Fix compatibility with oslo.db 12.1.0
oslo.db 12.1.0 has changed the default value for the 'autocommit'
parameter of 'LegacyEngineFacade' from 'True' to 'False'. This is a
necessary step to ensure compatibility with SQLAlchemy 2.0. However, we
are currently relying on the autocommit behavior and need changes to
explicitly manage sessions. Until that happens, we need to override the
default.

Change-Id: Ia6d512ff2ae417bab938cb095fbb0884d195010a
Co-authored-by: Stephen Finucane <stephenfin@redhat.com>
2022-09-08 15:04:56 +01:00
OpenStack Proposal Bot 7e0e411701 Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: I5954fbfd220287784a83779fa0382bc56edd12a8
2022-09-06 04:20:00 +00:00
Dmitry Tantsur 8467209ec1 Remove the incorrect hack for Werkzeug 2.2.0
What hit us was a regression in 2.2.0. The hack we landed only fixes one
URL (e.g. /v1/rules/ is still broken) and leaves some redundant code in place
around path handling. Werkzeug 2.2.1 fixes our problems.

Reverts commit 97f4e98d0b.

Story: #2010193
Task: #45904
Depends-On: https://review.opendev.org/c/openstack/requirements/+/851500
Change-Id: Ice7e9499fbb2585d353ece7c5fa30e425e92d362
2022-07-29 11:42:26 +02:00
Julia Kreger 97f4e98d0b Fix Werkzeug 2.2.0 compatability
Werkzeug 2.2.0 included a major rewrite[0] of the rule matching logic
which was to improve performance. Unfortunately it necessitates a
few minor changes to our logic.

This is sort of similar to the sushy-tools[1] change, except in this
case ironic-inspector utilizes it's own internal decorator to register
URLs. In this case, we needed to make it a little smarter to handle
the possible version path interaction.

[0]: https://github.com/pallets/werkzeug/pull/2433/files
[1]: https://review.opendev.org/c/openstack/sushy-tools/+/851162

Change-Id: Ia0f7ec9b4ce01967c06b64dc29e25c2e43e8a8b9
Story: 2010190
Task: 45892
2022-07-27 08:53:29 -07:00
Pavlo Shchelokovskyy d14cd501d7 Ignore connection errors when getting ironic ports
as a followup to I24b08612c4ffc6aca60ca08f3ff5cc769c7c041d,
this solves the case when connectivity between inspector and ironic is
broken, which can lead to the same FSM being stuck in uninitialized mode
it can't get out of w/o restart.

Change-Id: Ie238a2fca7cc5ef4961c0cb0e639ffbbe69556f7
Story: #2008971
Task: #42611
2022-07-15 15:24:42 +00:00
fallen 9ae1d90ff1 Removed blacklisted to blocked
updated to remove inflammatory jargon

Change-Id: Ie94e5f2ce2c43bbfb96062c786da49b046b7d2fd
2022-06-15 12:40:39 +02:00
OpenStack Proposal Bot 3aabc34493 Imported Translations from Zanata
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html

Change-Id: Iee21a71791c4e083033ad304d4348f36c8dbca7f
2022-05-26 03:15:28 +00:00
Dmitry Tantsur 3ebfdf05e1 Support listening on a Unix socket
When using nginx to terminate TLS (like it's done in Bifrost), it's more
secure to use a Unix socket for communication, so that local users
cannot access plain text communication.

Change-Id: I37b762cca035b5855deb92635c29e8eb97a87c20
2022-02-01 10:30:11 +01:00
Julia Kreger 55e47c630b Return a content-length on HTTP204 to prevent client failures
It turns out that eventlet has been injecting a
``Transfer-Encoding`` header as of recent into WSGI application
response headers. The result of this ultimately depends on how
the HTTP client which is passing the request to the server is
written to handle data.

Apache, for example, will return that an invalid response was
received. In part because it sees the request end, with an HTTP
204 response code, but also an encoding indicating there is
a multipart body encoding inbound. Which is confusing.

Other C based HTTP clients can have any number of reactions up to
and including disconnecting sessions. Curl, depending on the
headers present either returns success but notes body weirdness
or actually returns return code 18.

Python-Requests kind of has it a little worse, and we see this
with clients. With it, it tries to prepare a respones content
body based upon the presence of the header indicating there is
a body. But it blows up thinking there is more data to read on
the socket when there is not more data to read.

Regardless, all of this is an RFC7230 violation.

Neither Content-Length nor Transfer-Encoding should be on an HTTP
204 response. However, Content-Length is the lesser evil, and we
have a similar endpoing in Ironic which *does* explicitly get
returned with a zero length content-length, and does not
demonstrate such issues.

As such, in the interest of the lesser evils until Eventlet's evil
ways of header injection are remedied, we're explicitly going to
force a Content-Length header to be sent indicating a zero length
response.

For more information, please see: https://github.com/eventlet/eventlet/issues/746

Change-Id: I014cc65c79222f4d4d7c2b6ff11a76e56659340c
2022-01-13 11:55:42 -08:00
Zuul e3f58e4567 Merge "Add support for state selector in the list introspection" 2021-12-08 15:31:15 +00:00
Tadeas Kot ff93c7799f Add support for state selector in the list introspection
This commit add support for state selector to the list introspection.

* ``GET /v1/introspection?state=[starting, waiting, processing,
                                 finished, error, reapplying,
				 enrolling]``

Story: 1625183
Task: 11350
Change-Id: I2c5222110487a08a4e7b1efbcbc5dc3d552fae3e
2021-09-27 14:03:58 +02:00
Zuul 5ff2d13975 Merge "Add optional healthcheck middleware" 2021-09-15 14:57:09 +00:00
Zuul fd539c2345 Merge "Update parameters for authtoken middleware" 2021-09-14 15:05:28 +00:00
Iury Gregory Melo Ferreira 4bc75327aa Fix sqlalchemy
Inplicit execution was deprecated in SQLAlhcemy, version 1.4 doesn't
support and we need to convert to explicit[1]

[1] https://docs.sqlalchemy.org/en/14/changelog/migration_20.html#implicit-and-connectionless-execution-bound-metadata-removed

Change-Id: I4a780567fb92c32cf55c54e2e134df9456e36165
2021-09-14 11:30:48 +02:00
Takashi Kajinami d7400b5dc4 Add optional healthcheck middleware
This change allows uses to enable the healthcheck middleware from
oslo.middleware in API pipeline, by setting the [healthcheck]/enabled
option. This middleware provides an API endpoint at /healthcheck path
which allows load balancers or monitoring applications to determine
a service is up using HTTP requests.

This change basically follows the same change merged in ironic[1] repo.

[1] 6f439414bdcef9fc02f844f475ec798d48d42558

Change-Id: Ic2ee2bca74ea2a5a0723ef54b10c531f77ea7b8d
2021-09-12 22:51:38 +09:00
Takashi Kajinami 6e72471a41 Update parameters for authtoken middleware
... to avoid warnings from the middleware about deprecated parameters.
Currently parameters of each auth plugin are not loaded in unit tests
so user credentials are not updated but just removed.

Change-Id: I6e420dac51ac8cf92eadb1c3a3d4716a96c22001
2021-08-21 02:39:06 +09:00
Zuul 00c2e99b5a Merge "Handle NodeLocked failures" 2021-08-11 00:58:32 +00:00
Julia Kreger 7f6c4c4378 Handle NodeLocked failures
Some actions can fail due to the node being locked as part of
normal operations. This was previously handled silently by
python-ironicclient, but when inspector was changed to use
openstacksdk, this was no longer handled.

Adds the retry wrapper around critical path methods involving
power/reboot ops and node updates which require locks.

Change-Id: I3d26cf46da02b3e8f3f773c0aeaed6843e0f26e5
Story: 2009107
Task: 42966
2021-08-10 21:15:53 +00:00
Zuul 21105e9dc5 Merge "Do not reset FSM when ironic ports cant be queried" 2021-07-30 14:28:11 +00:00
Riccardo Pittau 9cfd98e577 Increase version of hacking and pycodestyle
Fix errors in unit tests

Change-Id: Ibc8648b64887daac6fb5ec8a6dd61d9312a52ef3
2021-07-29 11:19:36 +02:00