This is the first in a series of commits to add support for codespell. This is continuning the process completed in ironic-python-agent.
Future Commits will add a Tox Target, CI support and potentially a git-blame-ignore-revs file if their are lots of spelling mistakes that could clutter git blame.
Change-Id: Icb4e66359c3e79618c916b35793ea7b5f79b030d
This change fixes inspector so a project scoped service role user
can connect to inspector, and a project scoped admin user can also
access inspector as the OpenStack community pivoted it's RBAC
direction after the original RBAC work was done, and inspector
was sort of forgotten about.
Closes-Bug: #2049098
Change-Id: Ide9420843a680b09d682062a99b2c88c0fcf5228
Add file to the reno documentation build to show release notes for
stable/2023.2.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.2.
Sem-Ver: feature
Change-Id: Ice4a0d1b8e17d12f5b31aa0bcf4f0f8d76596510
Since ironic-inspector is pending deprecation and does not see a lot of
changes, simply disable the jobs that do not pass. A release note is
issued about the status of the project.
Also: Re-adjust the memory footprint of the VMs since we use
tinycore linux on this job, *and* we were previously introsepcting
4 VMs at 1GB each. The count has been changed to two.
Change-Id: I11d10a9f83552b5875812fa65d87cc5c72081537
If redfish_address is in brackets, unwrap it
and check that it is a valid IPv6 address.
If that is the case use the unwrapped address
to avoid "Name or service not known".
Closes-Bug: #2036455
Change-Id: I0d194091be22e8401d379b7ffa720f8004cca3d0
Add file to the reno documentation build to show release notes for
stable/2023.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.1.
Sem-Ver: feature
Change-Id: I4e7efcbb18a2e44508ca7ca74250c9a17a3be4b6
Reno was assuming all tags ending in -eol represented an old, EOL'd
stable branch. That's not true for Ironic projects which have bugfix
branches. Update the regexp to exclude those branches.
Co-Authored-By: Adam McArthur <adam@mcaq.me>
Change-Id: I2f8c80bd2aac2d00616ac2a2789a7da303d29656
Primarily remove the workaround added in
Ia6d512ff2ae417bab938cb095fbb0884d195010a which added
continued use of autocommit, which is incompatible with
SQLAlchemy 2.0.
Also set the environment for unit tests to report compatability
warnings, although it appears none are being reported at this time.
Also cuts out the db upgrade cruft to only use the online database
migration code through oslo_db's enginefacade, which has the smarts
to handle online or offline migrations.
And then, retools unit/functional test data storage to utlize sqlite,
and in that re-tooled the queries to prevent locking conditions
which could exist with queries, and some additional refactoring/cleanup.
Also, don't mock and test time.sleep().
Additionally, it looks like we have discovered the root cause of the
memory/connection leakage issue which has been observed, due to the
way lists of nodes are processed/returned.
This change was based upon the work in
I506da42a9891a245831f325e34bec92e0a3f33f0 which is included in
this commit as the entire database structure and interaction
has been modified for ironic-inspector.
Co-Authored-By: aarefiev <aarefiev@mirantis.com>
Story: 2009727
Task: 44132
Change-Id: Ic88eb9dec5fddc924a72d9a23c17a304954ebf46
Add file to the reno documentation build to show release notes for
stable/zed.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.
Sem-Ver: feature
Change-Id: Id87e98c6a0052c45b78eebeedd6c3fdca6890a61
Follow the same process of root device selection as in IPA
which changed in https://review.opendev.org/c/openstack/ironic-python-agent/+/850861
The change introduces 'skip_block_devices' field into properties which
contains a list of hints pointing to devices that cannot be root devices
Change-Id: I94c8607ef9c610eadf1b5bce4fb154e97939a643
Add file to the reno documentation build to show release notes for
stable/yoga.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/yoga.
Sem-Ver: feature
Change-Id: I47205257b06c7cf59678989223517c66dafb1a8e
When using nginx to terminate TLS (like it's done in Bifrost), it's more
secure to use a Unix socket for communication, so that local users
cannot access plain text communication.
Change-Id: I37b762cca035b5855deb92635c29e8eb97a87c20
The systemd service named openstack-ironic-inspector-dnsmasq is a name
which was only ever used by TripleO and hasn't been used since before
Train when the services were containerized and the dnsmasq process
management was no longer handled by inspector at all.
This change removes this rootwrap rule as unused for some years. Any
configuration tool which is setting
[dnsmasq_pxe_filter]dnsmasq_start_command also needs to be writing an
appropriate rootwrap.d file, as the inspector devstack plugin does.
Change-Id: I38974faa8897daabf88ff63402d42a3ef93e675c
It turns out that eventlet has been injecting a
``Transfer-Encoding`` header as of recent into WSGI application
response headers. The result of this ultimately depends on how
the HTTP client which is passing the request to the server is
written to handle data.
Apache, for example, will return that an invalid response was
received. In part because it sees the request end, with an HTTP
204 response code, but also an encoding indicating there is
a multipart body encoding inbound. Which is confusing.
Other C based HTTP clients can have any number of reactions up to
and including disconnecting sessions. Curl, depending on the
headers present either returns success but notes body weirdness
or actually returns return code 18.
Python-Requests kind of has it a little worse, and we see this
with clients. With it, it tries to prepare a respones content
body based upon the presence of the header indicating there is
a body. But it blows up thinking there is more data to read on
the socket when there is not more data to read.
Regardless, all of this is an RFC7230 violation.
Neither Content-Length nor Transfer-Encoding should be on an HTTP
204 response. However, Content-Length is the lesser evil, and we
have a similar endpoing in Ironic which *does* explicitly get
returned with a zero length content-length, and does not
demonstrate such issues.
As such, in the interest of the lesser evils until Eventlet's evil
ways of header injection are remedied, we're explicitly going to
force a Content-Length header to be sent indicating a zero length
response.
For more information, please see: https://github.com/eventlet/eventlet/issues/746
Change-Id: I014cc65c79222f4d4d7c2b6ff11a76e56659340c
This commit add support for state selector to the list introspection.
* ``GET /v1/introspection?state=[starting, waiting, processing,
finished, error, reapplying,
enrolling]``
Story: 1625183
Task: 11350
Change-Id: I2c5222110487a08a4e7b1efbcbc5dc3d552fae3e
Add file to the reno documentation build to show release notes for
stable/xena.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/xena.
Sem-Ver: feature
Change-Id: I09dd83c307547b7bfbd638942a4d5b9156337446
This change allows uses to enable the healthcheck middleware from
oslo.middleware in API pipeline, by setting the [healthcheck]/enabled
option. This middleware provides an API endpoint at /healthcheck path
which allows load balancers or monitoring applications to determine
a service is up using HTTP requests.
This change basically follows the same change merged in ironic[1] repo.
[1] 6f439414bdcef9fc02f844f475ec798d48d42558
Change-Id: Ic2ee2bca74ea2a5a0723ef54b10c531f77ea7b8d
Some actions can fail due to the node being locked as part of
normal operations. This was previously handled silently by
python-ironicclient, but when inspector was changed to use
openstacksdk, this was no longer handled.
Adds the retry wrapper around critical path methods involving
power/reboot ops and node updates which require locks.
Change-Id: I3d26cf46da02b3e8f3f773c0aeaed6843e0f26e5
Story: 2009107
Task: 42966
A possibility exists where inspector *can* fail upon inspection if
the database connectivity was lost on a prior action. This is because
the last database transport is potentially bad and fails upon load for
the transaction. The cache can then end up with an "error" state entry,
which upon retrying can fail becasue it is already in error state
Because there really are no guarentees regarding database failures,
the best thing to do is to not trust the prior cache state if it is
in error and to reset it to starting upon new introspection requests.
This prevents operators from *having* to perform process restarts to
force all loads to be from the database unless they manage to have a
multi-inspector cluster and get another inspector node to inspect in
the mean time.
Change-Id: I04ae1d54028862642d043f3a8f3af99405863325
Story: 2008344
Task: 41246
Related: rhbz#1947147
It can cause problems, as if a single sync fails, FSM state will be
reset and not put back to initialized state until inspector restart.
Change-Id: I24b08612c4ffc6aca60ca08f3ff5cc769c7c041d
Story: #2008971
Task: #42611
Add file to the reno documentation build to show release notes for
stable/wallaby.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/wallaby.
Sem-Ver: feature
Change-Id: I68e4788d193e3a0840e708b93a01b70d6709fa09