As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also replace policy.json to policy.yaml ref from doc and tests.
CONF object needs to be initialized before policy enforcer(). That
need to remove cfg.CONF.unregister_opts from TestAuthUtils cleanup
as this is taken care by cfg.clear() with proper workflow otherwise
it end up with error
"oslo_config.cfg.ArgsAlreadyParsedError: arguments
already parsed: reset before unregistering options"
- https://b132754ee7062a9ab187-9add4719a9922a9385555a8552fc2366.ssl.cf5.rackcdn.com/768520/5/check/openstack-tox-py38/7964354/testr_results.html
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I1b6c6485bc651fd0b87244a68204036dd4aa37f4
The lower-constraints job is currently broken since the new
release of pip. This patch resolves all of the issues uncovered
by the new version of pip.
We also add new constraints to fix slow installations
due to pip trying to resolve the ideal candidates.
Change-Id: Id2364b046080c50e122f89d0a7b2d914b1bedbfd
As per victoria cycle testing runtime and community goal,
we need to migrate upstream CI/CD to Ubuntu Focal(20.04).
Bump lower constraints to make testing work for Focal.
Change-Id: I1fc6b0c67d767bc698e12f0e79fadd19bb7d0a8d
Story: #2007865
Task: #402198
This repo is now testing only with Python 3, so let's make
a few cleanups:
- Remove obsolete sections from setup.cfg
- Remove babel.cfg, this is not needed here at all
- Update requirements, no need for python_version anymore
- Use newer openstackdocstheme and Sphinx versions
- Remove install_command from tox.ini, the default is fine
- Use TOX_CONSTRAINTS_FILE, UPPER_CONSTRAINTS_FILE is obsolete
Change-Id: Ic40d3fdaac00791fb150c1dc68a35d53ec30043d
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.
Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.
Remove the jsonschema >3.0.0 version.
Co-Authored-By: zhurong <aaronzhu1121@gmail.com>
Change-Id: I34a53bf6b9389af8530f5806841814cc035eae99
This commit adds the functionality of murano-status CLI for performing
upgrade checks as part of the Stein cycle upgrade-checkers goal.
It only includes a sample check which must be replaced by real checks in
future.
Change-Id: If7987cdf5d9a686abbcad5960b8f391f8b9518a3
Story: 2003657
Task: 26143
We will manage the eventlet version using constraints now. See the
thread starting at
http://lists.openstack.org/pipermail/openstack-dev/2018-April/129096.html
for more details.
Fixing the eventlet entry also requires making the lower-constraints
list match the requirements range.
Change-Id: I69a895bfa4f4caa6dff3109375503f7a7bcbd626
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Adds a new yaql function 'decryptData' which pairs with 'encryptData' on
the dashboard side.
Requires a valid secret storage backend (e.g. Barbican) to be configured
via Castellan in murano.conf, e.g.
[key_manager]
auth_type = keystone_password
auth_url = <auth_url>
username = <username>
password = <password>
project_id = <project_id>
user_domain_name = <user_domain_name>
Murano will still work fine without this config but the encrypt/decrypt
functions will be unavailable.
Partially-Implements blueprint: allow-encrypting-of-muranopl-properties
Depends-On: I1be3a1e11e3f4c2170062927ad359bf679eb25d9
Change-Id: I09416b6d35ed2dafa823eca98262a4e23081e6eb