Sync charm-helpers for Victoria/Groovy updates

This sync picks up the release and version details for Victoria/Groovy.

Change-Id: Ibc9d1d62cbd57c46ef09b566856b5d2efb2f8afc

charmhelpers/contrib/charmsupport/nrpe.py

@@ -18,14 +18,14 @@
 # Authors:
 #  Matthew Wedgwood <matthew.wedgwood@canonical.com>
 
-import subprocess
-import pwd
+import glob
 import grp
 import os
-import glob
-import shutil
+import pwd
 import re
 import shlex
+import shutil
+import subprocess
 import yaml
 
 from charmhelpers.core.hookenv import (
@@ -265,6 +265,11 @@ class NRPE(object):
                 relation_set(relation_id=rid, relation_settings={'primary': self.primary})
         self.remove_check_queue = set()
 
+    @classmethod
+    def does_nrpe_conf_dir_exist(cls):
+        """Return True if th nrpe_confdif directory exists."""
+        return os.path.isdir(cls.nrpe_confdir)
+
     def add_check(self, *args, **kwargs):
         shortname = None
         if kwargs.get('shortname') is None:
@@ -310,6 +315,12 @@ class NRPE(object):
 
         nrpe_monitors = {}
         monitors = {"monitors": {"remote": {"nrpe": nrpe_monitors}}}
+
+        # check that the charm can write to the conf dir.  If not, then nagios
+        # probably isn't installed, and we can defer.
+        if not self.does_nrpe_conf_dir_exist():
+            return
+
         for nrpecheck in self.checks:
             nrpecheck.write(self.nagios_context, self.hostname,
                             self.nagios_servicegroups)

charmhelpers/contrib/openstack/amulet/deployment.py

@@ -300,6 +300,8 @@ class OpenStackAmuletDeployment(AmuletDeployment):
             ('disco', None): self.disco_stein,
             ('eoan', None): self.eoan_train,
             ('focal', None): self.focal_ussuri,
+            ('focal', 'cloud:focal-victoria'): self.focal_victoria,
+            ('groovy', None): self.groovy_victoria,
         }
         return releases[(self.series, self.openstack)]
 
@@ -319,6 +321,7 @@ class OpenStackAmuletDeployment(AmuletDeployment):
             ('disco', 'stein'),
             ('eoan', 'train'),
             ('focal', 'ussuri'),
+            ('groovy', 'victoria'),
         ])
         if self.openstack:
             os_origin = self.openstack.split(':')[1]

charmhelpers/contrib/openstack/amulet/utils.py

@@ -63,6 +63,7 @@ OPENSTACK_RELEASES_PAIRS = [
     'bionic_stein', 'disco_stein',
     'bionic_train', 'eoan_train',
     'bionic_ussuri', 'focal_ussuri',
+    'focal_victoria', 'groovy_victoria',
 ]
 
 

charmhelpers/contrib/openstack/context.py

@@ -721,6 +721,12 @@ class AMQPContext(OSContextGenerator):
                 rabbitmq_hosts = []
                 for unit in related_units(rid):
                     host = relation_get('private-address', rid=rid, unit=unit)
+                    if not relation_get('password', rid=rid, unit=unit):
+                        log(
+                            ("Skipping {} password not sent which indicates "
+                             "unit is not ready.".format(host)),
+                            level=DEBUG)
+                        continue
                     host = format_ipv6_addr(host) or host
                     rabbitmq_hosts.append(host)
 
@@ -2714,6 +2720,19 @@ class BridgePortInterfaceMap(object):
             self._ifname_mac_map[ifname] = [mac]
             self._mac_ifname_map[mac] = ifname
 
+            # check if interface is part of a linux bond
+            _bond_name = get_bond_master(ifname)
+            if _bond_name and _bond_name != ifname:
+                log('Add linux bond "{}" to map for physical interface "{}" '
+                    'with mac "{}".'.format(_bond_name, ifname, mac),
+                    level=DEBUG)
+                # for bonds we want to be able to get a list of the mac
+                # addresses for the physical interfaces the bond is made up of.
+                if self._ifname_mac_map.get(_bond_name):
+                    self._ifname_mac_map[_bond_name].append(mac)
+                else:
+                    self._ifname_mac_map[_bond_name] = [mac]
+
         # In light of the pre-deprecation notice in the docstring of this
         # class we will expose the ability to configure OVS bonds as a
         # DPDK-only feature, but generally use the data structures internally.
@@ -2779,6 +2798,17 @@ class BridgePortInterfaceMap(object):
                 self.add_interface(
                     bridge, portname, ifname, iftype, pci_address, global_mtu)
 
+            if not macs:
+                # We have not mapped the interface and it is probably some sort
+                # of virtual interface. Our user have put it in the config with
+                # a purpose so let's carry out their wish. LP: #1884743
+                log('Add unmapped interface from config: name "{}" bridge "{}"'
+                    .format(ifname, bridge),
+                    level=DEBUG)
+                self.add_interface(
+                    bridge, ifname, ifname, self.interface_type.system, None,
+                    global_mtu)
+
     def __getitem__(self, key):
         """Provide a Dict-like interface, get value of item.
 

charmhelpers/contrib/openstack/templates/openstack_https_frontend

@@ -6,8 +6,14 @@ Listen {{ ext_port }}
 <VirtualHost {{ address }}:{{ ext }}>
     ServerName {{ endpoint }}
     SSLEngine on
-    SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
-    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
+
+    # This section is based on Mozilla's recommendation
+    # as the "intermediate" profile as of July 7th, 2020.
+    # https://wiki.mozilla.org/Security/Server_Side_TLS
+    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
+    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+    SSLHonorCipherOrder off
+
     SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert_{{ endpoint }}
     # See LP 1484489 - this is to support <= 2.4.7 and >= 2.4.8
     SSLCertificateChainFile /etc/apache2/ssl/{{ namespace }}/cert_{{ endpoint }}

charmhelpers/contrib/openstack/templates/openstack_https_frontend.conf

@@ -6,8 +6,14 @@ Listen {{ ext_port }}
 <VirtualHost {{ address }}:{{ ext }}>
     ServerName {{ endpoint }}
     SSLEngine on
-    SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
-    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
+
+    # This section is based on Mozilla's recommendation
+    # as the "intermediate" profile as of July 7th, 2020.
+    # https://wiki.mozilla.org/Security/Server_Side_TLS
+    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
+    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+    SSLHonorCipherOrder off
+
     SSLCertificateFile /etc/apache2/ssl/{{ namespace }}/cert_{{ endpoint }}
     # See LP 1484489 - this is to support <= 2.4.7 and >= 2.4.8
     SSLCertificateChainFile /etc/apache2/ssl/{{ namespace }}/cert_{{ endpoint }}

charmhelpers/contrib/openstack/utils.py

@@ -143,6 +143,7 @@ OPENSTACK_RELEASES = (
     'stein',
     'train',
     'ussuri',
+    'victoria',
 )
 
 UBUNTU_OPENSTACK_RELEASE = OrderedDict([
@@ -164,6 +165,7 @@ UBUNTU_OPENSTACK_RELEASE = OrderedDict([
     ('disco', 'stein'),
     ('eoan', 'train'),
     ('focal', 'ussuri'),
+    ('groovy', 'victoria'),
 ])
 
 
@@ -186,6 +188,7 @@ OPENSTACK_CODENAMES = OrderedDict([
     ('2019.1', 'stein'),
     ('2019.2', 'train'),
     ('2020.1', 'ussuri'),
+    ('2020.2', 'victoria'),
 ])
 
 # The ugly duckling - must list releases oldest to newest
@@ -226,6 +229,8 @@ SWIFT_CODENAMES = OrderedDict([
         ['2.22.0', '2.23.0']),
     ('ussuri',
         ['2.24.0', '2.25.0']),
+    ('victoria',
+        ['2.25.0']),
 ])
 
 # >= Liberty version->codename mapping
@@ -241,6 +246,7 @@ PACKAGE_CODENAMES = {
         ('19', 'stein'),
         ('20', 'train'),
         ('21', 'ussuri'),
+        ('22', 'victoria'),
     ]),
     'neutron-common': OrderedDict([
         ('7', 'liberty'),
@@ -253,6 +259,7 @@ PACKAGE_CODENAMES = {
         ('14', 'stein'),
         ('15', 'train'),
         ('16', 'ussuri'),
+        ('17', 'victoria'),
     ]),
     'cinder-common': OrderedDict([
         ('7', 'liberty'),
@@ -265,6 +272,7 @@ PACKAGE_CODENAMES = {
         ('14', 'stein'),
         ('15', 'train'),
         ('16', 'ussuri'),
+        ('17', 'victoria'),
     ]),
     'keystone': OrderedDict([
         ('8', 'liberty'),
@@ -277,6 +285,7 @@ PACKAGE_CODENAMES = {
         ('15', 'stein'),
         ('16', 'train'),
         ('17', 'ussuri'),
+        ('18', 'victoria'),
     ]),
     'horizon-common': OrderedDict([
         ('8', 'liberty'),
@@ -289,6 +298,7 @@ PACKAGE_CODENAMES = {
         ('15', 'stein'),
         ('16', 'train'),
         ('18', 'ussuri'),
+        ('19', 'victoria'),
     ]),
     'ceilometer-common': OrderedDict([
         ('5', 'liberty'),
@@ -301,6 +311,7 @@ PACKAGE_CODENAMES = {
         ('12', 'stein'),
         ('13', 'train'),
         ('14', 'ussuri'),
+        ('15', 'victoria'),
     ]),
     'heat-common': OrderedDict([
         ('5', 'liberty'),
@@ -313,6 +324,7 @@ PACKAGE_CODENAMES = {
         ('12', 'stein'),
         ('13', 'train'),
         ('14', 'ussuri'),
+        ('15', 'victoria'),
     ]),
     'glance-common': OrderedDict([
         ('11', 'liberty'),
@@ -325,6 +337,7 @@ PACKAGE_CODENAMES = {
         ('18', 'stein'),
         ('19', 'train'),
         ('20', 'ussuri'),
+        ('21', 'victoria'),
     ]),
     'openstack-dashboard': OrderedDict([
         ('8', 'liberty'),
@@ -337,6 +350,7 @@ PACKAGE_CODENAMES = {
         ('15', 'stein'),
         ('16', 'train'),
         ('18', 'ussuri'),
+        ('19', 'victoria'),
     ]),
 }
 

charmhelpers/contrib/peerstorage/__init__.py

@@ -248,7 +248,7 @@ def peer_store_and_set(relation_id=None, peer_relation_name='cluster',
     @param relation_id: the id of the relation to store the data on. Defaults
                         to the current relation.
     @param peer_store_fatal: Set to True, the function will raise an exception
-                             should the peer sotrage not be avialable."""
+                             should the peer storage not be available."""
 
     relation_settings = relation_settings if relation_settings else {}
     relation_set(relation_id=relation_id,

charmhelpers/core/hookenv.py

@@ -372,8 +372,10 @@ class Config(dict):
             try:
                 self._prev_dict = json.load(f)
             except ValueError as e:
-                log('Unable to parse previous config data - {}'.format(str(e)),
-                    level=ERROR)
+                log('Found but was unable to parse previous config data, '
+                    'ignoring which will report all values as changed - {}'
+                    .format(str(e)), level=ERROR)
+                return
         for k, v in copy.deepcopy(self._prev_dict).items():
             if k not in self:
                 self[k] = v

charmhelpers/fetch/ubuntu.py

@@ -190,6 +190,14 @@ CLOUD_ARCHIVE_POCKETS = {
     'ussuri/proposed': 'bionic-proposed/ussuri',
     'bionic-ussuri/proposed': 'bionic-proposed/ussuri',
     'bionic-proposed/ussuri': 'bionic-proposed/ussuri',
+    # Victoria
+    'victoria': 'focal-updates/victoria',
+    'focal-victoria': 'focal-updates/victoria',
+    'focal-victoria/updates': 'focal-updates/victoria',
+    'focal-updates/victoria': 'focal-updates/victoria',
+    'victoria/proposed': 'focal-proposed/victoria',
+    'focal-victoria/proposed': 'focal-proposed/victoria',
+    'focal-proposed/victoria': 'focal-proposed/victoria',
 }