diff --git a/.zuul.yaml b/.zuul.yaml index 0eed196..23bf5f6 100644 --- a/.zuul.yaml +++ b/.zuul.yaml @@ -1,4 +1,4 @@ - project: templates: - - openstack-python3-ussuri-jobs + - openstack-python3-charm-zed-jobs - openstack-cover-jobs diff --git a/bindep.txt b/bindep.txt new file mode 100644 index 0000000..17575d9 --- /dev/null +++ b/bindep.txt @@ -0,0 +1,4 @@ +libffi-dev [platform:dpkg] +libpq-dev [platform:dpkg] +libxml2-dev [platform:dpkg] +libxslt1-dev [platform:dpkg] diff --git a/charmcraft.yaml b/charmcraft.yaml index b4d5afd..d01d8e7 100644 --- a/charmcraft.yaml +++ b/charmcraft.yaml @@ -2,34 +2,23 @@ type: charm parts: charm: + source: src/ + plugin: reactive + build-snaps: + - charm build-packages: - - tox - - git - - python3-dev - - libffi-dev - - libpq-dev # for the `pg_config` executable - override-build: | - apt-get install ca-certificates -y - tox -e build-reactive - override-stage: | - echo "Copying charm to staging area: $CHARMCRAFT_STAGE" - NAME=$(ls $CHARMCRAFT_PART_BUILD/build/builds) - cp -r $CHARMCRAFT_PART_BUILD/build/builds/$NAME/* $CHARMCRAFT_STAGE/ - override-prime: | - # For some reason, the normal priming chokes on the fact that there's a - # hooks directory. - cp -r $CHARMCRAFT_STAGE/* . + - libpq-dev + build-environment: + - CHARM_INTERFACES_DIR: /root/project/interfaces/ + - CHARM_LAYERS_DIR: /root/project/layers/ bases: - build-on: - name: ubuntu - channel: "20.04" + channel: "22.04" architectures: - amd64 run-on: - - name: ubuntu - channel: "20.04" - architectures: [amd64, s390x, ppc64el, arm64] - name: ubuntu channel: "22.04" architectures: [amd64, s390x, ppc64el, arm64] diff --git a/osci.yaml b/osci.yaml index 5721046..6ee0414 100644 --- a/osci.yaml +++ b/osci.yaml @@ -1,61 +1,48 @@ - project: templates: - - charm-unit-jobs-py38 - charm-unit-jobs-py310 check: jobs: - - focal-mysql8 - - focal-raft - - focal-raft-cluster - - jammy-raft - jammy-mysql8 + - jammy-raft + - kinetic-raft: + voting: false + - kinetic-mysql8: + voting: false vars: needs_charm_build: true charm_build_name: vault build_type: charmcraft + charmcraft_channel: 2.0/stable -- job: - name: focal-mysql8 - parent: func-target - dependencies: - - osci-lint - - tox-py38 - - charm-build - vars: - tox_extra_args: focal-mysql8 -- job: - name: focal-raft - parent: func-target - dependencies: - - osci-lint - - tox-py38 - - charm-build - vars: - tox_extra_args: focal-raft -- job: - name: focal-raft-cluster - parent: func-target - dependencies: - - osci-lint - - tox-py38 - - charm-build - vars: - tox_extra_args: focal-raft-cluster -- job: - name: jammy-raft - parent: func-target - dependencies: - - osci-lint - - tox-py38 - - charm-build - vars: - tox_extra_args: jammy-raft - job: name: jammy-mysql8 parent: func-target dependencies: - - focal-mysql8 + - osci-lint - name: tox-py310 soft: True + - charm-build vars: tox_extra_args: jammy-mysql8 +- job: + name: jammy-raft + parent: func-target + dependencies: + - jammy-mysql8 + vars: + tox_extra_args: jammy-raft +- job: + name: kinetic-mysql8 + parent: func-target + dependencies: + - jammy-mysql8 + vars: + tox_extra_args: kinetic-mysql8 +- job: + name: kinetic-raft + parent: func-target + dependencies: + - jammy-mysql8 + vars: + tox_extra_args: kinetic-raft diff --git a/requirements.txt b/requirements.txt index a68620f..b3dc23f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,16 +8,13 @@ # requirements.txt setuptools<50.0.0 # https://github.com/pypa/setuptools/commit/04e3df22df840c6bb244e9b27bc56750c44b7c85 -# Build requirements -cffi==1.14.6; python_version < '3.6' # cffi 1.15.0 drops support for py35. -charm-tools==2.8.3 +# NOTE: newer versions of cryptography require a Rust compiler to build, +# see +# * https://github.com/openstack-charmers/zaza/issues/421 +# * https://mail.python.org/pipermail/cryptography-dev/2021-January/001003.html +# +cryptography<3.4 + +git+https://github.com/juju/charm-tools.git simplejson - -# Newer versions use keywords that didn't exist in python 3.5 yet (e.g. -# "ModuleNotFoundError") -# NOTE(lourot): This might look like a duplication of test-requirements.txt but -# some tox targets use only test-requirements.txt whereas charm-build uses only -# requirements.txt -importlib-metadata<3.0.0; python_version < '3.6' -importlib-resources<3.0.0; python_version < '3.6' diff --git a/src/metadata.yaml b/src/metadata.yaml index 4dec488..583a2df 100644 --- a/src/metadata.yaml +++ b/src/metadata.yaml @@ -11,11 +11,10 @@ description: | network encryption-as-a-service, or generate AWS IAM/STS credentials, SQL/NoSQL databases, X.509 certificates, SSH credentials, and more. -series: -- focal -- jammy tags: - security +series: +- jammy extra-bindings: access: external: diff --git a/src/tests/bundles/jammy-raft-cluster.yaml b/src/tests/bundles/jammy-raft-cluster.yaml new file mode 100644 index 0000000..06395e0 --- /dev/null +++ b/src/tests/bundles/jammy-raft-cluster.yaml @@ -0,0 +1,102 @@ +variables: + openstack-origin: &openstack-origin distro + +local_overlay_enabled: False + +series: jammy + +comment: +- 'machines section to decide order of deployment. database sooner = faster' +machines: + '0': + constraints: mem=3072M + '1': + constraints: mem=3072M + '2': + constraints: mem=3072M + '3': + '4': + '5': + '6': + '7': + '8': + '9': + '10': + '11': + '12': + +applications: + + keystone-mysql-router: + charm: ch:mysql-router + channel: latest/edge + + mysql-innodb-cluster: + charm: ch:mysql-innodb-cluster + num_units: 3 + options: + source: *openstack-origin + to: + - '0' + - '1' + - '2' + channel: latest/edge + + vault: + num_units: 3 + charm: ../../../vault.charm + to: + - '3' + - '11' + - '12' + + keystone: + charm: ch:keystone + num_units: 1 + options: + admin-password: openstack + openstack-origin: *openstack-origin + to: + - '4' + channel: latest/edge + + ceph-mon: + charm: ch:ceph-mon + num_units: 3 + options: + source: *openstack-origin + to: + - '5' + - '6' + - '7' + channel: latest/edge + + ceph-osd: + charm: ch:ceph-osd + num_units: 3 + options: + osd-encrypt: true + osd-encrypt-keymanager: vault + source: *openstack-origin + storage: + osd-devices: 10G,2 + to: + - '8' + - '9' + - '10' + channel: latest/edge + +relations: + - - 'keystone:shared-db' + - 'keystone-mysql-router:shared-db' + - - 'keystone-mysql-router:db-router' + - 'mysql-innodb-cluster:db-router' + + - - 'vault:certificates' + - 'keystone:certificates' + + - - 'vault:secrets' + - 'ceph-osd:secrets-storage' + + - - 'ceph-mon:osd' + - 'ceph-osd:mon' diff --git a/src/tests/bundles/focal-mysql8.yaml b/src/tests/bundles/kinetic-mysql8.yaml similarity index 99% rename from src/tests/bundles/focal-mysql8.yaml rename to src/tests/bundles/kinetic-mysql8.yaml index 5a078ed..f37ddbd 100644 --- a/src/tests/bundles/focal-mysql8.yaml +++ b/src/tests/bundles/kinetic-mysql8.yaml @@ -3,7 +3,7 @@ variables: local_overlay_enabled: False -series: focal +series: kinetic comment: - 'machines section to decide order of deployment. database sooner = faster' diff --git a/src/tests/bundles/kinetic-raft-cluster.yaml b/src/tests/bundles/kinetic-raft-cluster.yaml new file mode 100644 index 0000000..e6aa50f --- /dev/null +++ b/src/tests/bundles/kinetic-raft-cluster.yaml @@ -0,0 +1,102 @@ +variables: + openstack-origin: &openstack-origin distro + +local_overlay_enabled: False + +series: kinetic + +comment: +- 'machines section to decide order of deployment. database sooner = faster' +machines: + '0': + constraints: mem=3072M + '1': + constraints: mem=3072M + '2': + constraints: mem=3072M + '3': + '4': + '5': + '6': + '7': + '8': + '9': + '10': + '11': + '12': + +applications: + + keystone-mysql-router: + charm: ch:mysql-router + channel: latest/edge + + mysql-innodb-cluster: + charm: ch:mysql-innodb-cluster + num_units: 3 + options: + source: *openstack-origin + to: + - '0' + - '1' + - '2' + channel: latest/edge + + vault: + num_units: 3 + charm: ../../../vault.charm + to: + - '3' + - '11' + - '12' + + keystone: + charm: ch:keystone + num_units: 1 + options: + admin-password: openstack + openstack-origin: *openstack-origin + to: + - '4' + channel: latest/edge + + ceph-mon: + charm: ch:ceph-mon + num_units: 3 + options: + source: *openstack-origin + to: + - '5' + - '6' + - '7' + channel: latest/edge + + ceph-osd: + charm: ch:ceph-osd + num_units: 3 + options: + osd-encrypt: true + osd-encrypt-keymanager: vault + source: *openstack-origin + storage: + osd-devices: 10G,2 + to: + - '8' + - '9' + - '10' + channel: latest/edge + +relations: + - - 'keystone:shared-db' + - 'keystone-mysql-router:shared-db' + - - 'keystone-mysql-router:db-router' + - 'mysql-innodb-cluster:db-router' + + - - 'vault:certificates' + - 'keystone:certificates' + + - - 'vault:secrets' + - 'ceph-osd:secrets-storage' + + - - 'ceph-mon:osd' + - 'ceph-osd:mon' diff --git a/src/tests/bundles/kinetic-raft.yaml b/src/tests/bundles/kinetic-raft.yaml new file mode 100644 index 0000000..e875fdf --- /dev/null +++ b/src/tests/bundles/kinetic-raft.yaml @@ -0,0 +1,98 @@ +variables: + openstack-origin: &openstack-origin distro + +local_overlay_enabled: False + +series: kinetic + +comment: +- 'machines section to decide order of deployment. database sooner = faster' +machines: + '0': + constraints: mem=3072M + '1': + constraints: mem=3072M + '2': + constraints: mem=3072M + '3': + '4': + '5': + '6': + '7': + '8': + '9': + '10': + +applications: + + keystone-mysql-router: + charm: ch:mysql-router + channel: latest/edge + + mysql-innodb-cluster: + charm: ch:mysql-innodb-cluster + num_units: 3 + options: + source: *openstack-origin + to: + - '0' + - '1' + - '2' + channel: latest/edge + + vault: + num_units: 1 + charm: ../../../vault.charm + to: + - '3' + + keystone: + charm: ch:keystone + num_units: 1 + options: + admin-password: openstack + openstack-origin: *openstack-origin + to: + - '4' + channel: latest/edge + + ceph-mon: + charm: ch:ceph-mon + num_units: 3 + options: + source: *openstack-origin + to: + - '5' + - '6' + - '7' + channel: latest/edge + + ceph-osd: + charm: ch:ceph-osd + num_units: 3 + options: + osd-encrypt: true + osd-encrypt-keymanager: vault + source: *openstack-origin + storage: + osd-devices: 10G,2 + to: + - '8' + - '9' + - '10' + channel: latest/edge + +relations: + - - 'keystone:shared-db' + - 'keystone-mysql-router:shared-db' + - - 'keystone-mysql-router:db-router' + - 'mysql-innodb-cluster:db-router' + + - - 'vault:certificates' + - 'keystone:certificates' + + - - 'vault:secrets' + - 'ceph-osd:secrets-storage' + + - - 'ceph-mon:osd' + - 'ceph-osd:mon' diff --git a/src/tests/tests.yaml b/src/tests/tests.yaml index e3f0a97..35336ac 100644 --- a/src/tests/tests.yaml +++ b/src/tests/tests.yaml @@ -4,16 +4,17 @@ configure: - zaza.openstack.charm_tests.vault.setup.basic_setup gate_bundles: -- focal-mysql8 -- focal-raft -- focal-raft-cluster - jammy-raft - -dev_bundles: +- jammy-raft-cluster - jammy-mysql8 +dev_bundles: +- kinetic-raft +- kinetic-raft-cluster +- kinetic-mysql8 + smoke_bundles: -- focal-mysql8 +- jammy-mysql8 target_deploy_status: easyrsa: @@ -41,4 +42,6 @@ tests: tests_options: force_deploy: - - jammy-mysql8 + - kinetic-raft + - kinetic-raft-cluster + - kinetic-mysql8 diff --git a/test-requirements.txt b/test-requirements.txt index b9f4518..a7936e6 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -4,7 +4,6 @@ # https://github.com/openstack-charmers/release-tools # pyparsing<3.0.0 # aodhclient is pinned in zaza and needs pyparsing < 3.0.0, but cffi also needs it, so pin here. -cffi==1.14.6; python_version < '3.6' # cffi 1.15.0 drops support for py35. setuptools<50.0.0 # https://github.com/pypa/setuptools/commit/04e3df22df840c6bb244e9b27bc56750c44b7c85 stestr>=2.2.0 @@ -13,25 +12,10 @@ stestr>=2.2.0 # https://github.com/mtreinish/stestr/issues/145 cliff<3.0.0 -# Dependencies of stestr. Newer versions use keywords that didn't exist in -# python 3.5 yet (e.g. "ModuleNotFoundError") -importlib-metadata<3.0.0; python_version < '3.6' -importlib-resources<3.0.0; python_version < '3.6' - -# Some Zuul nodes sometimes pull newer versions of these dependencies which -# dropped support for python 3.5: -osprofiler<2.7.0;python_version<'3.6' -stevedore<1.31.0;python_version<'3.6' -debtcollector<1.22.0;python_version<'3.6' -oslo.utils<=3.41.0;python_version<'3.6' - requests>=2.18.4 charms.reactive -# Newer mock seems to have some syntax which is newer than python3.5 (e.g. -# f'{something}' -mock>=1.2,<4.0.0; python_version < '3.6' -mock>=1.2; python_version >= '3.6' +mock>=1.2 nose>=1.3.7 coverage>=3.6 @@ -50,5 +34,5 @@ tenacity # vault pbr==5.6.0 # vault cryptography<3.4 # vault, keystone-saml-mellon lxml # keystone-saml-mellon -hvac<0.12.0 # vault, barbican-vault +hvac # vault, barbican-vault psutil # cinder-lvm diff --git a/tox.ini b/tox.ini index 5b6e7a1..bdde110 100644 --- a/tox.ini +++ b/tox.ini @@ -31,10 +31,8 @@ minversion = 3.18.0 setenv = VIRTUAL_ENV={envdir} PYTHONHASHSEED=0 TERM=linux - LAYER_PATH={toxinidir}/layers - INTERFACE_PATH={toxinidir}/interfaces JUJU_REPOSITORY={toxinidir}/build -passenv = http_proxy https_proxy INTERFACE_PATH LAYER_PATH JUJU_REPOSITORY +passenv = no_proxy http_proxy https_proxy JUJU_REPOSITORY install_command = {toxinidir}/pip.sh install {opts} {packages} allowlist_externals = @@ -50,7 +48,7 @@ basepython = python3 deps = -r{toxinidir}/build-requirements.txt commands = charmcraft clean - charmcraft -v build + charmcraft -v pack {toxinidir}/rename.sh [testenv:build-reactive] @@ -68,31 +66,6 @@ basepython = python3 deps = -r{toxinidir}/test-requirements.txt commands = stestr run --slowest {posargs} -[testenv:py35] -basepython = python3.5 -deps = -r{toxinidir}/test-requirements.txt -commands = stestr run --slowest {posargs} - -[testenv:py36] -basepython = python3.6 -deps = -r{toxinidir}/test-requirements.txt -commands = stestr run --slowest {posargs} - -[testenv:py37] -basepython = python3.7 -deps = -r{toxinidir}/test-requirements.txt -commands = stestr run --slowest {posargs} - -[testenv:py38] -basepython = python3.8 -deps = -r{toxinidir}/test-requirements.txt -commands = stestr run --slowest {posargs} - -[testenv:py39] -basepython = python3.9 -deps = -r{toxinidir}/test-requirements.txt -commands = stestr run --slowest {posargs} - [testenv:py310] basepython = python3.10 deps = -r{toxinidir}/test-requirements.txt @@ -101,7 +74,7 @@ commands = stestr run --slowest {posargs} [testenv:pep8] basepython = python3 deps = flake8==3.9.2 - charm-tools==2.8.3 + git+https://github.com/juju/charm-tools.git commands = flake8 {posargs} src unit_tests [testenv:func-target]