Update git submodules
* Update ironic-python-agent from branch 'master' - Merge "Attempt to read the partition table after writing an image" - Add source code link for the project to README Change-Id: Ib8e0c9a41b4b73aaba13b794eaf2134b85bbeff9 - Merge "Update author email address" - Update author email address Change-Id: I7bad0c5799be2cc550efee20507e882ed055cc9a - Merge "Change HTTP links to HTTPS" - Change HTTP links to HTTPS Change-Id: I963c32407c109c840d59f4dcf945f2fc78e096f2 - Update http link to https Change-Id: I5cf2627d999d4f3cf7bc2367f4d9cfddf6391146 - Merge "add coverage job" - Merge "spelling error" - Merge "Update min tox version to 2.0" - Merge "zuul-ify primary IPA jobs" - Merge "Allow erasing metadata from disk partitions" - zuul-ify primary IPA jobs Change-Id: I13312560389f8b1298dd62cedd654fb8f66d3dfe - Update link addresses Change-Id: I52f275917be720b1e48f17876deb10cd4e6d2501 - spelling error Change-Id: I20e5373e6b906f893adbd4ec609c71203766b3d3 - Attempt to read the partition table after writing an image This patch adds code that tries to read the partition table after we've successfully written an image to make sure the image that we wrote has a valid partition table so we can more easily guarantee that what we've written is bootable and not just junk. Without a valid partition table writing a config drive will fail for whole disk images. Co-Authored-By: Dmitry Tantsur <dtantsur@redhat.com> Change-Id: I5cfd8c433a4db3e0d2d5086250e629d16234b7a4 Story: 2001760 Task: 12159 - Allow erasing metadata from disk partitions Modify the metadata erasing call chain to retrieve a list of devices that includes partitions in addition to disks so it can erase metadata from all of them, otherwise incidentally recreating disk partitions causes the Linux kernel to discover and automatically recreate some types of storage entities (eg LVM PVs, VGs, & LVs, RAID members & devices). Change-Id: If8f47a083966051856439e3291a6872929b93e3b Story: #2003673 Task: #26192 - Merge "Update min tox version to 2.0" - Merge "Fix multi-device behavior" - Update min tox version to 2.0 The commands used by constraints need at least tox 2.0. Change-Id: I4813ed34b22895d59db26d15ee5158de8840628a - Update min tox version to 2.0 The commands used by constraints need at least tox 2.0. Update to reflect reality, which should help with local running of constraints targets. Change-Id: I005b46aebeb7f347b6721790723ea6be41a0d67e - add coverage job Insert python coverage job for py-test. Change-Id: I13b9a0710e442abb06af328aad4e769628a383e1 - Merge "Allow streaming raw partition images" - Follow up to parallel disk erasure Improve test to verify apply_async is called twice as expected. Story: 1546949 Task: 11548 Change-Id: I41736dfb2932dd0036bbc4cbc51929bf61a16569 - Merge "Allow using ironic-lib from source when building tinyipa" - Merge "Parallel erase disk devices" - Parallel erase disk devices Currently we erase the disks one by one, which takes a long time to finish, this patch adds support to the IPA so that it can erase disks in parallel if told so. Story: 1546949 Task: 11548 Co-Authored-By: yuan liang <leetpy2@gmail.com> Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com> Change-Id: If5cfb6ec000a654d07103c4b378d4c135249e238 - Merge "Enhanced checksum support" - Fix BMC IP address detection on CoreOS images On CoreOS images, IPA runs in a Debian Jessie chroot which uses mawk as its default awk implementation. However, mawk doesn't support POSIX character classes such as [:space:], which means get_bmc_address() fails to parse the BMC IP address from the output of ipmitool. This patch replaces the use of [[:space:]] by [ \t] which is equivalent for the purpose of parsing the output of ipmitool. Note that matching on tab characters is not strictly required as the packaged version of ipmitool only uses space characters, but is left in case tabs are used in other versions. Change-Id: I0e3306a4d4584ca28e03608e9f7270b770960a39 Story: #2004121 Task: #27571 - Allow streaming raw partition images Currently we support streaming raw whole disk images, but not partition ones. This change enables it. Change-Id: Ie95102aa3f2054a6b429f3d3e0926e90923c5faf Story: #2003809 Task: #26558 - Add missing dependencies to CoreOS IPA docker image The iptables and lshw utilities are both required for IPA: iptables is used when collecting system logs and lshw is used to get the total physical memory and system details. However, they were not installed in the docker image embedded in CoreOS IPA images. Since the docker image is used as a chroot to run IPA, it cannot access binaries available outside in the main CoreOS file system. Change-Id: Ic2188b49e717c62315db6c33b74b2e161436b052 Story: #2004092 Task: #27494 - Raise udevadm settle timeout from 5 to 20 seconds To fix for grenade slow discovery of e1000 network devices. Ironic Inspector grenade job is using e1000 driver since change: I4ec297281380896ffe9004c4de7117586ded7149 In some cases the e1000 devices has not registered yet, and thus the dhcp init script does not find any interfaces to bring up. This causes the grenade job to continue with no networking, and the job finally fail. Make the udev settle timout configurable (default 20 sec) in finalise-tinyipa.sh. Let's hope 20 seconds is enough. If not we now have more logs to identify the issue. Change-Id: I82beecc78afb4b23234d2d5eca4f46f84f20525e - Enhanced checksum support Adds enhanced checksum support to IPA, when os_hash_algo and os_hash_value are passed in via image_info, it will be used to calculate image checksum and verification. In other cases, the old md5 checksum is used. Change-Id: I1d2f33e7059910326b4ac3f7786543b333a93a5a Story: 2003938 Task: 26846 - Merge "Change nic driver to e1000 for CoreOS jobs" - Mark CoreOS check jobs non-voting Due to a higher failure rate, which is largely due to nested virtualization failures with CoreOS where one or more of the CI infrastucture providers do not support nested virtualization, we are marking the CoreOS CI check jobs as non-voting. This is in order to reduce the need to recheck. Change-Id: Id2a5dc766b79ec1131e33f9a49ceca8095c363ef Story: #2003985 Task: #26928 - Allow using ironic-lib from source when building tinyipa This change simplifies development of IPA by allowing to install ironib-lib from a local checkout with modifications. Change-Id: I142c6d389d94141db8bc9e3eeaae50a687bcd7b1 - Change nic driver to e1000 for CoreOS jobs This change was created after observing a number of the CoreOS IPA build/test jobs were exhibiting a high failure rate with the virt-nic. Similar to the issues recently addressed in ironic's grenade job, lets explicitly set the NIC to e1000 as that seems to be more reliable for the CoreOS jobs. Change-Id: I6365fe138d1b1ddc98a49f1a1da0b82d77678599 - Correct headings in README.rst Currently it's titled "Team and repository tags", which is obviously not the project name. Also the top-level title is duplicated twice. Also remove the link to wiki that contains no helpful information. Change-Id: I6c997576f7ffe00fe660ad51213e70369b325e0b - Fix multi-device behavior ATARAID is functionally a version of software RAID where the setup is managed by the controller and the Operating System takes over managing the RAID after boot. Most commonly this is found for mirrored boot devices. Prior to this patch, we were looking for non-dependent items (i.e. base block devices), with a type of disk. Now we will permit the "disk" to be added to the list if lsblk indicates that it is a type containing "raid". The lsblk results should not change as we explicitly look for disk objects. Change-Id: Ia4a03b33cc06ce42e1bc33026683c28b31901cb7 Story: #2003445 Task: #24647 - Merge "add python 3.6 unit test job" - Replace assertEqual(True/False, expr) with assertTrue/assertFalse in tests In some cases, If the result of expr is a boolen value, we shoud use assertTrue/assertFalse to instead. Beacause it is clear and simple. Change-Id: Ie61369f6335a90b09bb24192282d33da5272c13f Story: #2003785 Task: #26490 - Merge "switch documentation job to new PTI" - Merge "import zuul job settings from project-config" - Merge "Clear GPT and MBR headers with dd to avoid sgdisk CRC errors" - add python 3.6 unit test job This is a mechanically generated patch to add a unit test job running under Python 3.6 as part of the python3-first goal. See the python3-first goal document for details: https://governance.openstack.org/tc/goals/stein/python3-first.html Change-Id: I6cdb80e7be5dfe1362628727160d6186f7bafd27 Story: #2002586 Task: #24302 - switch documentation job to new PTI This is a mechanically generated patch to switch the documentation jobs to use the new PTI versions of the jobs as part of the python3-first goal. See the python3-first goal document for details: https://governance.openstack.org/tc/goals/stein/python3-first.html Change-Id: I14605e8455a87998f449fed9815b470bb701745a Story: #2002586 Task: #24302 - import zuul job settings from project-config This is a mechanically generated patch to complete step 1 of moving the zuul job settings out of project-config and into each project repository. Because there will be a separate patch on each branch, the branch specifiers for branch-specific jobs have been removed. Because this patch is generated by a script, there may be some cosmetic changes to the layout of the YAML file(s) as the contents are normalized. See the python3-first goal document for details: https://governance.openstack.org/tc/goals/stein/python3-first.html Change-Id: Icfa5db2a099cb3acb79a39824c48c3e4505758ce Story: #2002586 Task: #24302 - Update reno for stable/rocky Change-Id: I7506753ff1829ca5386d67d751c40b5e022b028d - Clear GPT and MBR headers with dd to avoid sgdisk CRC errors This change adds a dd before the existing sgdisk -Z command to workaround CRC verification errors. Change-Id: Ia1ac4e1c0faf14ad4bb11c2a1c796c93ca8cb5e3 Closes-Bug: #1737556 Story: 1737556 Task: 11496 - Merge "fall back to PARTUUID if UUID not found." - Merge "Collect IPv6 address during introspection" - Merge "Install grub to PReP partition when prep_boot_part_uuid is provided" - fall back to PARTUUID if UUID not found. Change-Id: Icbf1fd8179658bd8bcd15f99aaaee796288dbf6f Story: 2002052 Task: 19714 - Merge "fix uname mock arguments for get-pip.py" - fix uname mock arguments for get-pip.py Change-Id: I36b3c8c7b0dfca41db54490306f47ddbf8eec836 - Collect IPv6 address during introspection This patch adds support to retrieve IPv6 address. A new field ``ipv6_address`` is added to NetworkInterface and store the assigned IPv6 address (if any). Co-Authored-By: Kaifeng Wang <kaifeng.w@gmail.com> Change-Id: Ia527a5aa48e3daf66d2be190e43935b38b3bd6f9 Closes-Bug: #1744064 Story: #1744064 Task: #11604 - Install grub to PReP partition when prep_boot_part_uuid is provided Installs the grub bootloader to the PreP Boot partition when the prep_boot_partition_uuid is provided. This is required when booting a partition image locally on ppc64* systems. This change also passes the cpu_arch along to work_on_disk so that the PReP partition is created when partitioning disks for local boot on ppc64* systems, Change-Id: I70667d43af962b357e6eeccba258f4fa5a91a09e Depends-On: I2bc9f13ec605de7b7b96d96a1a4edebee0af76dc Story: #1749057 Task: #22999 - Remove testrepository This commit is a follow-up of "switch to using stestr" which was merged already [1]. After switch to using stestr, testrepository is unnecessary and should be removed. [1] https://review.openstack.org/578521 Change-Id: Ic4005aa6f4bf5fb52fc207ff1cec666ccef8d0da - Merge "Switch to using stestr" - Merge "Provide knob to disable ata secure erase" - Switch to using stestr According to Openstack summit session [1] stestr is maintained project to which all Openstack projects should migrate. Let's switch it then. [1] https://etherpad.openstack.org/p/YVR-python-pti Also adjust requiremenst to past the gate checks. Change-Id: If7a0ebd9cca26cb67eb2ec9036d0aa2693fdffbf Signed-off-by: Chuck Short <chucks@redhat.com> - Merge "Refuse secure erase if ATA command does not work" - Provide knob to disable ata secure erase We need to allow the operator to able to explicitly disable secure erase, in case it is problematic in their environment or hardware. Change-Id: I4c68efa65cdd7f88f54f8dd9a8bcbeee9e8124a8 Story: #2002546 Task: #22108 - Refuse secure erase if ATA command does not work Adds dependency upon smartmontools's binary smartctl to query the block devices via ATA mode which fails on pass-thru buses such as ATA over SCSI and ATA over USB, in an effort to prevent the initiation of ATA secure erase with one of these interfaces in place which may render the disk unreachable after security options are enabled for ATA Secure Erase or upon the Secure Erase command being sent to the Hard Disk. Change-Id: I7635a197eb000650e919fac386b38ac15ef17041 Story: #2002546 Task: #22109 Depends-On: Ibbfd168844524d91927bdd6e67d973e0bd519bf2 - Reduce CoreOS CPU count to 1 It seems nested virt, while much faster, likes to crash due to what appears to be a SMP issue. So lets try one CPU. Change-Id: Ibbfd168844524d91927bdd6e67d973e0bd519bf2 - Enable Auto VM engine for CoreOS CI jobs The CoreOS ramdisk can take anywhere from 300-500 seconds to startup depending on the size of the image and the underlying hypervisor performance. Given this time window, it is easy to cause the CI job to timeout. Lets let the VM engine be chosen to use KVM if available. Change-Id: Ie4e096ccd71a3667fea34731cd5268b56e3cd2b9 - Merge "Cleanup CI jobs for IPA" - Switch from sourceforge to github for ipmitool Currently CI fails on build ipa image on xenial, because downloading with wget from sourceforce is giving SSL error. Start using the github mirror, that is not having this problem. Additionally added autoconf, autogen, automake, and libtool to the build requirements as the new ipmitool package is based off of repository commit history tags and did not contain a pregenerated configure file. Change-Id: I139679db835b7a87c55f69a4d807ff8ec9099e3a - Cleanup CI jobs for IPA Renamed jobs to more appropriate names, and extended base timouts, as well as the build timeouts for coreos as the image we work with today is a little larger than it was previously. Change-Id: I2884ba795bae689b40826b8c7e2714e3eb5811fb Depends-On: I139679db835b7a87c55f69a4d807ff8ec9099e3a - Merge "Try to unlock failed device before proceeding" - Try to unlock failed device before proceeding When a hard error has occured with secure erase, we should attempt an unlock of the device becuase the current mode can prevent disk IO. This may upset some things like raid controllers even if they are in a pass-through mode. Change-Id: I32e1d962fbbb4a305d5dbebea92ac48ebd9b67ca Story: #2002546 Task: #22107 - fix tox python3 overrides We want to default to running all tox environments under python 3, so set the basepython value in each environment. We do not want to specify a minor version number, because we do not want to have to update the file every time we upgrade python. We do not want to set the override once in testenv, because that breaks the more specific versions used in default environments like py35 and py36. Change-Id: I3c8e5c663a3fd881430f84fc502e46192de77fc7 - Add release notes link to README Add release notes url doc link to README.rst. Change-Id: I12652da892ccb6b43d7686db522b972c4bdc3df7 - Merge "Add min/max values to integer config options" - Add a release note for secure erase changes Change-Id: I6eaa8d8657f153c81ccc7cc2b49cb63a8c1637b3 - Add min/max values to integer config options None of the existing ironic-python-agent integer config options included min or max values. Added appropriate min/max values for the integer config options. Two of the integer options are for ports (listen_port and advertise_port). These were changed to use the more appropriate oslo_config cfg.PortOpt instead of cfg.IntOpt. PortOpt has the proper min and max values built in. Change-Id: I98709a45d099aea62c9973beb6817591cb445a9c Story: 1731950 - Merge "write byte objects when using os.write" - Merge "Fix for fatal error when GPT was used and only MBR was cleaned" - Merge "rework ATA secure erase" - write byte objects when using os.write Change-Id: I184a9d0bf4a0ba0776d519b3a3b9ccd39151b4ae Story: 2002052 Task: 19713 - Fix for fatal error when GPT was used and only MBR was cleaned You can generate this error if after having provisioned a node using GPT partitioning, you clean its MBR using say dd if=/dev/zero bs=1024 count=1 of=/dev/sda and then cleanup all Ironic/Bifrost informations to get it reprovisioned. In this case sgdisk -Z returns an error and last_error field in Ironic contains: Error writing image to device: Writing image to device /dev/sda failed with exit code 2 Caution: invalid main GPT header, but valid backup; regenerating main header\nfrom backup!\n \nInvalid partition data!\ Change-Id: Ib617737fff5e40cb376edda0232e0726d9c71231 - rework ATA secure erase hdparm versions prior to 9.51 interpret the value, NULL, as a password with string value: "NULL". Example output of hdparm with NULL password: [root@localhost ~]# hdparm --user-master u --security-unlock NULL /dev/sda security_password="NULL" /dev/sda: Issuing SECURITY_UNLOCK command, password="NULL", user=user SECURITY_UNLOCK: Input/output error Example output of hdparm with "" as password: [root@localhost ~]# hdparm --user-master u --security-unlock "" /dev/sda security_password="" /dev/sda: Issuing SECURITY_UNLOCK command, password="", user=user Note the values of security_password in the output above. The output was observed on a CentOS 7 system, which ships hdparm 9.43 in the offical repositories. This change attempts to unlock the drive with the empty string if an unlock with NULL was unsucessful. Issuing a security-unlock will cause a state transition from SEC4 (security enabled, locked, not frozen) to SEC5 (security enabled, unlocked, not frozen). In order to check that a password unlock attempt was successful it makes sense to check that the drive is in the unlocked state (a necessary condition for SEC5). Only after all unlock attempts fail, do we consider the drive out of our control. The conditions to check the drive is in the right state have been adjusted to ensure that the drive is in the SEC5 state prior to issuing a secure erase. Previously, on the "recovery from previous fail" path, the security state was asserted to be "not enabled" after an unlock - this could never have been the case. A good overview of the ATA security states can be found here: http://www.admin-magazine.com/Archive/2014/19/Using-the-ATA-security-features-of-modern-hard-disks-and-SSDs Change-Id: Ic24b706a04ff6c08d750b9e3d79eb79eab2952ad Story: 2001762 Task: 12161 Story: 2001763 Task: 12162 - Rescue bug: tinyipa fails to acquire IP in multitenant env It seems the udhcpc script is not executable and no sleeping cause tinyipa fails to acquire IP in multi-tenant env. Story: #2002024 Change-Id: I3a693d75bfa54fe905bd3cd0587bb139934c087c - Merge "Do not run functional (API) tests in the CI" - Merge "Fix gate and bump CoreOS version to latest stable." - Do not run functional (API) tests in the CI These tests exercise Ironic API with the fake driver, thus they provide no coverage for IPA and can be excluded. Change-Id: I02eb41b112f1da413178cbdc5834d2904e9d26e9 - Fix gate and bump CoreOS version to latest stable. Increases the amount of ram for CoreOS IPA to 2GB as the base CoreOS image is now 310MB. Bumped CPU count for CoreOS runs to 2 CPUs as the concurrency helps boot times for the CoreOS ramdisk. Adds netbase, udev, and open-iscsi to debian jessie container as they are no longer present in the default container. Explicitly set path variable for execution in the debian container as udevadm is in /sbin, and we may not have /sbin on the path that is passed through to the chroot. Also fixed new pep8 test failures. Story: #1600228 Task: #16287 Change-Id: I488445dfd261b7bca322a0be7b4d8ca6105750a3 - Gate fix: Cap hacking to avoid gate failure hacking is not capped in g-r and it is in blacklist for requirement as hacking new version can break the gate jobs. Hacking can break gate jobs because of various reasons: - There might be new rule addition in hacking - Some rules becomes default from non-default - Updates in pycodestyle etc That was the main reason it was not added in g-r auto sync also. Most of the project maintained the compatible and cap the hacking version in test-requirements.txt and update to new version when project is ready. Bumping new version might need code fix also on project side depends on what new in that version. If project does not have cap the hacking version then, there is possibility of gate failure whenever new hacking version is released by QA team. Example of such failure in recent release of hacking 1.1.0 - http://lists.openstack.org/pipermail/openstack-dev/2018-May/130282.html Change-Id: I2c84d3368bd6675c28ebba695e0c1afdd2867588
This commit is contained in:
parent
2d33e6e509
commit
ce33b09b34
|
@ -1 +1 @@
|
|||
Subproject commit 2df41a80e3da889ab726a336ffa8b14800e61cda
|
||||
Subproject commit c5f31db691fafb687c3d0e2bcde08b08dc48ab06
|
Loading…
Reference in New Issue