Global-requirements removed the cap for jsonschema as we prepare to
raise upper-constraints to allow the newer versions. This now causes
requirement-check job failures since the jsonschema line in
requirements.txt does not match the line in global-requirements.
Change-Id: I070d2327400708f389f13d5d4cd06b3dc5903f8e
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
Eventlet has a known issue when running under Python 3.6 [1]. This was
noticed in another OpenStack repo. As far as I know, we have not hit
this in Cinder. But since many drivers use requests and most are not
running third party CI under 3.6 yet, this is an attempt to avoid
running into an issue with the versions of eventlet that have this
issue.
[1] https://github.com/eventlet/eventlet/issues/371
Change-Id: Ia6139c052091eaee6b49a55f57385e650508a891
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
Due to migration of gate jobs to bionic, several packages were
incompatible with the distro.
This patch bumps the version of incompatible packages to the
lowest compatible version.
Change-Id: I9f0fec25444ed865d56d0d250fb6d840ab5b4095
2.16.0 is from a Queens release -- push things
forward a bit to reduce the odds that we'll
end up with issues related to dependency updates
(such as networkx 2.0) or Python 3.
Change-Id: I2b96530b32d7a32acb653d2b432e1421c12554bf
Increase the minimum version for python-glanceclient so that
Cinder can take advantage of secure hash download verification.
Change-Id: I2c3ccce45f67c6d2dc185475c478360982a98012
Closes-bug: #1818684
I should have done this as part of
I59702c8b84bbcf21d32150ede0a3758d1a456bd6 since older releases don't
have the necessary entrypoint exposed.
Change-Id: Ice7b6dbf46e545c669e9d581fa0dc785e9d18828
When the sample config is generated, the policy_file default value
specified by oslo.policy is showing up, not the default value that
Cinder is using. Correct this by enhancing the function specified
for cinder in the oslo.config.opts.defaults entry point.
This patch exposed Bug #1807184 in oslo.policy. The requirements
and lower-constraints changes on this patch bump the minimum
version of oslo.policy we use to include the fix (1.44.1). This
version was already included in upper-constraints by Change
I50bb9d48106376f5baaafae372492c0744182da2.
Change-Id: Ic28d660a9d876139f47f98cf1024a30b005cd0e0
Closes-bug: #1807071
The actual target of openstack-tox-lower-constraints is using the lower
version package to run unit test.
But in current Cinder CI,there was a hard code to specify the
upper-constraints.txt, that means we install the package in
upper-constraints.txt, but the lower-constraints.txt doesn't work well.
This patch try to fix this error, move the hard code to 'deps'.
We also refresh the lower-constraints.txt and requirements.txt to make
CI works well:
1. Add libxml2-dev, libxslt-devel, libxslt1-dev to bindep.txt to make
lxml can be built successfully, like what we do in other project. [0]
2. Upgrade oslo.messaging to 6.4.0 to avoid "ACCESS_REFUSED
- Login was refused using authentication mechanism AMQPLAIN." error.
3. Upgrade oslo.utils to 3.34.0 to add a new method escape_ipv6 [1] to
oslo_utils.netutils, which is needed by [2].
4. Upgrade keystoneauth1 to 3.7.0 to fix "no such option split_loggers
in group [service_user]" [3]
[0] https://github.com/openstack/nova/blob/bb3ded3/bindep.txt#L17-L19
[1] https://review.openstack.org/#/c/495166/
[2] https://github.com/openstack/cinder/blob/fe421fe/cinder/volume/drivers/netapp/utils.py#L172
[3] https://review.openstack.org/#/c/578008/
Change-Id: Ide84d49c283c0ad179a5cfdb0392d34ee73d97ea
Closes-bug: #1801239
simplejson was mainly needed before the json standard library supported
everything we need. This was when we supported Python versions earlier
than 2.7.
The standard library for all Python versions we now support is good
enough and we should clean up unnecessary third party libs.
Change-Id: I866445ffba9633db1de5ba615dcc19450f5d02e7
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
This adds the cinder-status CLI for performing upgrade checks as part of
the Stein cycle upgrade-checkers goal. It only includes a placeholder
for actual checks. Follow up patches will need to be added for anything
we identify as needing specific checking.
Story: 2003657
Task: 26123
Change-Id: I2e532d313d12e60848b17e869882e52ec456929b
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
This was added in the main requirements.txt, but it is not a
requirement for running the service. This moves it to the
docs/requirements.txt file so it is only installed for doc builds.
Change-Id: I37026b9be913ccf157fce711f2d85fc05342e891
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>
Cinder has always used a wiki page as the source of our
support matrix. Unfortunately the wiki gives us no way
to ensure that the information is accurate and makes it
harder to track changes. Moving to using the
sphinx-feature-classification library solves some of these
problems.
* It provides a programatic way to document driver support.
* It allows us to ensure that documentation is updated with
changes.
* It will provide a snapshot of the state of driver support
for a release at the time of release.
This matrix will serve as the truth for Cinder's driver support.
The existing wiki will be kept for historical purposes but I will
make a pointer to this new documentation and indicate that no
changes should be made to the wiki in the future.
Change-Id: I7c1b7fb539a48ec3b79e86c44ffe2d3005aeba25
Newer versions of this library have been out for awhile now
and appear to be working well. This raises the minimum version
for rtslib_fb to a recent version that does not require the
conditional import due to the namespace change from rtslib to
rtslib_fb.
Depends-on: https://review.openstack.org/575530
Change-Id: I10f48833c2a61b7b2c6b300d4f8291a357f7e600
Add image signature verification support when
creating from image.
Change-Id: I37b7a795da18e3ddb18e9f293a9c795e207e7b7e
Partial-Implements: bp cinder-support-image-signing
The built-in xml module has some vulnerabilities to several known
XML attacks. While the chances of this are limited with the way
it is being used by some of the volume drivers, it is still a
security risk that has been identified and has a mostly painless
way to be mitigated with the defusedxml package [1].
There are still some drivers performing XML parsing that are not
covered by this patch. They need closer analysis to see how to
best switch to the defusedxml equivalents.
This patch covers the instances where it was a mostly drop in and
replace from the native xml functionality to the defusedxml
alternatives.
[1] https://github.com/tiran/defusedxml/blob/master/README.md
Change-Id: I083fc23eab6f712264919a250c6fb57cc0f6a11b
Partial-bug: #1732155
This patch adds a base jsonschema framework which will be used
by other subsequent patches for adding jsonschema validation
support for v3 APIs.
This patch follows the Nova-Schema-framework:
https://github.com/openstack/nova/tree/master/nova/api/validation
Depends-On: I4b1140c20c68821eaf0849c9ee551ff9b1c27deb
Partial-Implements: bp json-schema-validation
Co-author: Pooja Jadhav <pooja.jadhav@nttdata.com>
Change-Id: If40029a6ab9b15c292f9297f5bf56aec9621a7d9