eventlet before 0.32.0 have issues with
dnspython>=2.0.0, eventlet-0.26.1+[1] have
pinned dnspython for this, so let's use that
version instead for lower-constraints.
This should help with timeouts seen in
openstack-tox-lower-constraints job.
[1] https://github.com/eventlet/eventlet/commit/4236143
Change-Id: I09826681cf61eb0ff6c82421e8e85a2044e95a4a
Remove the QoS constants from Neutron code. QoS constants are now
located in ``neutron_lib.services.qos.constants``.
This patch also reverts [1]. This patch was merged in order to
allow a newer neutron-lib release in "requirements". This test
was failing because the element order of the "VALID_RULE_TYPES"
list was different between Neutron and neutron-lib. That was
modifying the "QosRuleType" OVO hash.
[1]https://review.opendev.org/c/openstack/neutron/+/817940
Closes-Bug: #1950977
Related-Bug: #1922237
Change-Id: I31edea3cc0f4a284a773a35302997ca6069efc95
Reduce the object retrieval to one single field to improve the
collection count.
Bumped neutron-lib to 2.16.0. This version contains [1], needed for
this patch.
[1]https://review.opendev.org/c/openstack/neutron-lib/+/807686
Related-Bug: #1942863
Change-Id: I160e8084e97b23a2bacb49ceb40efbac2d0715be
Since SQLAlchemy 1.4, the method "Inspector.from_engine()" is
deprecated.
Error message:
"The from_engine() method on Inspector is deprecated and will be removed
in a future release. Please use the sqlalchemy.inspect() function on an
Engine or Connection in order to acquire an Inspector. (deprecated
since: 1.4)"
Minimum version of SQLAlchemy required is bumped to 1.4.23.
Change-Id: I6cf5944ccb3a0532cbf123ddc0d7df6b6de80af1
Closes-Bug: #1943155
Neutron's lower-constraint job started to fail and
bump of the following packages seems to solve the issue:
* decorator to 4.1.0
* Mako to 1.0.7
Change-Id: I31d20cc0dc1fc0e745e16718e6c7c8dc896da855
Added pagging and sorting support for the extension
"network_ip_availability".
Closes-Bug: #1940518
Change-Id: Ic520ceb060c4a914d72ef66f58eeaa667382c53b
The os-resource-classes lib is the official source of the standard
placement resource classes. Currently, the neutron-lib contains a copy
of those constants. However, they are already marked as deprecated and
are going to be removed with next major release.
Related-Bug: #1934256
Change-Id: I33ecd6f32410f9b7ab1e87a6640201ea157bc383
This is to make sure stateless-security-groups API extension works
for OVN. (The new ovsdbapp version contains support for
allow-stateless ACL verb.)
Change-Id: I812b7e8669bf1ef7b30a3670612d14bc65a93190
That will avoid problems with eventlet 0.31.0 version, as seen during
the requirements upgrade.
Change-Id: I9a6798a6b0438149af8190dc90c70f79735bb01d
Closes-Bug: #1930195
Since pyroute 0.6.2, this dependency is not needed anymore. The
pyroute version is bumped both in requirements and doc/requirements.
This patch bumps the pyroute2 version to 0.6.4 (newest version
provided in upper-requirements).
Change-Id: I627e902e32fe59c6829c3bc92af19abff4b70f9a
Related-Bug: #1928913
This version fixes the problem reported in LP#1929518 as described
in [1].
[1]acc82bff39
Change-Id: I894eb3524681a3abaca5eeca0aa47028e7f1ff44
Closes-Bug: #1929518
In order to broadly cover the issue described in the referred bug,
this patch sets a default timeout of 2 seconds in the
``ovs_idl.Backend.lookup`` method.
This timeout should cover most of the situations where the IDL local
cache update is delayed. This patch does not change the default
behavior, except it will not fail if the DB cache is synchronized
within 2 seconds.
If we don't pass the notify handler or the backend does not implement
one, in case of not finding the requested register, the method will
raise like before.
ovsdbapp library is bumped to version 1.10.0 to receive the change
that introduces the active wait in ``Backend.lookup`` and adds the
timeout parameter to the method signature.
Change-Id: Ib40eabd6a8e9d59896e0e20383d8061eb4b5c710
Related-Bug: #1922934
Two improvements are implemented in this method:
- Add a query limit number parameter. This parameter is used by
"NeutronDbObject.objects_exist" to limit the number of registers
retrieved to 1.
- Add a query field parameter. This is the name (string) of the
"obj_cls.fields" list. That will reduce the columns to be
retrieved to only one. To check the existence of a DB register,
there is not need to retrieve the full DB model including the back
references.
In case of not passing any value, the first "obj_cls.primary_keys"
value will be used instead.
Closes-Bug: #1925528
Change-Id: I9fd5e306e293102c366d89c01bbe8b13721d59b0
Fixed backref warning for two view only relationship defined in the
ORM, "QosNetworkPolicyBinding.port" and "Tag.standard_attr".
Change-Id: I7fcb1268f4fc637e7f39eae4fcde33f82cb9772c
Closes-Bug: #1925841
Oslo policy moved those parameters to the DeprecatedRule object in [1]
and deprecated it in DocumentedRule object.
To avoid many deprecation warnings e.g. in our tests, this patch moves
"deprecated_since" and "deprecated_reason" parameters to the
DeprecatedRule object.
That change requires also bump of the oslo_policy to the 3.7.0 version
as change [1] isn't available in oslo_policy 3.6.2.
Additionally this patch also changes simple string "Wallaby" to
oslo_log.versionutils constant.
[1] https://review.opendev.org/c/openstack/oslo.policy/+/766628
Change-Id: I3234e04f417171db0d90e3e70661cc69bff8a4b1
Since [1], the physical network VLAN ranges parser populates the
ranges for those entries without a defined range, allowing all
valid VLAN ranges ([1, 4094]).
Some VLAN driver tests, relying on the previous implementation,
considered that the physical network without a defined VLAN
range does not have segments to allocated (those segments
are created on the fly by
"SegmentTypeDriverallocate_fully_specified_segment).
Since [1], all physical network segments are stored in the
"ml2_vlan_allocations" table and set as non allocated.
This patch also reverts [2]. When the physical networks are defined
in "network_vlan_ranges", there is no distinction between tenant
and provided networks; the physical network segments are assigned
by the user. It is possible to create a provider network without
defining the segmentation ID, it will be provided by the Neutron
VLAN driver, if there are free segments for the required physical
network.
[1]https://review.opendev.org/c/openstack/neutron-lib/+/779515
[2]1376df7873c2ac77c256ab2fed928de41a2c1d58
Closes-Bug: #1919280
Related-Bug: #1918274
Related-Bug: #1649750
Change-Id: I191e020ddb97dcf8fb41139d35bfd699e125379b
Prior to oslo.policy version 3.6.2, the Enforcer() object would load and
update the deprecated rules for a check regardless of it already being
done.
A recent change to oslo.policy updated the Enforcer() to be smarter
about this case and it was released in oslo.policy version 3.6.2:
https://review.opendev.org/c/openstack/oslo.policy/+/773414
This became prevalent in neutron's usage of deprecated rules to update
their policies for secure RBAC personas since the Enforcer() object is
used extensively for APIs, resource, and attribute protection.
This should restore neutron's API performance to what it was prior to
the mass deprecation default policy rules.
Depends-On: https://review.opendev.org/c/openstack/requirements/+/774290
Closes-Bug: 1913718
Change-Id: Ia0e283f09c80605d6920843450b88cbc061996d5
The patch determines a table that should be used for the agent API
in the runtime, based on the current available schema. It means OVN
database can be updated or downgraded while neutron-server is running
and agents will always report its liveness based on currently available
tables.
Change-Id: I679945b68acf391901c8602fb1828c46cd1eec55
Closes-bug: #1901527
Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
Added a new port extension: device profile (``port_device_profile``).
This extension adds the "device_profile" parameter to the "port" API
and specifies the device profile per port. This parameter is a
string.
This parameter is passed to Nova and Nova retrieves the requested
device profile from Cyborg. Reference:
https://docs.openstack.org/api-ref/accelerator/v2/index.html#
device-profiles
For backwards compatibility, this parameter will be "None" by
default.
Closes-Bug: #1906602
Depends-On: https://review.opendev.org/c/openstack/neutron-lib/+/767586
Change-Id: I1202a8388e64ae4270ef4ca118993504ae7c1731
In https://review.opendev.org/#/c/753824/ ovsdbapp adds the ability
to pass a "frozen" object to the RowEventHandler so that if a
transaction is started from the main thread that changes the row,
it won't step on the values that the Event is trying to process.
This patch switches to using the ovs_idl backend-specific
RowEventHandler which converts the row to a frozen_row.
Change-Id: I87489596e2ff224431f7e83f43a1725172ee0953
Related-Bug: #1896816
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also replace policy.json to policy.yaml ref from doc and tests.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I0dbb8484e749e645627756e88ec79c1b26a6414a
After commit 89e2fad8ef856f0e3651e4ea5784d28bc9aeb229,
pep8/bandit/bashate tox envs have different dependencies than
the default tox env. If tox envs with different dependencies share
some common envdir, tox env will be recreated every time a different
tox env is specified. (For example, "tox -e cover" after "tox -e pep8"
recreates the tox env.)
To address it, this commit introduces a new common envdir for linters
(envdir = {toxworkdir}/lint). It also moves deependencies of bashate
and bandit envs to pep8 env to ensure these three tox envs have the
same dependencies.
Cleanups are also made in test-requirements and lower-constraints.
* astroid and isort can be dropped from test-requirements.txt
as pylint has proper version cappings for astroid and isort.
(These cappings are available in pylint 2.5 and later.)
* reno is a document dependency, so it is unnecessary in test-requirements.
* reno, astroid and isort are dropped from lower-constraints
as they are not installed in lower-constraints tests.
Change-Id: Iaa3168764d050875e3d08784aee2dfba809e53be
Another item noted with the new pip resolver [1], linters dependencies
in test-requirements.txt may cause resolver issues (trying to pull in
enum34), conflicting requirements and cause them to be installed for all
test jobs. Move them to tox.ini as was done for some projects already
(this may be backported/squashed with pip resolver fix in stable
branches depending on how fixing these will go).
[1] http://lists.openstack.org/pipermail/openstack-discuss/2020-December/019362.html
Change-Id: I0111c41bea6a6caf5ffba1f5c34489854d9c9747
Bump astroid test requirement to 2.4.0
Older versions trigger an error on wrapt dependency:
https://github.com/PyCQA/astroid/issues/755
Bump pylint accordingly to new astroid
Fix some new PEP8 warnings appearing with new versions, and filter out
the larget I202 "Additional newline in a group of imports" one for now
Drop psutil from functional requirements, it indicated an old version
and we have it in common requirements now
Bump a series of lower-constraints and requirements to work with new pip
resolver, testing with steps outlined at:
http://lists.openstack.org/pipermail/openstack-discuss/2020-December/019285.html
This includes eventlet 0.22.1, previous versions triggered a hard to
track error on enum34
Cap cryptography in lower-constraints to prevent discovery failure in
relevant job (other jobs have it capped via upper-constraints)
Change-Id: Ie74ea517a403e6e2a7a4e0a245dd20e5281339e8
Closes-Bug: #1907242
To implement proper scope checking, we need some updated libraries that
properly handle tokens and relay that information to the underlying
service. This commit updates the oslo.policy, oslo.context, oslo.log,
and keystonemiddleware requirements to versions that understand all the
various scopes so that we can update the default policies.
Partially-Implements blueprint: secure-bac-roles
Change-Id: I567c11152d27155ab4297cf7e6851965fb9f8516
"packaging.version" should be imported explicitly to avoid the
following error:
>>> import packaging
>>> packaging.version
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: module 'packaging' has no attribute 'version'
This patch also inclues "packaging" in the requirements file.
Change-Id: Ibd277e2fcc152fcf7c81ef7470e3beb0c668575c
Closes-Bug: #1904854