The tenant argument of RequestContext in oslo.context had been
deprecated long time ago and it was finally removed in
oslo.context-4.0.0. We should remove the tenant argument of
TroveContext that derives from RequestContext and we should also
update the requirements.txt in the master branch.
Task: 44723
Story: 2009906
Change-Id: I69c7098cc0d61fbbba1dbf2eca87df0dd6fd70ba
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also replace policy.json to policy.yaml ref from doc and tests.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I790409da69df8479ad2fe152b15c32ba45067c23
* MySQL 5.7 and MySQL 8.0 need different percona-xtrabackup package version.
Added Percona XtraBackup 8 support for MySQL 8.x backup and restore.
* Construct different backup container image names for MySQL 5.7 and MySQL 8.0
based on the default option value.
* Two docker images are uploaded for backup/restore:
openstacktrove/db-backup-mysql5.7:1.0.0 and
openstacktrove/db-backup-mysql8.0:1.0.0. Trove guest agent can automatically
choose the approriate one based on the datastore version.
* Added option "secure-file-priv=NULL" in MySQL config template to fix
https://github.com/docker-library/mysql/issues/541.
* Stop using IDENTIFIED BY in GRANT clause (also REVOKE). Starting with MySQL 8
creating a user implicitly using the GRANT command is not supported.
Story: #2008275
Task: #41143
Change-Id: Ibdec63324b1b39ba9b8a38dbe529da17bbb06767
These translation sections are not needed anymore, Babel can
generate translation files without them.
Change-Id: Ic81e52b5cf6c64d752358ab29a1f9a55bf25c88c
Significant changes:
* Using docker image to install datastore.
* Datastore image is common to different datastores.
* Using backup docker image to do backup and restore.
* Support MariaDB replication
* Set most of the functional jobs as non-voting as nested
virtualization is not supported in CI.
Change-Id: Ia9c97a63a961eebc336b70d28dc77638144c1834
This adds basic framework for trove-status upgrade
check commands. For now it has only "check_placeholder"
check implemented.
Real checks can be added to this tool in the future.
Change-Id: Idfeab4c06cba6f841c17ab6e255a29e8707bfa55
Story: 2003657
Task: 26162
Remove pycrypto completely from requirements and fix the
related tests.
Closes-Bug: #1749574
Depends-On: I5c0c1a238023c116af5a84d899e629f1c7c3513f
Change-Id: Ibfedd9e2ab0a5e78959108112f57103a089f02d1
Signed-off-by: Fan Zhang <zh.f@outlook.com>
PyCrypto isn't active developed for quite a while, cryptography is
recommended instead. This patch does this migration, but still keeps
pycrytpo as a fallback solution.
Random generation is also migrated to os.urandom as the cryptography
document suggests:
https://cryptography.io/en/latest/random-numbers/
Closes-Bug: #1749574
Change-Id: I5c0c1a238023c116af5a84d899e629f1c7c3513f
Co-Authored-By: Fan Zhang <zh.f@outlook.com>
Signed-off-by: Zhao Chao <zhaochao1984@gmail.com>
The 'requirements-check' gate job will validate requirements.txt and
test-requirements.txt against lower-constraints.txt, i.e. the minimum
version should match between lower-constraints and requirements. The
change in lower-constraints.txt is produced by fix-lower-constraints.py
script from the requirements repo, and 'enum34' is added mannually.
This patch also include the commit about 'uncap eventlet' to make the
'requirements-check' actually working, because the change has been
already merged in the requirements repo. The original commit message by
Doug Hellmann is kept as below for futher referrence:
We will manage the eventlet version using constraints now. See the
thread starting at
http://lists.openstack.org/pipermail/openstack-dev/2018-April/129096.html
for more details.
Co-Authored-By: Doug Hellmann <doug@doughellmann.com>
Change-Id: I61a6904ea433e570420ccd46281162ff174a5737
Signed-off-by: Zhao Chao <zhaochao1984@gmail.com>
dib is now going to have to be installed explicitly for us to actually
run the gate. the old method of just cloning the repo won't work with
dib v2.
There are other ways to accomplish this but I'm choosing this approach
knowing that it isn't ideal. First, what's the downside? This means
that dib gets installed wherever trove control plane is installed. Is
that necessary, NO. Is it the end of the world, NO.
What are the options?
- do what Octavia did and have a second requirements.txt in a folder
called diskimage-create. Would this work, yes but we don't have such
a mechanism right now and nothing would keep this requirements.txt
file in sync with g-r that I know of.
- hardcode the pip install command somewhere in the devstack
plugin. yes, this would work but this would also have no ability to
sync with g-r.
So, while the solution proposed here isn't ideal, it strikes me as not
bad, and much less risk than the other two options.
We also need to figure out where the elements are and fix the path for
disk-image-create.
Some pep8 failures appears to have crept in as well, those are
addressed.
Change-Id: Ic64d91e082102057417995a0f6851d03b9e0ca74
This patch cleans up the requirements.txt list to remove
netifaces module actually replaced by oslo_utils.
Change-Id: I556ff34c7740352a5da25d5e6b6556741b0ecd1f
The Oslo Policy library provides support for RBAC policy
enforcement across all OpenStack services.
Update the devstack plugin to copy the default policy file
over to /etc/trove in the gate environments.
Note: Not adding a rule for 'reset-password' instance
action as that API was discontinued years ago
and is now just waiting for removal (Bug: 1645866).
DocImpact
Co-Authored-By: Ali Adil <aadil@tesora.com>
Change-Id: Ic443a4c663301840406cad537159eab7b0b5ed1c
Implements: blueprint trove-policy