Airflow stable 2.6.2

This PS updates python modules and code to match Airflow 2.6.2:

- bionic py36 gates  were removed
- python code corrected to match new modules versions
- selection of python modules versions was perfoemed based on
  airflow-2.6.2 constraints
- airskiff deploy pipeline was aligned with latest in treasuremap v1.9

Change-Id: If6f57325339995216d2553c7a5ff56e7673b5acc

.zuul.yaml

@@ -14,31 +14,29 @@
     templates:
       - openstack-cover-jobs
       - openstack-python38-jobs
-      - openstack-python36-jobs
+
     check:
       jobs:
         - openstack-tox-docs
         - openstack-tox-pep8
         - armada-chart-build-gate
         - armada-chart-build-latest-htk
-        - armada-docker-build-gate-ubuntu_bionic
         - armada-docker-build-gate-ubuntu_focal
         - armada-airskiff-deploy-focal
-        - armada-airskiff-deploy-bionic
+
     gate:
       jobs:
         - openstack-tox-docs
         - openstack-tox-pep8
         - armada-chart-build-gate
-        - armada-docker-build-gate-ubuntu_bionic
         - armada-docker-build-gate-ubuntu_focal
         - armada-airskiff-deploy-focal
-        - armada-airskiff-deploy-bionic
+
     post:
       jobs:
         - armada-docker-publish-ubuntu_focal
-        - armada-docker-publish-ubuntu_bionic
         - armada-upload-git-mirror
+
     promote:
       jobs:
         - promote-airship-project-docs
@@ -77,19 +75,6 @@
     vars:
       HTK_COMMIT: master
 
-- job:
-    name: armada-docker-build-gate-ubuntu_bionic
-    timeout: 3600
-    run: tools/gate/playbooks/docker-image-build.yaml
-    nodeset: armada-single-node
-    vars:
-      publish: false
-      distro: ubuntu_bionic
-      tags:
-        dynamic:
-          patch_set: true
-
-
 - job:
     name: armada-docker-build-gate-ubuntu_focal
     timeout: 3600
@@ -127,34 +112,6 @@
       - ^releasenotes/.*$
       - ^swagger/.*$
 
-
-- job:
-    name: armada-airskiff-deploy-bionic
-    nodeset: armada-single-node-focal
-    description: |
-      Deploy Memcached using Airskiff and submitted Armada changes.
-    timeout: 9600
-    voting: true
-    pre-run:
-      - tools/gate/playbooks/airskiff-reduce-site.yaml
-      - tools/gate/playbooks/git-config.yaml
-    run: tools/gate/playbooks/airskiff-deploy.yaml
-    post-run: tools/gate/playbooks/debug-report.yaml
-    required-projects:
-      - airship/treasuremap
-    vars:
-      CLONE_ARMADA: false
-      OSH_INFRA_COMMIT: 8e96a91ffae745b952c053923aa177e615b49b74
-      ARMADA_IMAGE_DISTRO: ubuntu_bionic
-    irrelevant-files:
-      - ^.*\.rst$
-      - ^doc/.*$
-      - ^examples/.*$
-      - ^releasenotes/.*$
-      - ^swagger/.*$
-
-
-
 - job:
     name: armada-docker-publish-ubuntu_focal
     timeout: 3600
@@ -172,22 +129,6 @@
         static:
           - latest
 
-- job:
-    name: armada-docker-publish-ubuntu_bionic
-    timeout: 3600
-    run: tools/gate/playbooks/docker-image-build.yaml
-    nodeset: armada-single-node
-    secrets:
-      - airship_armada_quay_creds
-    vars:
-      publish: true
-      distro: ubuntu_bionic
-      tags:
-        dynamic:
-          branch: true
-          commit: true
-        static:
-          - latest
 
 - secret:
     name: airship_armada_quay_creds

armada/handlers/metrics.py

@@ -115,13 +115,15 @@ class ActionWithTimeoutMetrics(ActionMetrics):
 
         timeout.observe(timeout_value)
 
-        def observe_timeout_usage(duration):
-            # Avoid division by 0
-            if timeout_value:
-                val = duration / timeout_value
-                timeout_usage.observe(val)
+        class observe_timeout_usage:
+            def calculate_timeout_usage(duration):
+                # Avoid division by 0
+                if timeout_value:
+                    val = duration / timeout_value
+                    timeout_usage.observe(val)
 
-        timer = context_managers.Timer(observe_timeout_usage)
+        timer = context_managers.Timer(
+            observe_timeout_usage, 'calculate_timeout_usage')
         context = super().get_context(*args, **kwargs)
         context.enter_context(timer)
         return context

armada/tests/unit/handlers/test_override.py

@@ -273,7 +273,7 @@ class OverrideTestCase(testtools.TestCase):
             ovr = Override(documents)
             ovr.update_documents(merging_values)
             ovr_doc = ovr.find_manifest_document(doc_path)
-            expect_doc = list(yaml.load_all(e.read()))[0]
+            expect_doc = list(yaml.safe_load_all(e.read()))[0]
 
             self.assertEqual(ovr_doc, expect_doc)
 
@@ -290,7 +290,7 @@ class OverrideTestCase(testtools.TestCase):
             ovr = Override(documents, override)
             ovr.update_manifests()
             ovr_doc = ovr.find_manifest_document(doc_path)
-            target_docs = list(yaml.load_all(e.read()))
+            target_docs = list(yaml.safe_load_all(e.read()))
             expected_doc = [
                 x for x in target_docs
                 if x.get('schema') == 'armada/Manifest/v1'

doc/requirements.txt

@@ -2,12 +2,9 @@
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
 docutils<=0.17
-Jinja2<=3.0.3
-MarkupSafe<2.1.0, >=0.9.2
 plantuml
-pylibyaml==0.1.0
 reno
-sphinx-rtd-theme==0.5.0
-Sphinx==3.3.1
-sphinxcontrib-apidoc==0.3.0  # BSD
-sphinxcontrib-plantuml==0.25
+sphinx-rtd-theme
+Sphinx
+sphinxcontrib-apidoc
+sphinxcontrib-plantuml

doc/source/_static/armada.conf.sample

@@ -152,7 +152,7 @@
 
 # Format string to use for log messages with context. Used by
 # oslo_log.formatters.ContextFormatter (string value)
-#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(global_request_id)s %(request_id)s %(user_identity)s] %(instance)s%(message)s
 
 # Format string to use for log messages when context is undefined. Used by
 # oslo_log.formatters.ContextFormatter (string value)
@@ -169,7 +169,7 @@
 # Defines the format string for %(user_identity)s that is used in
 # logging_context_format_string. Used by oslo_log.formatters.ContextFormatter
 # (string value)
-#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+#logging_user_identity_format = %(user)s %(project)s %(domain)s %(system_scope)s %(user_domain)s %(project_domain)s
 
 # List of package logging levels in logger=LEVEL pairs. This option is ignored
 # if log_config_append is set. (list value)
@@ -202,6 +202,66 @@
 #fatal_deprecations = false
 
 
+[cors]
+
+#
+# From oslo.middleware
+#
+
+# Indicate whether this resource may be shared with the domain received in the
+# requests "origin" header. Format: "<protocol>://<host>[:<port>]", no trailing
+# slash. Example: https://horizon.example.com (list value)
+#allowed_origin = <None>
+
+# Indicate that the actual request can include user credentials (boolean value)
+#allow_credentials = true
+
+# Indicate which headers are safe to expose to the API. Defaults to HTTP Simple
+# Headers. (list value)
+#expose_headers =
+
+# Maximum cache age of CORS preflight requests. (integer value)
+#max_age = 3600
+
+# Indicate which methods can be used during the actual request. (list value)
+#allow_methods = OPTIONS,GET,HEAD,POST,PUT,DELETE,TRACE,PATCH
+
+# Indicate which header field names may be used during the actual request.
+# (list value)
+#allow_headers =
+
+
+[healthcheck]
+
+#
+# From oslo.middleware
+#
+
+# DEPRECATED: The path to respond to healtcheck requests on. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#path = /healthcheck
+
+# Show more detailed information as part of the response. Security note:
+# Enabling this option may expose sensitive details about the service being
+# monitored. Be sure to verify that it will not violate your security policies.
+# (boolean value)
+#detailed = false
+
+# Additional backends that can perform health checks and report that
+# information back as part of a request. (list value)
+#backends =
+
+# Check the presence of a file to determine if an application is running on a
+# port. Used by DisableByFileHealthcheck plugin. (string value)
+#disable_by_file_path = <None>
+
+# Check the presence of a file based on a port to determine if an application
+# is running on a port. Expects a "port:path" list of strings. Used by
+# DisableByFilesPortsHealthcheck plugin. (list value)
+#disable_by_file_paths =
+
+
 [keystone_authtoken]
 
 #
@@ -261,7 +321,7 @@
 # Domain name containing project (string value)
 #project_domain_name = <None>
 
-# ID of the trust to use as a trustee use (string value)
+# Trust ID (string value)
 #trust_id = <None>
 
 # Optional domain ID to use with v3 and v2 parameters. It will be used for both
@@ -290,6 +350,188 @@
 # User's password (string value)
 #password = <None>
 
+#
+# From keystonemiddleware.auth_token
+#
+
+# Complete "public" Identity API endpoint. This endpoint should not be an
+# "admin" endpoint, as it should be accessible by all end users.
+# Unauthenticated clients are redirected to this endpoint to authenticate.
+# Although this endpoint should ideally be unversioned, client support in the
+# wild varies. If you're using a versioned v2 endpoint here, then this should
+# *not* be the same endpoint the service user utilizes for validating tokens,
+# because normal end users may not be able to reach that endpoint. (string
+# value)
+# Deprecated group/name - [keystone_authtoken]/auth_uri
+#www_authenticate_uri = <None>
+
+# DEPRECATED: Complete "public" Identity API endpoint. This endpoint should not
+# be an "admin" endpoint, as it should be accessible by all end users.
+# Unauthenticated clients are redirected to this endpoint to authenticate.
+# Although this endpoint should ideally be unversioned, client support in the
+# wild varies. If you're using a versioned v2 endpoint here, then this should
+# *not* be the same endpoint the service user utilizes for validating tokens,
+# because normal end users may not be able to reach that endpoint. This option
+# is deprecated in favor of www_authenticate_uri and will be removed in the S
+# release. (string value)
+# This option is deprecated for removal since Queens.
+# Its value may be silently ignored in the future.
+# Reason: The auth_uri option is deprecated in favor of www_authenticate_uri
+# and will be removed in the S  release.
+#auth_uri = <None>
+
+# API version of the Identity API endpoint. (string value)
+#auth_version = <None>
+
+# Interface to use for the Identity API endpoint. Valid values are "public",
+# "internal" (default) or "admin". (string value)
+#interface = internal
+
+# Do not handle authorization requests within the middleware, but delegate the
+# authorization decision to downstream WSGI components. (boolean value)
+#delay_auth_decision = false
+
+# Request timeout value for communicating with Identity API server. (integer
+# value)
+#http_connect_timeout = <None>
+
+# How many times are we trying to reconnect when communicating with Identity
+# API Server. (integer value)
+#http_request_max_retries = 3
+
+# Request environment key where the Swift cache object is stored. When
+# auth_token middleware is deployed with a Swift cache, use this option to have
+# the middleware share a caching backend with swift. Otherwise, use the
+# ``memcached_servers`` option instead. (string value)
+#cache = <None>
+
+# Required if identity server requires client certificate (string value)
+#certfile = <None>
+
+# Required if identity server requires client certificate (string value)
+#keyfile = <None>
+
+# A PEM encoded Certificate Authority to use when verifying HTTPs connections.
+# Defaults to system CAs. (string value)
+#cafile = <None>
+
+# Verify HTTPS connections. (boolean value)
+#insecure = false
+
+# The region in which the identity server can be found. (string value)
+#region_name = <None>
+
+# Optionally specify a list of memcached server(s) to use for caching. If left
+# undefined, tokens will instead be cached in-process. (list value)
+# Deprecated group/name - [keystone_authtoken]/memcache_servers
+#memcached_servers = <None>
+
+# In order to prevent excessive effort spent validating tokens, the middleware
+# caches previously-seen tokens for a configurable duration (in seconds). Set
+# to -1 to disable caching completely. (integer value)
+#token_cache_time = 300
+
+# (Optional) If defined, indicate whether token data should be authenticated or
+# authenticated and encrypted. If MAC, token data is authenticated (with HMAC)
+# in the cache. If ENCRYPT, token data is encrypted and authenticated in the
+# cache. If the value is not one of these options or empty, auth_token will
+# raise an exception on initialization. (string value)
+# Possible values:
+# None - <No description provided>
+# MAC - <No description provided>
+# ENCRYPT - <No description provided>
+#memcache_security_strategy = None
+
+# (Optional, mandatory if memcache_security_strategy is defined) This string is
+# used for key derivation. (string value)
+#memcache_secret_key = <None>
+
+# (Optional) Number of seconds memcached server is considered dead before it is
+# tried again. (integer value)
+#memcache_pool_dead_retry = 300
+
+# (Optional) Maximum total number of open connections to every memcached
+# server. (integer value)
+#memcache_pool_maxsize = 10
+
+# (Optional) Socket timeout in seconds for communicating with a memcached
+# server. (integer value)
+#memcache_pool_socket_timeout = 3
+
+# (Optional) Number of seconds a connection to memcached is held unused in the
+# pool before it is closed. (integer value)
+#memcache_pool_unused_timeout = 60
+
+# (Optional) Number of seconds that an operation will wait to get a memcached
+# client connection from the pool. (integer value)
+#memcache_pool_conn_get_timeout = 10
+
+# (Optional) Use the advanced (eventlet safe) memcached client pool. (boolean
+# value)
+#memcache_use_advanced_pool = true
+
+# (Optional) Indicate whether to set the X-Service-Catalog header. If False,
+# middleware will not ask for service catalog on token validation and will not
+# set the X-Service-Catalog header. (boolean value)
+#include_service_catalog = true
+
+# Used to control the use and type of token binding. Can be set to: "disabled"
+# to not check token binding. "permissive" (default) to validate binding
+# information if the bind type is of a form known to the server and ignore it
+# if not. "strict" like "permissive" but if the bind type is unknown the token
+# will be rejected. "required" any form of token binding is needed to be
+# allowed. Finally the name of a binding method that must be present in tokens.
+# (string value)
+#enforce_token_bind = permissive
+
+# A choice of roles that must be present in a service token. Service tokens are
+# allowed to request that an expired token can be used and so this check should
+# tightly control that only actual services should be sending this token. Roles
+# here are applied as an ANY check so any role in this list must be present.
+# For backwards compatibility reasons this currently only affects the
+# allow_expired check. (list value)
+#service_token_roles = service
+
+# For backwards compatibility reasons we must let valid service tokens pass
+# that don't pass the service_token_roles check as valid. Setting this true
+# will become the default in a future release and should be enabled if
+# possible. (boolean value)
+#service_token_roles_required = false
+
+# The name or type of the service as it appears in the service catalog. This is
+# used to validate tokens that have restricted access rules. (string value)
+#service_type = <None>
+
+# Authentication type to load (string value)
+# Deprecated group/name - [keystone_authtoken]/auth_plugin
+#auth_type = <None>
+
+# Config Section from which to load plugin specific options (string value)
+#auth_section = <None>
+
+
+[oslo_middleware]
+
+#
+# From oslo.middleware
+#
+
+# The maximum body size for each  request, in bytes. (integer value)
+# Deprecated group/name - [DEFAULT]/osapi_max_request_body_size
+# Deprecated group/name - [DEFAULT]/max_request_body_size
+#max_request_body_size = 114688
+
+# DEPRECATED: The HTTP Header that will be used to determine what the original
+# request protocol scheme was, even if it was hidden by a SSL termination
+# proxy. (string value)
+# This option is deprecated for removal.
+# Its value may be silently ignored in the future.
+#secure_proxy_ssl_header = X-Forwarded-Proto
+
+# Whether the application is behind a proxy or not. This determines if the
+# middleware should parse the headers or not. (boolean value)
+#enable_proxy_headers_parsing = false
+
 
 [oslo_policy]
 

etc/armada/armada.conf.sample

@@ -152,7 +152,7 @@
 
 # Format string to use for log messages with context. Used by
 # oslo_log.formatters.ContextFormatter (string value)
-#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s
+#logging_context_format_string = %(asctime)s.%(msecs)03d %(process)d %(levelname)s %(name)s [%(global_request_id)s %(request_id)s %(user_identity)s] %(instance)s%(message)s
 
 # Format string to use for log messages when context is undefined. Used by
 # oslo_log.formatters.ContextFormatter (string value)
@@ -169,7 +169,7 @@
 # Defines the format string for %(user_identity)s that is used in
 # logging_context_format_string. Used by oslo_log.formatters.ContextFormatter
 # (string value)
-#logging_user_identity_format = %(user)s %(tenant)s %(domain)s %(user_domain)s %(project_domain)s
+#logging_user_identity_format = %(user)s %(project)s %(domain)s %(system_scope)s %(user_domain)s %(project_domain)s
 
 # List of package logging levels in logger=LEVEL pairs. This option is ignored
 # if log_config_append is set. (list value)
@@ -321,7 +321,7 @@
 # Domain name containing project (string value)
 #project_domain_name = <None>
 
-# ID of the trust to use as a trustee use (string value)
+# Trust ID (string value)
 #trust_id = <None>
 
 # Optional domain ID to use with v3 and v2 parameters. It will be used for both

images/armada/Dockerfile.ubuntu_focal

@@ -94,6 +94,8 @@ ENV PBR_VERSION 0.8.0
 
 RUN \
     chown -R armada:users . && \
-    python3 setup.py install
+    pip3 install -e . --verbose --use-pep517 \
+    && echo "/armada" \
+        > /usr/local/lib/python3.8/dist-packages/deckhand.pth
 
 USER armada

requirements-direct.txt

@@ -1,36 +1,32 @@
 click
-configparser
-deepdiff<=5.8.1
-docutils<=0.17
+deepdiff
 falcon
-gitpython
-importlib-metadata~=2.0
-Jinja2<=3.0.3
-jsonschema<=3.2.0
-keystoneauth1<=5.1.1
-kubernetes==26.1.0
-MarkupSafe<2.1.0, >=0.9.2
-nose
-oslo.config<=8.7.1
-oslo.i18n
-oslo.log<=4.6.0
-oslo.policy<=3.10.1
-oslo.middleware<=4.4.0
-keystonemiddleware<=10.2.0
-oslo.utils<=4.12.3
-Paste>=2.0.3
-PasteDeploy>=1.5.2
-prometheus-client==0.8.0
-pylibyaml==0.1.0
-python-dateutil==2.8.1
-PyYAML<=5.4.1
-reno
-requests==2.23.0
+GitPython
+jsonschema
+keystoneauth1==4.3.1
+keystonemiddleware==9.3.0
+kubernetes
+mock
+oslo.config==8.6.0
+oslo.context==4.0.0
+oslo.log==4.8.0
+oslo.policy==3.10.1
+oslo.middleware==4.4.0
+oslo.serialization==4.1.0
+oslo.utils==4.12.3
+oslo.db==11.2.0
+paste
+PasteDeploy
+packaging
+pbr
+prometheus-client
+pylibyaml
+python_dateutil
+python-memcached
+PyYAML
+Requests
+responses
 retry
-setuptools<=45.2.0
-six
-Sphinx==3.3.1
-sphinx_rtd_theme==0.5.0
-urllib3 >= 1.21.1, <= 1.25.11
-uWSGI==2.0.21
-wheel
+testtools
+urllib3
+uWSGI

requirements-frozen-bionic.txt

@@ -1,92 +0,0 @@
-alabaster==0.7.13
-attrs==22.2.0
-Babel==2.11.0
-bcrypt==4.0.1
-cachetools==4.2.4
-certifi==2023.5.7
-chardet==3.0.4
-click==8.0.4
-configparser==5.2.0
-debtcollector==2.5.0
-decorator==5.1.1
-deepdiff==5.7.0
-docutils==0.17
-dogpile.cache==1.2.0
-dulwich==0.20.50
-falcon==3.1.1
-gitdb==4.0.9
-GitPython==3.1.18
-google-auth==2.18.1
-idna==2.10
-imagesize==1.4.1
-importlib-metadata==2.1.3
-importlib-resources==5.4.0
-iso8601==1.1.0
-Jinja2==3.0.3
-jsonschema==3.2.0
-keystoneauth1==5.1.1
-keystonemiddleware==9.5.0
-kubernetes==26.1.0
-MarkupSafe==2.0.1
-msgpack==1.0.5
-netaddr==0.8.0
-netifaces==0.11.0
-nose==1.3.7
-oauthlib==3.2.2
-ordered-set==4.0.2
-os-service-types==1.7.0
-oslo.cache==2.11.0
-oslo.config==8.7.1
-oslo.context==4.1.0
-oslo.i18n==5.1.0
-oslo.log==4.6.0
-oslo.middleware==4.4.0
-oslo.policy==3.10.1
-oslo.serialization==4.3.0
-oslo.utils==4.12.3
-packaging==21.3
-Paste==3.5.3
-PasteDeploy==2.1.1
-pbr==5.11.1
-pip==21.3.1
-prometheus-client==0.8.0
-py==1.11.0
-pyasn1==0.5.0
-pyasn1-modules==0.3.0
-pycadf==3.1.1
-Pygments==2.14.0
-pylibyaml==0.1.0
-pyparsing==3.0.9
-pyrsistent==0.18.0
-python-dateutil==2.8.1
-python-keystoneclient==4.5.0
-pytz==2023.3
-PyYAML==5.4.1
-reno==4.0.0
-requests==2.23.0
-requests-oauthlib==1.3.1
-retry==0.9.2
-rfc3986==1.5.0
-rsa==4.9
-setuptools==45.2.0
-six==1.16.0
-smmap==5.0.0
-snowballstemmer==2.2.0
-Sphinx==3.3.1
-sphinx-rtd-theme==0.5.0
-sphinxcontrib-applehelp==1.0.2
-sphinxcontrib-devhelp==1.0.2
-sphinxcontrib-htmlhelp==2.0.0
-sphinxcontrib-jsmath==1.0.1
-sphinxcontrib-qthelp==1.0.3
-sphinxcontrib-serializinghtml==1.1.5
-statsd==4.0.1
-stevedore==3.5.2
-typing_extensions==4.1.1
-urllib3==1.25.11
-uWSGI==2.0.21
-WebOb==1.8.7
-websocket-client==1.3.1
-wheel==0.37.1
-wrapt==1.15.0
-zipp==3.6.0

requirements-frozen.txt

@@ -1,90 +1,91 @@
-alabaster==0.7.13
+alembic==1.11.1
 attrs==23.1.0
-Babel==2.12.1
 bcrypt==4.0.1
-cachetools==5.3.0
-certifi==2022.12.7
-chardet==3.0.4
+cachetools==5.3.1
+certifi==2023.5.7
+charset-normalizer==3.1.0
 click==8.1.3
-configparser==5.3.0
 debtcollector==2.5.0
 decorator==5.1.1
-deepdiff==5.8.1
-docutils==0.17
-dogpile.cache==1.2.0
-dulwich==0.21.3
+deepdiff==6.3.1
+dogpile.cache==1.2.2
 falcon==3.1.1
+fixtures==4.1.0
 gitdb==4.0.10
 GitPython==3.1.31
-google-auth==2.17.3
-idna==2.10
-imagesize==1.4.1
-importlib-metadata==2.1.3
-iso8601==1.1.0
-Jinja2==3.0.3
-jsonschema==3.2.0
-keystoneauth1==5.1.1
-keystonemiddleware==10.2.0
-kubernetes==26.1.0
-MarkupSafe==2.0.1
+google-auth==2.20.0
+greenlet==2.0.2
+idna==3.4
+importlib-metadata==4.13.0
+importlib-resources==5.12.0
+iso8601==2.0.0
+Jinja2==3.1.2
+jsonschema==4.17.3
+keystoneauth1==4.3.1
+keystonemiddleware==9.3.0
+kubernetes==23.6.0
+Mako==1.2.4
+MarkupSafe==2.1.3
+mock==5.1.0
 msgpack==1.0.5
 netaddr==0.8.0
 netifaces==0.11.0
-nose==1.3.7
 oauthlib==3.2.2
 ordered-set==4.1.0
 os-service-types==1.7.0
-oslo.cache==3.3.1
-oslo.config==8.7.1
-oslo.context==5.1.1
+oslo.cache==3.4.0
+oslo.config==8.6.0
+oslo.context==4.0.0
+oslo.db==11.2.0
 oslo.i18n==6.0.0
-oslo.log==4.6.0
+oslo.log==4.8.0
 oslo.middleware==4.4.0
 oslo.policy==3.10.1
-oslo.serialization==5.1.1
+oslo.serialization==4.1.0
 oslo.utils==4.12.3
-packaging==23.1
+packaging==21.3
 Paste==3.5.3
 PasteDeploy==3.0.1
 pbr==5.11.1
-pip==23.0.1
-prometheus-client==0.8.0
+pip==23.1.2
+pkgutil_resolve_name==1.3.10
+prometheus-client==0.17.0
 py==1.11.0
-pyasn1==0.5.0
-pyasn1-modules==0.3.0
+pyasn1==0.4.8
+pyasn1-modules==0.2.8
 pycadf==3.1.1
-Pygments==2.15.1
 pylibyaml==0.1.0
 pyparsing==3.0.9
 pyrsistent==0.19.3
-python-dateutil==2.8.1
+python-dateutil==2.8.2
 python-keystoneclient==5.1.0
+python-memcached==1.59
 pytz==2023.3
-PyYAML==5.4.1
-reno==4.0.0
-requests==2.23.0
+PyYAML==6.0
+requests==2.31.0
 requests-oauthlib==1.3.1
+responses==0.23.1
 retry==0.9.2
-rfc3986==2.0.0
+rfc3986==1.5.0
 rsa==4.9
-setuptools==45.2.0
+setuptools==67.7.2
 six==1.16.0
 smmap==5.0.0
-snowballstemmer==2.2.0
-Sphinx==3.3.1
-sphinx-rtd-theme==0.5.0
-sphinxcontrib-applehelp==1.0.4
-sphinxcontrib-devhelp==1.0.2
-sphinxcontrib-htmlhelp==2.0.1
-sphinxcontrib-jsmath==1.0.1
-sphinxcontrib-qthelp==1.0.3
-sphinxcontrib-serializinghtml==1.1.5
+SQLAlchemy==1.4.48
+sqlalchemy-migrate==0.13.0
+sqlparse==0.4.4
 statsd==4.0.1
-stevedore==5.0.0
-urllib3==1.25.11
-uWSGI==2.0.21
+stevedore==5.1.0
+Tempita==0.5.2
+testresources==2.0.1
+testscenarios==0.5.0
+testtools==2.6.0
+types-PyYAML==6.0.12.10
+typing_extensions==4.6.3
+urllib3==1.26.16
+uWSGI==2.0.22
 WebOb==1.8.7
-websocket-client==1.5.1
+websocket-client==1.5.3
 wheel==0.40.0
 wrapt==1.15.0
 zipp==3.15.0

test-requirements.txt

@@ -1,20 +1,17 @@
 bandit==1.6.0
-cmd2>=1.5.0
+# cmd2>=1.5.0
 coverage==5.3
 flake8-import-order>=0.18.1
 flake8==3.8.4
 grpcio-tools>=1.16.0
-mock==4.0.2
 os-testr>=1.0.0 # Apache-2.0
 pyflakes==2.2.0
-responses==0.12.1
 sphinx-rtd-theme==0.5.0
 stestr==3.2.0
 testrepository==0.0.20
 testresources==2.0.1
 testscenarios==0.5.0
-testtools==2.5.0
-testtools==2.5.0
-tox>=3.28.0, <4.0.0
-typing-extensions>=3.7.2
+# testtools==2.5.0
+# tox>=3.28.0, <4.0.0
+# typing-extensions>=3.7.2
 yapf==0.27.0

tools/gate/playbooks/docker-image-build.yaml

@@ -19,7 +19,6 @@
     - ensure-python
     - ensure-pip
 
-
   tasks:
     - include_vars: vars.yaml
 
@@ -69,6 +68,8 @@
     - name: Run images
       when: not publish
       shell: |
+        set -ex
+        sudo -E -H pip3 install tox==3.28.0
         make run_images
       args:
         chdir: "{{ zuul.project.src_dir }}"

tox.ini

@@ -30,7 +30,6 @@ commands =
 commands =
   {posargs}
 
-
 [testenv:freeze]
 basepython=python3
 recreate = True
@@ -39,33 +38,12 @@ allowlist_externals=
   sh
 deps=
   -r{toxinidir}/requirements-direct.txt
+  -c https://raw.githubusercontent.com/apache/airflow/constraints-2.6.2/constraints-3.8.txt
 commands=
   rm -f requirements-frozen.txt
   sh -c "pip freeze --all | grep -vE 'armada|pyinotify|pkg-resources==0.0.0' > requirements-frozen.txt"
 
 
-[testenv:freeze-bionic]
-basepython=python3
-recreate = True
-allowlist_externals=
-  rm
-  sh
-deps=
-  -r{toxinidir}/requirements-direct.txt
-commands=
-  rm -f requirements-frozen-bionic.txt
-  sh -c "pip freeze --all | grep -vE 'armada|pyinotify|pkg-resources==0.0.0' > requirements-frozen-bionic.txt"
-
-
-[testenv:py36]
-deps=
-    -r{toxinidir}/requirements-frozen-bionic.txt
-    -r{toxinidir}/test-requirements.txt
-commands =
-    {[testenv]commands}
-    stestr run {posargs}
-    stestr slowest
-
 [testenv:py38]
 commands =
     {[testenv]commands}