It seems the job was already removed and the remaining reference is
causing a config error.
```
Job openstack-ansible-linters-ubuntu-bionic not defined
```
Change-Id: I8d1099c4b3fe07e0517d0e82b21a787b2d91fdfb
Add file to the reno documentation build to show release notes for
stable/2023.2.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.2.
Sem-Ver: feature
Change-Id: I2aa96d3d7b778f7dfee33b272c6c3d6b016feffb
There is no need to escape double quotes in block scalar. This broke
non-OVN neutron-servers which use uWSGI and `pyargv`.
Change-Id: If22d5d2737914a90e0a3868faf3ee6815235a70a
With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.
With that we also update metdata to reflect current state.
Depends-On: https://review.opendev.org/c/openstack/ansible-role-systemd_service/+/888223
Change-Id: I43eaa6d471cf5f8b72febdeda1bf8a6df438eb11
A weird behaviour has been spotted in AIO, where role, that was
importing python_venv_build and uwsgi roles was failing, as
venv_build_distro_package_list definition from uwsgi role was applied
on upper level even before uwsgi runtime
As a result, previous import was failing with
uwsgi_build_distro_package_list being undefined.
Replacing any import with inlcude was solving the issue. Since we re-use
uwsgi role a lot and using include make sense in the role, we
start replacing static imports from here.
Change-Id: I3b11220dd30a03fd6465f7b5e041027fbd8bad1d
At the moment we don't restart services if systemd unit file is changed.
We knowingly prevent systemd_service role handlers to execute
by providing `state: started` as otherwise service will be restarted twice.
With that now we ensure that role handlers will also listen for systemd
unit changes.
Change-Id: I802ebfbdec5140b2414086c04ae1297868ec256b
With tox release of 4.0, some parameters were deprecated and are ignored now
which causes tox failures. One of the most spread issues we have is using
`whitelist_externals` isntead of `allowlist_externals`
Change-Id: Icb55e725014dd174bf54e00fe89ad1cdd496ccb1
Previously the template could only insert one http-socket or
https-socket line into the uwsgi configuration file. This meant
a choice between binding to a specific IP address, or 0.0.0.0 to
listen on all addresses.
This patch makes the template distinguish between uwsgi_bind_address
being an iterable list of addresses, or a single address. It is now
possible to specify a number of specific addresses to bind to.
Change-Id: I088a64c65a9f9912091bd10402028db574767ca4
Add file to the reno documentation build to show release notes for
stable/zed.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.
Sem-Ver: feature
Change-Id: Idf31f2aba788580fd699d7b69cca22fa9cf4f882
As it's mentioned in uWSGI docs[1]:
"In order to use https option be sure that you have OpenSSL development
headers installed (e.g. libssl-dev on Debian). Install them and rebuild
uWSGI so the build system will automatically detect it."
This change ensures that required package is installed on the host where
uWSGI is being built.
We don't need to force reinstall during an openstack upgrade because
uWSGI version was bumped in Zed[2] so uWSGI is going to be
reinstalled/upgraded anyway.
According to my tests, OpenSSL development headers are not required for
distro installs.
[1] https://uwsgi-docs.readthedocs.io/en/latest/HTTPS.html
[2] https://review.opendev.org/c/openstack/openstack-ansible/+/864579
Change-Id: Ib3cf675fa22a61ddf800af6276071410163bcf68
We don't really need bindep file on our roles so it can be safely
removed.
At the moment role breaks due to content of bindep as with switch to
Ubuntu Jammy python2 packages are no longer available.
Change-Id: I091d2073bd2d1ba73a6ad026cd1e2d846bac3bee
This line was introduced by I56d130c242b440c02a54f9971bfb4e0866dbbc3d
but should already be covered by the distribution_major_version line
above.
Change-Id: Icbf855ec7ecbddcc05f32febb89067679e3ad7dd
Role was never migrated to usage of haproxy-endpoints role
and included task was used instead the whole time.
With that to reduce complexity and to have unified approach, all mention
of the role and handler are removed from the code.
Change-Id: Ie397e5d28027341a3c3b67ea588dcce035121d19
With sphinx release of 5.0.0, they changed default for language variable
to 'en' from None. With that current None valuable is not valid and should
not be used.
Change-Id: I6c7bb111601e7ae04f66b2336164679042169767
Previously this required a separate vars file for each OS release to
install the correct version of libpython. This change moves to a single
vars file and uses a dictionary to look up the libpython package name
based on the OS distribution release.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/838762
Change-Id: I876339092fc3e68e0fb526e8093851d1de3ff73a
Use a first_found lookup instead of a with_first_found loop so that
the 'paths' parameter can be used.
This ensures that only vars from the role are included, and not vars
from a parent calling role. This can happen when a parent role has
a higher priority vars file available for inclusion than the role
it calls.
Change-Id: I54fce299febb8c93434919f1c15a223850045cbc
If user defines a TLS certificate and private key pair for a
service UWSGI will only accept a TLS connection
Change-Id: I1d0e3ec4eddecca3bca62ea5f02914ca0493f2e0
Since we still use ceph-ansible that has their own implementation of
config_template module it's worth to use mentioned module as a collection
explicitly.
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/819814
Change-Id: Ieeacec78e89d280c1205d074240c30503f7723d6
GCC presence is required [1] to build uwsgi package otherwise it will
fail on processing uwsgiconfig.py
While it's got installe with openstack-hosts this might be an issue
when uwsgi is used as a standalone role
[1] 2989143935/uwsgiconfig.py (L714-L720)
Change-Id: I60baab1f6ebbe9e424ebe41967d65a1dcdec4235
Custom CA are added to the system trust store, never to certifi.
It is necessary to use the system trust store to cover the scenario
where private or self-signed certificate authrorities are used to
secure APIs that the uwsgi service should communicate with.
The default is changed to the system trust store, and can be overridden
per service through uwsgi_services, or globally through uwsgi_ini_overrides.
Change-Id: Idb532c206c3338b9934dfa47e76170aebbb5a5ef
All references to Gentoo, SUSE, Debian stretch and Centos-7 are removed.
Conditional tasks, ternary operators and variables are simplified where possible
OS specific variables files are generalised where possible
Change-Id: I7c7d2dc350b34c0b54d2c92b366d43c210a46796
Since we copy all release notes to the integrated repo there is not need
in publishing release notes for each repository. We should only verify their
validity and linting.
Change-Id: Idff881e8cb7f351c2d6f5d52f9c606f6f1559d1c
This is required to run our uwsgi applications. On centos libpython3
is a dependancy of uwsgi-plugin-python3.
Also mark linters as non voting as fixing linters in this repo
is currently a circular dependancy
Change-Id: I56d130c242b440c02a54f9971bfb4e0866dbbc3d
Set log-x-forwarded-for to true by default to true to use
originating IP in logs instead of haproxy one.
Change-Id: I8afba713b6375865e1978f4b3d32c7d8d0db5a70
The sync from https://review.opendev.org/733244 updated to
openstackdocstheme 2.2.1 and reno 3.1.0 versions.
Set openstackdocs_pdf_link to link to PDF file. Note that
the link to the published document only works on docs.openstack.org
where the PDF file is placed in the top-level html directory. The
site-preview places the PDF in a pdf directory.
openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.
See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html
Change-Id: If9888d7a1a005c4b98b8170d5cc1f41b7af0c136
Add file to the reno documentation build to show release notes for
stable/ussuri.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/ussuri.
Change-Id: I2a3d96ac823274e18c3cd7770159465c09154ad2
Sem-Ver: feature
New version of openstackdocstheme (Victoria+) respects pygments_style.
Since this repo is using now Victoria (master) requirements but has
not branched for Ussuri yet, it uses the new version.
Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.
Change-Id: If0417f430b5fbca7ada9b103023e75870c23ff42
This change avoids the following warning:
[DEPRECATION WARNING]: evaluating 'uwsgi_services' as a bare variable, this
behaviour will go away and you might need to add |bool to the expression in the
future.
Change-Id: I647b703d548b543d35cac5a08eb4a32afdf5a064
This repo is now testing only with Python 3, so let's make
a few cleanups:
- Remove setup.* files, those are not needed in this repo
- Cleanup */source/conf.py to remove now obsolete content.
- Remove install_command from tox.ini, the default is fine
- Sync doc/requirements.txt with openstack-ansible-tests
Change-Id: Iac3ae185777f4fd7189811726019e16336316bee
There was an error where uwsgi services were launched
always with groupname = username, even when another
group was provided in uwsgi_services or set via
uwsgi_system_group_name.
Change-Id: Ifb4b026145849eb2c642d4c558d11f167548341e
uWSGI service can be showed as running even if it's unable to
find wsgi file. It will generate error like [1] and continue re-trying
To prevent this from happening, we should exit when app error occur
[1] `no python application found, check your startup logs for errors`
Change-Id: I24566df66caa651926b13891f00220bd8795bdb3
