All python packages in RDO are now named python3-* instead of python-*
and python-* is no longer translated to python3-* automatically.
Change-Id: I692e0f06f922a13e342f568b442da6bee74c5633
The yum command has been replaced by the dnf command in recent releases
of Fedora-based distributions. Use the native command instead of
the alias kept for compatibility.
Change-Id: I5c9d4f4ac56cc2510839c1c931f3a03550396726
This introduces the missing policy customization capability for get
quotas API, so that policy rules for all quota APIs can be customized.
Also fix missing target project_id in policy evaluation.
Change-Id: I0e9a12670b8df448bed97448f8de9e3bbf207364
Since all policy rules were implemented as code, there is no chance
that the segregation policy rule does not exist.
Change-Id: If30adba443ead164af55c947a1822f8690da5e53
These are redundant vs tempest test suite which can be
executed agains actual live deployment instead of
depending clean deployment like the gabbi counterparts.
Change-Id: I6b470bd1589042cba3810b5de30e06f6c98bc953
olso.policy 4.5.0[1] changed the config options policy_file
default value to 'policy.yaml', which means it is changed
for all the OpenStack services and they do not need to
override the default anymore.
NOTE: There is no change in behaviour here, oslo.policy provides
the same configuration that services have overridden till now.
[1] https://review.opendev.org/c/openstack/releases/+/934012
[2] https://review.opendev.org/c/openstack/requirements/+/934295
Change-Id: Iba548429fefef53d043d42de4d12554d77e4591a
Since we removed lower-constrants job, the lower bound is no longer
tested. Import the note from the other project to declare that it is
maintained on bast effort basis.
Also add license information to all libraries .
Change-Id: Ia05b31061485e613634b27e96b904ad3ebe8fa33
This reverts commit 8de7585f374097bcb4910bfbed34b6c721490db9.
Reason for revert:
Current devstack disables GLOBAL_VENV automatically in CentOS or Rocky
so we don't have to override the option. GLOBAL_VENV=True is required
to migrate the jobs to Ubuntu 24.04 (Noble) .
This also changes the default API deployment method to uwsgi because
uwsgi is now globally used in CI and only works for global venv
method.
Conflicts:
.zuul.yaml
Change-Id: Iec6ab6b4fcdb60caa67197acb5ada0678c0309ce
Allow generating GMR report upon file trigger in addition to a signal.
The feature has been available in oslo.reports since 1.11.0[1] but it
can't be used in aodh without proper initialization.
[1] d23e0a65b23dc77d0104075d2313de6ca22b5cae
Change-Id: I9ad70b40f233018072fb4405b1ea29b6d4d2bc1c
Ensure full of the context attributes are read and honored when
policy rules are evaluated. This is required to support rules which
depend on attributes other than project_id, user_id and role. (This
means no rule for system scope has had worked in aodh till now)
Also make sure is_admin check honors the context_is_admin rule.
Change-Id: I4a57e5baf3edcbcd3f37a7d436226d33305fcbe8
This job has been broken because of a known regression in openstack
CLI. The issue is being fixed in 7.1.3 but the release is not yet
pulled into master. Make the job non-voting to unblock the gate now.
Change-Id: I92bd612dae86bb6a8a1342daee54bdf00098501c
hashlib.md5 always supports usedforsecurity argument in Python 3.9 and
later. The method in oslo.utils is being deprecated[1].
[1] https://review.opendev.org/c/openstack/oslo.utils/+/930879
Change-Id: I8b426c2803a08c15e078b6f6ea4b462ac3a81f3b
Add file to the reno documentation build to show release notes for
stable/2024.2.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.2.
Sem-Ver: feature
Change-Id: I9c204a1ed6a7d052a3845d1057bf062e629cfa00
This environment was used by SQLAlchemy 1.4 and is no longer necessary
since SQLAlchemy was bumped to 2.0 .
Change-Id: I1850fd6d9be22bb251e42b1c87128b696b994671
This change updates the default policies implemented in Heat, to follow
the updated guideline[1] to implement SRBAC.
The main change is that system users are no longer allowed to perform
any operations about project-level resources like alarms, while project
admin(*1) is still allowed to perform operations about project-level
resources BEYOND project (like getting alarms for all projects)
[1] https://governance.openstack.org/tc/goals/selected/consistent-and-secure-rbac.html#direction-change
Change-Id: I0a59e3f892aff306e47812b69dbf82066411a542