82 Commits

Author SHA1 Message Date
David Lyle
076ef7f0fb Remove CUSTOM_THEME_PATH setting
Horizon now uses the WEBROOT to populate the value of $webroot in
the CSS code. The CUSTOM_THEME_PATH pointing to the webroot theme
to explicitly set the same value is no longer necessary.

Closes-Bug: 1540801
Change-Id: Ic212796ee0905751ac3fd619bbbc902d25ea10d5
2016-02-11 03:35:18 +00:00
Akihiro Motoki
43f62c0849 Move horizon config and start to appropriate phase in stack.sh
Previously horizon configuration and start are done too early
and as a result horizon init and start need to be run twice
after horizon plugins are enabled.
- horizon config was done before "run_phase stack install"
- horizon init and start were done before "run_phase stack post-config"

This commit rearrange horizon setup to the appropriate phases
defined in the devstack plugin interface.

- Configuration of horizon settings is moved to configure_horizon.
- horizon config is now called between run_phase stack install
  and post-config.
- horizon init and start are now called between run_phase stack
  post-config and extra.

Change-Id: I8bf2ceaf7734c4f7cec68bc05d7cdbae81ef311e
2015-12-15 16:44:41 +09:00
Ian Wienand
523f488036 Namespace XTRACE commands
I noticed this when debugging some grenade issues failures.

An include of grenade/functions stores the current value of XTRACE
(on) and disables xtrace for the rest of the import.

We then include devstack's "functions" library, which now overwrites
the stored value of XTRACE the current state; i.e. disabled.

When it finishes it restores the prior state (disabled), and then
grenade restores the same value of XTRACE (disabled).

The result is that xtrace is incorrectly disabled until the next time
it just happens to be turned on.

The solution is to name-space the store of the current-value of xtrace
so when we finish sourcing a file, we always restore the tracing value
to what it was when we entered.

Some files had already discovered this.  In general there is
inconsistency around the setting of the variable, and a lot of obvious
copy-paste.  This brings consistency across all files by using
_XTRACE_* prefixes for the sotre/restore of tracing values.

Change-Id: Iba7739eada5711d9c269cb4127fa712e9f961695
2015-11-27 15:36:04 +11:00
Jenkins
4f262a109d Merge "Configure horizon with identity v3" 2015-11-13 05:51:14 +00:00
Ian Wienand
ada886dd43 Don't mix declaration and set of locals
Ia0957b47187c3dcadd46154b17022c4213781112 proposes to have bashate
find instances of setting a local value.  The issue is that "local"
always returns 0, thus hiding any failure in the commands running to
set the variable.

This is an automated replacement of such instances

Depends-On: I676c805e8f0401f75cc5367eee83b3d880cdef81
Change-Id: I9c8912a8fd596535589b207d7fc553b9d951d3fe
2015-10-07 17:03:32 +11:00
Sean Dague
346edcc532 check all possible services when configuring tempest
The previous approach assumed that devstack in tree service support
would always be a super set of tempest. That's not necessarily
true. Instead when configuring tempest we should look at all the
possible services that tempest could know about, which will let us
disable services we don't have support for.

Change-Id: I9c24705e494689f09a885eb0a640efd50db33fcf
2015-08-26 09:38:37 -04:00
Jamie Lennox
05076fb7ea Configure horizon with identity v3
Currently horizon configures keystone using v3 only if v2 is not
available. Really we should just always be using v3.

Change-Id: Icac4d90b617209da75abf33f8e25ffc021c45fdb
2015-08-15 19:01:59 +10:00
David Lyle
7b105c572e Move horizon apache root to /dashboard
With keystone's move to /identity, a conflict in for resources was
created as both keystone and horizon used /identity. The keystone
config took precedence and rendered API output in the horizon UI.

This patch sets the root for horizon to /dashboard and serves all
horizon content from there. Additionally, a RedirectMatch has been added
to the apache config for horizon to redirect '/' to '/dashboard' this
will allow the implementation to change without being immediately
painful to users.

Also made the path '/dashboard/' configurable in stackrc.

Closes-Bug: #1478306
Depends-On: I9a04f936ed6d8c14775a332dc28e903992806c42

for devstack-gate changes to remove hard coded horizon url structure
assumptions.

Change-Id: I6fbca5cea9e44df160afbccc71bd045437657320
2015-08-13 01:41:57 +00:00
David Lyle
7ef246492c Fixing keystone v3 version use for horizon
The setting for overriding Horizon's OPENSTACK_API_VERSIONS is not
the correct format. The version should be a number, not a string.

so should be 3, not "v3".

Change-Id: I193d21514b196336796eac067417dc2aaec56433
Closes-Bug: #1460190
2015-05-29 13:49:03 -06:00
Samuel de Medeiros Queiroz
3fd71d6893 Honor the flag for Identity v3 API only jobs
When the property ENABLE_IDENTITY_V2 is set to
False in the local.conf file, devstack will:

* Disable the v2 API in Keystone paste config;
* Set Tempest to skip Identity v2 tests and use
  v3 auth tokens to run all the other tests;
* Set Horizon to use v3 API and v3 auth tokens;
* Register the Identity endpoint as v3.

Change-Id: I2575a516244b848e5ed461e7f488c59edc41068d
2015-05-27 14:27:30 -03:00
Sean Dague
60996b1b60 introduce pip_install_gr
This creates a new pip_install_gr that installs from global
requirements allowed versions. Now that stable branches are getting
capped all of devstack needs to be fixed to do things like this.

Change-Id: I8fd0ef2bfc544ca2576fab09d3018f760b8848fe
2015-04-08 10:28:17 -04:00
Dean Troyer
dc97cb71e8 Mostly docs cleanups
Fix documentation build errors and RST formatting

Change-Id: Id93153400c5b069dd9d772381558c7085f64c207
2015-03-28 14:35:12 -05:00
Attila Fazekas
c4c27232c8 Use the Member role with horizon
Horizon by default using the _member_ role,
which is considered as a legacy role.

The tools/create_userrc.sh already creates the regular users,
with Member role.

Change-Id: Ibc07a0f28d0729f8a717a54e94fe014853363592
Closes-Bug: #1421616
2015-03-03 11:02:49 +01:00
Joe Gordon
d5ac785247 Add new function get_from_global_requirements
Instead of specifying the version of a library in devstack, use the version from
global-requirements

Add new function get_from_global_requirements and use it
where it makes sense.

Change-Id: I6b2f062761ac05ef72fc6cc9993bc204faf06fa5
2015-02-17 11:48:06 -08:00
Attila Fazekas
1f316beb20 Remove rhel6 and py26 support
el6 is shipped with Python 2.6.x which is not expected
to be supported with the openstack kilo release.

For el6 support we need to do lot of thing differently,
which makes the code more complicated.

This change removes el6 and py26 support from devstack.

This change also removed a discontinued (1 year ago)
openSUSE 12.2 code path, which used a similar codepath as el6.

Several comment related to el6 also removed or modified.

Change-Id: Iea0b0c98a5e11fd85bb5e93c099f740fe05d2f3a
2015-01-27 09:22:52 +01:00
Sean Dague
537532931d Make changes such that -o nounset runs
This makes a bunch of variable cleanups that will let -o nounset
function, for the time being we hide nounset behind another setting
variable so that it's not on by default.

Because this is bash, and things are only executed on demand, this
probably only works in the config it was run in. Expect cleaning up
all the paths to be something that takes quite a while.

This also includes a new set of unit tests around the trueorfalse
function, because my change in how it worked, didn't. Tests are good
m'kay.

Change-Id: I71a896623ea9e1f042a73dc0678ce85acf0dc87d
2015-01-15 13:06:14 -05:00
gong yong sheng
1eb4c6a375 remove brackets around boolean condition expression
Change-Id: Ia550d4603d9520ddea84a144e5e042903456d96d
Closes-Bug: 1405319
2014-12-29 12:21:51 +08:00
Sean Dague
ef844fd08d remove $KEYSTONE_TOKEN_HASH_ALGORITHM
Now that Keystone is back to UUID token defaults the use case for this
in devstack is extremely dubious, and it can be set through via
local.conf if anyone *really* cares.

Part of bp:devstack-nounset

Change-Id: I644b5b1579952959d253758b2a12b97d8a704657
2014-12-15 16:33:53 -05:00
Sean Dague
e263c82e48 add shebang lines to all lib files
With gerrit 2.8, and the new change screen, this will trigger syntax
highlighting in gerrit. Thus making reviewing code a lot nicer.

Change-Id: Id238748417ffab53e02d59413dba66f61e724383
2014-12-10 11:28:05 -05:00
Mikhail S Medvedev
088e66028c Deal with different django-admin executables
After the recent patch [1] the devstack is broken for Fedora 20 with
the error "django-admin.py: command not found" during horizon setup.

This is due to differences in how django currently packaged for Fedora,
where we should use "django-admin", without the .py

This patch sets up executable alias by checking if "django-admin"
exists, and falling back on "django-admin.py".

[1] https://review.openstack.org/#/c/120940/

Change-Id: I2b6de25fe32446edbdc0418674fea8579ec739d9
2014-11-18 16:35:12 -06:00
David Lyle
45ce98275c Moving horizon compression offline
Making the horizon scss compilation and compression happen offline.
Potentially fixing an issue with parallel compression in devstack.

Related-Bug: #1345955
Change-Id: I066c80e06a92302a3f8dc5fd45d127fbde6cf99c
2014-11-18 15:07:10 +11:00
Sean Dague
3c8973a90a support installing django_openstack_auth from pypi
Part of the libs from pypi conversion, convert django_openstack_auth
to this format.

Change-Id: I97c8ea19d8aed1e0bdd62c06cfadd1d616573d76
2014-11-14 10:40:46 -05:00
Akihiro Motoki
6518c0b88e Compile Horizon message catalogs during stack.sh
Recently compiled message catalogs (mo files) were removed
in Horizon and django_openstack_auth repositories.
We need to compile message catalogs to make translations
available for Horizon users. It is useful for developers too.

Change-Id: I0831e8308205c116d8e3bb8b43be7f0dd6fa0c0a
2014-10-18 06:40:08 +09:00
Jenkins
32ec8358c1 Merge "Update Horizon Neutron-related settings" 2014-09-27 17:44:04 +00:00
Jenkins
14f6c50b18 Merge "Use mod_version to clean-up apache version matching" 2014-09-25 03:43:29 +00:00
Akihiro Motoki
0843f0ab05 Update Horizon Neutron-related settings
- Horizon no longer has "enable_security_group" setting
  so we need to remove it.
- There is no need to set enable_lb/firewall/vpn to True
  when q-lbaas/q-fwaas/q-vpn is enabled because Horizon now checks if
  Neutron ext-list and enables corresponding dashboards accordingly.

Change-Id: I37073d73e4cba0103ab1a3d935302f1cd0ef73c5
2014-09-24 04:51:57 +09:00
Brant Knudson
3951a94499 Configurable token hashing algorithm
The Keystone server and auth_token middleware were enhanced to
support a configurable hash algorithm.

With this change, the user can set

 KEYSTONE_TOKEN_HASH_ALGORITHM=sha256

in their localrc to use the SHA256 algorithm rather than the
default md5. Any hash algorithm supported by Python's hashlib can
be used. The MD5 algorithm doesn't provide enough protection from
hash collisions and some security standards mandate a SHA2 hash
algorithm.

Change-Id: I8b373291ceb760a03c4c14aebfeb53d8d0dfbcc1
Closes-Bug: #1174499
2014-09-21 13:55:39 -05:00
Chris Dent
2f27a0ed3c Replace screen_it() with run_process() throughout
run_process will use screen if USE_SCREEN=True (the default),
otherwise it will simply start the requested service. Therefore
wherever screen_it used, run_process can be instead.

Where stop_screen was found it has been replaced with stop_process.

A tail_log function has been added which will tail a logfile in a
screen if USE_SCREEN is True.

lib/template has been updated to reflect the use of the new
functions.

When using sg the quoting in run_process gets very complicated.
To get around this run_process and the functions it calls accepts
an optional third argument. If set it is a group to be used with sg.

Change-Id: Ia3843818014f7c6c7526ef3aa9676bbddb8a85ca
2014-09-11 18:59:39 +01:00
Noboru Iwamatsu
b4495eb410 Use mod_version to clean-up apache version matching
This change uses mod_version (shipped by default on everything we care
about) to set-up version-specific config within apache rather than
within devstack scripts.

Clean up the horizon and keystone config file generation to use the
internal apache matching.

Since I6478db385fda2fa1c75ced12d3e886b2e1152852 the apache matching in
'functions' is actually duplicated.  just leave get_apache_version in
lib/apache as it is used for config-file name matching in there.

Change-Id: I6478db385fda2fa1c75ced12d3e886b2e1152852
2014-09-08 15:59:29 +10:00
Dean Troyer
1bbfcc7a79 Clean up local variable usage - Horizon
Change-Id: I1924ecdd68a9c7bf947c06f33aa79c38ada1d3b4
2014-08-13 11:26:46 -05:00
Sean Dague
e837714244 use setup_install for django_openstack_auth
This is fundamentally a library. As such we should setup_install
so that we can possibly pin it, otherwise we *always* get the
git version instead.

Change-Id: Ia815f2675cf535bb05a7e8eda853690171559b86
2014-06-23 08:21:07 -04:00
Jenkins
51018faa06 Merge "Add support for django_openstack_auth" 2014-06-22 17:19:18 +00:00
Jenkins
e54a2b5057 Merge "Save OPENSTACK_KEYSTONE_URL to horizon local_settings" 2014-06-19 11:34:10 +00:00
Zhenguo Niu
e385d1e030 Add support for django_openstack_auth
It would be useful for development, reviewing and testing to add
support for django_openstack_auth to devstack.

This change adds the integration tests to the openstack_auth
list of test: https://review.openstack.org/#/c/86528/

Change-Id: Ifbd336b83f6b2beb23996b599ec820232c13efdd
Closes-Bug: #1262121
2014-06-18 14:04:34 +08:00
Dean Troyer
444a8d53ca Fix Apache site config handling on Fedora
Allow enable/disable_apache_sites() on Fedora to gracefully fail if the
config is not present.  This is primarily an issue when the config from
a previous run is not completely cleaned out (unstack.sh vs clean.sh).

Make APACHE_CONFIG_DIR fully qualified and overrideable in local.conf.

Also fix Horizon's handling of its Apache config file to be removed
in clean.sh.

Change-Id: I78a5de579dd3b02fa2e4e7e00ac0aabe71b531ad
2014-06-06 16:52:20 -05:00
Haiwei Xu
98a181713c Save OPENSTACK_KEYSTONE_URL to horizon local_settings
OPENSTACK_KEYSTONE_URL is not saved to local_settings correctly,
this patch fixes this bug.

Change-Id: I4275f035be3d8ab013840d8b5e3f9a5e292a366b
2014-06-04 19:26:40 +09:00
Attila Fazekas
afda4efb2c Enable horizon on Fedoras
The previous apache/horizon a688bc65104e7d8998ffdb321d67a9f33df6997e
change left horizon disabled on Fedora.

Closes-Bug: #1326126

Change-Id: I79f84bb63471f84c6b37538e8dfe2bcca3ce3eac
2014-06-04 07:34:13 +02:00
Gabriel Assis Bezerra
a688bc6510 Fix the way Apache site configuration files are used, to improve OS portability
On Ubuntu 14.04, the site configuration file must have a .conf suffix for a2ensite and a2dissite to
recognise it. a2ensite and a2dissite ignore the .conf suffix used as parameter. The default sites'
files are 000-default.conf and default-ssl.conf.

On Ubuntu 12.04, the site configuration file may have any format, as long as it is in
/etc/apache2/sites-available/. a2ensite and a2dissite need the entire file name to work. The default
sites' files are default and default-ssl.

On Fedora, any file in /etc/httpd/conf.d/ whose name ends with .conf is enabled.

On RHEL and CentOS, things should hopefully work as in Fedora.

This change puts all distribution-related site configuration file name differences in lib/apache and
the other services gets the file name for its sites using the new exported function
apache_site_config_for <sitename>.

It also makes Fedora disabled sites use the .conf.disabled suffix instead of removing the .conf from
the file name.

The table below summarizes what should happen on each distribution:
+----------------------+--------------------+--------------------------+--------------------------+
| Distribution         | File name          | Site enabling command    | Site disabling command   |
+----------------------+--------------------+--------------------------+--------------------------+
| Ubuntu 12.04         | site               | a2ensite site            | a2dissite site           |
| Ubuntu 14.04         | site.conf          | a2ensite site            | a2dissite site           |
| Fedora, RHEL, CentOS | site.conf.disabled | mv site.conf{.disabled,} | mv site.conf{,.disabled} |
+----------------------+--------------------+--------------------------+--------------------------+

Change-Id: Ia2ba3cb7caccb6e9b65380f9d51d9d21180b894e
Closes-bug: #1313765
2014-05-30 12:07:24 +00:00
Jenkins
584e65cfc1 Merge "Configure Horizon to use SSL-enabled Keystone" 2014-05-02 12:12:02 +00:00
Rob Crittenden
c31fa40b77 Configure Horizon to use SSL-enabled Keystone
SSL can be enabled in Keystone when devstack is executed.
Horizon was not being configured to use the SSL port so
authentication was failing.

Change-Id: I253766d359aaab0bd1f844a8a637adc77e8eee2b
Closes-Bug: 1293749
2014-04-29 23:32:59 -04:00
Christian Berendt
cbd97ca975 use disable/enable_apache_site on Ubuntu
Using the specific Apache2 tools a2ensite and a2dissite
(used in the methods disable/enable_apache_site in lib/apache)
should be the preferred way to disable the default site and
to enable the horizon site.

fixes bug #1298031

Change-Id: I2f247c0b6e605a330086a558e03e2c36666c55be
2014-03-27 14:30:12 +00:00
Ian Wienand
aee18c749b Enforce function declaration format in bash8
Check that function calls look like ^function foo {$ in bash8, and fix
all existing failures of that check.  Add a note to HACKING.rst

Change-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938
2014-02-28 07:59:03 +11:00
Sean Dague
67db4a9bd5 remove database init from horizon
horizon default config no longer uses a session database, it uses
signed cookies instead, so we can stop doing db initialization and
cleanup (which based on errexit we weren't doing correctly anyway).

Change-Id: Icae4318e2784486db2888cbf353e95ac9a5d7cba
2014-02-07 16:04:47 -05:00
Dean Troyer
4237f590b7 Generate Tempest service list rather than hard-code it
The list of services that Tempest used to set its 'service_available'
config values was hard-coded. To be plugin-friendly have each
service (project) add its name to the TEMPEST_SERVICES variable
and use that for setting the 'service_avilable' values.

Change-Id: I208efd7fd0798b18ac2e6353ee70b773e84a2683
2014-01-29 17:25:45 -06:00
Gonéri Le Bouder
394c11c721 horizon: drop nodejs dependency
since commit a0739c9423a4c559b45af96fa4cdb30539dcdbd7, horizon use
a pure Python alternative to nodejs

Change-Id: I231b453e42c303c3cc29e8bea4d7b935fecdccd2
2013-11-14 10:28:51 +01:00
Chris Buccella
610af8cfa7 Fix horizon config under Apache 2.4
Apache 2.4 now uses mod_authz_host for acces control. Horizon's
Apache config needs an update to allow access to its directory,
otherwise a 403 will be returned.
This change replaces a similar previous fixes done for Fedora 18
and Ubuntu 13.10, since this is an Apache version issue, not a
distro-specific one.

Change-Id: Iecc17600d8e1aae6a7b0929b1493d712c307616f
Closes-Bug: #1243075
2013-11-05 13:06:34 +00:00
Jenkins
0eeeb2efdf Merge "Fix apache horizon permissions on Ubuntu 13.10" 2013-11-01 18:32:05 +00:00
Peter Feiner
62e8a30abd Fix apache horizon permissions on Ubuntu 13.10
Fixes bug 1241574.

Change-Id: If6c30874267a6bf30c114146f83b2d3220f32c1a
2013-10-24 18:38:44 -04:00
Adam Spiers
6a5aa7c6a2 Fix some Markdown formatting issues
Address miscellaneous issues with Markdown formatting in comments which
are consumed by shocco when generating the online documentation.

Change-Id: I953075cdbddbf1f119c6c7e35f039e2e54b79078
2013-10-24 17:38:19 +01:00
Jenkins
a15f9092ec Merge "Uniquify unsupported distro error message" 2013-10-03 21:12:22 +00:00