Python 2 has been deprecated for almost two years, and has not been
guaranteed to work with glance_store for a while. This patch removes all
traces of six, unicode strings and Python 2 tweaks.
Co-Authored-By: Cyril Roelandt <firstname.lastname@example.org>
md5 is not an approved algorithm in FIPS mode, and trying to
instantiate a hashlib.md5() will fail when the system is running in
md5 is allowed when in a non-security context. There is a plan to
add a keyword parameter (usedforsecurity) to hashlib.md5() to annotate
whether or not the instance is being used in a security context.
In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.
Some downstream python versions already support this parameter. To
support these versions, a new encapsulation of md5() has been added to
oslo_utils. See https://review.opendev.org/#/c/750031/
This patch is to replace the instances of hashlib.md5() with this new
encapsulation, adding an annotation indicating whether the usage is
a security context or not.
It looks like the uses of the md5 are primarily for checksums and
generation of etags.
With this patch, all the unit and functional tests appear to pass
on a FIPS enabled system.
Make a few cleanups:
- Remove python 2.7 stanza from setup.py
- Add requires on python >= 3.6 to setup.cfg so that pypi and pip
know about the requirement
- Remove obsolete sections from setup.cfg:
* Wheel is not needed for python 3 only repo
- Update classifiers
- Update requirements, no need for python_version anymore
We have jsonschema capped at a fairly old version. Other than some
specific releases, it looks like keeping it below 3.0 was added in
I943fd68b9fab3bce1764305a5058df5339470757 without really any explanation
In order to update to a 3.x release we need to:
1. Remove the cap from global-requirements.txt (see Depends-On), leaving
upper-constraints.txt at a 2.x release
2. Remove the cap from all consumers (this change)
3. Release a new version of consumers that are published to pypi
4. Update upper-constraints.txt with those new releases
5. Update jsonschema in upper-constraints.txt to a 3.X release
6. Test consumers with the change from 5.
7. [Optional] fix issues in consumers that arise from 6.
8. Merge the change from 5.
Co-Authored-by: Sean McGinnis <email@example.com>
doc8 is not required to use this module, only for style
checking of RST documentation.
Move from requirements.txt -> test-requirements.txt to avoid
generating a run-time dependency on doc8.
This patch adds a doc8 check of .rst files to the current pep8 check.
It includes fixes to the .rst files that didn't pass the check.
Co-authored-By: Nguyen Van Trung <firstname.lastname@example.org>
A direct conversion of keystoneclient usage to the newer supported
keystoneauth library. The libraries are largely compatible and there
should be no issues swapping between them.
This doesn't fix any problems of the way auth is used, it just changes
out the library.