Also adds root=/dev/ram0 for the ramdisk initialization which seems
to be required with the switch to UEFI.
Depends-On: https://review.opendev.org/c/openstack/ironic/+/812167
Change-Id: I77aedafb121f9b8b009a424da11c82acca2216cd
Add file to the reno documentation build to show release notes for
stable/xena.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/xena.
Sem-Ver: feature
Change-Id: I09dd83c307547b7bfbd638942a4d5b9156337446
This change allows uses to enable the healthcheck middleware from
oslo.middleware in API pipeline, by setting the [healthcheck]/enabled
option. This middleware provides an API endpoint at /healthcheck path
which allows load balancers or monitoring applications to determine
a service is up using HTTP requests.
This change basically follows the same change merged in ironic[1] repo.
[1] 6f439414bdcef9fc02f844f475ec798d48d42558
Change-Id: Ic2ee2bca74ea2a5a0723ef54b10c531f77ea7b8d
Since we run inspector jobs in ironic gate, we need to
include `ironic/tests` in the irrelevant-files so
we don't run the jobs when there is only changes in unit tests.
Change-Id: I98757ab78716689355f70c7735480d4dc8e04320
... to avoid warnings from the middleware about deprecated parameters.
Currently parameters of each auth plugin are not loaded in unit tests
so user credentials are not updated but just removed.
Change-Id: I6e420dac51ac8cf92eadb1c3a3d4716a96c22001
Some actions can fail due to the node being locked as part of
normal operations. This was previously handled silently by
python-ironicclient, but when inspector was changed to use
openstacksdk, this was no longer handled.
Adds the retry wrapper around critical path methods involving
power/reboot ops and node updates which require locks.
Change-Id: I3d26cf46da02b3e8f3f773c0aeaed6843e0f26e5
Story: 2009107
Task: 42966
The lower-constraints test was removed because of an issue where pip
could not correctly determine the required packages versions to install,
ending in an almost infinite loop that would end up in timeout, failure,
and general mayhem.
Recently the issue has been fixed and, if properly configured, the
lower-constraints test can provide good indication of which minimum
versions are required to support the current code.
This patch adds the test back to the current development branch, and it
runs only on master.
The lower-constraints file will stay in the future stable branches.
Change-Id: I2e247ff2d68705d04d40c7ea653a8d3e0daf17d8
Update minimum required versions of python packages.
The updates is based on crosscheck requirements from required
packages:
oslo-policy 3.7.0 depends on oslo.context>=2.22.0
increase oslo-service version to be able to use eventlet 0.26.0
oslo-service 1.24.0 depends on eventlet!=0.18.3, !=0.20.1, <0.21.0 and >=0.18.2
increase oslo-log version to fix error:
AttributeError: type object 'deprecated' has no attribute 'WALLABY'
oslo-log 4.3.0 depends on oslo.serialization>=2.25.0
oslo-log 4.3.0 depends on pbr>=3.1.1
oslo-log 4.3.0 depends on oslo.i18n>=3.20.0
Change-Id: I20a5a20b94ffd27ea34f23ac89ca2826eb548b1a
This fix the below warning for DeprecatedRule:
Since 3.7.0, oslo policy started the DeprecationWarning[1] if
deprecated_reason and deprecated_since param are not passed
in DeprecatedRule or they are passed in RuleDefault object.
Andf suppress the policy deprecation and default change warnings
Oslo policy log warnings if defaults for policies are changed.
With new RBAC change every policy rules' default is changed,
which end up lot of warnings in logs. We can suppress these for now
until we are enforcing new defaults.
- https://zuul.opendev.org/t/openstack/build/5cefaef6d02a4b7abe3c449491b81e68/log/job-output.txt#879
[1] https://github.com/openstack/oslo.policy/blob/3.7.0/oslo_policy/policy.py#L1538
Change-Id: If481a5afc3b23d1d196ffd7576d0784a9702da59
* turn on apidocs option for individual module docs
* crosslink to information using :doc: and :ref:
Change-Id: Ie8016623251fb0f55335c64252060d4ce966dc96
Adds explicit handling of scope enforcement setting by putting
the appropriate settings in place, and handling the appropriate
configuration to communicate back with ironic based upon supplied
environment variables.
Change-Id: Ia27b26990e52b5b4ffb49b2fee3bdcca41dd75a9
A possibility exists where inspector *can* fail upon inspection if
the database connectivity was lost on a prior action. This is because
the last database transport is potentially bad and fails upon load for
the transaction. The cache can then end up with an "error" state entry,
which upon retrying can fail becasue it is already in error state
Because there really are no guarentees regarding database failures,
the best thing to do is to not trust the prior cache state if it is
in error and to reset it to starting upon new introspection requests.
This prevents operators from *having* to perform process restarts to
force all loads to be from the database unless they manage to have a
multi-inspector cluster and get another inspector node to inspect in
the mean time.
Change-Id: I04ae1d54028862642d043f3a8f3af99405863325
Story: 2008344
Task: 41246
Related: rhbz#1947147
SQLAlchemy 1.3.19 change the excepted exception and 1.4.x
changed the enum checking behavior such that we were no
longer raising an exception matching the check.
While we had a test for this, We didn't actually
check for it anywhere in the code. And the states are
driven by the code, so the underlying test that was broken
felt redundant. As such, it has been removed.
Change-Id: I39fa3d85978555b6cb9d0884a90625b4765bac28
It can cause problems, as if a single sync fails, FSM state will be
reset and not put back to initialized state until inspector restart.
Change-Id: I24b08612c4ffc6aca60ca08f3ff5cc769c7c041d
Story: #2008971
Task: #42611
* Emphasise that order matters.
* Make order of LLDP-related hooks the recommended one.
* Fix some related wording.
* Mention IPA param requirements already in lldp_basic hook.
Change-Id: I043fdd5b5582971e43211c9a860d6b28ca73dc4e
Setuptools v54.1.0 introduces a warning that the use of dash-separated
options in 'setup.cfg' will not be supported in a future version [1].
Get ahead of the issue by replacing the dashes with underscores. Without
this, we see 'UserWarning' messages like the following on new enough
versions of setuptools:
UserWarning: Usage of dash-separated 'description-file' will not be
supported in future versions. Please use the underscore name
'description_file' instead
[1] https://github.com/pypa/setuptools/commit/a2e9ae4cb
Change-Id: I8aa117a2ab38af4a82abfdd65e9dac103827ffbb
We already catch IndexError when processing a line, but not other
errors. A recent regression in python-hardware caused it to raise
TypeError.
Change-Id: Ic6615c1b4017df66783829e54b9f716a9e65b916
Add file to the reno documentation build to show release notes for
stable/wallaby.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/wallaby.
Sem-Ver: feature
Change-Id: I68e4788d193e3a0840e708b93a01b70d6709fa09
This is a follow-up for extra issues identified during code review of
Ib4978f5e3e4f1b64faa1bfae3cdcf46199bb2f21
Story: 2008698
Task: 42099
Change-Id: Ic18d42209d0f0f7c12ab0972dba2b97bb93b7c4e
follow-up to Icd3de82877c6a53d32b4c9fd3e500d3cd9d7fb17
Use id attribute instead of uuid. This caused an exception when an unexpected
port was being deleted.
Story: 2008698
Task: 42007
Change-Id: Ib4978f5e3e4f1b64faa1bfae3cdcf46199bb2f21
The default policy will been replaced with one which aligns with the
Secure-RBAC scopes and roles. Since ironic-inspector is a tool used only
by system-level admins, only the ``system`` scope is supported, and the
only roles in the policy rules are ``admin`` and ``reader``.
The is_admin and is_observer rules are deprecated for removal, and
every rule which refers to them are deprecated in favor of the
system-scoped equivalent (system_scope:all with role:admin or
role:reader)
No unit tests covered the existing policy, these are now covered by
test_acl.TestACLDeprecated.
Change-Id: I4d038245c6b97b1504fb47eeec78ad3f9e5a897c
this is a follow-up to Icd3de82877c6a53d32b4c9fd3e500d3cd9d7fb17
one more place was identified as trying to use uuid attr of a Node
object from openstacksdk instead of id attr.
In tests, use stricter mocking with spec_set (that actually fails to
access or set an atribute of a mock that is absent from the spec class
or instance) to guard against future possible changes.
Change-Id: I83c420d0e91e00f583a28833f4f710cf70b01fa8
Story: 2008379
Task: 41300
Since pymemcache 3.4.0, localhost will first translate to ipv6 ([::1])
if possible instead of ipv4 (127.0.0.1). Since memcached is running in
the ipv4 interface, we need to point tooz to the right endpoint.
Depends-On: https://review.opendev.org/c/openstack/requirements/+/772684
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
Change-Id: Iddf558cd598e41ffead11e164ce2fb1720d15f34