Current documentation uses python syntax to explain the structure of the
introspection rules, this is misleading as we're actually expecting JSON
input on the rules API. This patch converts all rule examples to use
JSON syntax to prevent confusion.
Change-Id: If442fe5db8484900a5bd688e02d77d5bed69b326
Closes-Bug: #1564238
This change drops check on UUID validness from our API.
It also has a subtle effect of doing Ironic node fetching in
the introspection status and data fetch calls, which might make them
slightly longer (but only when name is used).
A new helper common.ironic.get_node is created to unify how we fetch nodes
from Ironic. It also provides nicer exceptions.
Change-Id: I20cf65e57910568b70a62c3f9269a962e78a07e2
Closes-Bug: #1523902
Returning False from is-empty condition on missing values seems extremely
confusing and rules out some potential use cases.
Closes-Bug: #1578184
Change-Id: I8f976516f89367512e2ffae2815085be1776b6f6
Previously the ramdisk logs were only stored if the ramdisk reported an error.
However, we are moving from ramdisk-side validation to server-side, so we need
ramdisk logs to be available if processing fails too.
This change moves storing ramdisk logs from a ramdisk_error plugin to core
processing code. As before, it can be disabled by setting ramdisk_logs_dir to
an empty value.
Change-Id: Ib3742ee1c1d4f2f96d29466626e1121694610dc3
Closes-Bug: #1564448
* Use fixtures instead of a self-invented decorator
* Give proper names to mocks
* Swift from inline mocks to @decorators
* Split TestProcess into several test cases
* Remove the old style of setting side_effect (via iter)
Change-Id: If74221642723b0a6bea439dbcbdd360a43e7172f
Otherwise on reintrospection the firewall code may not update
iptables rules, assuming they are already correct.
Change-Id: Icc05174854bd9ab51bfed9d1360873bf5db9ed54
Closes-Bug: #1570447
This patch contains tempest plugin interface which are generated by
tempest-plugin-cookiecutter[1].
Also empty test manager and basic test was added.
[1] https://github.com/openstack/tempest-plugin-cookiecutter
Change-Id: I333462987bb6cdd1933fbb3550f527364c74ba07
This will force pip install to use the upper-constraints.txt specified
version of pip modules. When you don't do this, you are out on the
bleeding edge and become unstable everytime some python library in the
wide world changes in a way that you don't expect.
Post jobs are not yet compatible with the upper-constraints file, so
override the install_command there to skip upper-constraints.
Credit to the equivalent Ironic patch
https://review.openstack.org/#/c/300146/
Change-Id: Ica668afedf622a0be8e8566ac88e1d0020ed9bc7
Closes-Bug: #1563038
As requested in the related bug, this pull request allows to run the
introspection again on previously stored data. This should make it simple
to correct mistakes in the introspection rules.
For this purpose, new API entry point was introduced:
/v1/introspection/<UUID>/data/unprocessed that supports an empty POST
method to trigger the introspection over stored data. New function
`reapply` was introduced that takes care about the entry point and carries
out the introspection. The `process` function was modified to allow
reusing common parts in the new reapply function. The storage access
methods were updated to allow saving the "raw" memdisk data besides the
processed introspection data.
Following preconditions are checked the reapply function having been
triggered:
* no data is being sent along with the request
* Swift store is configured and enabled and the stored data is present
for the node UUID
* node_info object is cached for the UUID and it is possible to lock the
object
Should the preconditions fail, an immediate response is given to the user:
* 400 if the request contained data or in case Swift store is not enabled
in configuration
* 409 if it wasn't possible to acquire lock for the node_info object
* 404 in case Ironic didn't keep track of related BM node
If the preconditions are met, a background task is executed to carry out
the processing and a 202 Accepted response is returned to the endpoint
user.
As requested, these steps are performed in the background task:
* preprocessing hooks
* post processing hooks, storing result in Swift
* introspection rules
These steps are avoided, based on the RFE:
* not_found_hook is skipped
* power operations
Limitations:
* IMPI credentials are not updated --- ramdisk not running
* there's no way to update the raw data atm.
* the raw data is never cleaned from the store
* check for stored data presence is performed in background;
missing data situation still results in a 202 response
Change-Id: Ic027c9d15f7f5475fcc3f599d081d1e8d5e244d4
Closes-Bug: #1525237
This refoctor is needed for tempest test work as tempest tests
will placed in test dir. So move unit tests to separate directory
"unit" under test.
Change-Id: Ic99df6111ef30947148a9e38b9435a54f3d37064
This test essentially tests get_session(), which is covered by anything else
touching the database code. More importantly, as it does not use any mocks,
it fails on stable/liberty right now.
Change-Id: I175a38bd3675aabe1c518a0b7d4c2bd56d93cc1a
According to cross project spec
I622f89fe63327d44f9b229d3bd9e76e15acbaa7a downgrade
migrations should be removed.
Change-Id: Iee38d8ba5e414e67033db35db52724d3f9f84fd7
This patch does not change the options in config file yet to showcase
backward compatibility with old config options.
Change-Id: I1da93b59b2f4813c42008277bd6479dc6673e7f1
When attempting to convert some eDeploy data to integer, inspector will
handle the ValueError exception which works fine for strings that are
not interger-like. But, when this data is None a TypeError exception
will be raised which wasn't handlded before, this patch is fixing it.
Closes-Bug: #1560050
Change-Id: I830a1a88c765c6471c457e383c7e859fd7f93ef9
Currently we are using only the resulting MAC(s) when doing a node lookup.
In many cases it is the MAC of the PXE-booting NIC. However, it's not necessary
the MAC that people used for enrolling the Ironic node, which will lead to
lookup failures on the virtual environment. This change makes the lookup
procedure use all of the valid MAC's.
Similarly, the enroll node_not_found_hook now checks all MAC's before creating
a node.
Code in the validate_interfaces hook was reordered to ensure we only keep
interfaces with valid MAC's even in the "all_interfaces" list.
Change-Id: Ie7df05d9a7855716fb835c90cfb0ac7fc4cd66df
Currently we keep DHCP always open for new nodes. This is an overkill, as we
always know which nodes are on introspection. It also causes problems when not
all node NIC's are registered in Ironic, as these NIC's might get DHCP from our
server.
This change reduces probability of wrong nodes accessing our DHCP by REJECT'ing
all DHCP requests when no nodes are on introspection and node_not_found_hook is
not set. It does not solve the problem completely: conflicts are still possible
during the introspection.
Change-Id: I7a50c02023ef4364e14825cd80fa75565fac3dc8
Partial-Bug: #1557979