The time has come. After nearly 10 years of existence, ironic-inspector
enters maintenance mode. New deployments are discouraged, existing ones
should consider migration.
Change-Id: I2cf90d973acd988896071a23c6d6533324368632
The current code never closes connection. Newer openstacksdk versions
register Connection.close with the atexit mechanism, so any connections
that are not explicitly closed stay in memory forever.
Change-Id: I18bbb460cbaa4f58f9e736c071571c38ced35892
Add file to the reno documentation build to show release notes for
stable/2024.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2024.1.
Sem-Ver: feature
Change-Id: I0488ba83e60f1f1dc796a244f9e77201053c04c0
... based on the change made in reno recently[1].
Also the overall regex is updated to be more consistent with the regex
used in ironic.
[1] https://review.opendev.org/c/openstack/reno/+/910547
Change-Id: Ibd1db024b9d7ab03aec083675465c6c24229a805
This is the first in a series of commits to add support for codespell. This is continuning the process completed in ironic-python-agent.
Future Commits will add a Tox Target, CI support and potentially a git-blame-ignore-revs file if their are lots of spelling mistakes that could clutter git blame.
Change-Id: Icb4e66359c3e79618c916b35793ea7b5f79b030d
This change fixes inspector so a project scoped service role user
can connect to inspector, and a project scoped admin user can also
access inspector as the OpenStack community pivoted it's RBAC
direction after the original RBAC work was done, and inspector
was sort of forgotten about.
Closes-Bug: #2049098
Change-Id: Ide9420843a680b09d682062a99b2c88c0fcf5228
Add file to the reno documentation build to show release notes for
stable/2023.2.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.2.
Sem-Ver: feature
Change-Id: Ice4a0d1b8e17d12f5b31aa0bcf4f0f8d76596510
Since ironic-inspector is pending deprecation and does not see a lot of
changes, simply disable the jobs that do not pass. A release note is
issued about the status of the project.
Also: Re-adjust the memory footprint of the VMs since we use
tinycore linux on this job, *and* we were previously introsepcting
4 VMs at 1GB each. The count has been changed to two.
Change-Id: I11d10a9f83552b5875812fa65d87cc5c72081537
If redfish_address is in brackets, unwrap it
and check that it is a valid IPv6 address.
If that is the case use the unwrapped address
to avoid "Name or service not known".
Closes-Bug: #2036455
Change-Id: I0d194091be22e8401d379b7ffa720f8004cca3d0
Add file to the reno documentation build to show release notes for
stable/2023.1.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/2023.1.
Sem-Ver: feature
Change-Id: I4e7efcbb18a2e44508ca7ca74250c9a17a3be4b6
Reno was assuming all tags ending in -eol represented an old, EOL'd
stable branch. That's not true for Ironic projects which have bugfix
branches. Update the regexp to exclude those branches.
Co-Authored-By: Adam McArthur <adam@mcaq.me>
Change-Id: I2f8c80bd2aac2d00616ac2a2789a7da303d29656
Primarily remove the workaround added in
Ia6d512ff2ae417bab938cb095fbb0884d195010a which added
continued use of autocommit, which is incompatible with
SQLAlchemy 2.0.
Also set the environment for unit tests to report compatability
warnings, although it appears none are being reported at this time.
Also cuts out the db upgrade cruft to only use the online database
migration code through oslo_db's enginefacade, which has the smarts
to handle online or offline migrations.
And then, retools unit/functional test data storage to utlize sqlite,
and in that re-tooled the queries to prevent locking conditions
which could exist with queries, and some additional refactoring/cleanup.
Also, don't mock and test time.sleep().
Additionally, it looks like we have discovered the root cause of the
memory/connection leakage issue which has been observed, due to the
way lists of nodes are processed/returned.
This change was based upon the work in
I506da42a9891a245831f325e34bec92e0a3f33f0 which is included in
this commit as the entire database structure and interaction
has been modified for ironic-inspector.
Co-Authored-By: aarefiev <aarefiev@mirantis.com>
Story: 2009727
Task: 44132
Change-Id: Ic88eb9dec5fddc924a72d9a23c17a304954ebf46
Add file to the reno documentation build to show release notes for
stable/zed.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/zed.
Sem-Ver: feature
Change-Id: Id87e98c6a0052c45b78eebeedd6c3fdca6890a61
Follow the same process of root device selection as in IPA
which changed in https://review.opendev.org/c/openstack/ironic-python-agent/+/850861
The change introduces 'skip_block_devices' field into properties which
contains a list of hints pointing to devices that cannot be root devices
Change-Id: I94c8607ef9c610eadf1b5bce4fb154e97939a643
Add file to the reno documentation build to show release notes for
stable/yoga.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/yoga.
Sem-Ver: feature
Change-Id: I47205257b06c7cf59678989223517c66dafb1a8e
When using nginx to terminate TLS (like it's done in Bifrost), it's more
secure to use a Unix socket for communication, so that local users
cannot access plain text communication.
Change-Id: I37b762cca035b5855deb92635c29e8eb97a87c20
The systemd service named openstack-ironic-inspector-dnsmasq is a name
which was only ever used by TripleO and hasn't been used since before
Train when the services were containerized and the dnsmasq process
management was no longer handled by inspector at all.
This change removes this rootwrap rule as unused for some years. Any
configuration tool which is setting
[dnsmasq_pxe_filter]dnsmasq_start_command also needs to be writing an
appropriate rootwrap.d file, as the inspector devstack plugin does.
Change-Id: I38974faa8897daabf88ff63402d42a3ef93e675c
It turns out that eventlet has been injecting a
``Transfer-Encoding`` header as of recent into WSGI application
response headers. The result of this ultimately depends on how
the HTTP client which is passing the request to the server is
written to handle data.
Apache, for example, will return that an invalid response was
received. In part because it sees the request end, with an HTTP
204 response code, but also an encoding indicating there is
a multipart body encoding inbound. Which is confusing.
Other C based HTTP clients can have any number of reactions up to
and including disconnecting sessions. Curl, depending on the
headers present either returns success but notes body weirdness
or actually returns return code 18.
Python-Requests kind of has it a little worse, and we see this
with clients. With it, it tries to prepare a respones content
body based upon the presence of the header indicating there is
a body. But it blows up thinking there is more data to read on
the socket when there is not more data to read.
Regardless, all of this is an RFC7230 violation.
Neither Content-Length nor Transfer-Encoding should be on an HTTP
204 response. However, Content-Length is the lesser evil, and we
have a similar endpoing in Ironic which *does* explicitly get
returned with a zero length content-length, and does not
demonstrate such issues.
As such, in the interest of the lesser evils until Eventlet's evil
ways of header injection are remedied, we're explicitly going to
force a Content-Length header to be sent indicating a zero length
response.
For more information, please see: https://github.com/eventlet/eventlet/issues/746
Change-Id: I014cc65c79222f4d4d7c2b6ff11a76e56659340c