As discussed and approved during the ironic wallaby midcycle, the grenade
jobs in old stable branches.
And remove lower-constraints job.
Also replace subprocess with processutils to fix the dsvm-python3 job.
Change-Id: Ibdfed9545a26e752ab7aeed2db122a368c3c06fb
(cherry picked from commit 1ef55e3603)
We don't need to install libraries from git in our jobs.
ironic-python-agent is also not needed since we download the ramdisk.
Change-Id: I634e75ab04253edffb6f19394d3943e9ffe56d13
(cherry picked from commit da69fca0f8)
In node_cache.find_node() we were constructing a raw SQL query using
unescaped data that came in on the wire. This presented an SQL injection
vulnerability. To avoid this, use the query builder from SQLAlchemy to
ensure that any input strings are correctly escaped.
Change-Id: I2b0ffa307ec1aa57538733f2e454d2d7e994d656
Story: #2005678
Task: 30992
(cherry picked from commit 9d107900b2)
According to [1], the Port address and extra
field in the same level.
Method _get_blacklist should pass port list instead
port.address list for InfiniBand mapping.
[1] https://github.com/openstack/ironic/blob/master/ironic/objects/port.py
Story: 2005729
Task: 31077
Change-Id: Iedc321c840f18fc1aa856b857da2c35318a538ae
(cherry picked from commit dc7e4d26ae)
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.
This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.
This update should result in no functional change.
For more information see the thread at
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html
Change-Id: I1f9f8a69d26d20e920288ef203ca7f2e71e8e1e1
The commit 771f2d396b breaks it because
it tries to use hostname for lookup. Lookup must always use IP addresses,
because that's what `ipmitool lan print` outputs.
Change-Id: I62ff646b77e2d39f70bade11924b2a47e1173cb5
(cherry picked from commit b3088916c6)
* According to python docs 'gethostbyname() does not support IPv6 name resolution'
Changing it to socket.getaddrinfo.
* get_ipmi_address method returns tuple (<BMC Address>, ipv4, ipv6)
Change-Id: I7d57556ff00cf29aee6f1591dcb924086099c7d5
Story: #2004648
Task: #28601
(cherry picked from commit 771f2d396b)
I had a case when an operator set the timeout too a abnormally large
value, which caused OverflowError in the timeout clean_up task, which,
in turn, prevented ironic-inspector from ever running node list sync
with ironic.
This change makes two corrections:
* The timeout configuration is limited to 10 years (0 can still be used
to disable the timeout completely).
* Errors in the clean_up task do not prevent the node list sync from
running.
Change-Id: Ie3ad29a4abb9ac58c41b776042f80dff6a9c72d2
Story: #2004807
Task: #28963
(cherry picked from commit ab4a3bd867)
Allows the ``set-attribute`` introspection rule action
to use ``None`` as a valid value.
Co-Authored-By: Riccardo Pittau <elfosardo@gmail.com>
Change-Id: I1aa11c8095c4557107223e352424e3b718e2ab35
Story: #2004546
Task: #28299
(cherry picked from commit 22294abac6)
The Ironic API has a validation on the LocalLinkConnectionType to
ensure all mandatory values are included. Handle failures which
could occur if the switch does not send all mandatory fields.
Change-Id: I8716a69586265a58520cc2c6bc0bbc00a7c159da
Story: 2004238
Task: 27761
(cherry picked from commit 7703aab662)
In Python 3.7, there's no longer a os.errno, it's now available directly
from the root instead.
This patch therefore, tries to "import errno", and fallsback to
"import os.errno as errno" if it fails. Then in the content of the code,
we simply use the errno module directly.
Change-Id: Ibf385ab32a8098e936c019303633de38a848076c
(cherry picked from commit 2459cd8531)
The dnsmasq pxe filter takes start/stop commands for the
dnsmasq service as options. Restarting the systemd service
requries root access.
This change adds a rootwrap filter to allow systemctl
control of the dnsmasq service.
NOTE: The systemd service name is the one used in the RDO
distribution. Additional filters may be needed for other
distributions.
Story: 2002818
Task: 24754
Change-Id: Ie961ec4d3b6b65a462e2d2493f5b9240c2bfa7a6
(cherry picked from commit 8c5d7de693)
This is a mechanically generated patch to complete step 1 of moving
the zuul job settings out of project-config and into each project
repository.
Because there will be a separate patch on each branch, the branch
specifiers for branch-specific jobs have been removed.
Because this patch is generated by a script, there may be some
cosmetic changes to the layout of the YAML file(s) as the contents are
normalized.
See the python3-first goal document for details:
https://governance.openstack.org/tc/goals/stein/python3-first.html
Change-Id: I0b61a66234b7dc756af5b94a0de79a660cb5cdfa
Story: #2002586
Task: #24302
The new stable upper-constraints file is only available
after the openstack/requirements repository is branched.
This will happen around the RC1 timeframe.
Recheck and merge this change once the requirements
repository has been branched.
The CI system will work with this patch before the requirements
repository is branched because zuul configues the job to run
with a local copy of the file and defaults to the master branch.
However, accepting the patch will break the test configuration
on developers' local systems, so please wait until after the
requirements repository is branched to merge the patch.
Change-Id: I038e415f75df8feb53015b3e9cad8c08efaa22c4
Following message was seen during unit tests:
"BUG: node lock was not released by the moment node info object is deleted."
Though the bug was marked invalid before, apparently it had never been resolved.
Tests involved in this patch were located by saving stack at NodeInfo.__init__ and
printing out at NodeInfo.__del__, without promises, but hopefully covers all tests
in current repo.
Change-Id: I678407b350bd07926eb98db30f24cc83747fa84c
Story: #1533595
Task: #11296
This removes deprecated [iptables]manage_firewall and code.
Other deprecation markers relate to [firewall] are removed as well.
Change-Id: I449e16975b05a331b08dd160e0dec4a7c3cf6734
Story: #1665666
Task: #11358
During pycodestyle fix [0], the max code complexity is temporarily
increased to 18.
This patch is a follow up to restore previous complexity (value 15),
and refactor code causing C901.
[0] https://review.openstack.org/#/c/567066
Story: #2001985
Task: #19604
Change-Id: Id64c31c449761024504284dcadd2b6c9f4a97f00
At the beginning of introspection, ironic inspector sets boot device and
reboot node through ironic, currently it only stops when reboot the node
is failed. Actually the node is not guaranteed to reboot with pxe in either
case.
This patch eliminates the descripency, so that if anything goes wrong, it
will be exposed early.
Change-Id: I416e42137e59e04f7fd282aa309f2f89cf574209
Story: #2002977
Task: #22985
Modify introspection rules to allow formatting to be applied to strings
nested in dicts and lists in the actions.
Change-Id: Ia53e0de98438f7789e9b9136dcd85c1b1274b713
Story: #1670768
Task: #11362
According to Openstack summit session [1] stestr is maintained project
to which all Openstack projects should migrate.
Let's switch it then.
Also adjust requirements to pass the gate.
[1] https://etherpad.openstack.org/p/YVR-python-pti
Change-Id: I79b2220c20a04e2e33360bc330b5b4b4124caf71
Signed-off-by: Chuck Short <chucks@redhat.com>
As Flask version was updated we need to update our own requirements.txt
to avoid reqirements-check job to fail on every patch that changes
anything related to requirements.
Change-Id: I22f471534eded46a8deecccdb07db71d0705226b
Signed-off-by: Chuck Short <chucks@redhat.com>
ironic-inspector-tempest-dsvm-python3 did not have a driver explicitly
set, so devstack-gate fell back to pxe_ipmitool.
Change-Id: I03715da6c631c015cb2fd093e9049b6ae0483ae7
This changes the dnsmasq PXE filter so that it keeps
macs that are no longer in ironic blacklisted unless
introspection is active or node_not_found_hook is set.
Replacing the previous behaviour that would
exclusively whitelist macs that are no longer in
ironic.
Story: 2001979
Task: 19589
Change-Id: Ib417089116dcbfb25f759708ee3cddcb88ae2111
Adds a new node field "manage_boot" to store this value. When it is set
to False, neither boot device nor power state are touched for this node.
Instead, we expect a 3rd party to handle them.
We still manage the PXE filter because the node may need DHCP.
Change-Id: Id3585bd32138a069dfcfc0ab04ee4f5f10f0a5ea
Story: #1528920
Task: #11338
In commit 02ece7fc9f hacking
was capped at version 1.1.0 to fix gate issue.
Change I6c76a43353b1beb572dbde78dba4b4a839d45ea7 fixes
the issues with new rules and new defaults in hacking 1.2.0.
Story: 2001985
Task: 22104
Change-Id: Ib912724e83090a72d5c97c6bb2cb41b935265fdb
We want to default to running all tox environments under python 3, so
set the basepython value in each environment.
We do not want to specify a minor version number, because we do not
want to have to update the file every time we upgrade python.
We do not want to set the override once in testenv, because that
breaks the more specific versions used in default environments like
py35 and py36.
Change-Id: Ic87686868f784f0e1b514d6b899cc16240d88d61
Currently the default API version used when creating ironic client
objects is 1.19, which was from the Newton (6.1.0) release. While it is
possible to create a client object with a more recent version within
plugins, introspection rules always use the default. This prevents
access to and updating of fields added in versions after 1.19.
This change updates the default ironic API version to 1.38, which was
the version at the time of the most recent Queens series release
(10.1.0).
Change-Id: I395f18612e20d4f7d71e503391ca2381bad68192
Story: 2002166
Task: 20017
Catch SIGTERM signal and call the signal handler method.
The signal handler then raises KeyboardInterrupt. The
KeyboardInterrupt won't be caught by any 'except Exception'
clauses.
Without this the service does not stop periodic workers,
tear down pxe filters etc as it is supposed to on shutdown.
NOTE: Calling shutdown() directly from the signal handler
causes the below error. This is why the signal handler
raises KeyboardInterrupt.
AssertionError: Cannot switch to MAINLOOP from MAINLOOP
Related-Bug: #1765700
Story: 2001890
Task: 14374
Change-Id: If0e24eae767b7806243fa4ae34fedb30ae9af25a
Kaifeng Wang
Dmitry Tantsur
Riccardo Pittau
Zuul
Zane Bitter
Dongcan Ye
OpenDev Sysadmins
Ian Wienand
Dmitry Tantsur
Nikolay Fedotov
Iury Gregory Melo Ferreira
Bob Fournier
Zuul
Thomas Goirand
Harald Jensås
Doug Hellmann
OpenStack Release Bot
Will Miller
Chuck Short
Jim Rollenhagen
Dao Cong Tien
Dmitry Tantsur
chenxiangui
huang.zhiping
Mark Goddard