Fix warnings:
doc/image-building.rst:415:undefined label: deploy_a_registry
(if the link has no caption the label must precede a section header)
Change-Id: I8d921f3b05acf9304ccf41e172926887088b97d7
Bandit was not running in all directories
due missing -r parameter.
Also, this change fix bandit errors.
* Add nosec to subprocess module
* Change /tmp/releases to .releases
* Change /tmp/ to tmp/, tmp/ is not checked
and in unittest is not an issue, simpler that mocking tempfile
and make more complex tests.
Change-Id: I42bafa4707a9a4d1faeb01cb9b5a843f56280deb
Some of the available checks are disabled by default, like:
[H106] Don’t put vim configuration in source files
[H203] Use assertIs(Not)None to check for None
Change-Id: I61ce619eeb37dc05f81015d37afc78a32838448a
At the moment, deploy_aio.sh is called with sudo which results
in the environment being wiped. This means that all Zuul
environment variables are removed and therefore when zuul-cloner
runs to checkout the branch of kolla-ansible, it will always
fallback to master as ZUUL_BRANCH is unset.
This patch removes the global usage of sudo in the tox.ini file
as there is existing usage of sudo in the bash script itself. This
will mean that we will only escalate privileges when needed rather
for the whole script and the environment variables should be passed
on properly resulting in the matching release of kolla-ansible being
checked out.
Closes-Bug: #1673756
Change-Id: I477a843e696be7136c020be6408afea01967879d
This patch add the coverage tool package to test-requirements.txt
which was missing, while kolla support coverage. In addtion to this
tox.ini coverage command is modified to reflect the coverage report
in standard output whenever "tox -e cover" command run for better
representation of coverage report.
Change-Id: I7f77c8d5320a7d180586ce1e8773a4f294846331
Partially-Implements: blueprint coverage-increment-for-kolla
All json file in Kolla are json.j2 file, it shold be render as jinja
template, then validate by using json.
Change-Id: Ibabbe435116fd255d68347e00407156db76fedfe
Closes-Bug: #1634447
bandit is a security linter and can be made voting now. Instead of
starting another virtual machine, run it as part of the generic linting
target which is pep8.
Change-Id: I6a8f7aa2b60bd96d55b37b6cc2a371069d6d5e6a
Openstack infra now supports upper constraints for all jobs.
Updated tox.ini to use upper constraints for all jobs.
Change-Id: I603949f16dc415b0900fafcfbd4cf76ff9e8d746
Closes-Bug: #1628597
Currently __pycache__ directory, which also holds
python bytecode is not deleted when running tox.
TrivialFix
Change-Id: I0fdcf9a3f9b01cee813eefdbfe29d208dd67f826
* Inspected each error and fixed / added nosec where appropriate.
* build-swift-ring.py which was throwing sec errors is no longer used so
removed it.
* Removed the dev/ directory from being checked.
Closes-Bug: #1617713
Change-Id: I25664cabca4137e5c9f499c1af3f5ce78b86fb56
This will test all rst files inside the doc directory for style issues with
doc8 (an opinionated style checker for rst styles of documentation).
This will fix all syntax issues identified by doc8 and will improve
the syntax.
Change-Id: Id1b9563e07e77e306aef5a0767c98c27f87c5c0e
Now that there is a passing gate job, we can claim support for
Python 3.5 in the classifier. This patch also adds the convenience
py35 venv.
Change-Id: Ia7b1fb88ac108e1e8fd6ed963967e731ae3ca5a4
Closes-Bug: #1603006
The Ubuntu Mitaka repo is release, and we have add it.
So it is time to add the Ubuntu binary gate.
Closes-Bug: #1560386
Change-Id: I29d01147595c4ebebfa00798d01d5fd7398123a6
A recent change related to sudo securepath broke how sudo -E
works. Now the PATH is reset by sudo as set by tox. As a result
we can no longer rely on sudo -E anywhere in our gating system
relating to path inheritence from the parent shell.
This patch uses a shell operation in the setup_nodes.yml code
to chmod the docker socket to 666 so docker containers can build
properly. Now docker operations don't return a permission denied
and we no longer require the sudo -E operation in any of our tox
scripts. This isn't a security vulnerability because our gate
scripts are only meant to be run in OpenStack infrastructure.
To make this more clear I recommend moving these shell scripts to
tests/gate.
Change-Id: I5b3d6e280e3c12a25defedb14b5589ba642043fa
Closes-Bug: #1562383
For proper release note generation on the releases.openstack.org
website, this change will need to be backported into mitaka and
liberty as well. Then a special one-file reno file will have to
be added for mitaka describing the features and the same story
for liberty.
See log of the discussion here:
http://eavesdrop.openstack.org/irclogs/%23openstack-release/%23openstack-release.2016-03-23.log.html#t2016-03-23T18:00:05
Change-Id: I3c298ae08ec4645f384ea5829cb0851fe82f4557
Partially-Implements: blueprint add-reno
Bandit is a job that parses and analyzes python code to detect
common insecure programming practices.
TrivialFix
Change-Id: Iea23a9bd23b25827043f02aa1a62fb0724f1d0ee
According to the PTI (=Python Test Interface,
http://governance.openstack.org/reference/cti/python_cti.html), pep8
is the interface for codestyle checks. Move all tests from linters to
pep8.
This change will be followed by a change to project-config to use pep8
for testing in the gate.
Change-Id: I1a48f4b1e0b0950640192bcfc55121619a844b50
The existing gate partitioned a disk for use with docker, depending
on the gate it would use the swap disk (RAX) or a spare disk (HP).
However, with the new gates (Bluebox + OVH) there is neither a spare
disk nor a swap disk. This leaves us with one choice: File based loop
device.
This patch creates a file at /swapfile to ensure we have swap. It
creates a file at /docker to ensure we have a loop device for Docker.
Right now the /docker file is 10GB and the /swapfile is 4GB due to
size limitations in the gate across all servers and types. This has
proven to be enough space for all our current tests.
Additionally, reduce the number of threads the gate uses to 4 to
prevent the lockup and hour timeout we have been seeing as more
recently in the gate.
The scripts that setup the gate are moved to the tools directory
rather than the tests directory to match the structure of the other
projects.
Partially-Implements: blueprint functional-testing-gate
Change-Id: I3e370f2382b6df36103d8b2ceda9b21d9b4229d5
In an effort to reduce the number of gates, we can combine
non-conflicting jobs as we have already done with pep8 and bashate
TrivialFix
Change-Id: I81c2e523c563f8c761b57c8f20ca807d59da5d68
To solve the problem of "db type could not
be determined" on py34 we have to run first
the py34 env to, then, run py27.
This patch puts py34 first on the tox.ini list
of envs to avoid this problem to happen.
Closes-Bug: #1489059
Change-Id: I4f791dfa620eacdd76cd46f193e190071ab64b6c
By ignoring the appropriate tests that pep8 does we can properly run
*most* of the pep8 tests on all of our modules allowing for a more
consistent coding style.
Closes-Bug: #1528431
Change-Id: I33f27a250d06d4f044267aa3ad189e092789b8df
Convert config creation from a playbook to an action_plugin. This
reduces the complexity and confusion while retaining the same augment
structure and flexibility.
This allows us to remove the 0-byte files as requirements. They will
still be used if they are present (this means we require additional
documentation around them).
DocImpact
Closes-Bug: #1528430
Change-Id: I2c789f6be9f195c7771ca093a6d59499564b4740
When a development environment is under a proxy, tox is failed even if
environment variables of the proxy are set.
This patch fixes this problem.
Change-Id: I685ddbc6bb6e0fe25c308c35a7581785eebe3629