From b7b282ed084c74b36369ed915c92103c1595c7fb Mon Sep 17 00:00:00 2001 From: Maciej Szankin Date: Mon, 10 Oct 2016 15:10:03 +0200 Subject: [PATCH] conf: Move api options to a group Change-Id: Ida4ee57d6e1822e35e3198f6d3a89410e211d57d Implements: bp centralize-config-options-ocata --- nova/api/auth.py | 4 +- nova/api/metadata/base.py | 8 +- nova/api/metadata/handler.py | 8 +- nova/api/metadata/vendordata_dynamic.py | 10 +- nova/api/metadata/vendordata_json.py | 2 +- nova/api/openstack/auth.py | 2 +- nova/api/openstack/common.py | 22 ++- nova/api/openstack/compute/evacuate.py | 2 +- nova/api/openstack/compute/fping.py | 4 +- .../compute/hide_server_addresses.py | 2 +- nova/api/openstack/compute/quota_sets.py | 8 +- nova/api/openstack/compute/rescue.py | 2 +- nova/api/openstack/compute/servers.py | 4 +- nova/api/openstack/compute/tenant_networks.py | 4 +- nova/api/openstack/placement/deploy.py | 2 +- nova/conf/api.py | 137 +++++++++++------- .../api/openstack/placement/fixtures.py | 2 +- .../openstack/placement/test_report_client.py | 2 +- .../api_sample_tests/api_sample_base.py | 7 +- .../test_hide_server_addresses.py | 6 +- nova/tests/functional/test_metadata.py | 9 +- .../api/openstack/compute/test_access_ips.py | 2 +- .../openstack/compute/test_admin_password.py | 2 +- .../api/openstack/compute/test_evacuate.py | 2 +- .../api/openstack/compute/test_flavors.py | 7 +- .../unit/api/openstack/compute/test_images.py | 5 +- .../openstack/compute/test_multiple_create.py | 6 +- .../unit/api/openstack/compute/test_rescue.py | 2 +- .../openstack/compute/test_server_actions.py | 9 +- .../api/openstack/compute/test_serversV21.py | 16 +- .../openstack/compute/test_tenant_networks.py | 9 +- .../api/openstack/compute/test_user_data.py | 4 +- .../api/openstack/compute/test_versions.py | 2 +- nova/tests/unit/api/openstack/test_common.py | 6 +- nova/tests/unit/api/test_auth.py | 2 +- nova/tests/unit/conf_fixture.py | 2 +- nova/tests/unit/image/test_glance.py | 2 +- nova/tests/unit/test_metadata.py | 16 +- ...-config-to-api-group-af20a57a9e3e1b85.yaml | 26 ++++ 39 files changed, 217 insertions(+), 150 deletions(-) create mode 100644 releasenotes/notes/add-api-config-to-api-group-af20a57a9e3e1b85.yaml diff --git a/nova/api/auth.py b/nova/api/auth.py index b515a71a0f1a..9787072155d3 100644 --- a/nova/api/auth.py +++ b/nova/api/auth.py @@ -55,7 +55,7 @@ def pipeline_factory(loader, global_conf, **local_conf): def pipeline_factory_v21(loader, global_conf, **local_conf): """A paste pipeline replica that keys off of auth_strategy.""" - return _load_pipeline(loader, local_conf[CONF.auth_strategy].split()) + return _load_pipeline(loader, local_conf[CONF.api.auth_strategy].split()) class InjectContext(wsgi.Middleware): @@ -82,7 +82,7 @@ class NovaKeystoneContext(wsgi.Middleware): # Build a context, including the auth_token... remote_address = req.remote_addr - if CONF.use_forwarded_for: + if CONF.api.use_forwarded_for: remote_address = req.headers.get('X-Forwarded-For', remote_address) service_catalog = None diff --git a/nova/api/metadata/base.py b/nova/api/metadata/base.py index 215029fd5a40..43e7bd9db7c2 100644 --- a/nova/api/metadata/base.py +++ b/nova/api/metadata/base.py @@ -483,8 +483,8 @@ class InstanceMetadata(object): # specified an old style driver here, then use that. This second # bit can be removed once old style vendordata is fully deprecated # and removed. - if (CONF.vendordata_providers and - 'StaticJSON' in CONF.vendordata_providers): + if (CONF.api.vendordata_providers and + 'StaticJSON' in CONF.api.vendordata_providers): return jsonutils.dump_as_bytes( self.vendordata_providers['StaticJSON'].get()) else: @@ -499,7 +499,7 @@ class InstanceMetadata(object): self.set_mimetype(MIME_TYPE_APPLICATION_JSON) j = {} - for provider in CONF.vendordata_providers: + for provider in CONF.api.vendordata_providers: if provider == 'StaticJSON': j['static'] = self.vendordata_providers['StaticJSON'].get() else: @@ -576,7 +576,7 @@ class InstanceMetadata(object): """Yields (path, value) tuples for metadata elements.""" # EC2 style metadata for version in VERSIONS + ["latest"]: - if version in CONF.config_drive_skip_versions.split(' '): + if version in CONF.api.config_drive_skip_versions.split(' '): continue data = self.get_ec2_metadata(version) diff --git a/nova/api/metadata/handler.py b/nova/api/metadata/handler.py index 798232836baf..1cec37d81214 100644 --- a/nova/api/metadata/handler.py +++ b/nova/api/metadata/handler.py @@ -45,7 +45,7 @@ class MetadataRequestHandler(wsgi.Application): def __init__(self): self._cache = cache_utils.get_client( - expiration_time=CONF.metadata_cache_expiration) + expiration_time=CONF.api.metadata_cache_expiration) if (CONF.neutron.service_metadata_proxy and not CONF.neutron.metadata_proxy_shared_secret): LOG.warning(_LW("metadata_proxy_shared_secret is not configured, " @@ -67,7 +67,7 @@ class MetadataRequestHandler(wsgi.Application): except exception.NotFound: return None - if CONF.metadata_cache_expiration > 0: + if CONF.api.metadata_cache_expiration > 0: self._cache.set(cache_key, data) return data @@ -84,7 +84,7 @@ class MetadataRequestHandler(wsgi.Application): except exception.NotFound: return None - if CONF.metadata_cache_expiration > 0: + if CONF.api.metadata_cache_expiration > 0: self._cache.set(cache_key, data) return data @@ -132,7 +132,7 @@ class MetadataRequestHandler(wsgi.Application): def _handle_remote_ip_request(self, req): remote_address = req.remote_addr - if CONF.use_forwarded_for: + if CONF.api.use_forwarded_for: remote_address = req.headers.get('X-Forwarded-For', remote_address) try: diff --git a/nova/api/metadata/vendordata_dynamic.py b/nova/api/metadata/vendordata_dynamic.py index 9d13826e1151..ffa97d8a79d0 100644 --- a/nova/api/metadata/vendordata_dynamic.py +++ b/nova/api/metadata/vendordata_dynamic.py @@ -65,11 +65,11 @@ class DynamicVendorData(vendordata.VendorDataDriver): # SSL verification verify = url.startswith('https://') - if verify and CONF.vendordata_dynamic_ssl_certfile: - verify = CONF.vendordata_dynamic_ssl_certfile + if verify and CONF.api.vendordata_dynamic_ssl_certfile: + verify = CONF.api.vendordata_dynamic_ssl_certfile - timeout = (CONF.vendordata_dynamic_connect_timeout, - CONF.vendordata_dynamic_read_timeout) + timeout = (CONF.api.vendordata_dynamic_connect_timeout, + CONF.api.vendordata_dynamic_read_timeout) res = requests.request('POST', url, data=jsonutils.dumps(body), headers=headers, verify=verify, @@ -96,7 +96,7 @@ class DynamicVendorData(vendordata.VendorDataDriver): def get(self): j = {} - for target in CONF.vendordata_dynamic_targets: + for target in CONF.api.vendordata_dynamic_targets: # NOTE(mikal): a target is composed of the following: # name@url # where name is the name to use in the metadata handed to diff --git a/nova/api/metadata/vendordata_json.py b/nova/api/metadata/vendordata_json.py index 8a53f8f08401..6ea5d1522772 100644 --- a/nova/api/metadata/vendordata_json.py +++ b/nova/api/metadata/vendordata_json.py @@ -32,7 +32,7 @@ class JsonFileVendorData(vendordata.VendorDataDriver): def __init__(self, *args, **kwargs): super(JsonFileVendorData, self).__init__(*args, **kwargs) data = {} - fpath = CONF.vendordata_jsonfile_path + fpath = CONF.api.vendordata_jsonfile_path logprefix = "vendordata_jsonfile_path[%s]:" % fpath if fpath: try: diff --git a/nova/api/openstack/auth.py b/nova/api/openstack/auth.py index 9591f4054ec4..a3bcd0cad156 100644 --- a/nova/api/openstack/auth.py +++ b/nova/api/openstack/auth.py @@ -50,7 +50,7 @@ class NoAuthMiddlewareBase(base_wsgi.Middleware): user_id, _sep, project_id = token.partition(':') project_id = project_id or user_id remote_address = getattr(req, 'remote_address', '127.0.0.1') - if CONF.use_forwarded_for: + if CONF.api.use_forwarded_for: remote_address = req.headers.get('X-Forwarded-For', remote_address) is_admin = always_admin or (user_id == 'admin') ctx = context.RequestContext(user_id, diff --git a/nova/api/openstack/common.py b/nova/api/openstack/common.py index 1a73c37b062d..c6a33c4a77d8 100644 --- a/nova/api/openstack/common.py +++ b/nova/api/openstack/common.py @@ -227,7 +227,7 @@ def limited(items, request): """ params = get_pagination_params(request) offset = params.get('offset', 0) - limit = CONF.osapi_max_limit + limit = CONF.api.max_limit limit = min(limit, params.get('limit') or limit) return items[offset:(offset + limit)] @@ -236,7 +236,7 @@ def limited(items, request): def get_limit_and_marker(request): """Get limited parameter from request.""" params = get_pagination_params(request) - limit = CONF.osapi_max_limit + limit = CONF.api.max_limit limit = min(limit, params.get('limit', limit)) marker = params.get('marker', None) @@ -351,7 +351,7 @@ def raise_http_conflict_for_instance_invalid_state(exc, action, server_id): def check_snapshots_enabled(f): @functools.wraps(f) def inner(*args, **kwargs): - if not CONF.allow_instance_snapshots: + if not CONF.api.allow_instance_snapshots: LOG.warning(_LW('Rejecting snapshot request, snapshots currently' ' disabled')) msg = _("Instance snapshots are not permitted at this time.") @@ -433,15 +433,15 @@ class ViewBuilder(object): id_key="uuid"): """Retrieve 'next' link, if applicable. This is included if: 1) 'limit' param is specified and equals the number of items. - 2) 'limit' param is specified but it exceeds CONF.osapi_max_limit, - in this case the number of items is CONF.osapi_max_limit. + 2) 'limit' param is specified but it exceeds CONF.api.max_limit, + in this case the number of items is CONF.api.max_limit. 3) 'limit' param is NOT specified but the number of items is - CONF.osapi_max_limit. + CONF.api.max_limit. """ links = [] max_items = min( - int(request.params.get("limit", CONF.osapi_max_limit)), - CONF.osapi_max_limit) + int(request.params.get("limit", CONF.api.max_limit)), + CONF.api.max_limit) if max_items and max_items == len(items): last_item = items[-1] if id_key in last_item: @@ -468,12 +468,10 @@ class ViewBuilder(object): return urlparse.urlunsplit(url_parts).rstrip('/') def _update_glance_link_prefix(self, orig_url): - return self._update_link_prefix(orig_url, - CONF.osapi_glance_link_prefix) + return self._update_link_prefix(orig_url, CONF.api.glance_link_prefix) def _update_compute_link_prefix(self, orig_url): - return self._update_link_prefix(orig_url, - CONF.osapi_compute_link_prefix) + return self._update_link_prefix(orig_url, CONF.api.compute_link_prefix) def get_instance(compute_api, context, instance_id, expected_attrs=None): diff --git a/nova/api/openstack/compute/evacuate.py b/nova/api/openstack/compute/evacuate.py index 2f31c6d87f73..1434e704d1f2 100644 --- a/nova/api/openstack/compute/evacuate.py +++ b/nova/api/openstack/compute/evacuate.py @@ -128,7 +128,7 @@ class EvacuateController(wsgi.Controller): raise exc.HTTPBadRequest(explanation=e.format_message()) if (not api_version_request.is_supported(req, min_version='2.14') and - CONF.enable_instance_password): + CONF.api.enable_instance_password): return {'adminPass': password} else: return None diff --git a/nova/api/openstack/compute/fping.py b/nova/api/openstack/compute/fping.py index 1c3dcb02bc6f..03254b2e8ba0 100644 --- a/nova/api/openstack/compute/fping.py +++ b/nova/api/openstack/compute/fping.py @@ -43,13 +43,13 @@ class FpingController(wsgi.Controller): self.last_call = {} def check_fping(self): - if not os.access(CONF.fping_path, os.X_OK): + if not os.access(CONF.api.fping_path, os.X_OK): raise exc.HTTPServiceUnavailable( explanation=_("fping utility is not found.")) @staticmethod def fping(ips): - fping_ret = utils.execute(CONF.fping_path, *ips, + fping_ret = utils.execute(CONF.api.fping_path, *ips, check_exit_code=False) if not fping_ret: return set() diff --git a/nova/api/openstack/compute/hide_server_addresses.py b/nova/api/openstack/compute/hide_server_addresses.py index ae346b8e5e3f..5630e70bb0bf 100644 --- a/nova/api/openstack/compute/hide_server_addresses.py +++ b/nova/api/openstack/compute/hide_server_addresses.py @@ -30,7 +30,7 @@ ALIAS = 'os-hide-server-addresses' class Controller(wsgi.Controller): def __init__(self, *args, **kwargs): super(Controller, self).__init__(*args, **kwargs) - hidden_states = CONF.osapi_hide_server_address_states + hidden_states = CONF.api.hide_server_address_states # NOTE(jkoelker) _ is not considered uppercase ;) valid_vm_states = [getattr(vm_states, state) diff --git a/nova/api/openstack/compute/quota_sets.py b/nova/api/openstack/compute/quota_sets.py index e9d4a7e6c003..5c91a3370352 100644 --- a/nova/api/openstack/compute/quota_sets.py +++ b/nova/api/openstack/compute/quota_sets.py @@ -143,10 +143,10 @@ class QuotaSetsController(wsgi.Controller): quota_set = body['quota_set'] - # NOTE(alex_xu): The CONF.enable_network_quota was deprecated due to - # it is only used by nova-network, and nova-network will be deprecated - # also. So when CONF.enable_newtork_quota is removed, the networks - # quota will disappeare also. + # NOTE(alex_xu): The CONF.enable_network_quota was deprecated + # due to it is only used by nova-network, and nova-network will be + # deprecated also. So when CONF.enable_newtork_quota is removed, + # the networks quota will disappeare also. if not CONF.enable_network_quota and 'networks' in quota_set: raise webob.exc.HTTPBadRequest( explanation=_('The networks quota is disabled')) diff --git a/nova/api/openstack/compute/rescue.py b/nova/api/openstack/compute/rescue.py index cf67c665de6a..8bebbfb9a823 100644 --- a/nova/api/openstack/compute/rescue.py +++ b/nova/api/openstack/compute/rescue.py @@ -77,7 +77,7 @@ class RescueController(wsgi.Controller): raise exc.HTTPBadRequest( explanation=non_rescuable.format_message()) - if CONF.enable_instance_password: + if CONF.api.enable_instance_password: return {'adminPass': password} else: return {} diff --git a/nova/api/openstack/compute/servers.py b/nova/api/openstack/compute/servers.py index 314e40a8aa14..97860833ed9e 100644 --- a/nova/api/openstack/compute/servers.py +++ b/nova/api/openstack/compute/servers.py @@ -708,7 +708,7 @@ class ServersController(wsgi.Controller): req.cache_db_instances(instances) server = self._view_builder.create(req, instances[0]) - if CONF.enable_instance_password: + if CONF.api.enable_instance_password: server['server']['adminPass'] = password robj = wsgi.ResponseObject(server) @@ -1032,7 +1032,7 @@ class ServersController(wsgi.Controller): # Add on the admin_password attribute since the view doesn't do it # unless instance passwords are disabled - if CONF.enable_instance_password: + if CONF.api.enable_instance_password: view['server']['adminPass'] = password robj = wsgi.ResponseObject(view) diff --git a/nova/api/openstack/compute/tenant_networks.py b/nova/api/openstack/compute/tenant_networks.py index 34559fba1986..a38d2abb9027 100644 --- a/nova/api/openstack/compute/tenant_networks.py +++ b/nova/api/openstack/compute/tenant_networks.py @@ -60,14 +60,14 @@ class TenantNetworkController(wsgi.Controller): def _refresh_default_networks(self): self._default_networks = [] - if CONF.use_neutron_default_nets: + if CONF.api.use_neutron_default_nets: try: self._default_networks = self._get_default_networks() except Exception: LOG.exception(_LE("Failed to get default networks")) def _get_default_networks(self): - project_id = CONF.neutron_default_tenant_id + project_id = CONF.api.neutron_default_tenant_id ctx = nova_context.RequestContext(user_id=None, project_id=project_id) networks = {} diff --git a/nova/api/openstack/placement/deploy.py b/nova/api/openstack/placement/deploy.py index 269a974ee1b8..936d99cb9cbc 100644 --- a/nova/api/openstack/placement/deploy.py +++ b/nova/api/openstack/placement/deploy.py @@ -34,7 +34,7 @@ objects.register_all() def deploy(conf, project_name): """Assemble the middleware pipeline leading to the placement app.""" - if conf.auth_strategy == 'noauth2': + if conf.api.auth_strategy == 'noauth2': auth_middleware = auth.NoAuthMiddleware else: # Do not provide global conf to middleware here. diff --git a/nova/conf/api.py b/nova/conf/api.py index 8e6b9a0b3057..60d526acc987 100644 --- a/nova/conf/api.py +++ b/nova/conf/api.py @@ -15,10 +15,15 @@ from oslo_config import cfg +api_group = cfg.OptGroup('api', title='API options', help=""" +Options under this group are used to define Nova API. +""") + auth_opts = [ cfg.StrOpt("auth_strategy", default="keystone", choices=("keystone", "noauth2"), + deprecated_group="default", help=""" This determines the strategy to use for authentication: keystone or noauth2. 'noauth2' is designed for testing only, as it does no actual credential @@ -27,6 +32,7 @@ specified as the username. """), cfg.BoolOpt("use_forwarded_for", default=False, + deprecated_group="default", help=""" When True, the 'X-Forwarded-For' header is treated as the canonical remote address. When False (the default), the 'remote_address' header is used. @@ -39,6 +45,7 @@ metadata_opts = [ cfg.StrOpt("config_drive_skip_versions", default=("1.0 2007-01-19 2007-03-01 2007-08-29 2007-10-10 " "2007-12-15 2008-02-01 2008-09-01"), + deprecated_group="default", help=""" When gathering the existing metadata for a config drive, the EC2-style metadata is returned for all versions that don't appear in this option. @@ -60,22 +67,10 @@ by a space. Possible values: * Any string that represents zero or more versions, separated by spaces. -"""), - cfg.StrOpt("vendordata_driver", - default="nova.api.metadata.vendordata_json.JsonFileVendorData", - deprecated_for_removal=True, - deprecated_since="13.0.0", - help=""" -When returning instance metadata, this is the class that is used -for getting vendor metadata when that class isn't specified in the individual -request. The value should be the full dot-separated path to the class to use. - -Possible values: - -* Any valid dot-separated class path that can be imported. """), cfg.ListOpt('vendordata_providers', default=[], + deprecated_group="default", help=""" A list of vendordata providers. @@ -109,6 +104,7 @@ Related options: """), cfg.ListOpt('vendordata_dynamic_targets', default=[], + deprecated_group="default", help=""" A list of targets for the dynamic vendordata provider. These targets are of the form @. @@ -119,6 +115,7 @@ is documented in the vendordata.rst file in the nova developer reference. """), cfg.StrOpt('vendordata_dynamic_ssl_certfile', default='', + deprecated_group="default", help=""" Path to an optional certificate file or CA bundle to verify dynamic vendordata REST services ssl certificates against. @@ -137,6 +134,7 @@ Related options: cfg.IntOpt('vendordata_dynamic_connect_timeout', default=5, min=3, + deprecated_group="default", help=""" Maximum wait time for an external REST service to connect. @@ -156,6 +154,7 @@ Related options: cfg.IntOpt('vendordata_dynamic_read_timeout', default=5, min=0, + deprecated_group="default", help=""" Maximum wait time for an external REST service to return data once connected. @@ -174,6 +173,7 @@ Related options: cfg.IntOpt("metadata_cache_expiration", default=15, min=0, + deprecated_group="default", help=""" This option is the time (in seconds) to cache metadata. When set to 0, metadata caching is disabled entirely; this is generally not recommended for @@ -185,6 +185,7 @@ usage, and result in longer times for host metadata changes to take effect. file_opts = [ cfg.StrOpt("vendordata_jsonfile_path", + deprecated_group="default", help=""" Cloud providers may store custom data in vendor data file that will then be available to the instances via the metadata service, and to the rendering of @@ -200,14 +201,18 @@ Possible values: ] osapi_opts = [ - cfg.IntOpt("osapi_max_limit", + cfg.IntOpt("max_limit", default=1000, min=0, + deprecated_group="default", + deprecated_name="osapi_max_limit", help=""" As a query can potentially return many thousands of items, you can limit the maximum number of items in a single response by setting this option. """), - cfg.StrOpt("osapi_compute_link_prefix", + cfg.StrOpt("compute_link_prefix", + deprecated_group="default", + deprecated_name="osapi_compute_link_prefix", help=""" This string is prepended to the normal URL that is returned in links to the OpenStack Compute API. If it is empty (the default), the URLs are returned @@ -217,7 +222,9 @@ Possible values: * Any string, including an empty string (the default). """), - cfg.StrOpt("osapi_glance_link_prefix", + cfg.StrOpt("glance_link_prefix", + deprecated_group="default", + deprecated_name="osapi_glance_link_prefix", help=""" This string is prepended to the normal URL that is returned in links to Glance resources. If it is empty (the default), the URLs are returned @@ -232,6 +239,7 @@ Possible values: allow_instance_snapshots_opts = [ cfg.BoolOpt("allow_instance_snapshots", default=True, + deprecated_group="default", help=""" Operators can turn off the ability for a user to take snapshots of their instances by setting this option to False. When disabled, any attempt to @@ -244,8 +252,10 @@ take a snapshot will result in a HTTP 400 response ("Bad Request"). # is not likely to be changed, I'm copy/pasting it here. BUILDING = "building" # VM only exists in DB osapi_hide_opts = [ - cfg.ListOpt("osapi_hide_server_address_states", + cfg.ListOpt("hide_server_address_states", default=[BUILDING], + deprecated_group="default", + deprecated_name="osapi_hide_server_address_states", help=""" This option is a list of all instance states for which network address information should not be returned from the API. @@ -273,26 +283,14 @@ Possible values: fping_path_opts = [ cfg.StrOpt("fping_path", default="/usr/sbin/fping", + deprecated_group="default", help="The full path to the fping binary.") ] os_network_opts = [ - cfg.BoolOpt("enable_network_quota", - deprecated_for_removal=True, - deprecated_since="14.0.0", - deprecated_reason=""" -CRUD operations on tenant networks are only available when using nova-network -and nova-network is itself deprecated.""", - default=False, - help=""" -This option is used to enable or disable quota checking for tenant networks. - -Related options: - -* quota_networks -"""), cfg.BoolOpt("use_neutron_default_nets", default=False, + deprecated_group="default", help=""" When True, the TenantNetworkController will query the Neutron API to get the default networks to use. @@ -303,6 +301,7 @@ Related options: """), cfg.StrOpt("neutron_default_tenant_id", default="default", + deprecated_group="default", help=""" Tenant ID for getting the default network from Neutron API (also referred in some places as the 'project ID') to use. @@ -311,15 +310,57 @@ Related options: * use_neutron_default_nets """), - cfg.IntOpt("quota_networks", - deprecated_for_removal=True, - deprecated_since="14.0.0", - deprecated_reason=""" +] + +enable_inst_pw_opts = [ + cfg.BoolOpt("enable_instance_password", + default=True, + deprecated_group="default", + help=""" +Enables returning of the instance password by the relevant server API calls +such as create, rebuild, evacuate, or rescue. If the hypervisor does not +support password injection, then the password returned will not be correct, +so if your hypervisor does not support password injection, set this to False. +""") +] + +deprecated_opts = [ + cfg.StrOpt("vendordata_driver", + default="nova.api.metadata.vendordata_json.JsonFileVendorData", + deprecated_for_removal=True, + deprecated_since="13.0.0", + help=""" +When returning instance metadata, this is the class that is used +for getting vendor metadata when that class isn't specified in the individual +request. The value should be the full dot-separated path to the class to use. + +Possible values: + +* Any valid dot-separated class path that can be imported. +"""), + cfg.BoolOpt("enable_network_quota", + deprecated_for_removal=True, + deprecated_since="14.0.0", + deprecated_reason=""" CRUD operations on tenant networks are only available when using nova-network and nova-network is itself deprecated.""", - default=3, - min=0, - help=""" + default=False, + help=""" +This option is used to enable or disable quota checking for tenant networks. + +Related options: + +* quota_networks +"""), + cfg.IntOpt("quota_networks", + deprecated_for_removal=True, + deprecated_since="14.0.0", + deprecated_reason=""" +CRUD operations on tenant networks are only available when using nova-network +and nova-network is itself deprecated.""", + default=3, + min=0, + help=""" This option controls the number of private networks that can be created per project (or per tenant). @@ -329,17 +370,7 @@ Related options: """), ] -enable_inst_pw_opts = [ - cfg.BoolOpt("enable_instance_password", - default=True, - help=""" -Enables returning of the instance password by the relevant server API calls -such as create, rebuild, evacuate, or rescue. If the hypervisor does not -support password injection, then the password returned will not be correct, -so if your hypervisor does not support password injection, set this to False. -""") -] -ALL_OPTS = (auth_opts + +API_OPTS = (auth_opts + metadata_opts + file_opts + osapi_opts + @@ -351,9 +382,11 @@ ALL_OPTS = (auth_opts + def register_opts(conf): - conf.register_opts(ALL_OPTS) + conf.register_group(api_group) + conf.register_opts(API_OPTS, group=api_group) + conf.register_opts(deprecated_opts) def list_opts(): - # TODO(macsz) add opt group - return {"DEFAULT": ALL_OPTS} + return {api_group: API_OPTS, + 'DEFAULT': deprecated_opts} diff --git a/nova/tests/functional/api/openstack/placement/fixtures.py b/nova/tests/functional/api/openstack/placement/fixtures.py index a5109838d372..ec5694e4a247 100644 --- a/nova/tests/functional/api/openstack/placement/fixtures.py +++ b/nova/tests/functional/api/openstack/placement/fixtures.py @@ -47,7 +47,7 @@ class APIFixture(fixture.GabbiFixture): self.output_stream_fixture.setUp() self.conf = CONF - self.conf.set_override('auth_strategy', 'noauth2') + self.conf.set_override('auth_strategy', 'noauth2', group='api') # Be explicit about all three database connections to avoid # potential conflicts with config on disk. self.conf.set_override('connection', "sqlite://", group='database') diff --git a/nova/tests/functional/api/openstack/placement/test_report_client.py b/nova/tests/functional/api/openstack/placement/test_report_client.py index 1ccb97146684..9c97da84b8ce 100644 --- a/nova/tests/functional/api/openstack/placement/test_report_client.py +++ b/nova/tests/functional/api/openstack/placement/test_report_client.py @@ -48,7 +48,7 @@ class SchedulerReportClientTests(test.TestCase): def setUp(self): super(SchedulerReportClientTests, self).setUp() - self.flags(auth_strategy='noauth2') + self.flags(auth_strategy='noauth2', group='api') self.app = lambda: deploy.loadapp(CONF) self.client = NoAuthReportClient() diff --git a/nova/tests/functional/api_sample_tests/api_sample_base.py b/nova/tests/functional/api_sample_tests/api_sample_base.py index 6e7f7ea7fc21..65a5cdea531b 100644 --- a/nova/tests/functional/api_sample_tests/api_sample_base.py +++ b/nova/tests/functional/api_sample_tests/api_sample_base.py @@ -78,9 +78,10 @@ class ApiSampleTestBaseV21(testscenarios.WithScenarios, ] def setUp(self): - self.flags(use_ipv6=False, - osapi_compute_link_prefix=self._get_host(), - osapi_glance_link_prefix=self._get_glance_host()) + self.flags(use_ipv6=False) + self.flags(glance_link_prefix=self._get_glance_host(), + compute_link_prefix=self._get_host(), + group='api') # load any additional fixtures specified by the scenario for fix in self._additional_fixtures: diff --git a/nova/tests/functional/api_sample_tests/test_hide_server_addresses.py b/nova/tests/functional/api_sample_tests/test_hide_server_addresses.py index ba9f68cade12..ebc348580dda 100644 --- a/nova/tests/functional/api_sample_tests/test_hide_server_addresses.py +++ b/nova/tests/functional/api_sample_tests/test_hide_server_addresses.py @@ -24,9 +24,9 @@ class ServersSampleHideAddressesJsonTest(test_servers.ServersSampleJsonTest): sample_dir = 'os-hide-server-addresses' def setUp(self): - # We override osapi_hide_server_address_states in order + # We override hide_server_address_states in order # to have an example of in the json samples of the # addresses being hidden - CONF.set_override("osapi_hide_server_address_states", - [vm_states.ACTIVE]) + CONF.set_override("hide_server_address_states", + [vm_states.ACTIVE], group='api') super(ServersSampleHideAddressesJsonTest, self).setUp() diff --git a/nova/tests/functional/test_metadata.py b/nova/tests/functional/test_metadata.py index a3d6392ba1a6..0ebf369e3f5b 100644 --- a/nova/tests/functional/test_metadata.py +++ b/nova/tests/functional/test_metadata.py @@ -107,7 +107,8 @@ class MetadataTest(test.TestCase): vendordata_dynamic_targets=[ 'testing@http://127.0.0.1:123', 'hamster@http://127.0.0.1:123' - ] + ], + group='api' ) self.useFixture(fixtures.MonkeyPatch('requests.request', @@ -130,7 +131,8 @@ class MetadataTest(test.TestCase): vendordata_dynamic_targets=[ 'testing@http://127.0.0.1:123', 'testing@http://127.0.0.1:124' - ] + ], + group='api' ) self.useFixture(fixtures.MonkeyPatch('requests.request', @@ -156,7 +158,8 @@ class MetadataTest(test.TestCase): vendordata_providers=['DynamicJSON'], vendordata_dynamic_targets=[ 'testing@http://127.0.0.1:125' - ] + ], + group='api' ) self.useFixture(fixtures.MonkeyPatch('requests.request', diff --git a/nova/tests/unit/api/openstack/compute/test_access_ips.py b/nova/tests/unit/api/openstack/compute/test_access_ips.py index 6a0e4a0748c6..2430186ad628 100644 --- a/nova/tests/unit/api/openstack/compute/test_access_ips.py +++ b/nova/tests/unit/api/openstack/compute/test_access_ips.py @@ -91,7 +91,7 @@ class AccessIPsAPIValidationTestV21(test.TestCase): def test_create_server_with_access_ip_pass_disabled(self): # test with admin passwords disabled See lp bug 921814 - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') params = {v4_key: '192.168.0.10', v6_key: '2001:db8::9abc'} res = self._test_create(params) diff --git a/nova/tests/unit/api/openstack/compute/test_admin_password.py b/nova/tests/unit/api/openstack/compute/test_admin_password.py index 9f9ee5026a86..940452cfe9cf 100644 --- a/nova/tests/unit/api/openstack/compute/test_admin_password.py +++ b/nova/tests/unit/api/openstack/compute/test_admin_password.py @@ -139,7 +139,7 @@ class AdminPasswordTestV21(test.NoDBTestCase): def test_server_change_password_pass_disabled(self): # run with enable_instance_password disabled to verify adminPass # is missing from response. See lp bug 921814 - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') body = {'changePassword': {'adminPass': '1234pass'}} res = self._get_action()(self.fake_req, '1', body=body) self._check_status(202, res, self._get_action()) diff --git a/nova/tests/unit/api/openstack/compute/test_evacuate.py b/nova/tests/unit/api/openstack/compute/test_evacuate.py index 9e9697a4b027..3e5741dbbff8 100644 --- a/nova/tests/unit/api/openstack/compute/test_evacuate.py +++ b/nova/tests/unit/api/openstack/compute/test_evacuate.py @@ -222,7 +222,7 @@ class EvacuateTestV21(test.NoDBTestCase): @mock.patch('nova.objects.Instance.save') def _test_evacuate_enable_instance_password_conf(self, mock_save, enable_pass): - self.flags(enable_instance_password=enable_pass) + self.flags(enable_instance_password=enable_pass, group='api') res = self._get_evacuate_response({'host': 'underscore_hostname', 'onSharedStorage': 'False'}) diff --git a/nova/tests/unit/api/openstack/compute/test_flavors.py b/nova/tests/unit/api/openstack/compute/test_flavors.py index 46481b5eb913..92884fbf218a 100644 --- a/nova/tests/unit/api/openstack/compute/test_flavors.py +++ b/nova/tests/unit/api/openstack/compute/test_flavors.py @@ -100,8 +100,9 @@ class FlavorsTestV21(test.TestCase): self.assertEqual(flavor, expected) def test_get_flavor_with_custom_link_prefix(self): - self.flags(osapi_compute_link_prefix='http://zoo.com:42', - osapi_glance_link_prefix='http://circus.com:34') + self.flags(compute_link_prefix='http://zoo.com:42', + glance_link_prefix='http://circus.com:34', + group='api') req = self.fake_request.blank(self._prefix + '/flavors/1') flavor = self.controller.show(req, '1') expected = { @@ -297,7 +298,7 @@ class FlavorsTestV21(test.TestCase): def test_get_flavor_with_default_limit(self): self.stubs.Set(common, "get_limit_and_marker", fake_get_limit_and_marker) - self.flags(osapi_max_limit=1) + self.flags(max_limit=1, group='api') req = fakes.HTTPRequest.blank('/v2/fake/flavors?limit=2') response = self.controller.index(req) response_list = response["flavors"] diff --git a/nova/tests/unit/api/openstack/compute/test_images.py b/nova/tests/unit/api/openstack/compute/test_images.py index f17c646d2ab1..de77ab0f9f08 100644 --- a/nova/tests/unit/api/openstack/compute/test_images.py +++ b/nova/tests/unit/api/openstack/compute/test_images.py @@ -152,8 +152,9 @@ class ImagesControllerTestV21(test.NoDBTestCase): @mock.patch('nova.image.api.API.get', return_value=IMAGE_FIXTURES[1]) def test_get_image_with_custom_prefix(self, _get_mocked): - self.flags(osapi_compute_link_prefix='https://zoo.com:42', - osapi_glance_link_prefix='http://circus.com:34') + self.flags(compute_link_prefix='https://zoo.com:42', + glance_link_prefix='http://circus.com:34', + group='api') fake_req = self.http_request.blank(self.url_base + 'images/124') actual_image = self.controller.show(fake_req, '124') diff --git a/nova/tests/unit/api/openstack/compute/test_multiple_create.py b/nova/tests/unit/api/openstack/compute/test_multiple_create.py index b591f1675226..793e811f8c84 100644 --- a/nova/tests/unit/api/openstack/compute/test_multiple_create.py +++ b/nova/tests/unit/api/openstack/compute/test_multiple_create.py @@ -46,8 +46,8 @@ class MultiCreateExtensionTestV21(test.TestCase): """Shared implementation for tests below that create instance.""" super(MultiCreateExtensionTestV21, self).setUp() - self.flags(verbose=True, - enable_instance_password=True) + self.flags(verbose=True) + self.flags(enable_instance_password=True, group='api') self.instance_cache_num = 0 self.instance_cache_by_id = {} self.instance_cache_by_uuid = {} @@ -352,7 +352,7 @@ class MultiCreateExtensionTestV21(test.TestCase): """Test creating multiple instances but not asking for reservation_id """ - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') image_href = '76fa36fc-c930-4bf3-8c8a-ea2a2420deb6' flavor_ref = 'http://localhost/123/flavors/3' body = { diff --git a/nova/tests/unit/api/openstack/compute/test_rescue.py b/nova/tests/unit/api/openstack/compute/test_rescue.py index b0592dbf2a24..14e1eef986e2 100644 --- a/nova/tests/unit/api/openstack/compute/test_rescue.py +++ b/nova/tests/unit/api/openstack/compute/test_rescue.py @@ -207,7 +207,7 @@ class RescueTestV21(test.NoDBTestCase): self.assertEqual(CONF.password_length, len(resp['adminPass'])) def test_rescue_disable_password(self): - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') body = dict(rescue=None) resp_json = self.controller._rescue(self.fake_req, UUID, body=body) self.assertNotIn('adminPass', resp_json) diff --git a/nova/tests/unit/api/openstack/compute/test_server_actions.py b/nova/tests/unit/api/openstack/compute/test_server_actions.py index a8f3160db13e..94b52b70a87a 100644 --- a/nova/tests/unit/api/openstack/compute/test_server_actions.py +++ b/nova/tests/unit/api/openstack/compute/test_server_actions.py @@ -89,7 +89,8 @@ class ServerActionsControllerTestV21(test.TestCase): fakes.stub_out_compute_api_snapshot(self.stubs) fake.stub_out_image_service(self) self.flags(allow_instance_snapshots=True, - enable_instance_password=True) + enable_instance_password=True, + group='api') self._image_href = '155d900f-4e14-4e4c-a73d-069cbf4541e6' self.controller = self._get_controller() @@ -354,7 +355,7 @@ class ServerActionsControllerTestV21(test.TestCase): def test_rebuild_accepted_minimum_pass_disabled(self): # run with enable_instance_password disabled to verify adminPass # is missing from response. See lp bug 921814 - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') return_server = fakes.fake_instance_get(image_ref='2', vm_state=vm_states.ACTIVE, host='fake_host') @@ -470,7 +471,7 @@ class ServerActionsControllerTestV21(test.TestCase): def test_rebuild_admin_pass_pass_disabled(self): # run with enable_instance_password disabled to verify adminPass # is missing from response. See lp bug 921814 - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') return_server = fakes.fake_instance_get(image_ref='2', vm_state=vm_states.ACTIVE, host='fake_host') @@ -1103,7 +1104,7 @@ class ServerActionsControllerTestV21(test.TestCase): """Don't permit a snapshot if the allow_instance_snapshots flag is False """ - self.flags(allow_instance_snapshots=False) + self.flags(allow_instance_snapshots=False, group='api') body = { 'createImage': { 'name': 'Snapshot 1', diff --git a/nova/tests/unit/api/openstack/compute/test_serversV21.py b/nova/tests/unit/api/openstack/compute/test_serversV21.py index aa96d4687ba6..beb2cdd0592b 100644 --- a/nova/tests/unit/api/openstack/compute/test_serversV21.py +++ b/nova/tests/unit/api/openstack/compute/test_serversV21.py @@ -2359,8 +2359,8 @@ class ServersControllerCreateTest(test.TestCase): """Shared implementation for tests below that create instance.""" super(ServersControllerCreateTest, self).setUp() - self.flags(verbose=True, - enable_instance_password=True) + self.flags(verbose=True) + self.flags(enable_instance_password=True, group='api') self.instance_cache_num = 0 self.instance_cache_by_id = {} self.instance_cache_by_uuid = {} @@ -2744,9 +2744,9 @@ class ServersControllerCreateTest(test.TestCase): def test_create_instance_with_pass_disabled(self): # test with admin passwords disabled See lp bug 921814 - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') self.req.body = jsonutils.dump_as_bytes(self.body) res = self.controller.create(self.req, body=self.body).obj @@ -2853,7 +2853,7 @@ class ServersControllerCreateTest(test.TestCase): self.controller.create, req, body=body) def test_create_instance_pass_disabled(self): - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') self.req.body = jsonutils.dump_as_bytes(self.body) res = self.controller.create(self.req, body=self.body).obj @@ -3016,7 +3016,7 @@ class ServersControllerCreateTest(test.TestCase): self.body['server']['adminPass']) def test_create_instance_admin_password_pass_disabled(self): - self.flags(enable_instance_password=False) + self.flags(enable_instance_password=False, group='api') self.body['server']['flavorRef'] = 3 self.body['server']['adminPass'] = 'testpass' self.req.body = jsonutils.dump_as_bytes(self.body) @@ -3621,8 +3621,8 @@ class ServersControllerCreateTestWithMock(test.TestCase): """Shared implementation for tests below that create instance.""" super(ServersControllerCreateTestWithMock, self).setUp() - self.flags(verbose=True, - enable_instance_password=True) + self.flags(verbose=True) + self.flags(enable_instance_password=True, group='api') self.instance_cache_num = 0 self.instance_cache_by_id = {} self.instance_cache_by_uuid = {} diff --git a/nova/tests/unit/api/openstack/compute/test_tenant_networks.py b/nova/tests/unit/api/openstack/compute/test_tenant_networks.py index 2ddc0e1fd826..b3737d28badb 100644 --- a/nova/tests/unit/api/openstack/compute/test_tenant_networks.py +++ b/nova/tests/unit/api/openstack/compute/test_tenant_networks.py @@ -50,7 +50,7 @@ DEFAULT_NETWORK = [ NETWORKS_WITH_DEFAULT_NET = copy.deepcopy(NETWORKS) NETWORKS_WITH_DEFAULT_NET.extend(DEFAULT_NETWORK) -DEFAULT_TENANT_ID = CONF.neutron_default_tenant_id +DEFAULT_TENANT_ID = CONF.api.neutron_default_tenant_id def fake_network_api_get_all(context): @@ -69,11 +69,12 @@ class TenantNetworksTestV21(test.NoDBTestCase): self.controller = self.ctrlr() self.flags(enable_network_quota=True) self.req = fakes.HTTPRequest.blank('') - self.original_value = CONF.use_neutron_default_nets + self.original_value = CONF.api.use_neutron_default_nets def tearDown(self): super(TenantNetworksTestV21, self).tearDown() - CONF.set_override("use_neutron_default_nets", self.original_value) + CONF.set_override("use_neutron_default_nets", self.original_value, + group='api') def _fake_network_api_create(self, context, **kwargs): self.assertEqual(context.project_id, kwargs['project_id']) @@ -159,7 +160,7 @@ class TenantNetworksTestV21(test.NoDBTestCase): @mock.patch('nova.network.api.API.get_all') def _test_network_index(self, get_all_mock, default_net=True): - CONF.set_override("use_neutron_default_nets", default_net) + CONF.set_override("use_neutron_default_nets", default_net, group='api') get_all_mock.side_effect = fake_network_api_get_all expected = NETWORKS diff --git a/nova/tests/unit/api/openstack/compute/test_user_data.py b/nova/tests/unit/api/openstack/compute/test_user_data.py index d29146c4d361..9d39435628f1 100644 --- a/nova/tests/unit/api/openstack/compute/test_user_data.py +++ b/nova/tests/unit/api/openstack/compute/test_user_data.py @@ -53,8 +53,8 @@ class ServersControllerCreateTest(test.TestCase): """Shared implementation for tests below that create instance.""" super(ServersControllerCreateTest, self).setUp() - self.flags(verbose=True, - enable_instance_password=True) + self.flags(verbose=True) + self.flags(enable_instance_password=True, group='api') self.instance_cache_num = 0 self.instance_cache_by_id = {} self.instance_cache_by_uuid = {} diff --git a/nova/tests/unit/api/openstack/compute/test_versions.py b/nova/tests/unit/api/openstack/compute/test_versions.py index 73bfa1ad7377..cc861a0debcc 100644 --- a/nova/tests/unit/api/openstack/compute/test_versions.py +++ b/nova/tests/unit/api/openstack/compute/test_versions.py @@ -383,7 +383,7 @@ class VersionsViewBuilderTests(test.NoDBTestCase): self.assertEqual(expected, output) def test_view_builder_with_osapi_compute_link_prefix(self): - self.flags(osapi_compute_link_prefix='http://zoo.com:42') + self.flags(compute_link_prefix='http://zoo.com:42', group='api') href = "http://zoo.com:42/v2.1/" self._test_view_builder_osapi_compute_link_prefix(href) diff --git a/nova/tests/unit/api/openstack/test_common.py b/nova/tests/unit/api/openstack/test_common.py index a19c19c42676..c696de13d5f9 100644 --- a/nova/tests/unit/api/openstack/test_common.py +++ b/nova/tests/unit/api/openstack/test_common.py @@ -134,7 +134,7 @@ class LimiterTest(test.NoDBTestCase): def test_limiter_custom_max_limit(self): # Test a max_limit other than 1000. max_limit = 2000 - self.flags(osapi_max_limit=max_limit) + self.flags(max_limit=max_limit, group='api') items = range(max_limit) req = webob.Request.blank('/?offset=1&limit=3') self.assertEqual( @@ -494,7 +494,7 @@ class TestCollectionLinks(test.NoDBTestCase): req = mock.MagicMock() params = mock.PropertyMock(return_value=dict()) type(req).params = params - self.flags(osapi_max_limit=1) + self.flags(max_limit=1, group='api') builder = common.ViewBuilder() results = builder._get_collection_links(req, items, @@ -514,7 +514,7 @@ class TestCollectionLinks(test.NoDBTestCase): # Given limit is greater than default max, only return default max params = mock.PropertyMock(return_value=dict(limit=2)) type(req).params = params - self.flags(osapi_max_limit=1) + self.flags(max_limit=1, group='api') builder = common.ViewBuilder() results = builder._get_collection_links(req, items, diff --git a/nova/tests/unit/api/test_auth.py b/nova/tests/unit/api/test_auth.py index 9c6d2cf37bfc..9b207a6f945f 100644 --- a/nova/tests/unit/api/test_auth.py +++ b/nova/tests/unit/api/test_auth.py @@ -142,7 +142,7 @@ class TestPipeLineFactory(test.NoDBTestCase): def test_pipeline_factory_v21(self): fake_pipeline = 'test1 test2 test3' - CONF.set_override('auth_strategy', 'noauth2') + CONF.set_override('auth_strategy', 'noauth2', group='api') app = nova.api.auth.pipeline_factory_v21( TestPipeLineFactory.FakeLoader(), None, noauth2=fake_pipeline) self._test_pipeline(fake_pipeline, app) diff --git a/nova/tests/unit/conf_fixture.py b/nova/tests/unit/conf_fixture.py index 981f1370530a..f1cc9d27e8f2 100644 --- a/nova/tests/unit/conf_fixture.py +++ b/nova/tests/unit/conf_fixture.py @@ -46,7 +46,7 @@ class ConfFixture(config_fixture.Config): self.conf.set_default('num_networks', 2) self.conf.set_default('use_ipv6', True) self.conf.set_default('vlan_interface', 'eth0') - self.conf.set_default('auth_strategy', 'noauth2') + self.conf.set_default('auth_strategy', 'noauth2', group='api') config.parse_args([], default_config_files=[], configure_db=False, init_rpc=False) self.conf.set_default('connection', "sqlite://", group='database') diff --git a/nova/tests/unit/image/test_glance.py b/nova/tests/unit/image/test_glance.py index 7025934859f1..1103be350375 100644 --- a/nova/tests/unit/image/test_glance.py +++ b/nova/tests/unit/image/test_glance.py @@ -341,7 +341,7 @@ class TestGetImageService(test.NoDBTestCase): class TestCreateGlanceClient(test.NoDBTestCase): @mock.patch('glanceclient.Client') def test_headers_passed_glanceclient(self, init_mock): - self.flags(auth_strategy='keystone') + self.flags(auth_strategy='keystone', group='api') auth_token = 'token' ctx = context.RequestContext('fake', 'fake', auth_token=auth_token) diff --git a/nova/tests/unit/test_metadata.py b/nova/tests/unit/test_metadata.py index ee0ae91e09eb..0084c0b1ea30 100644 --- a/nova/tests/unit/test_metadata.py +++ b/nova/tests/unit/test_metadata.py @@ -844,7 +844,8 @@ class OpenStackMetadataTestCase(test.TestCase): self.flags(vendordata_providers=['StaticJSON', 'DynamicJSON'], vendordata_jsonfile_path=jsonfile, vendordata_dynamic_targets=[ - 'web@http://fake.com/foobar'] + 'web@http://fake.com/foobar'], + group='api' ) inst = self.instance.obj_clone() @@ -907,7 +908,8 @@ class OpenStackMetadataTestCase(test.TestCase): self.flags(vendordata_providers=['StaticJSON', 'DynamicJSON'], vendordata_jsonfile_path=jsonfile, vendordata_dynamic_targets=[ - 'web@http://fake.com/foobar'] + 'web@http://fake.com/foobar'], + group='api' ) inst = self.instance.obj_clone() @@ -1084,7 +1086,7 @@ class MetadataHandlerTestCase(test.TestCase): raise Exception("Expected addr of %s, got %s" % (expected_addr, address)) - self.flags(use_forwarded_for=True) + self.flags(use_forwarded_for=True, group='api') response = fake_request(self, self.mdinst, relpath="/2009-04-04/user-data", address="168.168.168.1", @@ -1284,7 +1286,7 @@ class MetadataHandlerTestCase(test.TestCase): def test_metadata_handler_with_instance_id(self, get_by_uuid): # test twice to ensure that the cache works get_by_uuid.return_value = self.mdinst - self.flags(metadata_cache_expiration=15) + self.flags(metadata_cache_expiration=15, group='api') hnd = handler.MetadataRequestHandler() self._metadata_handler_with_instance_id(hnd) self._metadata_handler_with_instance_id(hnd) @@ -1294,7 +1296,7 @@ class MetadataHandlerTestCase(test.TestCase): def test_metadata_handler_with_instance_id_no_cache(self, get_by_uuid): # test twice to ensure that disabling the cache works get_by_uuid.return_value = self.mdinst - self.flags(metadata_cache_expiration=0) + self.flags(metadata_cache_expiration=0, group='api') hnd = handler.MetadataRequestHandler() self._metadata_handler_with_instance_id(hnd) self._metadata_handler_with_instance_id(hnd) @@ -1315,7 +1317,7 @@ class MetadataHandlerTestCase(test.TestCase): def test_metadata_handler_with_remote_address(self, get_by_uuid): # test twice to ensure that the cache works get_by_uuid.return_value = self.mdinst - self.flags(metadata_cache_expiration=15) + self.flags(metadata_cache_expiration=15, group='api') hnd = handler.MetadataRequestHandler() self._metadata_handler_with_remote_address(hnd) self._metadata_handler_with_remote_address(hnd) @@ -1325,7 +1327,7 @@ class MetadataHandlerTestCase(test.TestCase): def test_metadata_handler_with_remote_address_no_cache(self, get_by_uuid): # test twice to ensure that disabling the cache works get_by_uuid.return_value = self.mdinst - self.flags(metadata_cache_expiration=0) + self.flags(metadata_cache_expiration=0, group='api') hnd = handler.MetadataRequestHandler() self._metadata_handler_with_remote_address(hnd) self._metadata_handler_with_remote_address(hnd) diff --git a/releasenotes/notes/add-api-config-to-api-group-af20a57a9e3e1b85.yaml b/releasenotes/notes/add-api-config-to-api-group-af20a57a9e3e1b85.yaml new file mode 100644 index 000000000000..7ba614e2235e --- /dev/null +++ b/releasenotes/notes/add-api-config-to-api-group-af20a57a9e3e1b85.yaml @@ -0,0 +1,26 @@ +--- +upgrade: + - | + API configuration options have been moved to the 'api' group. They + should no longer be included in the 'DEFAULT' group. Options affected by + this change: + + * ``auth_strategy`` + * ``use_forwarded_for`` + * ``config_drive_skip_versions`` + * ``vendordata_providers`` + * ``vendordata_dynamic_targets`` + * ``vendordata_dynamic_ssl_certfile`` + * ``vendordata_dynamic_connect_timeout`` + * ``vendordata_dynamic_read_timeout`` + * ``metadata_cache_expiration`` + * ``vendordata_jsonfile_path`` + * ``max_limit`` (was ``osapi_max_limit``) + * ``compute_link_prefix`` (was ``osapi_compute_link_prefix``) + * ``glance_link_prefix`` (was ``osapi_glance_link_prefix``) + * ``allow_instance_snapshots`` + * ``hide_server_address_states`` (was ``osapi_hide_server_address_states``) + * ``fping_path`` + * ``use_neutron_default_nets`` + * ``neutron_default_tenant_id`` + * ``enable_instance_password``