Merge "[proxy-api] microversion 2.39 deprecates image-metadata proxy API"

2016-12-07 21:17:03 +00:00
parent 63eca7e751 df6e2d37f2
commit e75d5f9d53
21 changed files with 263 additions and 13 deletions
--- a/api-ref/source/limits.inc
+++ b/api-ref/source/limits.inc
@@ -24,7 +24,7 @@ Response
  - limits: limits
  - absolute: limits_absolutes
-  - maxImageMeta: metadata_items
+  - maxImageMeta: image_metadata_items
  - maxPersonality: injected_files
  - maxPersonalitySize: injected_file_content_bytes
  - maxSecurityGroupRules: security_group_rules
--- a/api-ref/source/parameters.yaml
+++ b/api-ref/source/parameters.yaml
@@ -2370,6 +2370,15 @@ image_id_body:
  in: body
  required: true
  type: string
 image_metadata_items:
  description: |
    The number of allowed metadata items for each image. Starting from
    version 2.39 this field is dropped from 'os-limits' response, because
    'image-metadata' proxy API was deprecated.
  in: body
  required: true
  type: integer
  max_version: 2.38
 image_name:
  description: |
    The display name of an Image.
--- a/api-ref/source/servers-actions.inc
+++ b/api-ref/source/servers-actions.inc
@@ -219,6 +219,10 @@ If the operation succeeds, the created image has a status of ``active`` and
 the server status returns to the original status. You can also see the new
 image in the image back end that OpenStack Image service manages.
 .. note::
    Starting from version 2.39 the image quota enforcement with Nova `metadata`
    is removed and quota checks should be performed using Glance API directly.
 **Preconditions**
 The server must exist.
--- a/api-ref/source/servers-admin-action.inc
+++ b/api-ref/source/servers-admin-action.inc
@@ -26,6 +26,10 @@ Policy defaults enable only users with the administrative role or the
 owner of the server to perform this operation. Cloud providers can
 change these permissions through the ``policy.json`` file.
 .. note::
    Starting from version 2.39 the image quota enforcement with Nova `metadata`
    is removed and quota checks should be performed using Glance API directly.
 Normal response codes: 202
 Error response codes: badRequest(400), unauthorized(401), forbidden(403),
--- a/doc/api_samples/limits/v2.39/limit-get-resp.json
+++ b/doc/api_samples/limits/v2.39/limit-get-resp.json
@@ -0,0 +1,20 @@
 {
    "limits": {
        "absolute": {
            "maxPersonality": 5,
            "maxPersonalitySize": 10240,
            "maxServerMeta": 128,
            "maxTotalCores": 20,
            "maxTotalInstances": 10,
            "maxTotalKeypairs": 100,
            "maxTotalRAMSize": 51200,
            "maxServerGroups": 10,
            "maxServerGroupMembers": 10,
            "totalCoresUsed": 0,
            "totalInstancesUsed": 0,
            "totalRAMUsed": 0,
            "totalServerGroupsUsed": 0
        },
        "rate": []
    }
 }
--- a/doc/api_samples/versions/v21-version-get-resp.json
+++ b/doc/api_samples/versions/v21-version-get-resp.json
@@ -19,7 +19,7 @@
            }
        ],
        "status": "CURRENT",
-        "version": "2.38",
+        "version": "2.39",
        "min_version": "2.1",
        "updated": "2013-07-23T11:33:21Z"
    }
--- a/doc/api_samples/versions/versions-get-resp.json
+++ b/doc/api_samples/versions/versions-get-resp.json
@@ -22,7 +22,7 @@
                }
            ],
            "status": "CURRENT",
-            "version": "2.38",
+            "version": "2.39",
            "min_version": "2.1",
            "updated": "2013-07-23T11:33:21Z"
        }
--- a/nova/api/openstack/api_version_request.py
+++ b/nova/api/openstack/api_version_request.py
@@ -95,6 +95,7 @@ REST_API_VERSION_HISTORY = """REST API Version History:
             UUID format.
    * 2.38 - Add a condition to return HTTPBadRequest if invalid status is
             provided for listing servers.
    * 2.39 - Deprecates image-metadata proxy API
 """
 # The minimum and maximum versions of the API supported
@@ -103,14 +104,18 @@ REST_API_VERSION_HISTORY = """REST API Version History:
 # Note(cyeoh): This only applies for the v2.1 API once microversions
 # support is fully merged. It does not affect the V2 API.
 _MIN_API_VERSION = "2.1"
-_MAX_API_VERSION = "2.38"
+_MAX_API_VERSION = "2.39"
 DEFAULT_API_VERSION = _MIN_API_VERSION
-# All the proxy APIs which related network, images and baremetal
+# Almost all proxy APIs which related to network, images and baremetal
 # were deprecated from 2.36.
 MAX_PROXY_API_SUPPORT_VERSION = '2.35'
 MIN_WITHOUT_PROXY_API_SUPPORT_VERSION = '2.36'
 # Starting from microversion 2.39 also image-metadata proxy API is deprecated.
 MAX_IMAGE_META_PROXY_API_VERSION = '2.38'
 MIN_WITHOUT_IMAGE_META_PROXY_API_VERSION = '2.39'
 # NOTE(cyeoh): min and max versions declared as functions so we can
 # mock them for unittests. Do not use the constants directly anywhere
--- a/nova/api/openstack/compute/create_backup.py
+++ b/nova/api/openstack/compute/create_backup.py
@@ -15,6 +15,7 @@
 import webob
 from nova.api.openstack import api_version_request
 from nova.api.openstack import common
 from nova.api.openstack.compute.schemas import create_backup
 from nova.api.openstack import extensions
@@ -57,7 +58,11 @@ class CreateBackupController(wsgi.Controller):
        props = {}
        metadata = entity.get('metadata', {})
-        common.check_img_metadata_properties_quota(context, metadata)
+        # Starting from microversion 2.39 we don't check quotas on createBackup
        if api_version_request.is_supported(
                req, max_version=
                api_version_request.MAX_IMAGE_META_PROXY_API_VERSION):
            common.check_img_metadata_properties_quota(context, metadata)
        props.update(metadata)
        instance = common.get_instance(self.compute_api, context, id)
--- a/nova/api/openstack/compute/image_metadata.py
+++ b/nova/api/openstack/compute/image_metadata.py
@@ -16,6 +16,8 @@
 import six
 from webob import exc
 from nova.api.openstack.api_version_request import \
    MAX_IMAGE_META_PROXY_API_VERSION
 from nova.api.openstack import common
 from nova.api.openstack.compute.schemas import image_metadata
 from nova.api.openstack import extensions
@@ -43,6 +45,7 @@ class ImageMetadataController(wsgi.Controller):
            msg = _("Image not found.")
            raise exc.HTTPNotFound(explanation=msg)
    @wsgi.Controller.api_version("2.1", MAX_IMAGE_META_PROXY_API_VERSION)
    @extensions.expected_errors((403, 404))
    def index(self, req, image_id):
        """Returns the list of metadata for a given instance."""
@@ -50,6 +53,7 @@ class ImageMetadataController(wsgi.Controller):
        metadata = self._get_image(context, image_id)['properties']
        return dict(metadata=metadata)
    @wsgi.Controller.api_version("2.1", MAX_IMAGE_META_PROXY_API_VERSION)
    @extensions.expected_errors((403, 404))
    def show(self, req, image_id, id):
        context = req.environ['nova.context']
@@ -59,6 +63,7 @@ class ImageMetadataController(wsgi.Controller):
        else:
            raise exc.HTTPNotFound()
    @wsgi.Controller.api_version("2.1", MAX_IMAGE_META_PROXY_API_VERSION)
    @extensions.expected_errors((400, 403, 404))
    @validation.schema(image_metadata.create)
    def create(self, req, image_id, body):
@@ -75,6 +80,7 @@ class ImageMetadataController(wsgi.Controller):
            raise exc.HTTPForbidden(explanation=e.format_message())
        return dict(metadata=image['properties'])
    @wsgi.Controller.api_version("2.1", MAX_IMAGE_META_PROXY_API_VERSION)
    @extensions.expected_errors((400, 403, 404))
    @validation.schema(image_metadata.update)
    def update(self, req, image_id, id, body):
@@ -97,6 +103,7 @@ class ImageMetadataController(wsgi.Controller):
            raise exc.HTTPForbidden(explanation=e.format_message())
        return dict(meta=meta)
    @wsgi.Controller.api_version("2.1", MAX_IMAGE_META_PROXY_API_VERSION)
    @extensions.expected_errors((400, 403, 404))
    @validation.schema(image_metadata.update_all)
    def update_all(self, req, image_id, body):
@@ -112,6 +119,7 @@ class ImageMetadataController(wsgi.Controller):
            raise exc.HTTPForbidden(explanation=e.format_message())
        return dict(metadata=metadata)
    @wsgi.Controller.api_version("2.1", MAX_IMAGE_META_PROXY_API_VERSION)
    @extensions.expected_errors((403, 404))
    @wsgi.response(204)
    def delete(self, req, image_id, id):
--- a/nova/api/openstack/compute/limits.py
+++ b/nova/api/openstack/compute/limits.py
@@ -13,8 +13,12 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 from nova.api.openstack.api_version_request \
    import MAX_IMAGE_META_PROXY_API_VERSION
 from nova.api.openstack.api_version_request \
    import MAX_PROXY_API_SUPPORT_VERSION
 from nova.api.openstack.api_version_request \
    import MIN_WITHOUT_IMAGE_META_PROXY_API_VERSION
 from nova.api.openstack.api_version_request \
    import MIN_WITHOUT_PROXY_API_SUPPORT_VERSION
 from nova.api.openstack.compute.views import limits as limits_views
@@ -36,12 +40,19 @@ class LimitsController(wsgi.Controller):
    def index(self, req):
        return self._index(req)
-    @wsgi.Controller.api_version(MIN_WITHOUT_PROXY_API_SUPPORT_VERSION)  # noqa
+    @wsgi.Controller.api_version(MIN_WITHOUT_PROXY_API_SUPPORT_VERSION,  # noqa
                                 MAX_IMAGE_META_PROXY_API_VERSION)  # noqa
    @extensions.expected_errors(())
    def index(self, req):
        return self._index(req, filter_result=True)
-    def _index(self, req, filter_result=False):
+    @wsgi.Controller.api_version(  # noqa
        MIN_WITHOUT_IMAGE_META_PROXY_API_VERSION)  # noqa
    @extensions.expected_errors(())
    def index(self, req):
        return self._index(req, filter_result=True, max_image_meta=False)
    def _index(self, req, filter_result=False, max_image_meta=True):
        """Return all global limit information."""
        context = req.environ['nova.context']
        context.can(limits_policies.BASE_POLICY_NAME)
@@ -51,7 +62,8 @@ class LimitsController(wsgi.Controller):
        abs_limits = {k: v['limit'] for k, v in quotas.items()}
        builder = self._get_view_builder(req)
-        return builder.build(abs_limits, filter_result=filter_result)
+        return builder.build(abs_limits, filter_result=filter_result,
                             max_image_meta=max_image_meta)
    def _get_view_builder(self, req):
        return limits_views.ViewBuilderV21()
--- a/nova/api/openstack/compute/servers.py
+++ b/nova/api/openstack/compute/servers.py
@@ -1053,7 +1053,11 @@ class ServersController(wsgi.Controller):
        image_name = common.normalize_name(entity["name"])
        metadata = entity.get('metadata', {})
-        common.check_img_metadata_properties_quota(context, metadata)
+        # Starting from microversion 2.39 we don't check quotas on createImage
        if api_version_request.is_supported(
                req, max_version=
                api_version_request.MAX_IMAGE_META_PROXY_API_VERSION):
            common.check_img_metadata_properties_quota(context, metadata)
        instance = self._get_server(context, req, id)
--- a/nova/api/openstack/compute/views/limits.py
+++ b/nova/api/openstack/compute/views/limits.py
@@ -41,9 +41,10 @@ class ViewBuilder(object):
            "security_group_rules": ["maxSecurityGroupRules"],
    }
-    def build(self, absolute_limits, filter_result=False):
+    def build(self, absolute_limits, filter_result=False, max_image_meta=True):
        absolute_limits = self._build_absolute_limits(
-            absolute_limits, filter_result=filter_result)
+            absolute_limits, filter_result=filter_result,
            max_image_meta=max_image_meta)
        output = {
            "limits": {
@@ -54,7 +55,8 @@ class ViewBuilder(object):
        return output
-    def _build_absolute_limits(self, absolute_limits, filter_result=False):
+    def _build_absolute_limits(self, absolute_limits, filter_result=False,
                               max_image_meta=True):
        """Builder for absolute limits
        absolute_limits should be given as a dict of limits.
@@ -69,6 +71,8 @@ class ViewBuilder(object):
            if (name in self.limit_names and
                    value is not None and name not in filtered_limits):
                for limit_name in self.limit_names[name]:
                    if not max_image_meta and limit_name == "maxImageMeta":
                        continue
                    limits[limit_name] = value
        return limits
--- a/nova/api/openstack/rest_api_version_history.rst
+++ b/nova/api/openstack/rest_api_version_history.rst
@@ -415,3 +415,14 @@ user documentation.
  should not be accepted. From this version of the API admin as well as non
  admin user will get 400 HTTPBadRequest if invalid status is passed to nova
  list command.
 2.39
 ----
  Deprecates image-metadata proxy API that is just a proxy for Glance API
  to operate the image metadata. Also removes the extra quota enforcement with
  Nova `metadata` quota (quota checks for 'createImage' and 'createBackup'
  actions in Nova were removed). After this version Glance configuration
  option `image_property_quota` should be used to control the quota of
  image metadatas. Also, removes the `maxImageMeta` field from `os-limits`
  API response.
--- a/nova/tests/functional/api_sample_tests/api_samples/limits/v2.39/limit-get-resp.json.tpl
+++ b/nova/tests/functional/api_sample_tests/api_samples/limits/v2.39/limit-get-resp.json.tpl
@@ -0,0 +1,20 @@
 {
    "limits": {
        "absolute": {
            "maxPersonality": 5,
            "maxPersonalitySize": 10240,
            "maxServerMeta": 128,
            "maxTotalCores": 20,
            "maxTotalInstances": 10,
            "maxTotalKeypairs": 100,
            "maxTotalRAMSize": 51200,
            "maxServerGroups": 10,
            "maxServerGroupMembers": 10,
            "totalCoresUsed": 0,
            "totalInstancesUsed": 0,
            "totalRAMUsed": 0,
            "totalServerGroupsUsed": 0
        },
        "rate": []
    }
 }
--- a/nova/tests/functional/api_sample_tests/test_limits.py
+++ b/nova/tests/functional/api_sample_tests/test_limits.py
@@ -48,3 +48,20 @@ class LimitsV236Test(api_sample_base.ApiSampleTestBaseV21):
        self.api.microversion = self.microversion
        response = self._do_get('limits')
        self._verify_response('limit-get-resp', {}, response, 200)
 class LimitsV239Test(api_sample_base.ApiSampleTestBaseV21):
    """Test limits don't return 'maxImageMeta' field after 2.39.
    We dropped the image-metadata proxy API in 2.39, which also means that we
    shouldn't be returning 'maxImageMeta' field in 'os-limits' response.
    """
    sample_dir = "limits"
    microversion = '2.39'
    scenarios = [('v2_39', {'api_major_version': 'v2.1'})]
    def test_limits_get(self):
        self.api.microversion = self.microversion
        response = self._do_get('limits')
        self._verify_response('limit-get-resp', {}, response, 200)
--- a/nova/tests/unit/api/openstack/compute/test_create_backup.py
+++ b/nova/tests/unit/api/openstack/compute/test_create_backup.py
@@ -13,6 +13,7 @@
 #    License for the specific language governing permissions and limitations
 #    under the License.
 import mock
 import webob
 from nova.api.openstack import common
@@ -352,3 +353,34 @@ class CreateBackupPolicyEnforcementv21(test.NoDBTestCase):
        self.assertEqual(
            "Policy doesn't allow %s to be performed." % rule_name,
            exc.format_message())
 class CreateBackupTestsV239(test.NoDBTestCase):
    def setUp(self):
        super(CreateBackupTestsV239, self).setUp()
        self.controller = create_backup_v21.CreateBackupController()
        self.req = fakes.HTTPRequest.blank('', version='2.39')
    @mock.patch.object(common, 'check_img_metadata_properties_quota')
    @mock.patch.object(common, 'get_instance')
    def test_create_backup_no_quota_checks(self, mock_get_instance,
                                                 mock_check_quotas):
        # 'mock_get_instance' helps to skip the whole logic of the action,
        # but to make the test
        mock_get_instance.side_effect = webob.exc.HTTPNotFound
        metadata = {'123': 'asdf'}
        body = {
            'createBackup': {
                'name': 'Backup 1',
                'backup_type': 'daily',
                'rotation': 1,
                'metadata': metadata,
            },
        }
        self.assertRaises(webob.exc.HTTPNotFound,
                          self.controller._create_backup, self.req,
                          fakes.FAKE_UUID, body=body)
        # starting from version 2.39 no quota checks on Nova side are performed
        # for 'createBackup' action after removing 'image-metadata' proxy API
        mock_check_quotas.assert_not_called()
--- a/nova/tests/unit/api/openstack/compute/test_image_metadata.py
+++ b/nova/tests/unit/api/openstack/compute/test_image_metadata.py
@@ -348,3 +348,28 @@ class ImageMetaDataTestV21(test.NoDBTestCase):
        self.assertRaises(webob.exc.HTTPForbidden,
                          self.controller.create, req, image_id,
                          body=body)
 class ImageMetadataControllerV239(test.NoDBTestCase):
    def setUp(self):
        super(ImageMetadataControllerV239, self).setUp()
        self.controller = image_metadata_v21.ImageMetadataController()
        self.req = fakes.HTTPRequest.blank('', version='2.39')
    def test_not_found_for_all_image_metadata_api(self):
        self.assertRaises(exception.VersionNotFoundForAPIMethod,
                          self.controller.index, self.req)
        self.assertRaises(exception.VersionNotFoundForAPIMethod,
                          self.controller.show, self.req, fakes.FAKE_UUID)
        self.assertRaises(exception.VersionNotFoundForAPIMethod,
                          self.controller.create, self.req,
                          fakes.FAKE_UUID, {'metadata': {}})
        self.assertRaises(exception.VersionNotFoundForAPIMethod,
                          self.controller.update, self.req,
                          fakes.FAKE_UUID, 'id', {'metadata': {}})
        self.assertRaises(exception.VersionNotFoundForAPIMethod,
                          self.controller.update_all, self.req,
                          fakes.FAKE_UUID, {'metadata': {}})
        self.assertRaises(exception.VersionNotFoundForAPIMethod,
                          self.controller.delete, self.req, fakes.FAKE_UUID)
--- a/nova/tests/unit/api/openstack/compute/test_limits.py
+++ b/nova/tests/unit/api/openstack/compute/test_limits.py
@@ -275,3 +275,36 @@ class LimitsControllerTestV236(BaseLimitTestSuite):
                },
            }
            self.assertEqual(expected_response, response)
 class LimitsControllerTestV239(BaseLimitTestSuite):
    def setUp(self):
        super(LimitsControllerTestV239, self).setUp()
        self.controller = limits_v21.LimitsController()
        self.req = fakes.HTTPRequest.blank("/?tenant_id=faketenant",
                                           version='2.39')
    def test_index_filtered_no_max_image_meta(self):
        absolute_limits = {
            "metadata_items": 1,
        }
        def _get_project_quotas(context, project_id, usages=True):
            return {k: dict(limit=v) for k, v in absolute_limits.items()}
        with mock.patch('nova.quota.QUOTAS.get_project_quotas') as \
                get_project_quotas:
            get_project_quotas.side_effect = _get_project_quotas
            response = self.controller.index(self.req)
            # staring from version 2.39 there is no 'maxImageMeta' field
            # in response after removing 'image-metadata' proxy API
            expected_response = {
                "limits": {
                    "rate": [],
                    "absolute": {
                        "maxServerMeta": 1,
                    },
                },
            }
            self.assertEqual(expected_response, response)
--- a/nova/tests/unit/api/openstack/compute/test_serversV21.py
+++ b/nova/tests/unit/api/openstack/compute/test_serversV21.py
@@ -4834,3 +4834,31 @@ class ServersPolicyEnforcementV21(test.NoDBTestCase):
                 "os_compute_api:servers:create:attach_volume": "@",
                 rule_name: "project:non_fake"}
        self._create_policy_check(rules, rule_name)
 class ServersActionsJsonTestV239(test.NoDBTestCase):
    def setUp(self):
        super(ServersActionsJsonTestV239, self).setUp()
        ext_info = extension_info.LoadedExtensionInfo()
        self.controller = servers.ServersController(extension_info=ext_info)
        self.req = fakes.HTTPRequest.blank('', version='2.39')
    @mock.patch.object(common, 'check_img_metadata_properties_quota')
    @mock.patch.object(common, 'get_instance')
    def test_server_create_image_no_quota_checks(self, mock_get_instance,
                                                 mock_check_quotas):
        # 'mock_get_instance' helps to skip the whole logic of the action,
        # but to make the test
        mock_get_instance.side_effect = webob.exc.HTTPNotFound
        body = {
            'createImage': {
                'name': 'Snapshot 1',
            },
        }
        self.assertRaises(webob.exc.HTTPNotFound,
                          self.controller._action_create_image, self.req,
                          FAKE_UUID, body=body)
        # starting from version 2.39 no quota checks on Nova side are performed
        # for 'createImage' action after removing 'image-metadata' proxy API
        mock_check_quotas.assert_not_called()
--- a/releasenotes/notes/bp-deprecate-image-meta-proxy-api-7f21e1e6a94944ee.yaml
+++ b/releasenotes/notes/bp-deprecate-image-meta-proxy-api-7f21e1e6a94944ee.yaml
@@ -0,0 +1,9 @@
 ---
 deprecations:
  - Implemented microversion v2.39 that deprecates `image-metadata` proxy API,
    removes image metadata quota checks for 'createImage' and 'createBackup'
    actions.
    After this version Glance configuration option `image_property_quota`
    should be used to control the quota of image metadatas. Also, removes the
    `maxImageMeta` field from `os-limits` API response.