3bf6b329d2
Paramiko version 2.0 has been released. It now uses the Python library
cryptography. Installing this requires additional system packages. This
commit adds in the appropriate packages required by cryptography based
on its documentation [1].
An alternative approach would have been to constrain the version of
Paramiko however the project describes the 1.x versions as relying on
insecure dependencies [2].
[1] https://cryptography.io/en/latest/installation/
[2] http://www.paramiko.org/installing.html
Backport note:
Release notes instrumentation has been added to the commit as neither
this patch nor one focused on releasenotes alone will merge
independently.
Change-Id: I33a6f9ab1aecf28e82ea756e41c482820758157f
(cherry picked from commit 19999b4ed8)
127 lines
4.2 KiB
INI
127 lines
4.2 KiB
INI
[tox]
|
|
minversion = 1.6
|
|
skipsdist = True
|
|
envlist = docs,linters,functional
|
|
|
|
|
|
[testenv]
|
|
usedevelop = True
|
|
install_command = pip install -U {opts} {packages}
|
|
deps = -r{toxinidir}/test-requirements.txt
|
|
commands = /usr/bin/find . -type f -name "*.pyc" -delete
|
|
passenv =
|
|
HOME
|
|
whitelist_externals =
|
|
bash
|
|
git
|
|
rm
|
|
setenv =
|
|
VIRTUAL_ENV={envdir}
|
|
ANSIBLE_HOST_KEY_CHECKING = False
|
|
ANSIBLE_SSH_CONTROL_PATH = /tmp/%%h-%%r
|
|
# TODO (odyssey4me) These are only here as they are non-standard folder
|
|
# names for Ansible 1.9.x. We are using the standard folder names for
|
|
# Ansible v2.x. We can remove this when we move to Ansible 2.x.
|
|
ANSIBLE_ACTION_PLUGINS = {homedir}/.ansible/plugins/action
|
|
ANSIBLE_CALLBACK_PLUGINS = {homedir}/.ansible/plugins/callback
|
|
ANSIBLE_FILTER_PLUGINS = {homedir}/.ansible/plugins/filter
|
|
ANSIBLE_LOOKUP_PLUGINS = {homedir}/.ansible/plugins/lookup
|
|
# This is required as the default is the current path or a path specified
|
|
# in ansible.cfg
|
|
ANSIBLE_LIBRARY = {homedir}/.ansible/plugins/library
|
|
# This is required as the default is '/etc/ansible/roles' or a path
|
|
# specified in ansible.cfg
|
|
ANSIBLE_ROLES_PATH = {homedir}/.ansible/roles:{toxinidir}/..
|
|
|
|
|
|
[testenv:docs]
|
|
commands=
|
|
python setup.py build_sphinx
|
|
|
|
|
|
# environment used by the -infra templated docs job
|
|
[testenv:venv]
|
|
deps = -r{toxinidir}/test-requirements.txt
|
|
commands = {posargs}
|
|
|
|
|
|
[testenv:pep8]
|
|
commands =
|
|
# Run hacking/flake8 check for all python files
|
|
bash -c "grep --recursive --binary-files=without-match \
|
|
--files-with-match '^.!.*python$' \
|
|
--exclude-dir .eggs \
|
|
--exclude-dir .git \
|
|
--exclude-dir .tox \
|
|
--exclude-dir *.egg-info \
|
|
--exclude-dir doc \
|
|
{toxinidir} | xargs flake8 --verbose"
|
|
|
|
[flake8]
|
|
# Ignores the following rules due to how ansible modules work in general
|
|
# F403 'from ansible.module_utils.basic import *' used;
|
|
# unable to detect undefined names
|
|
# H303 No wildcard (*) import.
|
|
ignore=F403,H303
|
|
|
|
|
|
[testenv:bashate]
|
|
commands =
|
|
# Run bashate check for all bash scripts
|
|
# Ignores the following rules:
|
|
# E003: Indent not multiple of 4 (we prefer to use multiples of 2)
|
|
# E006: Line longer than 79 columns (as many scripts use jinja
|
|
# templating, this is very difficult)
|
|
# E040: Syntax error determined using `bash -n` (as many scripts
|
|
# use jinja templating, this will often fail and the syntax
|
|
# error will be discovered in execution anyway)
|
|
bash -c "grep --recursive --binary-files=without-match \
|
|
--files-with-match '^.!.*\(ba\)\?sh$' \
|
|
--exclude-dir .tox \
|
|
--exclude-dir .git \
|
|
{toxinidir} | xargs bashate --error . --verbose --ignore=E003,E006,E040"
|
|
|
|
|
|
[testenv:ansible-syntax]
|
|
commands =
|
|
rm -rf {homedir}/.ansible
|
|
git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
|
|
{homedir}/.ansible/plugins
|
|
ansible-playbook -i {toxinidir}/tests/inventory \
|
|
--syntax-check \
|
|
--list-tasks \
|
|
-e "rolename={toxinidir}" \
|
|
{toxinidir}/tests/test.yml
|
|
|
|
|
|
[testenv:ansible-lint]
|
|
commands =
|
|
ansible-lint {toxinidir}/tests/test.yml
|
|
|
|
|
|
[testenv:functional]
|
|
# NOTE(odyssey4me): We have to skip V-38462 as openstack-infra are now building
|
|
# images with apt config Apt::Get::AllowUnauthenticated set
|
|
# to true.
|
|
# NOTE(mhayden): Some infra images don't have AppArmor enabled, so V-51337
|
|
# must be skipped.
|
|
commands =
|
|
rm -rf {homedir}/.ansible
|
|
git clone https://git.openstack.org/openstack/openstack-ansible-plugins \
|
|
{homedir}/.ansible/plugins
|
|
ansible-playbook -i {toxinidir}/tests/inventory \
|
|
-e "rolename={toxinidir}" \
|
|
{toxinidir}/tests/test.yml \
|
|
--skip-tag V-38462,V-51337
|
|
|
|
|
|
[testenv:linters]
|
|
commands =
|
|
{[testenv:pep8]commands}
|
|
{[testenv:bashate]commands}
|
|
{[testenv:ansible-lint]commands}
|
|
{[testenv:ansible-syntax]commands}
|
|
|
|
[testenv:releasenotes]
|
|
commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
|