18 Commits

Author SHA1 Message Date
Ian Wienand
4f6629021e Update hacking, fix errors/warnings
This version of hacking doesn't understand f-strings as usable in
Python 3.  Update to the latest and fix current issues, which are all
just formatting fixes.

Change-Id: I0a7d6f93f07477b6dd29ab143130dd9064c250be
2020-01-14 09:40:45 +11:00
Michael Johnson
c49fb365ff Create 'Backport-Candidate' for Octavia repos
The Octavia team would like to enabled passive voting on patches
for backport candidates. This means that backport candidate votes
will not block a patch from merging, but will allow the team to
better track patches that should be backported.

Change-Id: Ib75714649848538e9fed171abd0b11f6fbc55503
2019-05-07 11:16:21 -07:00
Graham Hayes
fdb962758c Create 'Review-Priority' for designate repos
This allows anyone in the group "designate-release-manager"
to set the priority of patches, and block non freeze patches
during RC.

This allows for more precise dashboard than relying
on stars from PTLs, and allows the team to distingush
between a procedural -2 and a release freeze -2.

Change-Id: Id7b4c6b219899fa7ed86554257264af7efe20408
2018-03-28 18:37:08 +01:00
Andreas Jaeger
4adbecad99 Fix flake8
fix a "bug" in that the flake8 configuration in tox.ini was exclusively
selecting H231 as the only error it would report, so it was missing the
errors in the python modules (such as submit_log_processor_jobs). Due to
this being the case for a long time (since 2004) limit the more thorough
linting to the roles/ and playbooks/ directories where we'll be adding
ansible plugins/modules/etc. Also, lint in jenkins/script and nodepool.

Fix problems found.

We can lint everything with pep8 once the zuul v2 scripts are removed,
not worth patching them right now.

Change-Id: I479f010643cf3b67c183d763510f07a33400d38b
Co-Authored-By: Jesse Keating <omgjlk@us.ibm.com>
2017-10-21 18:37:10 +02:00
jeckxie
218eb38da9 Add Apache 2.0 license to source file
As per OpenStack licensing guide lines [1]:
[H102 H103] Newly contributed Source Code should be licensed under
the Apache 2.0 license.
[H104] Files with no code shouldn't contain any license header nor
comments, and must be left completely empty.

[1] http://docs.openstack.org/developer/hacking/#openstack-licensing

Change-Id: Iabfc781800f080b8235a2d812d16bdb3ee57067a
2017-02-16 10:46:54 +00:00
Andreas Jaeger
4e9f7cf97e Gerrit ACLs: Check for valid keys
Add check for valid keys to find obvious typos in keys.

Fix the one error found in openstack.config.

Change-Id: I6a2af22db0b9425372e66dca93498a33a07275e9
2016-07-07 19:16:47 +00:00
Jeremy Stanley
f62e441f24 Unshadow All-Projects in exclusiveGroupPermissions
Whenever a project-specific ACL declares exclusiveGroupPermissions
on some permission, it can block other valid uses of that permission
which would otherwise be inherited from the All-Projects pseudoACL.
Make sure that Project Bootstrappers retains access to abandon,
-2..+2 on label-Code-Review and -1..+1 on label-Workflow. Also make
sure Change Owners can still abandon and add -1..0 on
label-Workflow, and that Registered Users can always -1..+1 on
label-Code-Review.

This change corrects existing ACLs to meet the above criteria, and
also introduces a normalization rule to prevent regression.

Change-Id: I2eecb7028bcab7d5d82ad4155a775a9b2daa441f
2016-02-17 22:39:03 +00:00
Jeremy Stanley
cb63263510 Keep Gerrit ACL lines deduplicated
Gerrit ACLs can have multiple duplicate option keys in a section,
but completely duplicate lines (key and value together) have no use
so make sure they're collapsed into at most 1 copy.

Change-Id: I6bf43e860dcc8c3d7b2846d4e058b6c8ac7243eb
2016-02-17 22:31:54 +00:00
Jeremy Stanley
639ec1d17e There is no Project Bootstrappers-core...
...only Project Bootstrappers.

Correct the ACL normalization script oversight which led to this
unfortunate mistake, and clean up the resulting mess.

Change-Id: I391ead734d0cd28277581d54f254718c3e36d4b0
2015-04-24 01:08:11 +00:00
Jeremy Stanley
480330a116 Allow ACL sections to use .*-release group names
These are what the old .*-ptl groups were renamed to last year, for
better clarity.

Change-Id: I4764f6ab7c74adfbdcaba0a12d81a062beb9dc40
2015-04-21 21:22:35 +00:00
Jenkins
5b47a53e6e Merge "Make the unrecognized exception more verbose" 2015-04-03 14:06:34 +00:00
K Jonathan Harker
ca12f2f79d Remove unneeded 'create' from all tags sections
Look for all keys that begin with 'refs/tags' rather than just the
string literal 'refs/tags/*' when removing unneeded create permissions
from tag access sections.

Change-Id: I6dc226065166038700ffd324d354e617596888cb
2015-04-01 10:40:26 -07:00
K Jonathan Harker
c7b2df83ba Make the unrecognized exception more verbose
If the gerrit config normalizer comes across an unrecognized line, add
the bad line to the exception message for debugging.

Change-Id: I60e77a0b50718fb331bad0836ca769f685e6ce93
2015-03-31 14:15:26 -07:00
armando-migliaccio
a3034dfcbe Add openstack-infra to the list of namespaces to check.
Change-Id: I8ff59dccc06df7ab23d13eca6990418f3a547d34
2014-12-19 11:44:03 -08:00
armando-migliaccio
af09d7ca4b Extend ACL checks to OpenStack namespace.
Change-Id: I0ac6ee99391f218fa467b58bf39934c6c68d1808
2014-12-17 14:03:31 -08:00
Andreas Jaeger
d8416301e8 Check that Gerrit ACL files are normalized
Enhance Gerrit ACL check to check that the files are properly
normalized.

Co-Authored-By: Armando Migliaccio <armamig@gmail.com>

Change-Id: I9cdee60e77dab9c6943626d5fa1eda0402840277
2014-12-15 23:04:12 -08:00
Jeremy Stanley
fac5624859 Combine infra/ci core/admin gerrit groups
This is the result of running:

    find modules/openstack_project/files/gerrit/acls/ -type f \
        -name "*.config" -exec ./tools/normalize_acl.py {} 6 \;

Change-Id: I7aa27b859529b2bc8a990d6272334222996cbbc4
2014-06-30 17:30:45 +00:00
Jeremy Stanley
cc06421fb4 Add a script to normalize Gerrit ACLs
* tools/normalize_acl.py: Script which can perform one or more of a
list of normalizing transformations to an ACL file.

Change-Id: I063ab91b6e786eccaee61c669f0e840c7af6be14
2014-06-30 17:22:40 +00:00