As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also replace policy.json to policy.yaml ref from doc and tests.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I595b8c7cad7bb02486c8f0dd29fdc40789fc8e50
They are not used anymore, they are tasks are covered by native
Zuul functionalities and job definitions.
Change-Id: If8b0675194aea60ed2b38620425636bf0d436466
The upgrade pre/post script have been removed, because they are empty.
This change includes a few fixes for the grenade plugin:
- make sure to install mongo-tools when running grenade tests,
as they use mongodump which is part of that package.
- use sudo also when saving the redis dump file for the target
logs, as it already happens when the dump for the base logs
is copied.
The jobs have been ported separately from the tempest and rally
jobs because they can't be backported to all the older stable branches
like them (right now, only up to train).
Change-Id: I73c4c4dee994f13b7411a17f0c5d95ca9c84bd30
As part of Train community goal 'Support IPv6-Only Deployments and Testing'[1],
we need to define the integration job which deploy services
on IPv6 and perform testing to make sure service listen and communicate
over IPv6 properly.
Zaqar has legacy zuul jobs so base zuulv3 IPv6 job 'devstack-ipv6' and
'devstack-tempest-ipv6' cannot be used and we have to copy the whole
run.yaml to set the IPv6 setting and run the IPv6 verification
script via post_test_hook.
This commit adds the new job 'zaqar-tempest-swift-ipv6'
run on gate and set the required IPv6 setting'.
Change-Id: I9aece13783a061c4214157c3f7cfc9cc9f2a3f96
Story: #2005477
Task: #35941
In Queens, we support the old way to use pool_group and the
new way without it in Flavor both. In Stein, we will remove
the pool_group totally and only keep the new way in Flavor
and Pool.
The patch remove the pool group totally
Change-Id: I64fa5fde35f9b9f2e8aa4977eb2c253ffc6aee99
Implements: bp remove-pool-group-totally
This defaults to 0 anyway, and is being removed as the devstack
excercises are being removed. see https://review.openstack.org/#/c/581377/
Change-Id: I3b8db07fd20a706d191b4d1c58911286bff17f09
Option auth_uri from group keystone_authtoken is deprecated[1].
Use option www_authenticate_uri from group keystone_authtoken.
[1]https://review.openstack.org/#/c/508522/
Change-Id: Ieff5b69018e3824074b5a528a7b9d2a00dd7fb2e
TEMPEST_SERVICES global variable is not supported
by devstack since long back.
- I380dd20e5ed716a0bdf92aa02c3730359b8136e4
- I9c24705e494689f09a885eb0a640efd50db33fcf
Service availability of tempest known services will be
set by devstack with local check.
- I02be777bf93143d946ccbb8e9eff637bfd1928d4
This commit removes the unused TEMPEST_SERVICES setting
Related-Bug: #1743688
Change-Id: Iee8b10716efc6d48e97a3bcf3dafcc722239b2e3
This patch update the policy file generator guide.
And remove the realted action in devstack as well.
Change-Id: I7bd6aabe1d05245a1203380863c0444f6ea021f6
bp: policy-and-docs-in-code
The plugin has been split into its own repository[1] in accordance with
Queens Goal "Split Tempest Plugins into Separate Repos/Projects[2]".
This patch removes the local copy as well as the setuptools entry point.
We can also now remove the autodoc_tree_excludes pbr option since
there's no more plugin to exclude and it defaults to [setup.py].
[1] http://git.openstack.org/cgit/openstack/zaqar-tempest-plugin
[2] https://governance.openstack.org/tc/goals/queens/split-tempest-plugins.html
Implements: blueprint zaqar-tempest-plugin
Change-Id: Ia52d7f0a18e4b55260dc994f0802a96109280e24
The grenade gate sometimes fails with
"keystone did not start". this patch fix it
in grenade log, there are log as follows:
curl -g -k --noproxy '*' -s -o /dev/null -w '%{http_code}'
http://172.99.67.72:5000/v3/
wait_for_keystone:69 : die 69 'keystone did not start'
actually, KEYSTONE_AUTH_URI should be http://172.99.67.72/identity/v3
instead of
http://172.99.67.72:5000/v3/ which leads to keystone failure
Change-Id: I116e46ed30f6ce0fbc7b9207cc4f519438df8bc2
Use $API_WORKERS as process count and add other
wsgi options like thunderlock (recommended
to prevent thundering herd on accept).
Change-Id: I70fdc09edf524ba3733d03013d4bb296e8b2954b
This reverts commit 4a1a6b3766. It didn't
improve the situation, and at least it's failing early.
Conflicts:
devstack/plugin.sh
Change-Id: Idf16037e6a3bbc7f915e12827348eda663721d5e
By default, CORS middleware can allow requests from any origin. So it's not
necessary to use the 'enabled' option.
Closes-bug: #1677049
Co-Authored-By: wangxiyuan<wangxiyuan@huawei.com>
Change-Id: Id80e17466400937bba9fbb4aa2a2b65de9d62252
Add the new middleware CORS for Zaqar
It only supports for WSGI.
Websocket doesn't need this feature.
Change-Id: Ifc6d2d1c5dde5152cab6e3aa2f3cf9f207481267
Implements: blueprint support-cors
Table creation must happen outside of API requests. This changes the
devstack plugin to create the tables properly.
Change-Id: I57c4fba06dc6725ea977477b777e4ffd6856adde
The standard name for the WSGI callable is application, let's use that.
We'll keep app for compatiblity purposes.
Change-Id: I2138ef05b985dcfeba108c8a5441206b2c4ae1a7
The gate sometimes fails with "Zaqar did not start" without any way to
know what's going on. Let's remove that check and let usage of Zaqar
fails with proper error later on.
Change-Id: I04692763eb15a849541eb1903bb0fad6c16435db
KEYSTONE_CATALOG_BACKEND variable is removed from devstack[1], use
KEYSTONE_IDENTITY_BACKEND instead.
[1] https://review.openstack.org/#/c/391380
Change-Id: Id9b34af0ea1faecaeaea8a1d41a0e4b866b688af
Closes-Bug: #1644090
It's related to devstack bug bug: 1540328, where devstack install
'test-requirements' but should not do it for zaqar-ui project as
it installs Horizon from url. Remove following two 'mv' commands
when mentioned bug is fixed.
Change-Id: Ib4d0abe3b083d996556f615943d3b1185c9f882a
Zaqar API v2 has been released for several cycles and it's integrated
as the default API version by most of the openstack services. So it
is time to deprecated v1.1 in favor of v2.
DocImpact
UpgradeImpact
Implements blueprint: deprecate-v1.1
Change-Id: I40c51df5a89e0a883ad14cf7e02b96ca78147294
The github.com contains a mirror of the git.opoenstack.org but it should
not be treated as the official site to get openstack projects.
Change-Id: I31270f013f70ce250f0b48f20d2454ee5079c252
API v1.0 has been deprecated for a while and v1.1 will be deprecated
soon. We shouldn't be enabling deprecated API versions by default. This
patch adds a decorator to disable deprecated APIs by default unless they
have been explicitly enabled in the environment.
Co-Authored-By: Fei Long Wang <flwang@catalyst.net.nz>
Change-Id: I62fb4d18bc6c9f5455bff0d56e42269b4590b454
This adds the ability to send keystone authentified notifications using
trusts. To do so, you specify the posted URL with the "trust+" prefix,
and Zaqar will create and store a trust when subscribing to a queue, if
the trust not provided in the subscription options
It also add a capability to the webhook task to be able to send more
structured data in the notification, allowing to include the Zaqar
message in the data.
blueprint mistral-notifications
DocImpact
Change-Id: I12b9c1b34cdd220fcf1bdc2720043d4a8f75dc85
Now Zaqar isn't using Tempest for jenkins gate checking, which is
a missing. This patch fixes it by using Tempest's all-plugin to
run Zaqar's Tempest cases in tree.
Change-Id: I7e10a5b218b60eea47a96d36ebeb4029d33e7edd
This option is deprecated in Mitaka and has been removed in Newton,
and its default value is True already. Let's remove it.
Change-Id: I167713165bd96a4ccd423976f8fcad5ff8fc399c
ref: https://review.openstack.org/#/c/314573/
With the recently merged patch https://review.openstack.org/274972,
Zaqar now requires "Client-ID" header for API v2.
Our devstack plugin checks if Zaqar has started by sending request to
Zaqar's ping endpoint. But devstack plugin is not using "Client-ID"
header for sending this request, so the request now always fails and
devstack thinks that Zaqar service hasn't started.
This patch adds "Client-ID" header to the ping request to Zaqar in the
devstack plugin.
Change-Id: I441a5a9778d0676e0a380f5e20be40e1a029409f
Subscription options returned by the controller get methods was not
unserialized propertly, still containing msgpack data.
It also changes so that mongo doesn't connect before forking, and fix
uwsgi persistent connections (non) support.
Finally, it changes how keystone options are registered to use a more
robust and supported mechanism.
Change-Id: I917a893c0d7175e3a465cf08c5e0375d9944fd16
