| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The method Resource.check() is not a generator function, but it does
return a generator in most cases. Simply calling the function does not
cause the resource to actually be checked. Only in the case where the
resource did not provide a handle_check() method would it do anything at
all - and in that case it simply changes the state to CHECK_COMPLETE.
Yield the generator function so that the resource will actually be
checked if the resource type supports it.
Change-Id: I2a78b6f6235529a95838307e3d38731d31ff5c4b
Task: 37828
(cherry picked from commit 5c6038f7a272238eef8978a4b26ab4ae4efd745b)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As part of a CVE keystone has started checking[1] the timestamp
of signed ec2 token with default TTL of 15 mins. We can't
store the ec2 url anymore for future use for those.
This moves the caching logic to BaseWaitConditionHandle class.
Conflicts:
heat/engine/resources/signal_responder.py
heat/tests/test_signal.py
[1] https://review.opendev.org/#/c/724124/
Change-Id: I6b74faed820caccd39210bd48a212b2dedca46b9
Task: 39985
Related-Bug: #1872737
(cherry picked from commit 3047ca7d36baaa59ab2960602da956d2087a2a62)
(cherry picked from commit 913c428b3030c67b3110af75f24dd8f99be00dbf)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When user wants to do manual scale-up of ASG by increasing the
desired_capacity and also update some member properties as
part of a stack update, if it fails due to insufficient
resources when resizing, trying to manually scale-down by
decreasing the desired_capacity won't work, as it would
always expect to update the group with the earlier size
before scaling down.
This patch uses the target_size when building the batches.
Task: 39867
Change-Id: Id851530b424f68b5e0e967fe34431483bfffd852
(cherry picked from commit 26d8f64fc90ed9b3ad0413ed0c932fb91b51d666)
|
| |\
| |
| |
| | |
stable/rocky
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
If the project has already been deleted, don't let that prevent role
assignments on it from being deleted.
Change-Id: I56aede8209e425ee6c2d762a44db8cda5416e69b
Task: 30955
(cherry picked from commit 8c67437378ca505c5752cee0d862d806ca11c3a0)
|
| |\ \
| |/
|/|
| | |
stable/rocky
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
OS::Mistral::Workflow resource creates a mistral workflow with
a unique name (resource_id). We replace FAILED resources by
default and replace wont work in this case as it will try to
use the same workflow name for the replacement resouce, if the
'name' property is provided.
If the workflow does not exist/deleted using mistral api directly,
it would create a replacement resource, but it would delete the
workflow when cleaning up the old resource. So we would endup
with a replacement resource without any backing workflow.
This adds a new resource attribute ``always_replace_on_check_failed``
and overrides needs_replace_failed() for OS::Mistral::Workflow.
Task: 38855
Change-Id: Ia0812b88cae363dfa25ccd907ecbe8b86f5b1a23
(cherry picked from commit 9e80518b900a1f14a80ee05ddeef4b250433febd)
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| | |
Fedora-Cloud-Base-29-1.2.x86_64 is removed from openstack local mirror.
Update to use Fedora-Cloud-Base-30-1.2.x86_64 for test jobs.
Change-Id: I37ddde75cf0e9422191aabac3df42c555f1a5c6c
|
| |/
|
|
|
|
|
|
|
|
|
| |
This feature of openstackdocstheme means that we'll always link to the
corresponding branch of another project (i.e. latest links to latest,
but train links to train, &c.)
https://docs.openstack.org/openstackdocstheme/latest/#external-link-helper
Change-Id: If94115f87af3689413405f3283be7fb197fab058
(cherry picked from commit dd70d9244d5a8b8b91b3e5908b45bf5b7f6a8974)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Stable branches till stable/rocky is using python
version <py3.6. Tempest test those branch in venv
but Tempest tox use the master upper-constraint[1]
which block installation due to dependencies
require >=py3.6. For exmaple, oslo.concurrency 4.0.0
is not compatible for <py3.6.
As we pin Tempest for EM stable brach, we should be
able to use stable constraint for Tempest installation
as well as while running during run-tempest playbook.
tox.ini is hard coded to use master constraint[1] which force
run-tempest to recreate the tox env and use the master constraint.
Fix for that- https://review.opendev.org/#/c/705870/
[1] https://opendev.org/openstack/tempest/src/commit/bc9fe8eca801f54915ff3eafa418e6e18ac2df63/tox.ini#L14
Depends-On: https://review.opendev.org/707665
Change-Id: Id5f5b6b0c1b1d925e5ee041120fbaf20e891d4c4
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As per CLI and GUI, availability_zone is not mandatory. In templates,
it is. This is incorrect.
This patch corrects behaviour to match CLI and GUI.
Change-Id: Ice37340f084ea65bd4b46562145e82ede6bc0df5
Story: 2006586
(cherry picked from commit 2799a5fcd76639a202092ea1b6fc242a8886dc56)
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I424583fd83a086afb710b282f1c331a8d2219311
Story: #2007061
Task: #37919
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Unit of both 'delay' and 'timeout' should be seconds based on Octavia
API doc
https://docs.openstack.org/api-ref/load-balancer/v2/index.html?expanded=create-health-monitor-detail#id105
Change-Id: I6de88e687ff95432ddbd0547a7f5759e18d7749e
Story: 2006637
Task: 36852
(cherry picked from commit ad841b4483eeba9dfd0ccd8f8b4c5d5fd3e15cc1)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We may end up loading lots of nested stacks concurrently with
convergence and those would try to discover endpoints and fetch
access info objects from keystone. This at times results in
ConnectTimeout errors from keystone. We can avoid these errors
by adding some retries.
Also adds retries to client_plugin get_endpoint() calls, which has
simillar issue.
Change-Id: I18cde971248eff5783f97c9e7a60316d7dd93431
Task: 36349
(cherry picked from commit 6fb8ac250ae27810516b89f273923d6b786606b5)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When creating session clients we should use 'connect_retries'
for clients that use Adapter interface. This will
allow retries when we get ConnectTimeout errors.
Task: 36331
Change-Id: Ic526c8039c91353e772eee7b55f1d263470c86bb
(cherry picked from commit 364716725a4767f8d9e3e5e1c76ecf4f969a6613
and c7cc740f307ce8ffdf36c29094c9cbce5a6c8d14)
|
| |/
|
|
|
|
|
|
|
| |
update_input_data in sync_point.sync() at times fails with
DBDeadlock. Let's add retry like sync_point_create()
Change-Id: Id4468801bcffa7a704d90d2e190ec8dbb9a0a00b
Task: 36299
(cherry picked from commit ba9c42b9eb33b98ef68bea8d47852cfe54977b4d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Neutron requires the allowed address pair ip address to be
either an ip or a cidr.
https://review.opendev.org/#/c/575265/ made heat verify for
cidr only.
Change-Id: I2cc2785cb32cf8d788af6262992b1b76107c8292
Story: 2005674
Task: 30985
(cherry picked from commit 5e93b3e4cf60310d33bf397fd11b4ec50e6067a0)
(cherry picked from commit cec8b079c006522b2b2eaeede49a7a7229f7ae2d)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The convergence prototype ignored checks of resources that had previously
been replaced by another resource. However, it turns out that this was
unnecessary in the final version of the prototype:
https://github.com/zaneb/heat-convergence-prototype/commit/e9d2f833a53de1ab09e7d936a4826d36ed7bb68d
Keeping this limitation prevents us from allowing users to roll back to a
previously-existing resource if creating the replacement fails, other than
by using the automated rollback mechanism (which is special-cased).
Since the graph for the traversal is calculated at the start of the update,
there's no need to limit which nodes are allowed to be checked. Only the
selected resource will have an is_update=True node in the traversal graph.
Removing this additional restriction allows us to improve the algorithm
that chooses which resource to update. Since a new traversal ID is stored
before we calculate the traversal graph, we can guarantee that no new
resource checks will start (though some may still be happening) while the
algorithm is choosing, so there's no danger of it picking a resource that
later gets replaced.
Since we're no longer treating automatic rollback as a special case, reset
the replaced_by field whenever we update a previously-replaced resource.
Change-Id: I04e7ad90944c2d03ce0e59ba16af9d60d6e01222
Story: #2003579
Task: 26197
(cherry picked from commit e34da892901dbba709d3854f8979eee32594d916)
|
| |\ \
| | |
| | |
| | | |
stable/rocky
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We use the same periodic_interval to update the service record
and compare it with current time when doing 'service list'. So, It's
possible there will be a small window where 'service list' would show
the engine as down. Tools that use service list for monitoring would
wrongly assume the service as down. Let's change service list to
report the service as down if it's not updated in 2*periodic_interval.
Change-Id: I0f6a30e06bb214bb673930b31a2db946600926b0
Task: 35946
(cherry picked from commit fd23308f6ec20e4441d8da486a4f6930a2ba366d)
|
| |\ \
| |/
|/|
| | |
stable/rocky
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Removing stack creation limit for admin since admin can view all stacks,
and stacks created by other tenants would have been counted in the limit
check.
Change-Id: Ie2e9251245e7e16309661154e17724e5984c21e6
Story: 2003487
Task: 24756
(cherry picked from commit 22b14ff975f885c26b861d4d1b22577cca189e04)
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
With the setup.cfg entry it can be called directly from
oslo.policy.
$oslopolicy-policy-generator --namespace heat
This will get the effective policy that’s being executed.
Change-Id: Iad2e71819f4847f47dd17d3cd4afa78e6b3f52a7
Story: #2005055
Task: 29573
(cherry picked from commit 5bdcaeff018782a956fd8228e04ddd2169c353c6)
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We don't store resource_properties_data for OS::Heat::None.
There is no point trying to resolve the properties for old resource
which would fail at times.
Change-Id: I4cf72ae6d11ffbedc20adedfe7b6d2a1d47e23ee
Task: 35661
Closes-Bug: #1834881
Depends-On: https://review.opendev.org/668144
(cherry picked from commit 7066bccc538574de5424ff0b79ce1e2feeb6e2ad)
(cherry picked from commit 84fe2ec4f3b9d91e748d31ba09c78518a71fa9ad)
|
| |\ \ \ |
|
| | | |/
| |/|
| | |
| | |
| | |
| | | |
Change-Id: I50c106a2b80a707ba8296efed86194526d6e5da6
Task: 30196
(cherry picked from commit 41b9a650dfd9a78614272a1fd8f23c617261266a)
|
| | |/
|/|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As it was announced [1] global bindep-fallback.txt was removed and now
projects need to have a local bindep.txt to be able to install binary
dependencies for testing.
In test jobs the script tools/test-setup.sh is called which requires
mysql and postgres servers and clients to be installed.
[1] http://lists.openstack.org/pipermail/openstack-discuss/2019-June/007272.html
(cherry picked from commit d116b216965bbfc80840f5bfc994b731e2d29d81)
Note(elod.illes): patch was modified so that the test-requires files
are kept. An upper constraint was also added for bandit. This actually
freezes requirements (required by bandit) on stable branch.
Change-Id: If9befe4115c64c2fda52321002ba5fe1124eaf7c
(cherry picked from commit 916fd05627dddce33a577038f983e17295cc44e8)
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the 'actions' property of a deployment is [], we don't
create a software deployment in heat and resource_id of the
software deployment is None. However, there is a possibility
that we access the attributes of the sd in the template and
that results in TypeError as we try to make an rpc call to
show the software deployment for None.
Change-Id: Iefd3cdd20bb51c63e7267ae0628e0f15544c0427
Task: 33516
(cherry picked from commit ee061103477ed7c9b4692a8b90817a127064fbcd)
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The region name eventually has to pass through an os-collect-config.conf
file, the format of which is unable to distinguish between the JSON null
(equivalent to None in Python) and the string "null".
This means that Story 2002781 caused a regression for users who didn't
have the region_name_for_services config option explicitly set in
heat.conf.
To avoid this, only specify the region when we know what it is.
Change-Id: I23493b1c477d082c478f87167de2c1859ba5ace7
Story: #2005797
Task: 33527
Task: 33528
(cherry picked from commit d580565abff2997002eff856535bdfd2ddb44da7)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There's a regression[0] in bandit 1.6.0 which causes bandit to stop
respecting excluded directories, and our tests throw a bunch of
violations. Blacklist this version, but allow newer versions as there is
already a pull request[1] to fix it, and I expect it will be included in
the next release.
Also fix the requirements job which was broken by
https://review.opendev.org/657890 adding a cap on Sphinx on Python 2.
[0] https://github.com/PyCQA/bandit/issues/488
[1] https://github.com/PyCQA/bandit/pull/489
Change-Id: Ieabcd4e8c5e5354125a63e89b9b60931c760858a
(cherry picked from commit 011fa22c42506e63229cca7e5fc65f81b6e0aabf)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit was bulk generated and pushed by the OpenDev sysadmins
as a part of the Git hosting and code review systems migration
detailed in these mailing list posts:
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003603.html
http://lists.openstack.org/pipermail/openstack-discuss/2019-April/004920.html
Attempts have been made to correct repository namespaces and
hostnames based on simple pattern matching, but it's possible some
were updated incorrectly or missed entirely. Please reach out to us
via the contact information listed at https://opendev.org/ with any
questions you may have.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.
This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.
This update should result in no functional change.
For more information see the thread at
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html
Change-Id: I7f00caba1de82069679ccd75180d3b01ba78138c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We are updating all Python projects to publish artifacts to PyPI. The
name "heat" is already taken there by another project, and they have
rejected our request to claim the name. We therefore need to change the
dist name used to package heat. We have some other projects publishing
using an "openstack-" prefix, so I propose using the name
"openstack-heat". This will not change the imports or anything else
about how the code works, just how it is packaged.
Add a grenade plugin for upgrading between the packages with different
names so that we can clean up the old version of the code and avoid
discovering the heat plugins multiple times in different locations.
Change-Id: I59b55cffd9e648f842eb286b936f09c5b55a76db
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
(cherry picked from commit 8ae5f8657b2bdf841bdf114b49839700c2ee924f)
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In convergence we were loading resources from the database using the
current environment. This is incorrect when a previous update has
failed, meaning the resources in the database were created with a
non-current template and environment. If an attempt was made to change
the type of a resource but that resource was never updated, this will
result in us loading a resource with the wrong type. If the type has
been removed then it can result in errors just trying to show the stack.
Note that the Resource.load() method used during a convergence traversal
already does the Right Thing - it only uses the new type if it is a
valid substitution for the old type, and UpdateReplace is later raised
in Resource.update_convergence() if the type does not match in that
specified in the new environment. So we don't see any problems with
stack updates, just with API calls.
Since we cannot change the signature of Resource.__new__() without also
modifying the signature of __init__() in every resource plugin that has
implemented it (many of which are out of tree), instead substitute the
stack definition for the duration of creating the Resource object. This
will result in stack.env returning the environment the resource was last
updated with.
Change-Id: I3fbd14324fc4681b26747ee7505000b8fc9439f1
Story: #2005090
Task: 29688
(cherry picked from commit aa58fbcacfdc14bb2e8d5a4ff1ef7a47fe9268d0)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When we specify a sd on delete action, os-collect-config will not
get authentication because we didn't load access_allowed_handlers
after stack enter stack delete phrase. This patch will make sure
we load necessary access_allowed_handlers even if in stack delete
phrase.
Change-Id: I43c1a865f507f7cb7757e26ae5c503ce484ee280
Story: #2004661
Task: #28628
(cherry picked from commit 0e1ed1a4b23142ff379e01a3574fef771f703915)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We don't seem to do it anywhere else. TripleO uses hook
reason string comparsion which does not work if
internationalized.
Story: #2005035
Task: 29524
Change-Id: I3e8f4587966969084cbf1e38406cd3cff23eb9a6
(cherry picked from commit 1cd8ce37c038ed79371da60527de35bb75bdfab5)
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Zones are a concept of the Designate v2 API. Since v1 is still the
default, we need to explicitly use v2 when doing anything to do with
Zones. We were doing this when looking up a zone directly, but not when
falling back to listing all zones and going through them by name. This
meant that designate.zone constraint validation would fail (including on
the 'zone' property of OS::Designate::RecordSet) when the zone was
specified by name rather than UUID.
Change-Id: Id4194a74398488813f901b255f312f7ac962a426
Task: #29162
(cherry picked from commit 8c79ae0aeb8f937f45d94f5f549de344d7ea5817)
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
When migrating stacks to convergence, if there are resources in
the database that are not in the current_template_id of the stack,
they are possibly of no isue, so it would better to delete those
resources from db to avoid any future update issues.
Change-Id: Ica99cec6765d22d7ee2262e2d402b2e98cb5bd5e
Story: #2004071
Task: 27092
(cherry picked from commit 43583b4a323e15b13e288b3a6f78500e442b7402)
|
| |\
| |
| |
| | |
stable/rocky
|
