- Bumps some of the lower constraints
- Fixes common/endpoint_utils.py to fallback to use auth_uri.
Change-Id: Ief0868d5feef3ee6b0689c6be27649ff009fbbcc
In convergence we were loading resources from the database using the
current environment. This is incorrect when a previous update has
failed, meaning the resources in the database were created with a
non-current template and environment. If an attempt was made to change
the type of a resource but that resource was never updated, this will
result in us loading a resource with the wrong type. If the type has
been removed then it can result in errors just trying to show the stack.
Note that the Resource.load() method used during a convergence traversal
already does the Right Thing - it only uses the new type if it is a
valid substitution for the old type, and UpdateReplace is later raised
in Resource.update_convergence() if the type does not match in that
specified in the new environment. So we don't see any problems with
stack updates, just with API calls.
Since we cannot change the signature of Resource.__new__() without also
modifying the signature of __init__() in every resource plugin that has
implemented it (many of which are out of tree), instead substitute the
stack definition for the duration of creating the Resource object. This
will result in stack.env returning the environment the resource was last
updated with.
Change-Id: I3fbd14324fc4681b26747ee7505000b8fc9439f1
Story: #2005090
Task: 29688
This is a mechanically generated change to replace openstack.org
git:// URLs with https:// equivalents.
This is in aid of a planned future move of the git hosting
infrastructure to a self-hosted instance of gitea (https://gitea.io),
which does not support the git wire protocol at this stage.
This update should result in no functional change.
For more information see the thread at
http://lists.openstack.org/pipermail/openstack-discuss/2019-March/003825.html
Change-Id: I84db79fd691b726fcf298b682be63b232127ede4
Add file to the reno documentation build to show release notes for
stable/stein.
Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/stein.
Change-Id: I51c12c8cbd90c913e928711bfb31e77ad636d8c7
Sem-Ver: feature
Allow the user to set the CA cert for SSL option for contacting the
remote Heat in the properties of an OS::Heat::Stack resource.
Story: #1702645
Task: #17270
Change-Id: I37528bb2b881a196216a7e6e23af871ab0f313d6
Allow OS::Heat::Stack to access remote stack from another OpenStack
provider. Also enable functional tests for multi-cloud.
Implement multi-cloud support as an extension to the existing multi-region
support. Allow operate a remote stack (from another OpenStack cloud) as a
resource in stack from local OpenStack cloud.
I propose we add multi cloud support into ``OS::Heat::Stack`` and change the
property schema for ``context``. Within context, we should adding
following properties:
* credential_secret_id: ID of Barbican Secret. Which stores authN
information for remote cloud.
Service will use auth information from Barbican Secret to access
Orchestration service in another OpenStack.
Must make sure you're able toget that secret from Barbican service when
provide `credential_secret_id` property.
Story: #2002126
Task: #26907
Depends-On: https://review.openstack.org/579750
Change-Id: I2f3de3e7c29cf7debb1474228c8a9a81725a72ed
Provide tools to grep credential from payload
context in Barbican secret.
Change-Id: Ib638cfe25c35ef002088d52c729238f2aba737e6
Story: #2002126
Task: #26906
This patch deprecate personality property for `OS::Nova::Server`.
Since that property is deprecated by nova since version 2.57,
we should plan to Hidden that property soon.
please use ``user_data`` or ``metadata`` instead. If that
property really required, use config ``max_nova_api_microversion``
to set the maximum nova API microversion <2.57 for nova client
plugin to support personality property.
Add config option ``max_nova_api_microversion`` to set the maximum
nova API microversion for nova client plugin.
Story: #2004188
Task: #29979
Change-Id: I1852739e818ec67ac5a821e436e243eaa72f0938
When we specify a sd on delete action, os-collect-config will not
get authentication because we didn't load access_allowed_handlers
after stack enter stack delete phrase. This patch will make sure
we load necessary access_allowed_handlers even if in stack delete
phrase.
Change-Id: I43c1a865f507f7cb7757e26ae5c503ce484ee280
Story: #2004661
Task: #28628
With directly provide auth string(with contain a json formate
with auth_type and auth info), we can release context to specific
auth_type and give user the ability to provide other Keystone
(or their own) authentication method (like using
`v3applicationcredential` or others).
The format for `auth` and `auth_type` follows exactly Keystone
plugins like in clouds.yaml file [1].
[1] https://docs.openstack.org/keystoneauth/latest/
plugin-options.html#additional-loaders
Change-Id: Ic4dc2292a82860b9bb54ecb9e3b1a4dc806dab2c
Story: #2002126
Task: #26904
We cannot run this test in the gate because the volume backup feature is
enabled. However, with a change to the Heat tempest plugin to allow this
feature to be automatically skipped based on the tempest config, we no
longer need this test to be explicitly included in the skip list.
Change-Id: Iaefa5c272c4322498330307ea9bd6843d276ef1b
Depends-On: https://review.openstack.org/632989
Switch all Ubuntu Xenial integration test jobs to Bionic (by depending
on the patch that changes them globally.
Change-Id: I5b6c870a12892950c3e8d3aeadffe23ffbf8219e
Depends-On: https://review.openstack.org/639096
The Neutron extension for layer2 gateway (networking-l2gw) provides a API to
manage L2GW components. The proposed change is to implement two new Heat
resources to allow management of the L2GW and L2GW-connection resources.
This change implements the first of the two resources,
OS::Neutron::L2Gateway
Change-Id: Ib850f027833106cb39d3d1f6e644bbb1f79f1aac
Task: #19995
Story: #2002150
The Neutron extension for layer2 gateway (networking-l2gw) provides a API to
manage L2GW components. The proposed change is to implement two new Heat
resources to allow management of the L2GW and L2GW-connection resources.
This change implements the 2nd of two resources,
OS::Neutron::L2GatewayConnection
Change-Id: I2295acafa652ace7180d1250c85f8ee079351628
Task: #23118
Story: #2002150
Setting RUN_HEAT_INTEGRATION_TESTS=False disables the Heat
integration tests which are normally executed by Grenade
after the deployment of the base environment and after the upgrade.
This is useful when Heat is used in a Grenade job of another
component, where the focus of the testing is not Heat itself,
thus shortening the run-time of the overall Grenade job.
The default behavior is unchanged.
Change-Id: I47b258fecd45ebc08c82df179625bcfb57a32894
Add a OS::Blazar::Host resource plugin to support Blazar which is a
resource reservation services in OpenStack.
Co-author: Asmita Singh <Asmita.Singh@nttdata.com>
Change-Id: Ie5b9373681943222268eb9144740f5733ffef750
Task: 22881
Story: 2002085
Add a OS::Blazar::Lease resource plugin to support Blazar which is a
resource reservation services in OpenStack.
Co-author: Asmita Singh <Asmita.Singh@nttdata.com>
Change-Id: I7683599d9e9443372d1f585985cee7c10fd08581
Task: 22882
Story: 2002085
We don't seem to do it anywhere else. TripleO uses hook
reason string comparsion which does not work if
internationalized.
Story: #2005035
Task: 29524
Change-Id: I3e8f4587966969084cbf1e38406cd3cff23eb9a6
Nova has added a default policy
os_compute_api:servers:create:zero_disk_flavor to admin-only,
that will prevent non-admins from creating image-backed servers
with a flavor that has disk=0 which is potential a security
exposure.
Add appropriate disk size to flavors we use in tests.
Change-Id: I9c0af0b40fc5b5c33de7f0c690d156ed2bac2f15
