| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
If the record status changes during the removal process,
the current implementation will fail.
Change-Id: I02b5d7499440154160c89ed63a2f70652fe72145
(cherry picked from commit b3161ece234b5e2ee7658060aaa936af625bef38)
|
| |/
|
|
|
|
|
|
|
| |
If the record status changes during the removal process,
the current implementation will fail.
Closes-Bug: 2015762
Change-Id: Iebe609e5f365d03e99f2a4580671175b4642763c
(cherry picked from commit 2cb42ac9f6e5273ad64e697919b62e029466078f)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The backend_url option can sometimes contain secrets.
For example when redis coordination backend is used and authentication
is enabled in redis, the plain redis password is put as an URL element.
[coordination]
backend_url=redis://:password@127.0.0.1:6379
Closes-Bug: #2012246
Change-Id: I0ee95fc56130e51bf5c799d252e79a469492b7db
(cherry picked from commit 541395c42414c40d105ce206e2f200456bbc375f)
(cherry picked from commit bda31ec62c3eaa7fcdd25d69f97742744debf915)
(cherry picked from commit be775801e33313305b5d90dca10bae166e6938c8)
|
| |
|
|
|
|
|
|
|
|
|
| |
If invalid MX record is provided during recordset create command or
valid record is updated to invalid record using recordset set command,
causes recordset creation/updation failure. This leads to zone enter
in ERROR state and all further recordset creation calls fail. Validate
the records within recordset during create or update call.
Closes-Bug: #1927304
Change-Id: I0ace4d6c4ad6a6ee236e3af23805b01345d60a42
|
| |
|
|
|
|
|
|
| |
B309 was removed with this patch and breaks the CI.
https://github.com/PyCQA/bandit/commit/130a467434ff6b8f9bbd83100e409bc1fcb6f407
Change-Id: I15864a76c8913f151154e2398ae86aea71883498
(cherry picked from commit 758956d5b9321c72d63cbf3d8a1987d5dc6e6bb3)
|
| |
|
|
|
|
|
|
|
| |
We are currently failing with module 'dns' has no
attribute 'resolver'.
Closes-Bug: #2006537
Change-Id: I31a1b1892a7112018b1261f956f51ed4eaa7cfb9
(cherry picked from commit 5cd63481c68ca5d2c8764a93dee5cbb8b45ecf63)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since Devstack is dropping CentOS 8 Stream[1], we need to move our jobs over to CentOS 9 Stream.
Now that there is a "devstack-single-node-centos-9-stream" nodeset we can remove our local
CentOS 9 Stream nodeset.
[1] http://lists.openstack.org/pipermail/openstack-discuss/2022-April/028321.html
Change-Id: I1c8dfec7bd2b5f80b12d7229e47ef8ff70bd283b
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
With this it can be reused by the other designate repos and we can
reduce the replication everywhere.
Change-Id: I1fe73145e4a4699939244bc857600efa264f2340
(cherry picked from commit c907cfa1e68249c21e8cad9f58ff3dc3d9cea6df)
(cherry picked from commit 96d788c6733b3e3f78fab96ebc5e0aae2203842a)
|
| | |
| |
| |
| |
| |
| | |
Closes-Bug: #1977826
Change-Id: I81a4883fd48653c3b0d60ac07210fc0de55ac12a
(cherry picked from commit 42dac06e0cdef9eccabc7085d0ff9da47563b318)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When Designate is configured to use Redis for coordination over a TLS connection, it will fail to connect with "ssl.SSLError: ('timed out',)".
This is caused by eventlet raising ssl.SSLError instead of the expected socket timeout the core libraries return.
This patch monkey-patches eventlet to return the proper exception.
Closes-Bug: #1989020
Change-Id: I5bd1c10d863212683752e05bb450e6f531ff7e72
(cherry picked from commit 93dee6a3ff44fb7470b3008e8fbbaf99822bbe82)
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch removes the lower-constraint job from the stable/yoga branch.
This is part of a series of patches that will remove the job from all stable
branches of Designate.
The lower constraint check is important on the master branch to make sure that
new patches are tested against the lowest supported version of dependencies.
This helps packagers make sure they have at least the minimum version of a
dependency packaged along with the service.
After a release and the stable branch is created, these jobs can cause
problems maintaining the stable branches as bug fix patches are released for
the dependency projects.
For this reason, we are proposing to maintain the lower-constraints job on the
master branch, but disable it on the stable branches.
Change-Id: I5998a723d7f664a6c487eccc6e93541084f4d376
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a bug where adding an additional pool to designate using the "designate-manage pool update" command may fail with an exception:
designate.exceptions.MissingProjectID: A project ID must be specified when not using a project scoped token.
There was an extra check added as part of the scoped token work that a project ID must be provided when creating pools. This was incorrect as pools are still valid with a None project ID as they are a system resource and not tied to a specific project.
This patch removes that check, but retains the RBAC check for and "admin" token.
Closes-Bug: #1986733
Change-Id: I7345d7ef505420767209ba037e3c8930a282d03f
(cherry picked from commit a03c4657c2bf957fef035807ef7df732f7a1c994)
|
| |
|
|
|
|
|
|
|
|
|
| |
According to IETF https://tools.ietf.org/html/rfc2181#section-8 the
definition of the ttl value is unsigned and can have a minimum
value of 0. This path changes the minimum value of 1 to allow for
0 in recordset creats and updates. Unit test have also been modified
accordingly.
Closes-Bug: #1926429
Change-Id: I9b08e25a007bea598442da377dc227538f6e35f7
|
| |
|
|
|
|
|
|
| |
Due to parallel development paths, the release note added for the fixes to
the secure-RBAC patches implied it was adding a new feature when in fact the
feature already existed.
Change-Id: Ia9a904403a2336cc9cd4645d918fc0ff64d5e871
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
According to ITEF https://tools.ietf.org/html/rfc2181#section-8
the definition of the ttl value is unsigned integer and can have a
minimum value of 0. This patch changes the minimum value of 1 to allow
for 0. Unit test have also been modified accordingly.
Closes-Bug: #1926429
Change-Id: I7876b4c1e2c800b654ca750211ee2e58f3ea4309
(cherry picked from commit 6ac659d241c65c245d8a090768ac7559c32a13f1)
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch defines the situation where the import_zone exception handler
produces the message 'An undefined error occurred' to the exception during
the zone import where an underlying exception occurred from the rpc
dispatcher at the same time as a duplicate zone exception. Kiall Mac Innes
explains this in
https://opendev.org/openstack/designate/commit/2c9460505d07d0e46765a552b637e5a3296b667b
the problem here is in the way the _import_zone was written where
https://github.com/openstack/designate/commit/9b809a11b3068552274340606eb76d2217411b85
was written with threading.local, so it only works if it stays within the same
thread. Since _import_zone is created on a separate thread, the necessity to add
the decorator @rpc_expected_exceptions() at the top.
Closes-bug: #1950118
Closes-bug: #1964323
Change-Id: If7d50cbd4fa0ce86e0ddf03068da36acd7d72cb4
(cherry picked from commit d705c5d6b861f319096afdd3ad50a2100651b064)
|
| |\ \ |
|
| | |/
| |
| |
| |
| | |
Change-Id: I38efa22bb8b0de6fd9a70339e8044fea70080004
(cherry picked from commit 291558c380232b726be0253fdee1f88902522beb)
|
| |/
|
|
|
|
|
|
| |
This adds a check to validate if we need to
keep retrying the current action.
Change-Id: I4b2991499f33e65790388aea902a8b3e6023eb4e
(cherry picked from commit dc45a03563bc075242b4d27dfbc6d340166c1c0c)
|
| |
|
|
|
|
|
|
|
| |
Zuul is changing how queues are declared[1]. This patch updates Designate for the new way to define the queue.
[1] https://lists.zuul-ci.org/pipermail/zuul-discuss/2022-May/001801.html
Change-Id: I94324104a7ed89e757d48bb250d8b1132026ce46
(cherry picked from commit fe9fb45c21a7be2f88600e1f29fd37f56244cc1a)
|
| |
|
|
|
|
|
|
| |
This patch improves the quotas API validations and test coverage. Invalid quota settings will now be caught at the API/Central layer and not down in the storage layer(DB).
Closes-Bug: #1934596
Change-Id: I474bdd988a6cc3a9bcce1b65c2f49216dd85addf
(cherry picked from commit 38178c079a1a66229f06becbd7b60a749879c4a6)
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This patch fixes an issue were deleting a zone transfer request with a scoped
token may fail.
Change-Id: I4522796ac056630c63798830e8f8d92628f14a37
(cherry picked from commit 6f847aeb5a309eb6e70dee58057fef01886573f6)
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, if set-quotas was called with a non-project scoped token and the all-projects flag was not set, the quotas would be updated but the result returned
would always be the default quota values.
This patch changes the API to require the all-projects flag when set-quota is called and the token is not project scoped.
Closes-Bug: #1966128
Change-Id: I55ca76ef7c2cbeb5fdae1aed1dcbe58b7acddc34
(cherry picked from commit 158e017be489eea5402ef258ea260183067bf1ca)
|
| |/
|
|
|
|
|
|
|
|
|
| |
Pip is pulling in unstrained dependencies during the "sibblings" package
install step. Normally this is fine as the dependencies have already been
installed and it's just installing the package under test. However, with
designate there are a lot of overlapping dependencies and pip will end up
reinstalling an unconstrained version. In this case it was Jinja2.
Change-Id: Ie49f99ba8e86913471ee6cd078f5afd28282c0f5
(cherry picked from commit 30a03e1092b29457e4b79c9c7e33f835f534c857)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update the URL to the upper-constraints file to point to the redirect
rule on releases.openstack.org so that anyone working on this branch
will switch to the correct upper-constraints list automatically when
the requirements repository branches.
Until the requirements repository has as stable/yoga branch, tests will
continue to use the upper-constraints list on master.
Change-Id: I24d9480ae50dc9dfd39ae885f14b2074843faee7
|
| |
|
|
| |
Change-Id: Ic589933124f66d994c0c8b7fa409f619f192096f
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a new Bind9 is added to the pool, Designate will trigger 'modzone'
rndc command that will fail, unless zone is already present on the backend.
This change will first verify that the zone is present on the backend,
before an update attempt. If zone is not present - zone creation will be
triggered.
Closes-Bug: 1958409
Co-authored-by: Kiran Pawar <kinpaa@gmail.com>
Change-Id: I782bf38a68f24a2e7133ff2afad7c96e2ae6b7f0
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds a new status value for floating ips called
inactive that is used to indicate if there is not a dns record
assosciated with a floating ip.
Partial-Bug: #1932026
Change-Id: Ieca3cb06b99ba4556f4e6e770f82ec594d1ab1b6
|
| | |
| |
| |
| |
| |
| |
| | |
This patch updates Designate to be compatible with oslo.context>=4.0.0.
Oslo.context has removed support for "tenant" in the context.
Change-Id: I49ed7df40bdd2dfbdc4b21817b23e4e21c8ce400
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Devstack is using poor settings when generating certificates when tls-proxy
is enabled[1]. These settings do not work at all on CentOS 9 Stream causing
devtack to fail[2].
This patch will make the CentOS 9 Stream job non-voting until devstack can be
fixed.
[1] https://opendev.org/openstack/devstack/src/branch/master/lib/tls#L304
[2] https://zuul.opendev.org/t/openstack/build/1d90b22a39c74e24a8390861b3c5f957/log/job-output.txt#5535
Change-Id: I9ea2bdb73854b10c155a44f6025f07b433d407c3
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Regular users will likely use the CLI and not the API. Add usage of
the appropriate CLI commands.
- Clean up some of the wording
- Add IPv6 example
Change-Id: Ida6dc50b7e360d035bfd90f2f4de2fb6c6b9bf77
Signed-off-by: Nicolas Bock <nicolas.bock@canonical.com>
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch adds a message to OverQuota containing information
on the actual quota reached and fixes a minor visual bug
with QuotaResourceUnknown.
Change-Id: Ibd01f6ad3046ca29eec02032e9115183f89a6a4b
|
| |\ \ \ \ |
|
| | |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Adds new field check method DenyListFields to validate
the pattern string. in addition, check for a zero
length string as well.
Closes-Bug: #1934252
Change-Id: I2b69025fc11125bb73a4e0f8c0dedad951399cbf
|
| |\ \ \ \
| |/ / /
|/| | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch updates the grenade job to migrate from using Apache mod_wsgi
to using uwsgi for the Designate API when upgrading from Xena to Yoga.
It also splits out the wsgi devstack configuration into a library file.
Change-Id: Icf8ee4a8e7e2dff67257b0e5f82fbeab6cb7e0b8
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Closes-Bug: #1960764
Change-Id: Ib91e49081855e5f4ec9f46a060d1587dcfeaac29
|
| |/ / /
| | |
| | |
| | |
| | |
| | | |
Removed unnecessarily complex threading code.
Change-Id: If00b37e72dabd1bc66a78d9a832c3847c12f6692
|
| |\ \ \ |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This logic is already handled by the sqlalchemy abstraction.
Change-Id: I6ee2db46fcec466d123f6c535670306942bb5dbd
|
| |\ \ \ \ |
|
