| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
| |
Due to parallel development paths, the release note added for the fixes to
the secure-RBAC patches implied it was adding a new feature when in fact the
feature already existed.
Change-Id: Ia9a904403a2336cc9cd4645d918fc0ff64d5e871
|
|
|
|
|
|
|
|
|
| |
Zuul is changing how queues are declared[1]. This patch updates Designate for the new way to define the queue.
[1] https://lists.zuul-ci.org/pipermail/zuul-discuss/2022-May/001801.html
Change-Id: I94324104a7ed89e757d48bb250d8b1132026ce46
(cherry picked from commit fe9fb45c21a7be2f88600e1f29fd37f56244cc1a)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
According to ITEF https://tools.ietf.org/html/rfc2181#section-8
the definition of the ttl value is unsigned integer and can have a
minimum value of 0. This patch changes the minimum value of 1 to allow
for 0. Unit test have also been modified accordingly.
Closes-Bug: #1926429
Change-Id: I7876b4c1e2c800b654ca750211ee2e58f3ea4309
(cherry picked from commit 6ac659d241c65c245d8a090768ac7559c32a13f1)
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This patch defines the situation where the import_zone exception handler
produces the message 'An undefined error occurred' to the exception during
the zone import where an underlying exception occurred from the rpc
dispatcher at the same time as a duplicate zone exception. Kiall Mac Innes
explains this in
https://opendev.org/openstack/designate/commit/2c9460505d07d0e46765a552b637e5a3296b667b
the problem here is in the way the _import_zone was written where
https://github.com/openstack/designate/commit/9b809a11b3068552274340606eb76d2217411b85
was written with threading.local, so it only works if it stays within the same
thread. Since _import_zone is created on a separate thread, the necessity to add
the decorator @rpc_expected_exceptions() at the top.
Closes-bug: #1950118
Closes-bug: #1964323
Change-Id: If7d50cbd4fa0ce86e0ddf03068da36acd7d72cb4
(cherry picked from commit d705c5d6b861f319096afdd3ad50a2100651b064)
|
|\ \ \
| |/ /
|/| | |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
Adds new field check method DenyListFields to validate
the pattern string. in addition, check for a zero
length string as well.
Closes-Bug: #1934252
Change-Id: I2b69025fc11125bb73a4e0f8c0dedad951399cbf
|
|\ \ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes a race-condition when creating multiple PTR records
under the same zone. There is a brief window when creating two
identical zones can cause an error. This adds a fallback that
should prevent the error.
I also added a threaded test that caught multiple additional
bugs in this code.
- Wrong find_recordset used caused the wrong exception to be thrown.
- The transaction workflow would break error handling.
Change-Id: Ia1194ab838c52d5d91cb1d26c4556c73b4f3a745
(cherry picked from commit 0c7d218ba103e8260322e40f76a49a8c92556bfe)
|
|\ \ \
| | | |
| | | |
| | | | |
stable/wallaby
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Closes-Bug: #1960764
Change-Id: Ib91e49081855e5f4ec9f46a060d1587dcfeaac29
(cherry picked from commit 7e543c2d22516254cbaab111e9dad87a408ab80d)
|
|\ \ \ \ |
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This patch is not changing any functionality, but instead it is
aimed at cleaning up the scheduler code. It also removes the use
of reserved keywords in the scheduler code.
Change-Id: I93cede3371f1ec650adf3b00bf8250457a38f96c
(cherry picked from commit 44383504519d94730fe712e7d8e300bbc5e21892)
|
|\ \ \ \ |
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
There is a case when creating a floating IP could return a 404 error instead of the expected floating IP payload.
This fix is extracted from a non-backportable fix that was applied on yoga a newer branches[1].
[1] https://review.opendev.org/c/openstack/designate/+/830549
Change-Id: I53c2a0faf93be19eca259100fe6c3961ef4e7938
(cherry picked from commit 5237ce97da7b4c71723155c2276afdfe6af7dc9e)
|
|\ \ \ \
| |/ / /
|/| | | |
|
| | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously, if set-quotas was called with a non-project scoped token and the all-projects flag was not set, the quotas would be updated but the result returned
would always be the default quota values.
This patch changes the API to require the all-projects flag when set-quota is called and the token is not project scoped.
Closes-Bug: #1966128
Change-Id: I55ca76ef7c2cbeb5fdae1aed1dcbe58b7acddc34
(cherry picked from commit 158e017be489eea5402ef258ea260183067bf1ca)
|
|\ \ \
| |_|/
|/| | |
|
| |/
| |
| |
| |
| | |
Change-Id: I38efa22bb8b0de6fd9a70339e8044fea70080004
(cherry picked from commit 291558c380232b726be0253fdee1f88902522beb)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| | |
This patch fixes a typo in the deprecated reason string variable
name.
Change-Id: I06cf5b5cbe5544327e30971115f3bf98214293f6
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| | |
Removed unnecessarily complex threading code.
Change-Id: If00b37e72dabd1bc66a78d9a832c3847c12f6692
(cherry picked from commit eed5042c41f8cd557dd3b53b28e17d520178af64)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| | |
This patch adds a message to OverQuota containing information
on the actual quota reached and fixes a minor visual bug
with QuotaResourceUnknown.
Change-Id: Ibd01f6ad3046ca29eec02032e9115183f89a6a4b
(cherry picked from commit 907a029625a7f95369ca5a2f5173efefdb04d28f)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Updated the PTR (floating ips) code to behave closer to how we handle
this type of operations in designate.api.v2. This should resolve
some issues (e.g. race conditions) with the older floating ips code.
Additional changes.
- Fixed minor typos in documentation.
- Updated wording where it makes sense to use project instead of tenant.
Change-Id: I897d7da185c2dd246b80d1a598e9e8a5c667304e
(cherry picked from commit 7ec7adc44a9914ad9492014ca0edec2341fb5de0)
|
|\ \
| | |
| | |
| | | |
into stable/wallaby
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch allows for +subaddress to be used for the local part of mail urls
used for CAA records. While there are more characters allowed in email
addresses, using subadresses for incoming email to role accounts is quite
common.
Closes-Bug: 1958533
Change-Id: Id265fa1dfa5c0703d8e95b5de1334d4ca716fbc0
(cherry picked from commit 1cef20edbc462fab75a919fc0de796c2d6edb30b)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| | |
This patch fixes an issue were deleting a zone transfer request with a scoped
token may fail.
Change-Id: I4522796ac056630c63798830e8f8d92628f14a37
(cherry picked from commit 6f847aeb5a309eb6e70dee58057fef01886573f6)
|
|\ \
| | |
| | |
| | | |
stable/wallaby
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Created a new generic send_dns_msg that properly handles
both ip and hostnames and fully supports ipv4 and ipv6.
Also, moved all usage of dns.query.tcp/udp to a central
location.
Change-Id: I403ed6716b3ceffa1910269adf0e352f75e9dd5b
(cherry picked from commit acd930d3429aa30bea449f5fc7246581b0d2eb25)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| | |
Correct some grammatical issues and harmonize the responses
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: Ib45eae335160d53bb25e3745fcbe451bffa2cc31
(cherry picked from commit 296a5adaf95a221b985c026899662a611d936895)
|
|\ \
| | |
| | |
| | | |
stable/wallaby
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When a new Bind9 is added to the pool, Designate will trigger 'modzone'
rndc command that will fail, unless zone is already present on the backend.
This change will first verify that the zone is present on the backend,
before an update attempt. If zone is not present - zone creation will be
triggered.
Closes-Bug: 1958409
Co-authored-by: Kiran Pawar <kinpaa@gmail.com>
Change-Id: I782bf38a68f24a2e7133ff2afad7c96e2ae6b7f0
(cherry picked from commit 66cc876eadd9a4ded3afa35aed675c15c60f149d)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch addresses a few problems with the manage
command for pools and NS records.
- Fixed an issue where having multiple NS records
would break the pool command.
- Fixed a scenario where manually (non-managed) NS
records could break the pool command.
- Fixed a potential edge case that could break the
pool command.
The biggest change is that we now only manage the NS
record for the zone itself. This was always the case,
but because we didn't check for this specifically,
other NS records would conflict with the command.
Change-Id: I4e6ea0b6b717d2a1b5cc420874d1bb8fb290e04b
(cherry picked from commit bff3d5f6e31fe595a77143ec4ac779c187bf72a8)
|
|\ \ |
|
| |/
| |
| |
| |
| |
| |
| |
| | |
This adds a check to validate if we need to
keep retrying the current action.
Change-Id: I4b2991499f33e65790388aea902a8b3e6023eb4e
(cherry picked from commit dc45a03563bc075242b4d27dfbc6d340166c1c0c)
|
|/
|
|
|
|
|
|
|
|
|
| |
Now that Victoria is in Extended Maintenance (EM)[1], per the Extended Maintenance definition[2], the community no londer supports upgrades from Victoria.
This patch disables the grenade job in Wallaby to stop testing the upgrade from Victoria to Wallaby.
[1] https://releases.openstack.org/#release-series
[2] https://docs.openstack.org/project-team-guide/stable-branches.html#extended-maintenance
Change-Id: I43b29c3aa2593d1cbce1fc9c70e270cb8cf4160c
|
|
|
|
|
|
|
|
| |
This patch improves the quotas API validations and test coverage. Invalid quota settings will now be caught at the API/Central layer and not down in the storage layer(DB).
Closes-Bug: #1934596
Change-Id: I474bdd988a6cc3a9bcce1b65c2f49216dd85addf
(cherry picked from commit 38178c079a1a66229f06becbd7b60a749879c4a6)
|
|
|
|
|
|
|
|
|
|
|
| |
Pip is pulling in unstrained dependencies during the "sibblings" package
install step. Normally this is fine as the dependencies have already been
installed and it's just installing the package under test. However, with
designate there are a lot of overlapping dependencies and pip will end up
reinstalling an unconstrained version. In this case it was Jinja2.
Change-Id: Ie49f99ba8e86913471ee6cd078f5afd28282c0f5
(cherry picked from commit 08d56f871311464c7d8f3c1f0c56b2a7f9cd36e1)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As defined in RFC1035 section 3.3.14 TXT-DATA
can be one or more <character-strings>s.
Before this commit Designate threw errors
when saving TXT records that are split
into multiple strings because validations on
the field did not consider allowing this
in a single DNS record as per RFC7208
section 3.3.
This patch allows longer TXT record data
but only if it is split according to RFC
definitions mentioned above. If data
is made of more <character-string>s,
each one is individually validated with
the same validations as if the data was
not split.
Closes-Bug: 1595265
Change-Id: I4e3e51b32ab01efc4202c297708eff5a2e2b4985
Signed-off-by: Emanuel Andrecut (emanuel.andrecut@fleio.com)
(cherry picked from commit 03a5d5d74eb5de3f37b2e7ac5f28ae139ae436a5)
(cherry picked from commit 5e9cca1b02a8e115e0f4cb471b180427db4c3993)
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch is the base patch to enable support for Keystone
scoped tokens[1] and default roles[2] in the Designate API.
It also migrates to using project_id in the context objects instead of
the deprecated tenant_id.
[1] https://docs.openstack.org/keystone/latest/admin/tokens-overview.html#authorization-scopes
[2] https://docs.openstack.org/keystone/latest/admin/service-api-protection.html
Change-Id: I43bb76dc4dc1d167d86fd5ea139a50f95f3b0b4a
(cherry picked from commit 5f87d207b448ec4e24988af5671c3b3593b13804)
(cherry picked from commit ad87c95e2c9a92149f62cdcbee4326dca457e2aa)
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
| |
First I set recordset_records=3, and I can create recordset with 4 records
successfully.
Now enforce record quota by count records in database. when create recordset
the number in database is 0., and quotas will not work no matter how much
quota recordset_records are set. And once the excess quota is created
successfully, it can not be updated. Unless quotas are updated.
Closes-Bug: #1847200
Change-Id: If8bc6043d95f52f67899a5ac69a2f72c8fd4de17
(cherry picked from commit df10ff5b5c76657e4287b36fbf525ad91091dd34)
|
|
|
|
|
|
|
|
| |
Added job to test whether things work when fips is enabled.
The job appears to be passing successfully.
Change-Id: I43dcc43309b7da8ca077fce2d1950940971a3dbe
(cherry picked from commit 604fd8cf7468a54125486e45959f717cf182ece8)
|