summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Fix misleading release note for RBAC changes.wallaby-em12.1.0Michael Johnson2022-06-071-2/+2
| | | | | | | | Due to parallel development paths, the release note added for the fixes to the secure-RBAC patches implied it was adding a new feature when in fact the feature already existed. Change-Id: Ia9a904403a2336cc9cd4645d918fc0ff64d5e871
* Update zuul queue configurationMichael Johnson2022-06-071-4/+2
| | | | | | | | | Zuul is changing how queues are declared[1]. This patch updates Designate for the new way to define the queue. [1] https://lists.zuul-ci.org/pipermail/zuul-discuss/2022-May/001801.html Change-Id: I94324104a7ed89e757d48bb250d8b1132026ce46 (cherry picked from commit fe9fb45c21a7be2f88600e1f29fd37f56244cc1a)
* Merge "Minimum TTL value allowed is zero" into stable/wallabyZuul2022-06-064-7/+15
|\
| * Minimum TTL value allowed is zerodekehn2022-06-014-7/+15
| | | | | | | | | | | | | | | | | | | | | | According to ITEF https://tools.ietf.org/html/rfc2181#section-8 the definition of the ttl value is unsigned integer and can have a minimum value of 0. This patch changes the minimum value of 1 to allow for 0. Unit test have also been modified accordingly. Closes-Bug: #1926429 Change-Id: I7876b4c1e2c800b654ca750211ee2e58f3ea4309 (cherry picked from commit 6ac659d241c65c245d8a090768ac7559c32a13f1)
* | Merge "Clarifies the zone import error message" into stable/wallabyZuul2022-06-062-0/+112
|\ \
| * | Clarifies the zone import error messagedekehn2022-06-042-0/+112
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch defines the situation where the import_zone exception handler produces the message 'An undefined error occurred' to the exception during the zone import where an underlying exception occurred from the rpc dispatcher at the same time as a duplicate zone exception. Kiall Mac Innes explains this in https://opendev.org/openstack/designate/commit/2c9460505d07d0e46765a552b637e5a3296b667b the problem here is in the way the _import_zone was written where https://github.com/openstack/designate/commit/9b809a11b3068552274340606eb76d2217411b85 was written with threading.local, so it only works if it stays within the same thread. Since _import_zone is created on a separate thread, the necessity to add the decorator @rpc_expected_exceptions() at the top. Closes-bug: #1950118 Closes-bug: #1964323 Change-Id: If7d50cbd4fa0ce86e0ddf03068da36acd7d72cb4 (cherry picked from commit d705c5d6b861f319096afdd3ad50a2100651b064)
* | | Merge "Checks for invalid denylist regex patterns" into stable/wallabyZuul2022-06-044-2/+85
|\ \ \ | |/ / |/| |
| * | Checks for invalid denylist regex patternsdekehn2022-06-024-2/+85
| |/ | | | | | | | | | | | | | | | | Adds new field check method DenyListFields to validate the pattern string. in addition, check for a zero length string as well. Closes-Bug: #1934252 Change-Id: I2b69025fc11125bb73a4e0f8c0dedad951399cbf
* | Merge "Fix duplicate zone when creating ptr records" into stable/wallabyZuul2022-06-043-18/+56
|\ \
| * | Fix duplicate zone when creating ptr recordsErik Olof Gunnar Andersson2022-06-033-18/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a race-condition when creating multiple PTR records under the same zone. There is a brief window when creating two identical zones can cause an error. This adds a fallback that should prevent the error. I also added a threaded test that caught multiple additional bugs in this code. - Wrong find_recordset used caused the wrong exception to be thrown. - The transaction workflow would break error handling. Change-Id: Ia1194ab838c52d5d91cb1d26c4556c73b4f3a745 (cherry picked from commit 0c7d218ba103e8260322e40f76a49a8c92556bfe)
* | | Merge "Fixed incorrect message when zone import failed due to quota" into ↵Zuul2022-06-044-17/+45
|\ \ \ | | | | | | | | | | | | stable/wallaby
| * | | Fixed incorrect message when zone import failed due to quotaErik Olof Gunnar Andersson2022-06-034-17/+45
| | | | | | | | | | | | | | | | | | | | | | | | Closes-Bug: #1960764 Change-Id: Ib91e49081855e5f4ec9f46a060d1587dcfeaac29 (cherry picked from commit 7e543c2d22516254cbaab111e9dad87a408ab80d)
* | | | Merge "Cleanup scheduler" into stable/wallabyZuul2022-06-046-55/+54
|\ \ \ \
| * | | | Cleanup schedulerErik Olof Gunnar Andersson2022-06-036-55/+54
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch is not changing any functionality, but instead it is aimed at cleaning up the scheduler code. It also removes the use of reserved keywords in the scheduler code. Change-Id: I93cede3371f1ec650adf3b00bf8250457a38f96c (cherry picked from commit 44383504519d94730fe712e7d8e300bbc5e21892)
* | | | Merge "Fix incorrect 404 error on floating IP create" into stable/wallabyZuul2022-06-041-2/+6
|\ \ \ \
| * | | | Fix incorrect 404 error on floating IP createMichael Johnson2022-06-031-2/+6
| |/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There is a case when creating a floating IP could return a 404 error instead of the expected floating IP payload. This fix is extracted from a non-backportable fix that was applied on yoga a newer branches[1]. [1] https://review.opendev.org/c/openstack/designate/+/830549 Change-Id: I53c2a0faf93be19eca259100fe6c3961ef4e7938 (cherry picked from commit 5237ce97da7b4c71723155c2276afdfe6af7dc9e)
* | | | Merge "Fix set-quotas for non-project scoped tokens" into stable/wallabyZuul2022-06-042-0/+16
|\ \ \ \ | |/ / / |/| | |
| * | | Fix set-quotas for non-project scoped tokensMichael Johnson2022-05-312-0/+16
| | |/ | |/| | | | | | | | | | | | | | | | | | | | | | | | | Previously, if set-quotas was called with a non-project scoped token and the all-projects flag was not set, the quotas would be updated but the result returned would always be the default quota values. This patch changes the API to require the all-projects flag when set-quota is called and the token is not project scoped. Closes-Bug: #1966128 Change-Id: I55ca76ef7c2cbeb5fdae1aed1dcbe58b7acddc34 (cherry picked from commit 158e017be489eea5402ef258ea260183067bf1ca)
* | | Merge "Fixed incorrect quota exception message" into stable/wallabyZuul2022-06-032-2/+2
|\ \ \ | |_|/ |/| |
| * | Fixed incorrect quota exception messageErik Olof Gunnar Andersson2022-05-312-2/+2
| |/ | | | | | | | | Change-Id: I38efa22bb8b0de6fd9a70339e8044fea70080004 (cherry picked from commit 291558c380232b726be0253fdee1f88902522beb)
* | Merge "Fix a typo in the tsigkey policy file" into stable/wallabyZuul2022-06-031-6/+6
|\ \
| * | Fix a typo in the tsigkey policy fileMichael Johnson2022-05-311-6/+6
| |/ | | | | | | | | | | | | This patch fixes a typo in the deprecated reason string variable name. Change-Id: I06cf5b5cbe5544327e30971115f3bf98214293f6
* | Merge "Simplify create zone import implementation" into stable/wallabyZuul2022-06-031-60/+48
|\ \
| * | Simplify create zone import implementationErik Olof Gunnar Andersson2022-06-021-60/+48
| |/ | | | | | | | | | | | | Removed unnecessarily complex threading code. Change-Id: If00b37e72dabd1bc66a78d9a832c3847c12f6692 (cherry picked from commit eed5042c41f8cd557dd3b53b28e17d520178af64)
* | Merge "Add proper quota error messages" into stable/wallabyZuul2022-06-032-57/+114
|\ \
| * | Add proper quota error messagesErik Olof Gunnar Andersson2022-06-012-57/+114
| |/ | | | | | | | | | | | | | | | | This patch adds a message to OverQuota containing information on the actual quota reached and fixes a minor visual bug with QuotaResourceUnknown. Change-Id: Ibd01f6ad3046ca29eec02032e9115183f89a6a4b (cherry picked from commit 907a029625a7f95369ca5a2f5173efefdb04d28f)
* | Merge "Modernize PTR implementation in Central" into stable/wallabyZuul2022-06-033-197/+187
|\ \
| * | Modernize PTR implementation in CentralErik Olof Gunnar Andersson2022-06-023-197/+187
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Updated the PTR (floating ips) code to behave closer to how we handle this type of operations in designate.api.v2. This should resolve some issues (e.g. race conditions) with the older floating ips code. Additional changes. - Fixed minor typos in documentation. - Updated wording where it makes sense to use project instead of tenant. Change-Id: I897d7da185c2dd246b80d1a598e9e8a5c667304e (cherry picked from commit 7ec7adc44a9914ad9492014ca0edec2341fb5de0)
* | Merge "Allow email subadresses to be used within mail url of CAA records" ↵Zuul2022-06-033-1/+18
|\ \ | | | | | | | | | into stable/wallaby
| * | Allow email subadresses to be used within mail url of CAA recordsChristian Rohmann2022-06-023-1/+18
| |/ | | | | | | | | | | | | | | | | | | | | This patch allows for +subaddress to be used for the local part of mail urls used for CAA records. While there are more characters allowed in email addresses, using subadresses for incoming email to role accounts is quite common. Closes-Bug: 1958533 Change-Id: Id265fa1dfa5c0703d8e95b5de1334d4ca716fbc0 (cherry picked from commit 1cef20edbc462fab75a919fc0de796c2d6edb30b)
* | Merge "Fix delete zone transfer request with scoped token" into stable/wallabyZuul2022-06-032-0/+7
|\ \
| * | Fix delete zone transfer request with scoped tokenMichael Johnson2022-06-012-0/+7
| |/ | | | | | | | | | | | | | | This patch fixes an issue were deleting a zone transfer request with a scoped token may fail. Change-Id: I4522796ac056630c63798830e8f8d92628f14a37 (cherry picked from commit 6f847aeb5a309eb6e70dee58057fef01886573f6)
* | Merge "Fix dns.query.tcp/udp not always handling ipv6 properly" into ↵Zuul2022-06-0310-266/+213
|\ \ | | | | | | | | | stable/wallaby
| * | Fix dns.query.tcp/udp not always handling ipv6 properlyErik Olof Gunnar Andersson2022-06-0210-266/+213
| |/ | | | | | | | | | | | | | | | | | | | | Created a new generic send_dns_msg that properly handles both ip and hostnames and fully supports ipv4 and ipv6. Also, moved all usage of dns.query.tcp/udp to a central location. Change-Id: I403ed6716b3ceffa1910269adf0e352f75e9dd5b (cherry picked from commit acd930d3429aa30bea449f5fc7246581b0d2eb25)
* | Merge "Improve wording for validation error messages" into stable/wallabyZuul2022-06-032-19/+20
|\ \
| * | Improve wording for validation error messagesDr. Jens Harbott2022-06-022-19/+20
| |/ | | | | | | | | | | | | | | Correct some grammatical issues and harmonize the responses Signed-off-by: Dr. Jens Harbott <harbott@osism.tech> Change-Id: Ib45eae335160d53bb25e3745fcbe451bffa2cc31 (cherry picked from commit 296a5adaf95a221b985c026899662a611d936895)
* | Merge "Fix zone update when adding new Bind9 target to pool." into ↵Zuul2022-06-023-1/+43
|\ \ | | | | | | | | | stable/wallaby
| * | Fix zone update when adding new Bind9 target to pool.Dmitry Galkin2022-06-023-1/+43
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a new Bind9 is added to the pool, Designate will trigger 'modzone' rndc command that will fail, unless zone is already present on the backend. This change will first verify that the zone is present on the backend, before an update attempt. If zone is not present - zone creation will be triggered. Closes-Bug: 1958409 Co-authored-by: Kiran Pawar <kinpaa@gmail.com> Change-Id: I782bf38a68f24a2e7133ff2afad7c96e2ae6b7f0 (cherry picked from commit 66cc876eadd9a4ded3afa35aed675c15c60f149d)
* | Merge "Fix designate-manage pool update bugs" into stable/wallabyZuul2022-06-022-81/+65
|\ \
| * | Fix designate-manage pool update bugsErik Olof Gunnar Andersson2022-06-022-81/+65
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch addresses a few problems with the manage command for pools and NS records. - Fixed an issue where having multiple NS records would break the pool command. - Fixed a scenario where manually (non-managed) NS records could break the pool command. - Fixed a potential edge case that could break the pool command. The biggest change is that we now only manage the NS record for the zone itself. This was always the case, but because we didn't check for this specifically, other NS records would conflict with the command. Change-Id: I4e6ea0b6b717d2a1b5cc420874d1bb8fb290e04b (cherry picked from commit bff3d5f6e31fe595a77143ec4ac779c187bf72a8)
* | Merge "Validate worker actions before retrying poll" into stable/wallabyZuul2022-06-023-11/+155
|\ \
| * | Validate worker actions before retrying pollErik Olof Gunnar Andersson2022-05-313-11/+155
| |/ | | | | | | | | | | | | | | This adds a check to validate if we need to keep retrying the current action. Change-Id: I4b2991499f33e65790388aea902a8b3e6023eb4e (cherry picked from commit dc45a03563bc075242b4d27dfbc6d340166c1c0c)
* | Stop running grenade on WallabyMichael Johnson2022-06-021-2/+0
|/ | | | | | | | | | | Now that Victoria is in Extended Maintenance (EM)[1], per the Extended Maintenance definition[2], the community no londer supports upgrades from Victoria. This patch disables the grenade job in Wallaby to stop testing the upgrade from Victoria to Wallaby. [1] https://releases.openstack.org/#release-series [2] https://docs.openstack.org/project-team-guide/stable-branches.html#extended-maintenance Change-Id: I43b29c3aa2593d1cbce1fc9c70e270cb8cf4160c
* Improve quota API validationsMichael Johnson2022-05-245-31/+167
| | | | | | | | This patch improves the quotas API validations and test coverage. Invalid quota settings will now be caught at the API/Central layer and not down in the storage layer(DB). Closes-Bug: #1934596 Change-Id: I474bdd988a6cc3a9bcce1b65c2f49216dd85addf (cherry picked from commit 38178c079a1a66229f06becbd7b60a749879c4a6)
* Fix tox docs env to have the correct dependenciesMichael Johnson2022-04-061-0/+1
| | | | | | | | | | | Pip is pulling in unstrained dependencies during the "sibblings" package install step. Normally this is fine as the dependencies have already been installed and it's just installing the package under test. However, with designate there are a lot of overlapping dependencies and pip will end up reinstalling an unconstrained version. In this case it was Jinja2. Change-Id: Ie49f99ba8e86913471ee6cd078f5afd28282c0f5 (cherry picked from commit 08d56f871311464c7d8f3c1f0c56b2a7f9cd36e1)
* Allow TXT record over 255 characters if splitEmanuel Andrecut2022-02-223-3/+56
| | | | | | | | | | | | | | | | | | | | | | | | | As defined in RFC1035 section 3.3.14 TXT-DATA can be one or more <character-strings>s. Before this commit Designate threw errors when saving TXT records that are split into multiple strings because validations on the field did not consider allowing this in a single DNS record as per RFC7208 section 3.3. This patch allows longer TXT record data but only if it is split according to RFC definitions mentioned above. If data is made of more <character-string>s, each one is individually validated with the same validations as if the data was not split. Closes-Bug: 1595265 Change-Id: I4e3e51b32ab01efc4202c297708eff5a2e2b4985 Signed-off-by: Emanuel Andrecut (emanuel.andrecut@fleio.com) (cherry picked from commit 03a5d5d74eb5de3f37b2e7ac5f28ae139ae436a5) (cherry picked from commit 5e9cca1b02a8e115e0f4cb471b180427db4c3993)
* Merge "Fix support for scoped tokens and default roles" into stable/wallabyZuul2022-02-1832-610/+1159
|\
| * Fix support for scoped tokens and default rolesMichael Johnson2022-02-1732-610/+1159
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch is the base patch to enable support for Keystone scoped tokens[1] and default roles[2] in the Designate API. It also migrates to using project_id in the context objects instead of the deprecated tenant_id. [1] https://docs.openstack.org/keystone/latest/admin/tokens-overview.html#authorization-scopes [2] https://docs.openstack.org/keystone/latest/admin/service-api-protection.html Change-Id: I43bb76dc4dc1d167d86fd5ea139a50f95f3b0b4a (cherry picked from commit 5f87d207b448ec4e24988af5671c3b3593b13804) (cherry picked from commit ad87c95e2c9a92149f62cdcbee4326dca457e2aa)
* | Fix recordset_records quota enforcementzhouhenglc2022-02-126-15/+122
|/ | | | | | | | | | | | | | First I set recordset_records=3, and I can create recordset with 4 records successfully. Now enforce record quota by count records in database. when create recordset the number in database is 0., and quotas will not work no matter how much quota recordset_records are set. And once the excess quota is created successfully, it can not be updated. Unless quotas are updated. Closes-Bug: #1847200 Change-Id: If8bc6043d95f52f67899a5ac69a2f72c8fd4de17 (cherry picked from commit df10ff5b5c76657e4287b36fbf525ad91091dd34)
* Add fips jobsAde Lee2022-02-072-0/+13
| | | | | | | | Added job to test whether things work when fips is enabled. The job appears to be passing successfully. Change-Id: I43dcc43309b7da8ca077fce2d1950940971a3dbe (cherry picked from commit 604fd8cf7468a54125486e45959f717cf182ece8)
View Lorry Controller Status