| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
To better align with other OpenStack projects and to reduce the
ongoing problem with duplicate imports, this patch re-enables the
H306 check for proper module import order.
Change-Id: Iced92590829f6d9177d64ad4868aebe6eafd6a8a
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
... because its implementation was already removed during the Ussuri
cycle[1] and http-proxy_to_wsgi from oslo.middleware is used instead.
[1] f628acd526e0de211dd82126f4bf65aaaf0f12fe
Change-Id: I18f17aa83359077db2cd313eba608de649a4f271
|
| |/
|
|
|
|
|
|
|
|
|
| |
This reverts commit 185d92d230bdf8149b3ae3f6d1730ec23c0514d7.
Reason for revert: Lets try to move back to uwsgi, as logging is a lot cleaner in the CI with uwsgi. Switches uwsgi from using uwsgi over socket to over localhost HTTP.
This patch also bumps the API_WORKERS setting for devstack from 2 to 4.
This will bump the uwsgi processes and threads from two to four.
Change-Id: I126133564e2ada32448ad36e0d021790939425d4
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As defined in RFC1035 section 3.3.14 TXT-DATA
can be one or more <character-strings>s.
Before this commit Designate threw errors
when saving TXT records that are split
into multiple strings because validations on
the field did not consider allowing this
in a single DNS record as per RFC7208
section 3.3.
This patch allows longer TXT record data
but only if it is split according to RFC
definitions mentioned above. If data
is made of more <character-string>s,
each one is individually validated with
the same validations as if the data was
not split.
Closes-Bug: 1595265
Change-Id: I4e3e51b32ab01efc4202c297708eff5a2e2b4985
Signed-off-by: Emanuel Andrecut (emanuel.andrecut@fleio.com)
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
Updated the sink to behave closer to how we handle this type
of operations in designate.api.v2.
- Added object validation to all requests.
- Better test coverage.
- Use recordset update / delete instead of just record delete.
Closes-Bug: #1947765
Change-Id: I867600eb48a3e30a4d17471ab794ca717706823d
|
| |
|
|
|
|
|
| |
The Akamai eDNS SOAP API this backend uses no longer exists at Akamai.
Related-Bug: 1946340
Change-Id: I6545781f263c6a3d124364785aedcf2518116485
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Newer dnspython has some stricter type checks, in particular we need
to ensure that zone names end with a ".". Also some objects are now
dicts instead of lists.
Two checks try to create seemingly invalid messages, those will need
further work, marked as expected failure for now to unblock gate.
Depends-On: https://review.opendev.org/813299
Signed-off-by: Dr. Jens Harbott <harbott@osism.tech>
Change-Id: I0a1ffdc92c054183cb6e720eb53cc98f99bbc6ab
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
The find_pool policy was referencing find_pools, which was incorrect and
caused oslo.policy to think the rule name was changing, which isn't the
case. This commit updates the deprecated rule to use the proper policy
name.
Change-Id: Iaac9b2c14e118056e1cb11ad3b1fa18b07eb22ac
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| | |
Two of the zone policies were referencing the wrong policy variables in
the same file. This causes oslo.policy to think the rules were changing
when they are not. This commit updates the policy deprecations to use
the proper deprecated rules for the appropriate policies.
Change-Id: I68b71e680cd72692b0bcb470be1bc4902d5e7bc8
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The cound record policy was referencing the wrong variable name for the
deprecated rule. This causes oslo.policy to generate a deprecation
warning that didn't make sense since it thought the policy name was
changing.
This commit updates the rule to use the proper deprecation.
Change-Id: Ic686d35c25436a1bca83c4bb9c62ebf28a445f28
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The update blacklist policy deprecation was using the wrong variable and
referenced the policy for get blacklist. This was a typo and causes
oslo.policy to alias the old name with the new name since it things the
policy name is changing, which isn't the case.
This commit updates the policy to use the correct deprecated policy
rule.
Change-Id: I702a4cbef6d580249d17875af34b35822c0c9d32
|
| |/
|
|
|
|
|
| |
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
Change-Id: I54f6b49554833a2c7feef1865c2cdadcc0b3b014
|
| |
|
|
|
|
|
|
|
| |
This patchset adds support for DNS CERT Resource Record which is
described in RFC 4398
(https://tools.ietf.org/html/rfc4398)
Closes-Bug: 1937113
Change-Id: I0cdfa1decd28096b7135b820b01ee7ec17b1a57d
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
md5 is not an approved algorithm in FIPS mode, and trying to
instantiate a hashlib.md5() will fail when the system is running in
FIPS mode.
md5 is allowed when in a non-security context. There is a plan to
add a keyword parameter (usedforsecurity) to hashlib.md5() to annotate
whether or not the instance is being used in a security context.
In the case where it is not, the instantiation of md5 will be allowed.
See https://bugs.python.org/issue9216 for more details.
Some downstream python versions already support this parameter. To
support these versions, a new encapsulation of md5() has been added to
oslo_utils. See https://review.opendev.org/#/c/750031/
In this case, md5 is used to calculate the hash of a database record
to ensure record uniqueness.
Change-Id: Ic2571caa71dc99c417ea0933d5d4947287cbe312
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Since 3.7.0, oslo policy started the DeprecationWarning[1] if
deprecated_reason and deprecated_since param are not passed
in DeprecatedRule or they are passed in RuleDefault object.
These warnings are logged for every test which increase the
log size and sometime can full the log buffer and fail the
job.
[1] https://github.com/openstack/oslo.policy/blob/3.7.0/oslo_policy/policy.py#L1538
Change-Id: I7034a70950b787f1cdbc510e88ab777957339ba7
|
| |/
|
|
|
|
|
|
| |
This patch is not changing any functionality, but instead it is
aimed at cleaning up the scheduler code. It also removes the use
of reserved keywords in the scheduler code.
Change-Id: I93cede3371f1ec650adf3b00bf8250457a38f96c
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Remove six Replace the following items with Python 3 style code.
- six.PY3
- six.moves.urllib
- six.PY2
- six.text_type
- six.string_types
- six.iterkeys
- six.moves.range
- six.add_metaclass
- six.moves.map
- six.moves.zip
- six.MAXSIZE
Change-Id: I4cd26693fac7c16f4fa3d3c0015cd7af796f0877
|
| |/
|
|
|
|
|
|
| |
List operations should add the task_type criterion to the user
provided criterion.
Change-Id: I983d930f975c109cce24a9587bba6db563b3f19f
Launchpad: 1926058
|
| |\ |
|
| | |
| |
| |
| | |
Change-Id: Ib55d16b2f05269ae58bbcf38e816fb776dbe4f3c
|
| |\ \
| |/
|/| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
When running individual unit tests there was a possibility
of triggering a circular dependency. This patch fixes
this by moving DEFAULT MDNS and AGENT ports into
the configuration.
Change-Id: I5f7c1ef14daf0a01e4d37cc5416d08cc75f2b485
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes a database migration for sqlalchemy 1.4.
It also removes some unused functions from that migration.
Note: This patch temporarily disables the scenario jobs to allow
this gate fix to merge while the tempest test issue is being
resolved.
A direct follow up patch will re-enable the tests.
Change-Id: I4fee32f9be080eea6eef38fcecbdb2dd3940b9e6
|
| |
|
|
|
|
|
| |
For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
Change-Id: Ia61939d31b0a07ad70c69535fedfbc3a42bc7fbd
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
As per the community goal of migrating the policy file
the format from JSON to YAML[1], we need to do two things:
1. Change the default value of '[oslo_policy] policy_file''
config option from 'policy.json' to 'policy.yaml' with
upgrade checks.
2. Deprecate the JSON formatted policy file on the project side
via warning in doc and releasenotes.
Also replace policy.json to policy.yaml ref from doc.
[1]https://governance.openstack.org/tc/goals/selected/wallaby/migrate-policy-format-from-json-to-yaml.html
Change-Id: I81e7ee3243af11ebb3589f530533731b87178a96
|
| |/
|
|
|
|
|
| |
Introduce an NS1 backend.
Signed-off-by: Michael Hood <mhood@ns1.com>
Change-Id: I80fe08238005a94161e2dbcc89e77c90cde0a715
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for zone transfer requests to
understand scope checking and account for a read-only role. This is
part of a broader series of changes across OpenStack to provide a
consistent RBAC experience and improve security.
Change-Id: I56ae44c6ae302d521d8ec52c871f77ef1bbb072d
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for zone transfer accepts to
understand scope checking and account for a read-only role. This is
part of a broader series of changes across OpenStack to provide a
consistent RBAC experience and improve security.
Change-Id: If1329182043001e27713457c2d591e6c55ad3e87
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for zone imports to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I319b2398de9bd9d841bfb3bbdbe8f50434762602
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for zone exports to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I5dde051a1ce565cd35cedc11cb0ff5afe35a8d72
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for zones to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: Ib31cb82cbf62460723f261f1eaeec918633508c0
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for tsigkeys to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I8ad4e61337f00a2c7b0019a6748c2fab42a65255
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for top-level domains to understand
scope checking and account for a read-only role. This is part of a
broader series of changes across OpenStack to provide a consistent
RBAC experience and improve security.
Change-Id: I0df00a826dcaf73c6a078a39585839022b71268a
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This commit updates the tenant policies to understand scope checking
and account for a read-only role. This is part of a broader series of
changes across OpenStack to provide a consistent RBAC experience and
improve security.
I'm not entirely sure I understand these policies. It'll be good to
work through these policy changes with someone more familiar with
desginate and why these policies exist.
Change-Id: I9b6bce0c43720f61cdebfa416d953e5a2b920e87
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for service status to understand
scope checking and account for a read-only role. This is part of a
broader series of changes across OpenStack to provide a consistent
RBAC experience and improve security.
Change-Id: I11c3d7ec8dc871338db7fcd3746e56516683ecd1
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for recordsets to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I064a5021282be247ee7339a47871e3dba08ab2fa
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for records to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I093223790b699e35fb151e17111e34c24153d4c4
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for quotas to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: Ib81330922c1bb4f84bb10d401844638a5fec44eb
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for pools to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I9dc483d409db23af6c89215654757c913a647087
|
| |
|
|
|
|
|
|
|
| |
This commit updates the policies for blacklists to understand scope
checking and account for a read-only role. This is part of a broader
series of changes across OpenStack to provide a consistent RBAC
experience and improve security.
Change-Id: I8ba1c1fb57eb8a7abf2c101d446259cfc7a8d34a
|
| |
|
|
|
|
|
|
|
|
|
| |
These common check strings are useful for implementing consistent
policy checks across OpenStack by adhering to a common persona. This
also includes support for a default read-only role.
Subsequent changes will update the policies to use these check strings
where applicable.
Change-Id: Ica9db41939e17fcd67b97dce5191e75bfb396330
|
