charm-cinder:stable/xena

Last commit made on 2023-11-22
Get this branch:
git clone -b stable/xena https://git.launchpad.net/charm-cinder

Branch merges

Branch information

Name:
stable/xena
Repository:
lp:charm-cinder

Recent commits

0443960... by Hua Zhang

Support disabling apache wsgi socket rotation

Bug LP 1863232 introduced a new Apache configuration option called
WSGISocketRotation which allows users to disable wsgi socket
rotation. This patch makes this configurable with a new
wsgi-socket-rotation config option that defaults to the Apache
default and can optionally be set to False.

Closes-Bug: #2021550
Change-Id: Ib249be7f03ed3156c81fffb6cbac251c502e9b80

830835e... by Alex Kavanagh

[xena] Ensure get_requests_for_local_unit doesn't fail on incomplete relation

This is a rebuild/make sync for charms to pickup the fix in charmhelpers to fix
any inadvertant accesses of ['ca'] in the relation data before it is available
from vault in the certificates relation. Fix in charmhelpers is in [1].

[1] https://github.com/juju/charm-helpers/pull/828
Closes-Bug: #2028683

Change-Id: I9981aad11d9372b29b0095f56d3f04c1471fe4b0

9d69e71... by Corey Bryant

Use service_domain in [service_user] section

Sync from charm-helpers to update [service_user] config to use the
service domain.

The keystone charm currently creates two service users, one for the
service domain (for v3 authentication), and the other for the default
domain (for v2 authentication). The [service_user] config needs to
use the service domain.

Closes-Bug: #2026202
Change-Id: I9e3882c095fcc42736a05b6e6fd264128d67a0a5

128acd4... by Corey Bryant

Render [service_user] only for identity-service relation

The service token section [service_user] is not required when
cinder-volume is deployed as a separate service. In other words
it is not required for the identity-credentials relation.

The [service_user] section is nearly the same as the
[keystone_authtoken] section, and the keystone_authtoken data
is only produced for the IdentityServiceContext, therefore this
change will not render [service_user] for the
IdentityCredentialsContext.

Closes-Bug: #2024676
Change-Id: Iaecae3c22db1f4f2309f73f8c6836e6c072b848b
(cherry picked from commit ebbedcbf58660ce13823152d6943fee036af7e11)

2c5908b... by Jorge Merlino

Add support for using service tokens

This patch configures Cinder to send a service token along with the
received user token on requests to other services. This can allow those
other services to accept the request even if the user token has been
invalidated since received by Cinder. Also with this patch Cinder will
accept request from other services with invalid user tokens but valid
service tokens. Service tokens exist since Openstack Queens.

Closes-Bug: #1992840
Change-Id: I6cb9b1cb257db0b57bd7984c795b8caa1e3b74d9
(cherry picked from commit 81c330b5d87a64a7a9ec601f4dd263b836ee9c01)
(cherry picked from commit b96c85f5a6b8e3d173a4f810fd4d5fd82737795e)

e1977be... by Corey Bryant

charm-helpers sync

Synchronize charm-helpers to get service token related patches.

Related-Bug: #1992840
Change-Id: I408caab40e78ff72c139b13e6f45d42fdccbe1a2

a71622b... by Tiago Pasqualini da Silva

Add nova section for Ussuri

Commit 024de37 added the nova section on cinder.conf, but placed it
on the Victoria folder. This issue is also observed on Ussuri, so
this patch moves this from Victoria to Ussuri.

Closes-Bug: #1939389
Change-Id: Ia39177d6f47ddda0b1acb27cde02ae5e74a01032
(cherry picked from commit e737668e2fa2b3c59daca5676bd27b0bf4db53fe)

f62e755... by dongdong tao

Check if the newhost exists instead of currenthost

Closes-Bug: #1956470

Signed-off-by: Dongdong Tao <email address hidden>
Change-Id: I2b9eec030a5b0f6d9a405cecea29bef04eb72f5d
(cherry picked from commit 93dfc624d4325630dcbd3ba9d06c5f8d3f38845c)

433e64f... by Trent Lloyd

Add identity-credentials relation support

Implement support for the identity-credentials relation as an
alternative way to get keystone credentials when we are not registering
a service endpoint via the identity-service relation.

This solves an issue where the image volume cache does not work when the
cinder volume service is deployed as a second cinder application
('cinder-volume') having enabled-services=volume set.

Previously the following items were missing from cinder.conf:
cinder_internal_tenant_project_id
cinder_internal_tenant_user_id

Resulting in the image cache not functioning with the following warnings:
Unable to get internal tenant context: Missing required config
parameters.
Unable to get Cinder internal context, will not use image-volume cache.

As there are now two possible interfaces to keystone ('identity-service'
and 'identity-credentials') any existing bundles that don't specify the
interface 'identity-service' when relating to keystone will fail to
deploy and will need to be updated.

Closes-Bug: #1978452
Change-Id: Ieef500c9c55eb3968b3e2e231a8ff6e2a5ec148d
(cherry picked from commit ba8d8fc3e10f3ad0cbde08faa52db0f3234b139f)

7f3bbbf... by Trent Lloyd

Fix missing assert_ prefix on called_with

test_clean_storage_unmount incorrectly used 'called_with' instead of
'assert_called_with' which just made a mock function call and didn't
check or assert that the function was actually called.

As a result this function didn't actually test anything, the expected
parameters were not correct so they have been updated.

An error to catch this accidental mistake was added in the recently
released mock 5.0.1 (https://github.com/python/cpython/issues/100690)
  AttributeError: 'called_with' is not a valid assertion.
  Use a spec for the mock if 'called_with' is meant to be an attribute.

The mock library ships in python as unittest.mock but also publishes the
latest code as the 'mock' python package so that older python versions
can get the latest code. The stable branches currently install mock
but the master branch does not, so this error does not actually appear
on master but only the <=yoga stable branches currently. The test is
however wrong either way.

Change-Id: I3076778e8fc62c086651d29abb2c5a3d9921be97