Just update #1
Open
Just update #1
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
openstack-mirroring
force-pushed
the
master
branch
from
3f3f3c4 to
479a010
Compare
openstack-mirroring
force-pushed
the
master
branch
from
dd19613 to
aa04c3e
Compare
Related-Change: Iba43783e880e0860357ba8b9f0a11f28abf87555 Change-Id: I1e096dab9a97956bf786ccbcd37c20f9a3a5429e
Add some commentary as a reminder that whilst normal object updates to the ContainerBroker cannot have content-type timestamp older than data timestamp, expirer queue updates can. Change-Id: I6d8ad06c645f25497dc15173460430fd93747afa Related-Change: Ie4b25f1bd16def4069878983049b83de06f68e54
All we need is int(). Using eval() on user-provided data (or really at all) is a Bad Idea. Closes-Bug: #2091124 Change-Id: I39bb87f9d8e27f2f88410a087a120a0e9be1a243
Change-Id: I1e9d4d5df403040d69db93a08647cd0abe1b8037
Declare the tests to skip, rather than the tests to run. This ensures that we pick up new bandit checks automatically. I recently noticed a use of md5() without the usedforsecurity=False kwarg. Confused about why this wasn't caught in the gate, I eventually traced it back to B303 (which we explicitly enabled) being largely superseded by B324 (which did not exist when we wrote down the tests to enable). Flag a bunch of false-positives with "# nosec" comments, resolve two other errors, and skip some more-pervasive errors, to be resolved later. Change-Id: Ia054e4f7c9e5bf29064a66933e27830adbc107d3
... instead of self-handling subrequests manually. Closes-Bug: #1523401 Change-Id: I85b5302c2416de1793599385b791fcd3ec3b4da0
- Define a single location for doc-build deps - As a side-effect, use constraints for api-ref builds - Remove test-requirements.txt from those deps Change-Id: If6cc8702e89f5110ad89ba933f55641de02550e9
Address an issue where `OldestAsyncManager` instances created before forking resulted in each child process maintaining its own isolated copy-on-write stats, leaving the parent process with an empty/unused instance. This caused the final `dump_recon` call at the end of `run_forever` to report no meaningful telemetry. The fix aggregates per-disk recon stats collected by each child process. This is done by loading recon cache data from all devices, consolidating key metrics, and writing the aggregated stats back to the recon cache. Change-Id: I70a60ae280e4fccc04ff5e7df9e62b18d916421e
H106 and H904 were already passing anyway. Change-Id: Ic386e09e40a49b661f30ea40e2c737d59100d086
Change-Id: I22674f2e887bdeeffe325efd2898fb90faa4235f
Previously, it was possible for updater_workers to be a negative integer or zero. This change enforces that updater_workers should be a positive integer. Change-Id: Ie40194b406aeedcf8c38a3c273ab768e2b643a5d
Changed OS version from RHEL 7 and CentOS 7 to RHEL 9 and CentOS Stream 9. Changed python to python3. Changed yum command to dnf command. Change-Id: Ie1e815c0434255e77ef5e9103576f85d9d6490ae
* Remove py2 gate jobs. * Build non-universal, py3-only wheels. * Specify minimum python version in package metadata. * Clean up requirements/constraints/bindep (a little, anyway). Change-Id: I53153c4fde043e964e1daa7bbf2089e0471dede2
This patch removes swift-multinode-rolling-upgrade-victoria job for multiple reason: - victoria is very old and unmaintained - job is defined only on unmaintained branches - py38 + CentOS Stream 8 are EOL'd and the job is based on these Change-Id: I3d6a679e6553534e937303b5210125a6ef8365af
Change-Id: Ia028624bded221c3bf03a8d3dac94183d4388431
There is an infinite loop if multiple quota limits are set and exceeded,
eventually resulting in a 500 response due to a RecursionError ("maximum
recursion depth exceeded").
The issue is the delayed rejection, required to support container_acls.
If any quota is exceeded the middleware needs to return directly,
without proceeding to check other quota settings.
The fix is basically to add a "return self.app". However, there is quite
some redundant code, thus moving this into its own method.
Another test with multiple exceeded quotas has been added, which is
failing without the bugfix.
Closes-Bug: #2118758
Change-Id: I49ec4c5f6c83f36ce1d38f2f1687081c71488286
Signed-off-by: Christian Schwede <[email protected]>
fetch_crypto_keys can fail like
get_keys(): from callback: 'utf-8' codec can't encode character '\udcc0' in position 1: surrogates not allowed:
Traceback (most recent call last):
File ".../swift/common/middleware/crypto/crypto_utils.py", line 166, in get_keys
keys = fetch_crypto_keys(key_id=key_id)
File ".../swift/common/middleware/crypto/keymaster.py", line 148, in fetch_crypto_keys
keys['container'] = self.keymaster.create_key(
File ".../swift/common/middleware/crypto/keymaster.py", line 322, in create_key
path = path.encode('utf-8')
UnicodeEncodeError: 'utf-8' codec can't encode character '\udcc0' in position 1: surrogates not allowed
This doesn't fix *all* non-utf8 paths, but
- it was easy enough to avoid the non-swift ones, which have been seen
in prod, and
- there's ample precedent in other middlewares for checking API version.
Signed-off-by: Tim Burke <[email protected]>
Change-Id: I8c342c4751ba3ca682efd152e90e396e9f8eb851
If a PUT subrequest body iterator times out while the object server is reading it, the object server will handle the timeout and return a 500 response to the ssync receiver. Previously, the ssync receiver would attempt to drain the remainder of the subrequest body iterator and then resume reading the next subrequest from the SSYNC body. However, the attempt to drain the subrequest iterator would fail (silently) because the timeout had already caused the iterator to exit. The ssync receiver would therefore treat any remaining subrequest body as the preamble to the next subrequest. This remaining subrequest body content was likely to cause the protocol parsing to fail, but in the worst case could be erroneously interpreted as a valid subrequest. (The exact failure mechanism depends on what state the eventlet.wsgi.Input is left in when the timeout fired.) This patch ensures that the ssync receiver will terminate processing an SSYNC request if an exception occurs while reading a subrequest body. Closes-Bug: #2115991 Change-Id: I585e8a916d947c3da8d7c0e8a85cf0a8ab85f7f0 Co-authored-by: Tim Burke <[email protected]> Signed-off-by: Alistair Coles <[email protected]>
Related-Change-Id: I8c342c4751ba3ca682efd152e90e396e9f8eb851 Change-Id: I9df32c5aae4e681d488419f36982ffc36589d50a Signed-off-by: Clay Gerrard <[email protected]>
Signed-off-by: Tim Burke <[email protected]> Change-Id: I75bd005a4a3bc79c1bd8f8fa1153a64059970865
Previously it was possible for a Timestamp to have inconsistent raw
and normal values. For example:
>>> ts1 = Timestamp(1755077566.523385)
>>> (ts1.normal, ts1.raw, (~ts1).normal)
('1755077566.52339', 175507756652338, '8244922433.47661')
This results in the invert function not being reliably reversible:
(~(~ts1)).normal
'1755077566.52338'
The cause is that the normal value is based on Timestamp.timestamp
which preserves the precision of the value given to the constructor,
whereas the invert function uses the limited precision raw value.
This patch forces Timestamp.timestamp to have the limited precision
value of Timestamp.raw.
Change-Id: I4e7fd6078aae3f284628303f20ced66aa702c466
Signed-off-by: Alistair Coles <[email protected]>
If pyeclib dist is missing files then the isal loading would blow up with "TypeError: 'NoneType' object is not iterable". This patch changes that to a RuntimeError with a more useful message. Change-Id: I64a85eb739fb72efe41f1ee829e463167246b793 Closes-Bug: #2120591 Signed-off-by: Alistair Coles <[email protected]>
ssync unit tests would sometimes fail when making assertions about the ssync receiver log messages. Test runner output would show that the messages were eventually being logged. However, the assertions could be made before the ssync receiver request thread had completed. A trampoline had been previously been used to workaround this, but that is clearly insufficient. The author found that increasing the trampoline interval would help reduce the rate of failures, but not eliminate them. This patch introduces a custom GreenPool for the unit test wsgi object server so that tests can deterministically wait for the receiver request handling thread to exit before making assertions. Closes-Bug: #212065 Change-Id: I09ad8bb1becae46a78902d1d384a9f27a3d54b38 Signed-off-by: Alistair Coles <[email protected]>
The related change added a py3.13 job tho the check pipeline but not the gate. This patch adds it to the gate too. Change-Id: Ie7e676e7bb2e5f975b560c083432ce6814d38252 Related-Change: Ib797f73134c8fa5ef0dc66aeddf06adfa50ed7d4 Signed-off-by: Alistair Coles <[email protected]>
This reverts commit 33b8949. Reason for revert: Some packaging workflows still need this. Closes-Bug: #2120590 Signed-off-by: Matthew Oliver <[email protected]> Change-Id: I5cfb8e6412adea30a1a21ce20f6a72c30dfbfac3
In order to continue testing on py37, start using pyenv to install it. Signed-off-by: Tim Burke <[email protected]> Change-Id: Ida8be4477116d3b44e3d7b470a183d2298e2d3d5
The RuntimeError gives more of a hint than the TypeError, but we haven't really solved the issue. If there's a busted pyeclib install, it's safe to assume it won't have ISA-L alongside it; just proceed assuming it's not available. Closes-Bug: #2120591 Related-Change: I64a85eb739fb72efe41f1ee829e463167246b793 Co-Authored-By: Alistair Coles <[email protected]> Signed-off-by: Tim Burke <[email protected]> Change-Id: I2791566b208327b1fb536fb56a363337ab3f3941
S3 stopped returning DisplayNamme in the Owner field of object listings [1], so the tests need to stop asserting that it is present. Further work is needed to drop DisplayName from the Swift s3api responses [2]. [1] https://docs.aws.amazon.com/AmazonS3/latest/API/API_Owner.html [2] https://bugs.launchpad.net/swift/+bug/2120622 Change-Id: Ia915a65313394910c74ae826c912b5549e833a7b Signed-off-by: Alistair Coles <[email protected]>
Closes-Bug: #2120783 Signed-off-by: Tim Burke <[email protected]> Change-Id: Id175329d717bb4959def8b43765fec668aa26696
Added the new field to be able to log the access key during the s3api calls, while reserving the field to be filled with auth relevant information in case of other middlewares. Added respective code to the tempauth and keystone middlewares. Since s3api creates a copy of the environ dict for the downstream request object when translating the s3req.to_swift_req the environ dict that is seen/modifed in other mw module is not the same instance seen in proxy-logging - using mutable objects get transfered into the swift_req.environ. Change the assert in test_proxy_logging from "the last field" to the index 21 in the interests of maintainability. Also added some regression tests for object, bucket and s3 v4 apis and updated the documentation with the details about the new field. Signed-off-by: Vitaly Bordyug <[email protected]> Change-Id: I0ce4e92458e2b05a4848cc7675604c1aa2b64d64
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.