| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |\ \ |
|
| | |/
| |
| |
| |
| |
| | |
Fixes bug 1034416
Change-Id: I06f9fb5fa9d86eefeebc82c0e31196b8d542c9e0
|
| | |
| |
| |
| | |
Change-Id: I7554beefafc409a5504b3e33ac31b4394fe46533
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This reverts commit 3fc46892
After a productive discussion here:
http://lists.openstack.org/pipermail/openstack-dev/2012-October/thread.html#1566
It appears that we don't yet have a really compelling use
case for this and folks are worried about the extra
complexity it brings. I think it's safe to say there's a
consensus that we shouldn't proceed with this idea yet. We
can always revisit this again later if needs be.
|
| |\ \ \
| |_|/
|/| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Added is_newer_than function to compare if the provided
time is newer than current time for specified number of
seconds
Fixes bug 1036343
Change-Id: Ic133b0e7e2337b6b0fdad244ded6a93f8db48379
|
| | |/
|/|
| |
| |
| |
| |
| |
| | |
If we're not changing the value of a global variable, there's no need
to use the 'global' statement. This removes an unnecessary 'global'
statement from the register() function/decorator.
Change-Id: I0d4388f28acf3c9dc5969d86d74f384f1f3d0474
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implements blueprint fine-grained-policy
Add support to the new policy language for finer-grained policy
decisions: policy checks can, using the "case" construct, return
values other than simply "True".
This means that a policy rule can be written that allows for fine
shades of permissions; for instance, a rule could return the values,
"fulladmin", "projectadmin", or False, and the caller can use these
values to decide whether to allow all modifications, only some
modifications, or no modifications at all.
Change-Id: Id2bbee5c34052692af12e4a028256131ed2747fc
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Implements blueprint fine-grained-policy
Inverting the sense of a check was not possible with the list-of-lists
syntax, but it clearly makes sense to support it.
Change-Id: Ibd92cd75a279efdafec16a26f9aec33f39614b5c
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Implements blueprint fine-grained-policy
Add a new policy language with "and" and "or" operators to replace
the old list-of-lists syntax. New '@' and '!' operators are also added.
This new language will enable us add more advanced features than the
old syntax would have allowed.
Backwards compat support for the old list-of-list syntax is retained.
Change-Id: I872cb6abf6f8051c3ff502a0fc7590cff4f63a25
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Implements blueprint fine-grained-policy
Remove the deprecated Brain/enforce API and support for using functions
as check types.
Change-Id: Idf79999ad402b2c79072d0547d60c7b0bfa20d5a
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Implements blueprint fine-grained-policy
Complete rewrite of the policy engine, with careful thought given to
backwards-compatibility.
Policy rules are now represented internally by a tree of Check
objects.
A new API is added for parsing and enforcing rules:
set_rules(Rules.load_json(data, default_rule=...))
result = check(rule, target, credentials)
reset()
The old Brain/enforce API is deprecated and will be removed soon.
A new API is also added for registering new check types:
@register("key")
class KeyCheck(Check):
def __call__(self, target, creds):
return self.match in creds
Support for using functions as check types is deprecated and will
also be removed soon.
Change-Id: I2951a0de3751bd2ec868e7a661070fed624e4af2
|
| |\ |
|
| | |
| |
| |
| | |
Change-Id: I7bdd5fbff1addef4a855aa72f3551930630299f5
|
| |/
|
|
| |
Change-Id: I7e98686cb72ba6287b93746267390cc79f18bb6d
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Exclude the .update-env directory, including anything
installed there from third-party packages, when running
pep8.
Change-Id: I2c2ee9146cbf2f5449f7f8d042b578ec3d8d2b83
Signed-off-by: Doug Hellmann <doug.hellmann@dreamhost.com>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Also:
- use WritableLogger from common/log.py
Part of blueprint service-infrastructure
Change-Id: If41e592167bd4c308dd2a5d0226fcf3d8318f90d
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update generate_authors to ignore the email address
for the stackforge jenkins as well as the main openstack
jenkins, to ignore commits in the history of projects
that were on stackforge before moving over to the
main server (such as ceilometer).
Change-Id: I86d93ba0f358d5d33278847ba8de039642dd54b7
Signed-off-by: Doug Hellmann <doug.hellmann@dreamhost.com>
|
| |/
|
|
|
|
|
| |
Ignore files created by packaging, builds, etc.
Change-Id: I9c1eed8c9791548b46e1532b345d80f3d84d4890
Signed-off-by: Doug Hellmann <doug.hellmann@dreamhost.com>
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
Part of blueprint service-infrastructure
Change-Id: I60698800231e5de349fdbcf9f9090e5b31727640
Signed-off-by: Angus Salkeld <asalkeld@redhat.com>
|
| |\| |
|
| | |
| |
| |
| |
| |
| | |
Part of blueprint service-infrastructure
Change-Id: Ia0511ae62497d95771ca3a894379486741e223ba
|
| |\| |
|
| | |
| |
| |
| |
| |
| | |
Part of blueprint service-infrastructure
Change-Id: Ie00efcb1c974d699ac6b2a38285abef1b295f3ce
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In Ceilometer, we need to consume messages from different exchanges of type
'topic', so being able to specify the exchange name rather than using the
default in TopicConsumer is necessary.
This fixes bug #1055483
Change-Id: Ibbaec8496f24c0b221cf489258af1e7fe362e84a
Signed-off-by: Julien Danjou <julien@danjou.info>
|
| | |
| |
| |
| | |
Change-Id: I77bcbf03a18659cfa62e99da9ba2136f8348022b
|
| | |
| |
| |
| |
| |
| |
| | |
When used outside of an exception handler it will print the message
and then 'None', which isn't useful at all.
Change-Id: If687a764dea4c7dc0046d7c3054318f2a751a2ea
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Where a single RabbitMQ broker node is used (rather than a cluster of
nodes) it is simplest for users to just set the rabbit_host option.
Often users will not need to specify a port number at all.
Similarly, where a cluster is used, it is simplest for the user to just
specify a list of node addresses in rabbit_hosts and assume that all
nodes are listening on the port specified in rabbit_port.
Change-Id: I4227541676dffc50cd6116225de0cec0afa36a41
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | | |
Consolidate the setting of x-ha-policy to a single place and add
soem documentation.
Change-Id: I35751e43c3ac15c142996f291e0ec609cab4948a
|
| |\| | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Use the rabbit_ha_queues boolean option.
It is off by default, and you need to wipe RabbitMQ Mnesia
database (/var/lib/rabbitmq/mnesia) when changing it.
Change-Id: Id06692a142d1e5316602f6ceed4ccad615ce74c1
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Required to support scalable agents in Quantum.
declare_topic_consumer is implementation-specific, but it (or similar) is
needed to consume notifications.
Change-Id: Ifdeff8ae0ed90106a6bfaae0116db9d91d6b6faf
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This necessary to support Quantum's scalable agents
in the Folsom release.
Supports matchmaking and subscribing to publishers,
in addition to sender-only fanout broadcasting.
Until now, senders of fanout messages had to know
of all recipients via the matchmaker. This patch
allows recipients to discover message publishers
via the matchmaker. This is useful in patterns
when there are few publishers, but many subscribers.
The raw message passed to ZeroMQ is changed
so that zmq_subscribe can filter by topic.
This patch may be partially reverted in Grizzly,
after the arrival of the ServiceGroupAPI which
will significantly improve the matchmaking
capabilities.
Change-Id: Ifc132519c6e380cb0a3643680764a38b841add0e
|
| |\ \ \ |
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Currently the timeutils.normalize_time() returns naive datetime
object when parameter timestamp is an naive object or a non-UTC
aware datetime object, and returns aware datetime object if
parameter timestamp is a UTC aware datetime object.
The basic problem here is that utcoffset() of None means the object is naive
but a utcoffset() of zero means that the object is aware but represents
UTC time.
This is fragile implementation and will trigger potential issue, because
aware/native datetime is not interoperatable. For example,
"timeutils.utcnow() > timeutils.normalize_time(m)" will success at most
time, while trigger TypeError if m is a UTC aware object.
We want to normalize all objects into naive objects.
Fixes bug 1048636
Change-Id: I4a09246fa8f0dd63ca54362b877aa825d9b79772
Signed-off-by: Yunhong, Jiang <yunhong.jiang@intel.com>
|
| |\ \ \
| |/ /
|/| | |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The heartbeat option enables sending a message at the AMQP layer at a
regular interval. This helps ensure that the connection is still up and
working. Once a failure is detected, a reconnection can be attempted.
The default for qpid_heartbeat was previously 5 seconds. This is pretty
aggressive and can lead to invalid timeouts occuring. An example is the
nova-compute service. It may block in native code (such as libvirt)
under normal circumstances. When this happens, other greenthreads (such
as the one responsible for sending the heartbeat) can not be scheduled.
This patch makes the default a less aggressive 1 minute.
Fix bug 1050661.
Change-Id: Idce48944050c331dda85e9b10ab6f5b025845c34
|
| |/
|
|
|
|
|
| |
Fixed indents which violate pep8 1.3.3
Also added .mailmap file to coalesce commits
Change-Id: Ia7a788a28e6c0fd9cb52fb7ea477cddd7d589e58
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The 'control_exchange' option needs to have a project-specific default
value. Just don't register this option and expect it to be registered
by the project using this code, at least for now.
****** IMPORTANT NOTE WHEN IMPORTING THIS CHANGE ******
If you are importing this change into a project that uses rpc, you must
add the control_exchange option in your code!
*******************************************************
Change-Id: Ida5a8637c419e709bbf22fcad57b0f11c31bb959
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Move process id to a fixed position in the logs, and to
be present for all output (including eventlet and stack traces)
as was the case previously.
Fix for LP bug 1040772.
Change-Id: I82639e730c2887630fbbee608a4d4da24862982d
|
| |/
|
|
|
|
|
|
|
|
|
|
| |
The method works correctly with ipv6.
An alternative way would be to use urlparse, but urlparse
only works correctly starting with Python 2.7, so to be
compatible, we have to reimplement this part.
The method will be used for parsing Glance API server
addresses, RabbitMQ addresses and perhaps other things.
Change-Id: Ie5014891c6abcd80681a370d5dd94cb0406f7f61
|
| |
|
|
|
|
|
|
|
| |
When configuring Cinder I would rather not have to specify
allowed_rpc_exception_modules in my default config. This
patch updates the default list of allowed_rpc_exception_modules to
include cinder.exception.
Change-Id: Ib7babb1ceb13e86c555947ebc869b50afd7e9b49
|
