We are delighted to announce the release of: tripleo-common 8.7.0: A common library for TripleO workflows. This release is part of the queens stable release series. The source is available from: https://opendev.org/openstack/tripleo-common Download the package from: https://tarballs.openstack.org/tripleo-common/ Please report issues through: https://bugs.launchpad.net/tripleo-common/+bugs For more details, please see below. 8.7.0 ^^^^^ Security Issues *************** * Fixed a vulnerability where an attacker may cause new Octavia amphorae to run based on any arbitrary image (CVE-2019-3895). Bug Fixes ********* * Ensure [controller_worker]/amp_image_owner_id is set. This configuration option restricts Glance image selection to a specific owner ID. This is a recommended security setting. * Fixes running the baremetal "provide" workflow with node names. * Workaround bug 1810932 by scripting an in-place update of ssh_known_hosts Changes in tripleo-common 8.6.8..8.7.0 -------------------------------------- ee175296 Add the ability to compute osds number counting lvm devices a80f1b03 [CVE-2019-3895] Set image owner id 2be48861 Add passphrase generation for Octavia 83c08960 Workaround ssh_known_hosts changes not being propagated to containers 8014dec6 Add XClarity in the list of supported hw types 4fe901d2 Don't use node count from failed stack parameters 14d6c5fc [Queens only] Set the deployment status on Mistral deployment tasks. 3ea5ae62 Standardise Workflow messaging and optionally persist messages 1c2c0a0a Remove amp_hw_arch from octavia_post dfab3485 OpenDev Migration Patch 324f30f2 Add message to the Payload for update_node task 87cef2ea Upgrades: Don't try to publish ansible output in ceph_install f5d06ad8 Fix running the baremetal provide workflow with node names 8315421b Clean up node registration output. ee9a5545 Configurable host network for inventory e5207aed Don't always validate heat stack when adding parameters 52ce413b Add workflow for plan deployment status 17a050f1 Specify Octavia amphora image hw_architecture property in Glance abafea83 Workflow and action for deployment failures a2550158 Run NetworkDeployment as async task 22e6135b Ansible json error callback plugin 5c398a07 Stops growth of massive dentry cache growth Diffstat (except docs and test files) ------------------------------------- .gitreview | 2 +- ansible_plugins/callback/json_error.py | 62 +++++ healthcheck/common.sh | 1 + playbooks/octavia-files.yaml | 1 + playbooks/roles/common/defaults/main.yml | 1 + .../octavia-controller-config/tasks/octavia.yml | 12 + .../roles/octavia-undercloud/tasks/image_mgmt.yml | 46 +++- ...ctavia-set-image-owner-id-adb197d5daae54f1.yaml | 10 + .../notes/provide-name-f75b6b61d3d8d693.yaml | 4 + ..._known_host_atomic_update-481e0baf3b3d6342.yaml | 5 + roles/tripleo-ssh-known-hosts/tasks/main.yml | 30 +- setup.cfg | 2 + tripleo_common/actions/deployment.py | 52 ++++ tripleo_common/actions/parameters.py | 7 +- tripleo_common/actions/validations.py | 2 +- tripleo_common/constants.py | 7 + tripleo_common/inventory.py | 10 +- tripleo_common/templates/deployments.yaml | 39 ++- tripleo_common/utils/nodes.py | 1 + workbooks/baremetal.yaml | 39 +-- workbooks/ceph-ansible.yaml | 2 - workbooks/deployment.yaml | 305 +++++++++++++-------- workbooks/derive_params_formulas.yaml | 8 +- workbooks/messaging.yaml | 151 ++++++++++ workbooks/package_update.yaml | 1 + workbooks/plan_management.yaml | 3 + 30 files changed, 732 insertions(+), 184 deletions(-)