We exuberantly announce the release of: glance 14.0.0: OpenStack Image Service This release is part of the ocata release series. Download the package from: https://tarballs.openstack.org/glance/ For more details, please see below. 14.0.0 ^^^^^^ * Add "ploop" to the list of supported disk formats. * **Experimental** zero-downtime database upgrade using an expand- migrate-contract series of operations is available. * The *minor* version of the Images API v2 is bumped to **2.5**. * The *Community Images* feature has been introduced in the Images API v2. This enables a user to make an image available for consumption by all other users. In association with this change, the 'visibility' values for an image have been expanded to include 'community' and 'shared'. Location updates for images are now restricted to images in "active" or "queued" status. Please refer to the "Bug Fixes" section for more information. New Features ************ * The identifier "ploop" has been added to the list of supported disk formats in Glance. The respective configuration option has been updated and the default list shows "ploop" as a supported format. * Image 'visibility' changes. * Prior to Ocata, an image with 'private' visibility could become shared by adding members to it, though its visibility remained 'private'. In order to make the visibility of images more clear, in Ocata the following changes are introduced: * A new value for visibility, 'shared', is introduced. Images that have or can accept members will no longer be displayed as having 'private' visibility, reducing confusion among end users. * An image must have 'shared' visibility in order to accept members. This provides a safeguard from 'private' images being shared inadvertently. * In order to preserve backward compatibilty with the current sharing workflow, the default visibility of an image in Ocata is 'shared'. Consistent with pre-Ocata behavior, this will allow the image to accept member operations without first updating the visibility of the image. (Keep in mind that an image with visibility 'shared' but having no members is not actually accessible to anyone other than the image owner, so this is not in itself a security problem.) * Image visibility may be specified at the time of image creation. * As mentioned above, the default visibility of an image is 'shared'. If a user wants an image to be private and not accept any members, a visibility of 'private' can be explicitly assigned at the time of creation. * Such an image will require its visibility to be updated to 'shared' before it will accept members. * Image visibility is changed using the image update (PATCH) call. * Note: This is not a change. It's simply mentioned for completeness. * A new value for the Image 'visibility' field, 'community', is introduced. * An image with 'community' visibility is available for consumption by any user. * In order to prevent users spamming other users' image-list response, community images are not included in the image-list response unless specifically requested by a user. * For example, "GET v2/images?visibility=community" * As is standard behavior for the image-list call, other filters may be applied to the request. For example, to see the community images supplied by user "931efe8a- 0ad7-4610-9116-c199f8807cda", the following call would be made: "GET v2/images?visibility=community&owner=931efe8a- 0ad7-4610-9116-c199f8807cda" Upgrade Notes ************* * The "disk_format" config option enables "ploop" as supported by default. * The database migration engine used by Glance for database upgrades has been changed from *SQLAlchemy Migrate* to *Alembic* in this release. * This has necessitated a change in the location and naming convention for migration scripts. Developers, operators, and DevOps are strongly encouraged to read through the Database Management section of the Glance documentation for details of the changes introduced in the Ocata release. Here's a brief summary of the changes: * All the "glance manage db" commands are changed appropriately to use Alembic to perform operations such as "version", "upgrade", "sync" and "version_control". Hence, the "old-style" migration scripts will no longer work with the Ocata glance manage db commands. * Database versions are no longer numerical. Instead, they are the *revision ID* of the last migration applied on the database. * For example, the Liberty migration, which was version "42" under the old system, will now appear as "liberty". The Mitaka migrations "43" and "44" appear as "mitaka01" and "mitaka02", respectively. * The change in migration engine has been undertaken in order to enable zero-downtime database upgrades, which are part of the effort to implement rolling upgrades for Glance (scheduled for the Pike release). * A preview of zero-downtime database upgrades is available in this release, but it is **experimental** and **not supported for production systems**. Please consult the Database Management section of the Glance documentation for details. (http://docs.openstack.org/developer/glance/db.html) * The **CURRENT** version of the version 2 Images API supplied by Glance is now **2.5**. Changes include: * The 'visibility' enumeration has been increased from two values ("public", "private") to four values ("public", "private", "shared", and "community"). * Formerly, it was possible to add members to an image whose visibility was "private", thereby creating a "shared" image. In this release, an image must have a visibility of "shared" in order to accept member operations. Attempting to add a member to an image with a visibility of "private" will result in a 4xx response containing an informative message. (https://developer.openstack.org/api-ref/image/v2/?expanded =create-image-member-detail#create-image-member) * Some backend store names were inconsistent between glance and glance_store. This meant that operators of the VMware datastore or file system store were required to use store names in "glance- api.conf" that did not correspond to any valid identifier in glance_store. As this situation encouraged misconfiguration and operator unhappiness, we have made the store names consistent in the Newton release. What this means for you: * This change applies only to operators who are using multiple image locations * This change applies only to operators using the VMware datastore or filesystem stores * This change applies only to the "store_type_preference" option * *VMware datastore operators*: The old name, now **DEPRECATED**, was "vmware_datastore". The **new** name, used in both glance and glance_store, is "vmware" * *File system store operators*: the old name, now **DEPRECATED**, was "filesystem". The **new** name, used in both glance and glance_store, is "file" * This change is backward compatible, that is, the old names will be recognized by the code during the deprecation period. Support for the deprecated names will be removed in the **Pike** release * We strongly encourage operators to modify their "glance- api.conf" files immediately to use the **new** names * A new value for the Image 'visibility' field, 'community', is introduced. * The ability to update an image to have 'community' visibility is governed by a policy target named 'communitize_image'. The default is empty, that is, any user may communitize an image. * Visibility migration of current images * Prior to Ocata, the Glance database did not have a 'visibility' column, but instead used a boolean 'is_public' column, which was translated into 'public' or 'private' visibility in the Images API v2 image response. As part of the upgrade to Ocata, a 'visibility' column is introduced into the images table. It will be populated as follows * All images currently with 'public' visibility (that is, images for which 'is_public' is True in the database) will have their visibility set to 'public'. * Images currently with 'private' visibility (that is, images for which 'is_public' is False in the database) **and** that have image members, will have their visibility set to 'shared'. * Those images currently with 'private' visibility (that is, images for which 'is_public' is False in the database) and that have **no** image members, will have their visibility set to 'private'. * Note that such images will have to have their visibility updated to 'shared' before they will accept members. * Impact of the Ocata visibility changes on end users of the Images API v2 * We have tried to minimize the impact upon end users, but want to point out some issues to be aware of. * The migration of image visibility assigns sensible values to images, namely, 'private' to images that end users have *not* assigned members, and 'shared' to those images that have members at the time of the upgrade. Previously, if an end user wanted to share a private image, a member could be added directly. After the upgrade, the image will have to have its visibility changed to 'shared' before a member can be assigned. * The default value of 'shared' may seem weird, but it preserves the pre-upgrade workflow of: (1) create an image with default visibility, (2) add members to that image. Further, an image with a visibility of 'shared' that has no members is not accessible to other users, so it is functionally a private image. * The image-create operation allows a visibility to be set at the time of image creation. This option was probably not used much given that previously there were only two visibility values available, one of which ('public') is by default unassignable by end users. Operators may wish to update their documentation or tooling to specify a visibility value when end users create images. To summarize: * 'public' - reserved by default for images supplied by the operator for the use of all users * 'private' - the image is accessible only to its owner * 'community' - the image is available for consumption by all users * 'shared' - the image is completely accessible to the owner and available for consumption by any image members * Impact of the Ocata visibility changes on the Images API v1 * The DEPRECATED Images API v1 does not have a concept of "visibility", and in a "pure" v1 deployment, you would not notice that anything had changed. Since, however, we hope that there aren't many of those around anymore, here's what you can expect to see if you use the Images API v1 in a "mixed" deployment. * In the v1 API, images have an "is_public" field (but no "visibility" field). Images for which "is_public" is True are the equivalent of images with 'public' visibility in the v2 API. Images for which "is_public" is false are the equivalent of v2 'shared' images if they have members, or the equivalent of v2 'private' images if they have no members. * An image that has 'community' visibility in the v2 API will have "is_public" == False in the v1 API. It will behave like a private image, that is, only the owner (or an admin) will have access to the image, and only the owner (or an admin) will see the image in the image-list response. * Since the default value for 'visibility' upon image creation is 'shared', an image freshly created using the v1 API can have members added to it, just as it did pre-Ocata. * If an image has a visiblity of 'private' when viewed in the v2 API, then that image will not accept members in the v1 API. If a user wants to share such an image, the user can: * Use the v2 API to change the visibility of the image to 'shared'. Then it will accept members in either the v1 or v2 API. * Use the v1 API to update the image so that "is_public" is False. This will reset the image's visibility to 'shared', and it will now accept member operations. * Note that in either case, when dealing with an image that has 'private' visibility in the v2 API, there is a safeguard against a user unintentionally adding a member to an image and exposing data. The safeguard is that you must perform an additional image update operation in either the v1 or v2 API before you can expose it to other users. * A recent change to oslo.log (>= 3.17.0) set the default value of "[DEFAULT]/use_stderr" to "False" in order to prevent duplication of logs (as reported in bug #1588051). Since this would change the current behaviour of certain glance commands (e.g., glance- replicator, glance-cache-manage, etc.), we chose to override the default value of "use_stderr" to "True" in those commands. We also chose not to override that value in any Glance service (e.g., glance-api, glance-registry) so that duplicate logs are not created by those services. Operators that have a usecase that relies on logs being reported on standard error may set "[DEFAULT]/use_stderr = True" in the appropriate service's configuration file upon deployment. * The metadata definition for "hypervisor_type" in the "OS::Compute::Hypervisor" namespace has been extended to include the Virtuozzo hypervisor, designated as "vz". You may upgrade the definition using: "glance-manage db load_metadefs [--path <path>] [--merge] [--prefer_new]" Security Issues *************** * All "qemu-img info" calls are now run under resource limitations that limit the CPU time and address space usage of the process running the command to 2 seconds and 1 GB respectively. This addresses the bug https://bugs.launchpad.net/glance/+bug/1449062 Current usage of "qemu-img" is limited to Glance tasks, which by default (since the Mitaka release) are only available to admin users. We continue to recommend that tasks only be exposed to trusted users Bug Fixes ********* * Image location updates to an image which is not in "active" or "queued" status can introduce race conditions and security issues and hence a bad experience for users and operators. As a result, we have restricted image location updates in this release. Users will now observe the following: * HTTP Response Code 409 (Conflict) will be returned in response to an attempt to remove an image location when the image status is not "active" * HTTP Response Code 409 (Conflict) will be returned in response to an attempt to replace an image location when the image status is not "active" or "queued" Other Notes *********** * The deprecation path for the configuration option "show_multiple_locations" has been changed because the mitigation instructions for OSSN-0065 refer to this option. It is now subject to removal on or after the **Pike** release. The help text for this option has been updated accordingly. (https://wiki.openstack.org/wiki/OSSN/OSSN-0065) Changes in glance 13.0.0.0rc1..14.0.0 ------------------------------------- f7adc0f Refresh config files for Ocata RC-1 fb851b9 Alembic migrations/rolling upgrades release note 9859df2 Add expand/migrate/contract migrations for CI 0f0354a Add expand/migrate/contract commands to glance-manage CLI 95c7c1b Refactor tests to use Alembic to run migrations 21d4310 Port Glance Migrations to Alembic 58bf19d Correct 2.5 minor version bump release note 76aeab3 Update api-ref for image visibility changes fb2cedc refactor glare plugin loader tests to not mock private methods of stevedore 689dfae Refine migration query added with CI change b55dd07 Hack to support old and new stevedore d64f6bc do not mock private methods of objects from libraries bd5a23d Update deprecated show_multiple_locations helptext f905ff0 Add release note for image visibility changes 36a1b7c Update api-ref for partial download requests. 902880d Updated from global requirements 3a96347 Eliminate reference to metadefs 'namespace_id' d64fe8b Updated from global requirements 811941a Add image update tests for is_public 18acc70 Fix regression introduced by Community Images c802876 Bump minor API version 265659e Implement and Enable Community Images 61e9858 Update to "disallowed minor code changes" ed634d4 Updated from global requirements 06c4313 Adjust test suite for new psutil versions fb4ee4a Update dev docs to include 'vhdx' disk format 03567be Remove obsolete swift links ebd6f07 Updated from global requirements ab7152e Add ploop to supported disk_formats b4bd648 Updated from global requirements 0cf83ca Fix some typos in api-ref c3baf74 Update sample config files for Ocata-3 88c038b Enable python3.5 testing. 44b0f84 Update tox configuration file to reduce duplication cac2fc6 Expand hypervisor_type meta data with Virtuozzo hypervisor a6740ac Remove v3 stub controller dcd6e3e Updated from global requirements 18053e2 Skipping tests for location 'add', 'replace' on 'queued' images 182be5f Editing release note for location update patch 0eb2938 Change cfg.set_defaults into cors.set_defaults 4ac8adb Restrict location updates to active, queued images d4f07cc Allow purging of records less than 1 day old. e976b14 Updated from global requirements fc644c7 Updated from global requirements 4267d2c Updated from global requirements ddb2b87 Python3: fix glance.tests.functional.v2.test_images 37a6f30 Python 3: fix glance.tests.functional.v1.test_misc 1d5dd06 Python3: fix glance.tests.functional.test_scrubber 5521b6d Python3: fix logs/glance.tests.functional.test_healthcheck_middleware eab64fe Python3: Fix glance.tests.functional.test_glance_replicator 401f544 Python3: Fix glance.tests.functional.test_bin_glance_cache_manage 6540f93 Python 3: fix glance.tests.functional.db.test_sqlalchemy c366881 Python3: fix test_client_redirects.py dfe21bd Add working functional tests to tox.ini 5fc8057 Add alt text for badges 87090e9 Correct releasenote "Prepare for oslo.log 3.17.0" b2cd077 Prepare for oslo.log 3.17.0 6bed29f Show team and repo badges on README 400230c Handling HTTP range requests in Glance ca8c2bf Remove uneccessary "in" from CONTRIBUTING.rst 51447d0 Updated from global requirements 8be3e10 IPv6 fix in Glance for malformed URLs. cde9f18 Updated from global requirements e170225 Update api-ref with 409 response to image update. 9968b09 Added overwrite warning for db_export_metadefs. 408672c Allow specifying OS_TEST_PATH (to reduce tests ran) 616060d Do not use service catalog for cache client 621dfce Added unit tests for disabled notifications in Notifier f72d955 Updated from global requirements ec6c9da Updated from global requirements 412d82c ping_server: Always close the socket 2b60ac7 Remove mox3 in test-requirement.txt ce3e7b3 Correct url in doc source 3245dc3 Updated from global requirements e40d3ff Add DeprecationWarning in test environments a982fa2 Updated from global requirements 656e588 Update .coveragerc after the removal of openstack directory 1dbb2c3 Updated from global requirements d2eb38d Drop unused import cfg e4953f4 Imported Translations from Zanata 857cb49 Image signature documentation modify barbican auth_endpoint fca18a3 Add libvirt image metadef for hw_pointer_model d3e8207 Add more resource url in readme.rst a15ab75 Updated from global requirements 33b5cfb Cleanup newton release Notes 7a89cf7 Imported Translations from Zanata 5b9482a Fix Domain Model code example. 5033e41 Imported Translations from Zanata 61a62c6 Remove redundant word. a01a03e Enable release notes translation 28c415d Updated from global requirements 8a8e5bf Extracted HTTP response codes to constants in tests 8a63622 Extracted HTTP response codes to constants 3db4e56 Updated from global requirements 4f64751 Fix typo: remove redundant 'the' 0a9bbd3 dev-docs: mark v1 as deprecated be85586 Updated from global requirements 98147bc Updated from global requirements e6b34fc Correct releasenote for Ib900bbc05cb9ccd90c6f56ccb4bf2006e30cdc80 be2c5e7 Updated from global requirements ce6cb2d [api-ref] configure LogABug feature cb40837 Update CONTRIBUTING.rst 69a9b65 Adding constraints around qemu-img calls 1c6bd03 Correct the order of parameters in assertEqual() dfa0682 Fixing inconsistency in Glance store names. af70dc6 change the example URLs in api-ref for Glance b9237e3 Updated from global requirements cd65bfd api-ref: deprecate images v1 api 51e5321 Remove unused oslo.service requirement 3a1f861 Update api-ref to add newly supported 'vhdx' disk format option. 1bbddb7 Fix incorrect call for _gen_uuid eb7507a Update description of image_destroy method. 7e3f19e Update reno for stable/newton 5ac85fd api-ref: add versions history 83d1337 Correctly point to Task Statuses from Tasks doc. acb3ce0 TrivialFix: Remove unused variable edd5bf9 Dev-docs: command in code block for refresh config b6dd4f9 [api-ref] Remove temporary block a75ddd4 Add note to docs on release notes prelude section 5d6fb62 Fixed indentation d58cffe Remove self.__dict__ for formatting strings ff83038 Fix using filter() to meet python2,3 48f8dd3 Use upper constraints for all jobs in tox.ini 60d3146 Fix five typos on doc Diffstat (except docs and test files) ------------------------------------- .coveragerc | 2 +- .testr.conf | 2 +- CONTRIBUTING.rst | 8 +- README.rst | 72 +- api-ref/source/conf.py | 44 +- api-ref/source/v1/images-images-v1.inc | 4 +- api-ref/source/v1/images-sharing-v1.inc | 2 +- api-ref/source/v1/index.rst | 6 +- api-ref/source/v2/images-data.inc | 18 +- api-ref/source/v2/images-images-v2.inc | 74 +- .../source/v2/images-parameters-descriptions.inc | 17 + api-ref/source/v2/images-parameters.yaml | 29 +- api-ref/source/v2/images-sharing-v2.inc | 31 +- api-ref/source/v2/index.rst | 1 + .../source/v2/metadefs-namespaces-properties.inc | 4 +- api-ref/source/v2/metadefs-namespaces.inc | 2 +- .../samples/metadef-namespace-update-response.json | 2 +- .../v2/samples/schemas-image-show-response.json | 4 +- .../v2/samples/schemas-images-list-response.json | 4 +- api-ref/source/v2/samples/task-create-request.json | 2 +- .../source/v2/samples/task-create-response.json | 2 +- .../v2/samples/task-show-failure-response.json | 2 +- api-ref/source/versions/index.rst | 43 + .../versions/samples/image-versions-response.json | 26 +- etc/glance-api.conf | 418 ++++- etc/glance-cache.conf | 56 +- etc/glance-glare.conf | 136 +- etc/glance-manage.conf | 14 +- etc/glance-registry.conf | 371 ++++- etc/glance-scrubber.conf | 56 +- etc/metadefs/compute-hypervisor.json | 3 +- etc/metadefs/compute-libvirt-image.json | 6 + etc/policy.json | 1 + glance/api/authorization.py | 17 +- glance/api/middleware/cache.py | 3 +- glance/api/middleware/version_negotiation.py | 1 + glance/api/policy.py | 15 +- glance/api/v2/image_actions.py | 5 +- glance/api/v2/image_data.py | 19 +- glance/api/v2/image_members.py | 7 +- glance/api/v2/image_tags.py | 5 +- glance/api/v2/images.py | 21 +- glance/api/v2/metadef_namespaces.py | 11 +- glance/api/v2/metadef_objects.py | 7 +- glance/api/v2/metadef_properties.py | 7 +- glance/api/v2/metadef_resource_types.py | 5 +- glance/api/v2/metadef_tags.py | 12 +- glance/api/v2/tasks.py | 3 +- glance/api/v3/__init__.py | 0 glance/api/v3/router.py | 77 - glance/api/versions.py | 3 +- glance/async/flows/base_import.py | 2 + glance/async/flows/convert.py | 15 +- glance/async/flows/introspect.py | 1 + glance/async/utils.py | 10 + glance/cmd/cache_cleaner.py | 1 + glance/cmd/cache_prefetcher.py | 1 + glance/cmd/cache_pruner.py | 1 + glance/cmd/manage.py | 181 ++- glance/cmd/replicator.py | 29 +- glance/cmd/scrubber.py | 1 + glance/common/auth.py | 21 +- glance/common/client.py | 6 +- glance/common/config.py | 59 +- glance/common/exception.py | 6 + glance/common/glare/loader.py | 4 +- glance/common/location_strategy/store_type.py | 45 +- glance/common/rpc.py | 2 +- glance/common/wsgi.py | 9 +- glance/db/__init__.py | 5 +- glance/db/migration.py | 20 +- glance/db/registry/api.py | 42 +- glance/db/simple/api.py | 86 +- glance/db/sqlalchemy/alembic_migrations/README | 1 + .../db/sqlalchemy/alembic_migrations/__init__.py | 108 ++ .../alembic_migrations/add_artifacts_tables.py | 224 +++ .../alembic_migrations/add_images_tables.py | 201 +++ .../alembic_migrations/add_metadefs_tables.py | 171 +++ .../alembic_migrations/add_tasks_tables.py | 66 + .../db/sqlalchemy/alembic_migrations/alembic.ini | 69 + .../alembic_migrations/data_migrations/__init__.py | 70 + .../ocata_migrate01_community_images.py | 103 ++ glance/db/sqlalchemy/alembic_migrations/env.py | 92 ++ .../db/sqlalchemy/alembic_migrations/migrate.cfg | 20 + .../sqlalchemy/alembic_migrations/script.py.mako | 20 + .../alembic_migrations/versions/__init__.py | 0 .../alembic_migrations/versions/liberty_initial.py | 40 + .../mitaka01_add_image_created_updated_idx.py | 47 + .../mitaka02_update_metadef_os_nova_server.py | 42 + .../ocata01_add_visibility_remove_is_public.py | 72 + .../ocata01_add_visibility_remove_is_public.sql | 162 ++ .../versions/ocata_contract01_drop_is_public.py | 67 + .../versions/ocata_expand01_add_visibility.py | 151 ++ glance/db/sqlalchemy/api.py | 107 +- glance/db/sqlalchemy/glare.py | 7 +- glance/db/sqlalchemy/metadata.py | 2 + glance/db/sqlalchemy/metadef_api/namespace.py | 2 +- .../migrate_repo/versions/045_add_visibility.py | 51 + .../migrate_repo/versions/045_sqlite_upgrade.sql | 162 ++ glance/db/sqlalchemy/models.py | 7 +- glance/db/utils.py | 40 + glance/domain/__init__.py | 10 +- glance/image_cache/client.py | 3 +- glance/locale/de/LC_MESSAGES/glance.po | 617 +------- glance/locale/en_GB/LC_MESSAGES/glance-log-info.po | 12 +- glance/locale/es/LC_MESSAGES/glance-log-error.po | 8 +- glance/locale/es/LC_MESSAGES/glance-log-info.po | 12 +- glance/locale/es/LC_MESSAGES/glance-log-warning.po | 8 +- glance/locale/es/LC_MESSAGES/glance.po | 605 +------- glance/locale/fr/LC_MESSAGES/glance.po | 610 +------- glance/locale/it/LC_MESSAGES/glance.po | 611 +------- glance/locale/ja/LC_MESSAGES/glance.po | 563 +------ .../locale/ko_KR/LC_MESSAGES/glance-log-error.po | 16 +- glance/locale/ko_KR/LC_MESSAGES/glance-log-info.po | 12 +- .../locale/ko_KR/LC_MESSAGES/glance-log-warning.po | 8 +- glance/locale/ko_KR/LC_MESSAGES/glance.po | 535 +------ glance/locale/pt_BR/LC_MESSAGES/glance-log-info.po | 12 +- .../locale/pt_BR/LC_MESSAGES/glance-log-warning.po | 8 +- glance/locale/pt_BR/LC_MESSAGES/glance.po | 605 +------- glance/locale/ru/LC_MESSAGES/glance.po | 581 +------ .../locale/tr_TR/LC_MESSAGES/glance-log-error.po | 8 +- glance/locale/tr_TR/LC_MESSAGES/glance-log-info.po | 12 +- .../locale/tr_TR/LC_MESSAGES/glance-log-warning.po | 8 +- glance/locale/tr_TR/LC_MESSAGES/glance.po | 462 +----- .../locale/zh_CN/LC_MESSAGES/glance-log-error.po | 292 ++++ .../locale/zh_CN/LC_MESSAGES/glance-log-warning.po | 312 ++++ glance/locale/zh_CN/LC_MESSAGES/glance.po | 553 +------ glance/locale/zh_TW/LC_MESSAGES/glance.po | 502 +----- glance/location.py | 9 +- glance/notifier.py | 1 + glance/registry/api/v1/images.py | 10 +- glance/registry/api/v1/members.py | 8 +- .../functional/db/migrations/test_mitaka01.py | 48 + .../functional/db/migrations/test_mitaka02.py | 65 + .../db/migrations/test_ocata_contract01.py | 64 + .../db/migrations/test_ocata_expand01.py | 174 +++ .../db/migrations/test_ocata_migrate01.py | 147 ++ .../functional/test_bin_glance_cache_manage.py | 42 +- .../functional/test_healthcheck_middleware.py | 9 +- .../functional/v2/test_metadef_resourcetypes.py | 5 +- .../integration/legacy_functional/test_v1_api.py | 253 +-- .../v2/test_property_quota_violations.py | 18 +- .../notes/add-ploop-format-fdd583849504ab15.yaml | 11 + ...processlimits-to-qemu-img-c215f5d90f741d8a.yaml | 12 + .../notes/alembic-migrations-902b31edae7a5d7d.yaml | 38 + .../api-minor-version-bump-bbd69dc457fc731c.yaml | 20 + .../consistent-store-names-57374b9505d530d0.yaml | 32 + .../image-visibility-changes-fa5aa18dc67244c4.yaml | 175 +++ ...lo-log-use-stderr-changes-07f5daf3e6abdcd6.yaml | 14 + ...restrict_location_updates-05454bb765a8c92c.yaml | 22 + ...ltiple_locations-helptext-7fa692642b6b6d52.yaml | 11 + .../virtuozzo-hypervisor-fada477b64ae829d.yaml | 9 + releasenotes/source/conf.py | 5 +- releasenotes/source/index.rst | 1 + releasenotes/source/newton.rst | 7 + requirements.txt | 31 +- test-requirements.txt | 19 +- tox.ini | 98 +- 246 files changed, 8963 insertions(+), 10350 deletions(-) Requirements updates -------------------- diff --git a/requirements.txt b/requirements.txt index fb6b1a2..16369c2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5 +5 @@ -pbr>=1.6 # Apache-2.0 +pbr>=1.8 # Apache-2.0 @@ -13 +13 @@ Routes!=2.0,!=2.3.0,>=1.12.3;python_version!='2.7' # MIT -WebOb>=1.2.3 # MIT +WebOb>=1.6.0 # MIT @@ -14,0 +15,2 @@ sqlalchemy-migrate>=0.9.6 # Apache-2.0 +sqlparse>=0.2.2 # BSD +alembic>=0.8.10 # MIT @@ -17 +19 @@ pycrypto>=2.6 # Public Domain -oslo.config>=3.14.0 # Apache-2.0 +oslo.config!=3.18.0,>=3.14.0 # Apache-2.0 @@ -20,3 +22,2 @@ oslo.context>=2.9.0 # Apache-2.0 -oslo.service>=1.10.0 # Apache-2.0 -oslo.utils>=3.16.0 # Apache-2.0 -stevedore>=1.16.0 # Apache-2.0 +oslo.utils>=3.18.0 # Apache-2.0 +stevedore>=1.17.1 # Apache-2.0 @@ -24,3 +25,3 @@ futurist!=0.15.0,>=0.11.0 # Apache-2.0 -taskflow>=1.26.0 # Apache-2.0 -keystoneauth1>=2.10.0 # Apache-2.0 -keystonemiddleware!=4.1.0,!=4.5.0,>=4.0.0 # Apache-2.0 +taskflow>=2.7.0 # Apache-2.0 +keystoneauth1>=2.18.0 # Apache-2.0 +keystonemiddleware>=4.12.0 # Apache-2.0 @@ -28 +29 @@ WSME>=0.8 # MIT -PrettyTable<0.8,>=0.7 # BSD +PrettyTable<0.8,>=0.7.1 # BSD @@ -34 +35 @@ jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT -python-keystoneclient!=2.1.0,>=2.0.0 # Apache-2.0 +python-keystoneclient>=3.8.0 # Apache-2.0 @@ -39 +40 @@ six>=1.9.0 # MIT -oslo.db!=4.13.1,!=4.13.2,>=4.10.0 # Apache-2.0 +oslo.db>=4.15.0 # Apache-2.0 @@ -41,2 +42,2 @@ oslo.i18n>=2.1.0 # Apache-2.0 -oslo.log>=1.14.0 # Apache-2.0 -oslo.messaging>=5.2.0 # Apache-2.0 +oslo.log>=3.11.0 # Apache-2.0 +oslo.messaging>=5.14.0 # Apache-2.0 @@ -44 +45 @@ oslo.middleware>=3.0.0 # Apache-2.0 -oslo.policy>=1.9.0 # Apache-2.0 +oslo.policy>=1.17.0 # Apache-2.0 diff --git a/test-requirements.txt b/test-requirements.txt index 15deb57..6898a43 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -13 +13 @@ bandit>=1.1.0 # Apache-2.0 -coverage>=3.6 # Apache-2.0 +coverage>=4.0 # Apache-2.0 @@ -15 +14,0 @@ fixtures>=3.0.0 # Apache-2.0/BSD -mox3>=0.7.0 # Apache-2.0 @@ -17,2 +16,2 @@ mock>=2.0 # BSD -sphinx!=1.3b1,<1.3,>=1.2.1 # BSD -requests>=2.10.0 # Apache-2.0 +sphinx!=1.3b1,<1.4,>=1.2.1 # BSD +requests!=2.12.2,>=2.10.0 # Apache-2.0 @@ -23 +22 @@ testtools>=1.4.0 # MIT -psutil<2.0.0,>=1.1.1 # BSD +psutil>=3.0.1 # BSD @@ -25 +24 @@ oslotest>=1.10.0 # Apache-2.0 -os-testr>=0.7.0 # Apache-2.0 +os-testr>=0.8.0 # Apache-2.0 @@ -28 +27 @@ os-testr>=0.7.0 # Apache-2.0 -PyMySQL!=0.7.7,>=0.6.2 # MIT License +PyMySQL>=0.7.6 # MIT License @@ -33 +32 @@ xattr>=0.4 # MIT -python-swiftclient>=2.2.0 # Apache-2.0 +python-swiftclient>=3.2.0 # Apache-2.0 @@ -37,2 +36,2 @@ os-api-ref>=1.0.0 # Apache-2.0 -oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0 -reno>=1.8.0 # Apache2 +oslosphinx>=4.7.0 # Apache-2.0 +reno>=1.8.0 # Apache-2.0