Open Stack

-----Original Message-----
From: Tony Breeds <tony at bakeyournoodle.com>
Reply: OpenStack Development Mailing List (not for usage questions)
<openstack-dev at lists.openstack.org>, OpenStack Development Mailing
List (not for usage questions) <openstack-dev at lists.openstack.org>
Date: December 14, 2016 at 00:18:38
To: OpenStack Development Mailing List (not for usage questions)
<openstack-dev at lists.openstack.org>
Subject:  Re: [openstack-dev] [Release-job-failures] Release of
openstack/glance failed

> On Mon, Dec 12, 2016 at 09:46:54AM -0600, Ian Cordasco wrote:
> >
> >
> > -----Original Message-----
> > From: Andreas Jaeger
> > Reply: OpenStack Development Mailing List (not for usage questions)
> > Date: December 12, 2016 at 01:39:17
> > To: openstack-dev at lists.openstack.org
> > Subject: Re: [openstack-dev] [Release-job-failures] Release of openstack/glance
> failed
> >
> > > On 2016-12-12 08:34, Andreas Jaeger wrote:
> > > > On 2016-12-12 06:20, Tony Breeds wrote:
> > > >> On Mon, Dec 12, 2016 at 04:44:18AM +0000, jenkins at openstack.org wrote:
> > > >>> Build failed.
> > > >>>
> > > >>> - glance-docs-ubuntu-xenial http://logs.openstack.org/38/38f199507aff8bfcaf81ad9ea58ea326224faf5f/release/glance-docs-ubuntu-xenial/de7d73e/
> > > : FAILURE in 1m 44s
> > > >>
> > > >> This boils down to [1] which is a known problem with newer cryptography (and
> > > >> the interaction with openssl). What I don't understand is how we got there
> > > >> with constratints working[2]. Perhaps it's the openssl on the release sigining
> > > >> node is "newer" than general nodepool nodes?
> > > >
> > > > glance does not use constraints in venv environment.
> > > >
> > > > It can be used since a few months. I'll send a change for master,
> > >
> > > I expect this needs backporting to stable branches - stable or glance
> > > team, please review and backport yourself:
> > >
> > > https://review.openstack.org/409642
> >
> >
> > Thank you Andreas!
>
> https://review.openstack.org/#/c/410536 is the backport but it's still failing
> with the same
> issue with cryptography and openssl[1] :(
>
> Yours Tony.
> [1] http://logs.openstack.org/36/410536/1/check/gate-glance-releasenotes/46c2615/console.html#_2016-12-14_05_13_53_002878

Hi Tony,

So if I understand correctly, presently:

- There is no 11.0.3 tag for glance which is what we planned to use to
tag liberty-eol
- There is no 11.0.3 tarball for glance
- There is no good way to generate a 11.0.3 tarball because of the
cryptography & openssl conflict
- There is also no good way to generate a liberty-eol tarsal because
of that issue.

I believe you asked in another thread (that I cannot locate) if it was
acceptable to the Glance team to not have an 11.0.3 tarball on
openstack.org. With Brian on vacation, I'm hoping the other stable
maintenance cores will chime in. I, for one, (as Release CPL and a
Stable branch core reviewer) don't think the tarballs are critical for
Glance. I'm fairly certain that most of the deployment projects use
the Git repository directly or Distro provided packages (which are
built from git tags). With that in mind, I don't think this should
block Glance being EOL'd.

I'm sorry for the delay in my reply. I took a little over a week of
time off myself.

Cheers,
--
Ian Cordasco