Synchronise yoga with upstream #617
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
consider this a security hardening as it would be possible to write to host owned private tmp files e.g. of systemd-logind when you are able to highjack the apache2 process inside the horizon container, which runs as root. see the bug report for a demonstration of this. I checked the horizon code, it only facilitates python tempfiles module for temp file usage. I also checked the horizon container we build via `kolla-build -b ubuntu horizon`, which has a /tmp/ directory. So no mountpoint should be needed. Closes-Bug: #2068126 Signed-off-by: Sven Kieske <kieske@osism.tech> Change-Id: I7ae1db8d42c83b773047bb01e846d4abee02710a (cherry picked from commit f306e9c)
This patch adds REQUESTS_CA_BUNDLE as it's described in requests documentation [1]. This is needed because some ansible modules inside uses python request library and some users of course using their own CAs. [1] https://requests.readthedocs.io/en/latest/user/advanced/#ssl-cert-verification Closes-Bug: #1967132 Change-Id: I901c2bc8ac477f15d2833e68566b19e437f4b6d1 (cherry picked from commit 366a461)
Follow-up on I343d8f45a78ebc3c11ed0c68fe8bec24f9ea7929 According the documentation [1] we forgot to share statistics data for swift-account-server and swift-container-server. This change will fix the issue. 1. https://docs.openstack.org/swift/latest/admin_guide.html#cluster-telemetry-and-monitoring Closes-Bug: #1941611 Change-Id: Ib9afd84cac1fcbd96f98b4720ea9c6503bbdb124 Signed-off-by: Maksim Malchuk <maksim.malchuk@gmail.com> (cherry picked from commit 77bd2af)
py39 jobs (on ubuntu-focal) started to fail due to recent setuptools release (20.26.4) on Yoga, because we have 'packaging==21.3' in this branch that is not compatible with the new setuptools [1]. setuptools is bundled in virtualenv, so it has to be capped via the virtualenv package. tox also needed to be capped (<4) as gate uses tox 3.28.0, but with capping virtualenv we pull in latest tox as well, which would cause other errors. [1] pypa/setuptools#4483 Change-Id: I49deaf07aa3f50a8bb9e3191c864277990ac4dda
Inner modules called by the kolla_toolbox module were returning stdout
and stderr as a single output object. This could break JSON parsing if
any data was present in stderr, for example warnings such as:
[WARNING]: Collection ansible.posix does not support Ansible version 2.14.17
Fix by using demux=True to separate the two streams. The stderr content
is logged as it could be useful for troubleshooting or catching
deprecation notices.
Change-Id: Iad0476d4511f28c837794352c9a3e2f47113d9a1
Closes-Bug: #2080544
(cherry picked from commit 5407662)
priteau
approved these changes
Sep 16, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains a snapshot of yoga from upstream unmaintained/yoga.