-heat (2013.2-0ubuntu1~cloud0) precise-havana; urgency=low
+heat (2013.2.3-0ubuntu1~cloud0) precise-havana; urgency=medium
* New upstream release for the Ubuntu Cloud Archive.
- -- James Page <james.page@ubuntu.com> Sun, 13 Oct 2013 11:08:42 +0100
+ -- Openstack Ubuntu Testing Bot <openstack-testing-bot@ubuntu.com> Mon, 14 Apr 2014 07:13:10 -0400
+
+heat (2013.2.3-0ubuntu1) saucy-proposed; urgency=medium
+
+ * Resynchronize with stable/havana (8bb7830) (LP: #1302575):
+ - [527009d] Don't delete trust on backup stack delete
+ - [defcf23] Raise the default max header to accommodate large tokens
+ - [a440ccb] Fix "members" property check
+ - [cfd6b02] Fix incompatibilities in tests with keystoneclient 0.6
+ - [8bb7830] Don't raise MySQL 2013 'Lost connection' errors
+
+ -- Corey Bryant <corey.bryant@canonical.com> Fri, 04 Apr 2014 10:49:12 -0400
+
+heat (2013.2.2-0ubuntu1) saucy-proposed; urgency=low
+
+ * Resynchronize with stable/havana (9279833) (LP: #1284643):
+ - [2beab02] Server create should never fail, even if resource name exceeds
+ 63 characters LP: 1250291
+ - [4ca7941] the aws loadbalancer use Fedora 17 and needs to be upgraded to
+ f18 or f19 LP: 1234375
+ - [e483b38] Fn::Select raises transient errors on mutable structures
+ LP: 1243958
+ - [6fa3c8f] DependsOn only supports specifying a single value LP: 1235496
+ - [ec4ed57] Failure after the update of a suspended stack LP: 1234242
+ - [50dc14a] Please use "python -m coverage" instead of /usr/bin/coverage
+ LP: 1241330
+ - [4d213f8] Stacks can get stuck DELETE_COMPLETE LP: 1247200
+ - [ab5d961] Stacks can get stuck DELETE_COMPLETE LP: 1247200
+ - [9279833] Stacks can get stuck DELETE_COMPLETE LP: 1247200
+ * d/control: Add new BD on python-testscenarios.
+
+ -- James Page <james.page@ubuntu.com> Wed, 26 Feb 2014 09:02:56 +0000
+
+heat (2013.2.1-0ubuntu1) saucy-proposed; urgency=low
+
+ * Resynchronize with stable/havana (8283db7) (LP: #1262788):
+ - [e6979b0] Open stable/havana
+ - [f33297d] no autoscaling action occurs for percentage adjustment,
+ depending on initial size & adjustment step size LP: 1251007
+ - [a8c0b11] potential autoscaling headroom remains unused LP: 1254796
+ - [6ccbf6e] On restart of QPID broker, fanout no longer works LP: 1251757
+ - [3fc572e] [messaging] QPID broadcast RPC requests to all servers for a
+ given topic LP: 1257293
+ - [25de97c] Updated from global requirements
+ - [0b1458a] [OSSA 2013-034] Heat CFN policy rules not all enforced
+ (CVE-2013-6426) LP: 1256049
+ - [8283db7] [OSSA 2013-035] Heat ReST API doesn't respect tenant scoping
+ (CVE-2013-6428) LP: 1256983
+ - [8283db7] [OSSA 2013-035] Heat ReST API doesn't respect tenant scoping
+ (CVE-2013-6428) LP: 1256983
+ * debian/patches/revert-stable-havana-requirements.patch: Revert
+ version bumps to dependencies in stable/havana back to what was
+ shipped with Saucy.
+
+ -- Adam Gandelman <adamg@ubuntu.com> Wed, 18 Dec 2013 10:30:32 -0800
+
+heat (2013.2-0ubuntu1) saucy; urgency=low
+
+ * New upstream release (LP: #1236462).
+
+ -- Chuck Short <zulcss@ubuntu.com> Thu, 17 Oct 2013 09:30:24 -0400
heat (2013.2~rc2-0ubuntu1) saucy; urgency=low
python-sphinx,
python-sqlalchemy (>= 0.7.8),
python-swiftclient,
+ python-testscenarios,
python-testrepository (>= 0.0.13),
python-testtools (>= 0.9.29),
python-webob (>= 1.2.3),
-From ac190f0da6ce367cc833b92677266e7bbf7e2270 Mon Sep 17 00:00:00 2001
-From: Timur Sufiev <tsufiev@mirantis.com>
-Date: Thu, 5 Dec 2013 19:46:28 +0400
+From d5cd4a1e6077d538f7b5ba61b0d98673ef610d9d Mon Sep 17 00:00:00 2001
+From: Igor Yozhikov <iyozhikov@mirantis.com>
+Date: Fri, 16 May 2014 14:09:05 +0400
Subject: [PATCH] Adds ability to configure various clients used by the Heat
This commit adds config sections [clients_nova], [clients_swift],
Closes-Bug: #1213122
Implements: blueprint clients-ssl-options
Ported from: icehouse.
+
---
etc/heat/heat.conf.sample | 182 ++++++++++++++++++++++++++++++++++---
heat/common/config.py | 28 +++++-
heat/common/heat_keystoneclient.py | 17 ++++
heat/engine/clients.py | 30 +++++-
- heat/tests/test_heatclient.py | 36 ++++++--
- 5 files changed, 268 insertions(+), 25 deletions(-)
+ heat/tests/test_heatclient.py | 50 +++++++---
+ 5 files changed, 276 insertions(+), 31 deletions(-)
diff --git a/etc/heat/heat.conf.sample b/etc/heat/heat.conf.sample
-index 1444f9b..20dadd3 100644
+index d464840..8fa413d 100644
--- a/etc/heat/heat.conf.sample
+++ b/etc/heat/heat.conf.sample
-@@ -473,6 +473,43 @@
+@@ -482,6 +482,43 @@
#matchmaker_heartbeat_ttl=600
[ssl]
#
-@@ -568,6 +605,104 @@
+@@ -577,6 +614,104 @@
#api_paste_config=api-paste.ini
[rpc_notifier2]
#
-@@ -683,29 +818,26 @@
- #workers=0
+@@ -710,29 +845,26 @@
+ #max_header_line=16384
-[auth_password]
[matchmaker_redis]
-@@ -724,3 +856,25 @@
+@@ -751,3 +883,25 @@
#password=<None>
if cfg.CONF.cloud_backend:
cloud_backend_module = importutils.import_module(cfg.CONF.cloud_backend)
diff --git a/heat/tests/test_heatclient.py b/heat/tests/test_heatclient.py
-index 7e195dc..712ffa5 100644
+index 0196324..d4003d0 100644
--- a/heat/tests/test_heatclient.py
+++ b/heat/tests/test_heatclient.py
-@@ -51,7 +51,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_client = heat_keystoneclient.kc.Client(
+@@ -67,7 +67,11 @@ class KeystoneClientTest(HeatTestCase):
+ kc.Client(
auth_url=mox.IgnoreArg(),
tenant_name='test_tenant',
-- token='abcd1234')
+- token='abcd1234').AndReturn(self.mock_ks_client)
+ token='abcd1234',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_client)
self.mock_ks_client.authenticate().AndReturn(auth_ok)
elif method == 'password':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
-@@ -59,14 +63,22 @@ class KeystoneClientTest(HeatTestCase):
+ kc.Client(
+@@ -75,14 +79,22 @@ class KeystoneClientTest(HeatTestCase):
tenant_name='test_tenant',
tenant_id='test_tenant_id',
username='test_username',
-- password='password')
+- password='password').AndReturn(self.mock_ks_client)
+ password='password',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_client)
self.mock_ks_client.authenticate().AndReturn(auth_ok)
if method == 'trust':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
+ kc.Client(
auth_url='http://server.test:5000/v2.0',
password='verybadpass',
tenant_name='service',
-- username='heat')
+- username='heat').AndReturn(self.mock_ks_client)
+ username='heat',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_client)
self.mock_ks_client.authenticate(trust_id='atrust123',
tenant_id='test_tenant_id'
).AndReturn(auth_ok)
-@@ -81,7 +93,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
+@@ -95,8 +107,11 @@ class KeystoneClientTest(HeatTestCase):
+ kc_v3.Client(
token='abcd1234', project_name='test_tenant',
auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
+- endpoint='http://server.test:5000/v3').AndReturn(
+- self.mock_ks_v3_client)
+ endpoint='http://server.test:5000/v3',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_v3_client)
elif method == 'password':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
+ kc_v3.Client(
username='test_username',
-@@ -89,13 +105,21 @@ class KeystoneClientTest(HeatTestCase):
+@@ -104,15 +119,21 @@ class KeystoneClientTest(HeatTestCase):
project_name='test_tenant',
project_id='test_tenant_id',
auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
+- endpoint='http://server.test:5000/v3').AndReturn(
+- self.mock_ks_v3_client)
+ endpoint='http://server.test:5000/v3',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_v3_client)
elif method == 'trust':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
+ kc_v3.Client(
username='heat',
password='verybadpass',
project_name='service',
-- auth_url='http://server.test:5000/v3')
+- auth_url='http://server.test:5000/v3').AndReturn(
+- self.mock_ks_v3_client)
+ auth_url='http://server.test:5000/v3',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_v3_client)
self.mock_ks_v3_client.authenticate().AndReturn(auth_ok)
def test_username_length(self):
+@@ -242,10 +263,15 @@ class KeystoneClientTest(HeatTestCase):
+ class MockTrust(object):
+ id = 'atrust123'
+
+- self._stub_admin_client()
+-
++ self.m.StubOutClassWithMocks(heat_keystoneclient.kc, "Client")
++ mock_admin_client = heat_keystoneclient.kc.Client(
++ auth_url=mox.IgnoreArg(),
++ username='heat',
++ password='verybadpass',
++ tenant_name='service')
++ mock_admin_client.auth_ref = self.m.CreateMockAnything()
++ mock_admin_client.auth_ref.user_id = '1234'
+ self._stubs_v3()
+-
+ self.mock_ks_v3_client.auth_ref = self.m.CreateMockAnything()
+ self.mock_ks_v3_client.auth_ref.user_id = '5678'
+ self.mock_ks_v3_client.auth_ref.project_id = '42'
--
1.8.3.2
+++ /dev/null
-From 467adeb3dc9a89aa6b39780b83196501d5c31ea7 Mon Sep 17 00:00:00 2001
-From: Serg Melikyan <smelikyan@mirantis.com>
-Date: Tue, 12 Nov 2013 14:33:17 +0400
-Subject: [PATCH] Adds ability to configure SSL params for clients used by the Heat
-
----
- etc/heat/heat.conf.sample | 169 ++++++++++++++++++++++++++++++++++++
- heat/common/config.py | 32 ++++++-
- heat/common/heat_keystoneclient.py | 18 ++++
- heat/engine/clients.py | 50 +++++++++--
- heat/tests/test_heatclient.py | 36 ++++++--
- 5 files changed, 291 insertions(+), 14 deletions(-)
-
-diff --git a/etc/heat/heat.conf.sample b/etc/heat/heat.conf.sample
-index 1444f9b..376c98e 100644
---- a/etc/heat/heat.conf.sample
-+++ b/etc/heat/heat.conf.sample
-@@ -724,3 +724,172 @@
- #password=<None>
-
-
-+[clients_swift]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+
-+[clients_cinder]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients_nova]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients_ceilometer]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients_neutron]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+
-+[clients_keystone]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-diff --git a/heat/common/config.py b/heat/common/config.py
-index 82b4ca5..155d4f4 100644
---- a/heat/common/config.py
-+++ b/heat/common/config.py
-@@ -1,4 +1,3 @@
--
- # vim: tabstop=4 shiftwidth=4 softtabstop=4
-
- #
-@@ -18,6 +17,7 @@
- Routines for configuring Heat
- """
-
-+import copy
- import logging as sys_logging
- import os
-
-@@ -134,6 +134,35 @@ auth_password_opts = [
- 'multi_cloud is enabled. At least one endpoint needs '
- 'to be specified.'))]
-
-+clients_opts = [
-+ cfg.StrOpt('ca_file',
-+ help=_('Optional CA cert file to use in SSL connections')),
-+ cfg.StrOpt('cert_file',
-+ help=_('Optional PEM-formatted certificate chain file')),
-+ cfg.StrOpt('key_file',
-+ help=_('Optional PEM-formatted file that contains the '
-+ 'private key')),
-+ cfg.BoolOpt('insecure',
-+ default=False,
-+ help=_("If set then the server's certificate will not "
-+ "be verified")),
-+ cfg.StrOpt('endpoint_type',
-+ default='publicURL',
-+ help=_('Endpoint type'))]
-+
-+
-+def register_clients_opts():
-+ cfg.CONF.register_opts(clients_opts, group='clients')
-+ for client in ('nova', 'swift', 'neutron', 'cinder',
-+ 'ceilometer', 'keystone'):
-+ client_specific_group = 'clients_' + client
-+ # register opts copy and put it to globals in order to
-+ # generate_sample.sh to work
-+ opts_copy = copy.deepcopy(clients_opts)
-+ globals()[client_specific_group + '_opts'] = opts_copy
-+ cfg.CONF.register_opts(opts_copy, group=client_specific_group)
-+
-+
- cfg.CONF.register_opts(db_opts)
- cfg.CONF.register_opts(engine_opts)
- cfg.CONF.register_opts(service_opts)
-@@ -142,6 +171,7 @@ cfg.CONF.register_group(paste_deploy_group)
- cfg.CONF.register_opts(paste_deploy_opts, group=paste_deploy_group)
- cfg.CONF.register_group(auth_password_group)
- cfg.CONF.register_opts(auth_password_opts, group=auth_password_group)
-+register_clients_opts()
-
-
- def rpc_set_default():
-diff --git a/heat/common/heat_keystoneclient.py b/heat/common/heat_keystoneclient.py
-index 8fb13f7..8099ef2 100644
---- a/heat/common/heat_keystoneclient.py
-+++ b/heat/common/heat_keystoneclient.py
-@@ -100,6 +100,10 @@ class KeystoneClient(object):
- logger.error("Keystone v2 API connection failed, no password or "
- "auth_token!")
- raise exception.AuthorizationFailure()
-+ kwargs['cacert'] = self._get_client_option('ca_file')
-+ kwargs['insecure'] = self._get_client_option('insecure')
-+ kwargs['cert'] = self._get_client_option('cert_file')
-+ kwargs['key'] = self._get_client_option('key_file')
- client_v2 = kc.Client(**kwargs)
-
- client_v2.authenticate(**auth_kwargs)
-@@ -161,12 +165,26 @@ class KeystoneClient(object):
- "auth_token!")
- raise exception.AuthorizationFailure()
-
-+ kwargs['cacert'] = self._get_client_option('ca_file')
-+ kwargs['insecure'] = self._get_client_option('insecure')
-+ kwargs['cert'] = self._get_client_option('cert_file')
-+ kwargs['key'] = self._get_client_option('key_file')
-+
- client = kc_v3.Client(**kwargs)
- # Have to explicitly authenticate() or client.auth_ref is None
- client.authenticate()
-
- return client
-
-+ def _get_client_option(self, option):
-+ try:
-+ cfg.CONF.import_opt(option, 'heat.common.config',
-+ group='clients_keystone')
-+ return getattr(cfg.CONF.clients_keystone, option)
-+ except (cfg.NoSuchGroupError, cfg.NoSuchOptError):
-+ cfg.CONF.import_opt(option, 'heat.common.config', group='clients')
-+ return getattr(cfg.CONF.clients, option)
-+
- def create_trust_context(self):
- """
- If cfg.CONF.deferred_auth_method is trusts, we create a
-diff --git a/heat/engine/clients.py b/heat/engine/clients.py
-index 6deae5b..a9475f7 100644
---- a/heat/engine/clients.py
-+++ b/heat/engine/clients.py
-@@ -103,12 +103,16 @@ class OpenStackClients(object):
- 'service_type': service_type,
- 'username': None,
- 'api_key': None,
-- 'extensions': extensions
-+ 'extensions': extensions,
-+ 'cacert': self._get_client_option('nova', 'ca_file'),
-+ 'insecure': self._get_client_option('nova', 'insecure')
- }
-
- client = novaclient.Client(1.1, **args)
-
-- management_url = self.url_for(service_type=service_type)
-+ management_url = self.url_for(
-+ service_type=service_type,
-+ endpoint_type=self._get_client_option('nova', 'endpoint_type'))
- client.client.auth_token = self.auth_token
- client.client.management_url = management_url
-
-@@ -133,7 +137,12 @@ class OpenStackClients(object):
- 'key': None,
- 'authurl': None,
- 'preauthtoken': self.auth_token,
-- 'preauthurl': self.url_for(service_type='object-store')
-+ 'preauthurl': self.url_for(
-+ service_type='object-store',
-+ endpoint_type=self._get_client_option(
-+ 'swift', 'endpoint_type')),
-+ 'cacert': self._get_client_option('swift', 'ca_file'),
-+ 'insecure': self._get_client_option('swift', 'insecure')
- }
- self._swift = swiftclient.Connection(**args)
- return self._swift
-@@ -153,7 +162,12 @@ class OpenStackClients(object):
- 'auth_url': con.auth_url,
- 'service_type': 'network',
- 'token': self.auth_token,
-- 'endpoint_url': self.url_for(service_type='network')
-+ 'endpoint_url': self.url_for(
-+ service_type='network',
-+ endpoint_type=self._get_client_option(
-+ 'neutron', 'endpoint_type')),
-+ 'ca_cert': self._get_client_option('neutron', 'ca_file'),
-+ 'insecure': self._get_client_option('neutron', 'insecure')
- }
-
- self._neutron = neutronclient.Client(**args)
-@@ -176,11 +190,16 @@ class OpenStackClients(object):
- 'auth_url': con.auth_url,
- 'project_id': con.tenant,
- 'username': None,
-- 'api_key': None
-+ 'api_key': None,
-+ 'cacert': self._get_client_option('cinder', 'ca_file'),
-+ 'insecure': self._get_client_option('cinder', 'insecure')
- }
-
- self._cinder = cinderclient.Client('1', **args)
-- management_url = self.url_for(service_type='volume')
-+ management_url = self.url_for(
-+ service_type='volume',
-+ endpoint_type=self._get_client_option(
-+ 'cinder', 'endpoint_type'))
- self._cinder.client.auth_token = self.auth_token
- self._cinder.client.management_url = management_url
-
-@@ -201,7 +220,14 @@ class OpenStackClients(object):
- 'service_type': 'metering',
- 'project_id': con.tenant,
- 'token': lambda: self.auth_token,
-- 'endpoint': self.url_for(service_type='metering'),
-+ 'endpoint': self.url_for(
-+ service_type='metering',
-+ endpoint_type=self._get_client_option(
-+ 'ceilometer', 'endpoint_type')),
-+ 'ca_file': self._get_client_option('ceilometer', 'ca_file'),
-+ 'cert_file': self._get_client_option('ceilometer', 'cert_file'),
-+ 'key_file': self._get_client_option('ceilometer', 'key_file'),
-+ 'insecure': self._get_client_option('ceilometer', 'insecure')
- }
-
- client = ceilometerclient.Client(**args)
-@@ -209,6 +235,15 @@ class OpenStackClients(object):
- self._ceilometer = client
- return self._ceilometer
-
-+ def _get_client_option(self, client, option):
-+ try:
-+ group_name = 'clients_' + client
-+ cfg.CONF.import_opt(option, 'heat.common.config',
-+ group=group_name)
-+ return getattr(getattr(cfg.CONF, group_name), option)
-+ except (cfg.NoSuchGroupError, cfg.NoSuchOptError):
-+ cfg.CONF.import_opt(option, 'heat.common.config', group='clients')
-+ return getattr(cfg.CONF.clients, option)
-
- if cfg.CONF.cloud_backend:
- cloud_backend_module = importutils.import_module(cfg.CONF.cloud_backend)
-@@ -217,3 +252,4 @@ else:
- Clients = OpenStackClients
-
- logger.debug('Using backend %s' % Clients)
-+
-diff --git a/heat/tests/test_heatclient.py b/heat/tests/test_heatclient.py
-index 7e195dc..712ffa5 100644
---- a/heat/tests/test_heatclient.py
-+++ b/heat/tests/test_heatclient.py
-@@ -51,7 +51,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_client = heat_keystoneclient.kc.Client(
- auth_url=mox.IgnoreArg(),
- tenant_name='test_tenant',
-- token='abcd1234')
-+ token='abcd1234',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_client.authenticate().AndReturn(auth_ok)
- elif method == 'password':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
-@@ -59,14 +63,22 @@ class KeystoneClientTest(HeatTestCase):
- tenant_name='test_tenant',
- tenant_id='test_tenant_id',
- username='test_username',
-- password='password')
-+ password='password',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_client.authenticate().AndReturn(auth_ok)
- if method == 'trust':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
- auth_url='http://server.test:5000/v2.0',
- password='verybadpass',
- tenant_name='service',
-- username='heat')
-+ username='heat',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_client.authenticate(trust_id='atrust123',
- tenant_id='test_tenant_id'
- ).AndReturn(auth_ok)
-@@ -81,7 +93,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
- token='abcd1234', project_name='test_tenant',
- auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
-+ endpoint='http://server.test:5000/v3',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- elif method == 'password':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
- username='test_username',
-@@ -89,13 +105,21 @@ class KeystoneClientTest(HeatTestCase):
- project_name='test_tenant',
- project_id='test_tenant_id',
- auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
-+ endpoint='http://server.test:5000/v3',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- elif method == 'trust':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
- username='heat',
- password='verybadpass',
- project_name='service',
-- auth_url='http://server.test:5000/v3')
-+ auth_url='http://server.test:5000/v3',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_v3_client.authenticate().AndReturn(auth_ok)
-
- def test_username_length(self):
---
-1.7.9.5
-
--- /dev/null
+Author: Adam Gandelman <adamg@ubuntu.com>
+Date: Wed Dec 18 10:06:25 PST 2013
+Subject: Reverts stable/havana version bumps to requirements.txt
+
+Reverts various version bumps to dependencies in stable/havana that
+were updated in global requirements to fix gating issues and synced
+across projects.
+
+Index: heat/requirements.txt
+===================================================================
+--- heat.orig/requirements.txt 2013-12-18 10:28:05.383258337 -0800
++++ heat/requirements.txt 2013-12-18 10:29:32.755257546 -0800
+@@ -3,12 +3,12 @@
+ eventlet>=0.13.0
+ greenlet>=0.3.2
+ httplib2
+-iso8601>=0.1.8
++iso8601>=0.1.4
+ kombu>=2.4.8
+ argparse
+ lxml>=2.3
+ netaddr
+-six>=1.4.1
++six
+ sqlalchemy-migrate>=0.7.2
+ python-novaclient>=2.15.0
+ PasteDeploy>=1.5.0
+@@ -22,5 +22,5 @@
+ python-cinderclient>=1.0.6
+ PyYAML>=3.1.0
+ paramiko>=1.8.0
+-Babel>=1.3
++Babel>=0.9.6
+ oslo.config>=1.2.0
+revert-stable-havana-requirements.patch
default-sqlite.patch
Ability-to-configure-various-clients-used-by-the-Heat.patch
Allow-Address-Pairs-feature.patch
-From 4510d7e7f427ac4b0770832108641a5048624332 Mon Sep 17 00:00:00 2001
+From a1fbe8742861d9ff50302b97570107ccef425fe5 Mon Sep 17 00:00:00 2001
From: Jeff Peeler <jpeeler@redhat.com>
Date: Wed, 8 May 2013 12:27:35 -0400
Subject: [PATCH] Switch to using M2Crypto
This patch uses M2Crypto instead of PyCrypto to perform encryption
and decryption of user authentication information.
-
---
+ heat/common/crypt.py | 18 +++++++++++-------
+ requirements.txt | 2 +-
+ 2 files changed, 12 insertions(+), 8 deletions(-)
+
diff --git a/heat/common/crypt.py b/heat/common/crypt.py
-index 81b4c92..01fa353 100644
+index 81b4c92..2619b31 100644
--- a/heat/common/crypt.py
+++ b/heat/common/crypt.py
@@ -14,7 +14,7 @@
+ op=0) # 0 is decode
+ res = cipher.update(auth[16:]) + cipher.final()
return res
-diff --git a/tools/pip-requires b/tools/pip-requires
-index 06795f9..091168c 100644
+diff --git a/requirements.txt b/requirements.txt
+index 97cc244..65c5734 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,5 @@
eventlet>=0.13.0
greenlet>=0.3.2
httplib2
---
-1.8.1.4
-
+From 72be41f138c2515ea3eabcc7487daa569a6d83ec Mon Sep 17 00:00:00 2001
+From: Jeff Peeler <jpeeler@redhat.com>
+Date: Mon, 14 Oct 2013 14:30:34 -0400
+Subject: [PATCH] remove pbr runtime dependency
+
+---
+ heat/version.py | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
diff --git a/heat/version.py b/heat/version.py
index a717606..8ea213a 100644
--- a/heat/version.py
-diff --git a/heat/common/__init__.py b/heat/common/__init__.py
-index e8e4035..0db8b7e 100644
---- a/heat/common/__init__.py
-+++ b/heat/common/__init__.py
-@@ -12,3 +12,36 @@
- # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
- # License for the specific language governing permissions and limitations
- # under the License.
+From cef08c6f737b5aac8d811080cdbd70a2c10e0896 Mon Sep 17 00:00:00 2001
+From: Jeff Peeler <jpeeler@redhat.com>
+Date: Tue, 2 Apr 2013 18:08:48 -0400
+Subject: [PATCH] Adjust to handle parallel installed packages
+
+---
+ heat/__init__.py | 33 +++++++++++++++++++++++++++++++++
+ 1 file changed, 33 insertions(+)
+
+diff --git a/heat/__init__.py b/heat/__init__.py
+index 57e2d0f..d9df4ce 100644
+--- a/heat/__init__.py
++++ b/heat/__init__.py
+@@ -19,3 +19,36 @@ from heat.openstack.common import gettextutils
+
+
+ gettextutils.install('heat')
+
+import sys
+import pkg_resources
-From ac190f0da6ce367cc833b92677266e7bbf7e2270 Mon Sep 17 00:00:00 2001
-From: Timur Sufiev <tsufiev@mirantis.com>
-Date: Thu, 5 Dec 2013 19:46:28 +0400
+From d5cd4a1e6077d538f7b5ba61b0d98673ef610d9d Mon Sep 17 00:00:00 2001
+From: Igor Yozhikov <iyozhikov@mirantis.com>
+Date: Fri, 16 May 2014 14:09:05 +0400
Subject: [PATCH] Adds ability to configure various clients used by the Heat
This commit adds config sections [clients_nova], [clients_swift],
Closes-Bug: #1213122
Implements: blueprint clients-ssl-options
Ported from: icehouse.
+
---
etc/heat/heat.conf.sample | 182 ++++++++++++++++++++++++++++++++++---
heat/common/config.py | 28 +++++-
heat/common/heat_keystoneclient.py | 17 ++++
heat/engine/clients.py | 30 +++++-
- heat/tests/test_heatclient.py | 36 ++++++--
- 5 files changed, 268 insertions(+), 25 deletions(-)
+ heat/tests/test_heatclient.py | 50 +++++++---
+ 5 files changed, 276 insertions(+), 31 deletions(-)
diff --git a/etc/heat/heat.conf.sample b/etc/heat/heat.conf.sample
-index 1444f9b..20dadd3 100644
+index d464840..8fa413d 100644
--- a/etc/heat/heat.conf.sample
+++ b/etc/heat/heat.conf.sample
-@@ -473,6 +473,43 @@
+@@ -482,6 +482,43 @@
#matchmaker_heartbeat_ttl=600
[ssl]
#
-@@ -568,6 +605,104 @@
+@@ -577,6 +614,104 @@
#api_paste_config=api-paste.ini
[rpc_notifier2]
#
-@@ -683,29 +818,26 @@
- #workers=0
+@@ -710,29 +845,26 @@
+ #max_header_line=16384
-[auth_password]
[matchmaker_redis]
-@@ -724,3 +856,25 @@
+@@ -751,3 +883,25 @@
#password=<None>
if cfg.CONF.cloud_backend:
cloud_backend_module = importutils.import_module(cfg.CONF.cloud_backend)
diff --git a/heat/tests/test_heatclient.py b/heat/tests/test_heatclient.py
-index 7e195dc..712ffa5 100644
+index 0196324..d4003d0 100644
--- a/heat/tests/test_heatclient.py
+++ b/heat/tests/test_heatclient.py
-@@ -51,7 +51,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_client = heat_keystoneclient.kc.Client(
+@@ -67,7 +67,11 @@ class KeystoneClientTest(HeatTestCase):
+ kc.Client(
auth_url=mox.IgnoreArg(),
tenant_name='test_tenant',
-- token='abcd1234')
+- token='abcd1234').AndReturn(self.mock_ks_client)
+ token='abcd1234',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_client)
self.mock_ks_client.authenticate().AndReturn(auth_ok)
elif method == 'password':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
-@@ -59,14 +63,22 @@ class KeystoneClientTest(HeatTestCase):
+ kc.Client(
+@@ -75,14 +79,22 @@ class KeystoneClientTest(HeatTestCase):
tenant_name='test_tenant',
tenant_id='test_tenant_id',
username='test_username',
-- password='password')
+- password='password').AndReturn(self.mock_ks_client)
+ password='password',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_client)
self.mock_ks_client.authenticate().AndReturn(auth_ok)
if method == 'trust':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
+ kc.Client(
auth_url='http://server.test:5000/v2.0',
password='verybadpass',
tenant_name='service',
-- username='heat')
+- username='heat').AndReturn(self.mock_ks_client)
+ username='heat',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_client)
self.mock_ks_client.authenticate(trust_id='atrust123',
tenant_id='test_tenant_id'
).AndReturn(auth_ok)
-@@ -81,7 +93,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
+@@ -95,8 +107,11 @@ class KeystoneClientTest(HeatTestCase):
+ kc_v3.Client(
token='abcd1234', project_name='test_tenant',
auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
+- endpoint='http://server.test:5000/v3').AndReturn(
+- self.mock_ks_v3_client)
+ endpoint='http://server.test:5000/v3',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_v3_client)
elif method == 'password':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
+ kc_v3.Client(
username='test_username',
-@@ -89,13 +105,21 @@ class KeystoneClientTest(HeatTestCase):
+@@ -104,15 +119,21 @@ class KeystoneClientTest(HeatTestCase):
project_name='test_tenant',
project_id='test_tenant_id',
auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
+- endpoint='http://server.test:5000/v3').AndReturn(
+- self.mock_ks_v3_client)
+ endpoint='http://server.test:5000/v3',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_v3_client)
elif method == 'trust':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
+ kc_v3.Client(
username='heat',
password='verybadpass',
project_name='service',
-- auth_url='http://server.test:5000/v3')
+- auth_url='http://server.test:5000/v3').AndReturn(
+- self.mock_ks_v3_client)
+ auth_url='http://server.test:5000/v3',
+ cacert=None,
+ cert=None,
+ insecure=False,
-+ key=None)
++ key=None).AndReturn(self.mock_ks_v3_client)
self.mock_ks_v3_client.authenticate().AndReturn(auth_ok)
def test_username_length(self):
+@@ -242,10 +263,15 @@ class KeystoneClientTest(HeatTestCase):
+ class MockTrust(object):
+ id = 'atrust123'
+
+- self._stub_admin_client()
+-
++ self.m.StubOutClassWithMocks(heat_keystoneclient.kc, "Client")
++ mock_admin_client = heat_keystoneclient.kc.Client(
++ auth_url=mox.IgnoreArg(),
++ username='heat',
++ password='verybadpass',
++ tenant_name='service')
++ mock_admin_client.auth_ref = self.m.CreateMockAnything()
++ mock_admin_client.auth_ref.user_id = '1234'
+ self._stubs_v3()
+-
+ self.mock_ks_v3_client.auth_ref = self.m.CreateMockAnything()
+ self.mock_ks_v3_client.auth_ref.user_id = '5678'
+ self.mock_ks_v3_client.auth_ref.project_id = '42'
--
1.8.3.2
+++ /dev/null
-From 467adeb3dc9a89aa6b39780b83196501d5c31ea7 Mon Sep 17 00:00:00 2001
-From: Serg Melikyan <smelikyan@mirantis.com>
-Date: Tue, 12 Nov 2013 14:33:17 +0400
-Subject: [PATCH] Adds ability to configure SSL params for clients used by the Heat
-
----
- etc/heat/heat.conf.sample | 169 ++++++++++++++++++++++++++++++++++++
- heat/common/config.py | 32 ++++++-
- heat/common/heat_keystoneclient.py | 18 ++++
- heat/engine/clients.py | 50 +++++++++--
- heat/tests/test_heatclient.py | 36 ++++++--
- 5 files changed, 291 insertions(+), 14 deletions(-)
-
-diff --git a/etc/heat/heat.conf.sample b/etc/heat/heat.conf.sample
-index 1444f9b..376c98e 100644
---- a/etc/heat/heat.conf.sample
-+++ b/etc/heat/heat.conf.sample
-@@ -724,3 +724,172 @@
- #password=<None>
-
-
-+[clients_swift]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+
-+[clients_cinder]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients_nova]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients_ceilometer]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+[clients_neutron]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-+
-+
-+[clients_keystone]
-+
-+#
-+# Options defined in heat.common.config
-+#
-+
-+# Optional CA cert file to use in SSL connections (string
-+# value)
-+#ca_file=<None>
-+
-+# Optional PEM-formatted certificate chain file (string value)
-+#cert_file=<None>
-+
-+# Optional PEM-formatted file that contains the private key
-+# (string value)
-+#key_file=<None>
-+
-+# If set then the server's certificate will not be verified
-+# (boolean value)
-+#insecure=false
-+
-+# Endpoint type
-+#endpoint_type=publicURL
-diff --git a/heat/common/config.py b/heat/common/config.py
-index 82b4ca5..155d4f4 100644
---- a/heat/common/config.py
-+++ b/heat/common/config.py
-@@ -1,4 +1,3 @@
--
- # vim: tabstop=4 shiftwidth=4 softtabstop=4
-
- #
-@@ -18,6 +17,7 @@
- Routines for configuring Heat
- """
-
-+import copy
- import logging as sys_logging
- import os
-
-@@ -134,6 +134,35 @@ auth_password_opts = [
- 'multi_cloud is enabled. At least one endpoint needs '
- 'to be specified.'))]
-
-+clients_opts = [
-+ cfg.StrOpt('ca_file',
-+ help=_('Optional CA cert file to use in SSL connections')),
-+ cfg.StrOpt('cert_file',
-+ help=_('Optional PEM-formatted certificate chain file')),
-+ cfg.StrOpt('key_file',
-+ help=_('Optional PEM-formatted file that contains the '
-+ 'private key')),
-+ cfg.BoolOpt('insecure',
-+ default=False,
-+ help=_("If set then the server's certificate will not "
-+ "be verified")),
-+ cfg.StrOpt('endpoint_type',
-+ default='publicURL',
-+ help=_('Endpoint type'))]
-+
-+
-+def register_clients_opts():
-+ cfg.CONF.register_opts(clients_opts, group='clients')
-+ for client in ('nova', 'swift', 'neutron', 'cinder',
-+ 'ceilometer', 'keystone'):
-+ client_specific_group = 'clients_' + client
-+ # register opts copy and put it to globals in order to
-+ # generate_sample.sh to work
-+ opts_copy = copy.deepcopy(clients_opts)
-+ globals()[client_specific_group + '_opts'] = opts_copy
-+ cfg.CONF.register_opts(opts_copy, group=client_specific_group)
-+
-+
- cfg.CONF.register_opts(db_opts)
- cfg.CONF.register_opts(engine_opts)
- cfg.CONF.register_opts(service_opts)
-@@ -142,6 +171,7 @@ cfg.CONF.register_group(paste_deploy_group)
- cfg.CONF.register_opts(paste_deploy_opts, group=paste_deploy_group)
- cfg.CONF.register_group(auth_password_group)
- cfg.CONF.register_opts(auth_password_opts, group=auth_password_group)
-+register_clients_opts()
-
-
- def rpc_set_default():
-diff --git a/heat/common/heat_keystoneclient.py b/heat/common/heat_keystoneclient.py
-index 8fb13f7..8099ef2 100644
---- a/heat/common/heat_keystoneclient.py
-+++ b/heat/common/heat_keystoneclient.py
-@@ -100,6 +100,10 @@ class KeystoneClient(object):
- logger.error("Keystone v2 API connection failed, no password or "
- "auth_token!")
- raise exception.AuthorizationFailure()
-+ kwargs['cacert'] = self._get_client_option('ca_file')
-+ kwargs['insecure'] = self._get_client_option('insecure')
-+ kwargs['cert'] = self._get_client_option('cert_file')
-+ kwargs['key'] = self._get_client_option('key_file')
- client_v2 = kc.Client(**kwargs)
-
- client_v2.authenticate(**auth_kwargs)
-@@ -161,12 +165,26 @@ class KeystoneClient(object):
- "auth_token!")
- raise exception.AuthorizationFailure()
-
-+ kwargs['cacert'] = self._get_client_option('ca_file')
-+ kwargs['insecure'] = self._get_client_option('insecure')
-+ kwargs['cert'] = self._get_client_option('cert_file')
-+ kwargs['key'] = self._get_client_option('key_file')
-+
- client = kc_v3.Client(**kwargs)
- # Have to explicitly authenticate() or client.auth_ref is None
- client.authenticate()
-
- return client
-
-+ def _get_client_option(self, option):
-+ try:
-+ cfg.CONF.import_opt(option, 'heat.common.config',
-+ group='clients_keystone')
-+ return getattr(cfg.CONF.clients_keystone, option)
-+ except (cfg.NoSuchGroupError, cfg.NoSuchOptError):
-+ cfg.CONF.import_opt(option, 'heat.common.config', group='clients')
-+ return getattr(cfg.CONF.clients, option)
-+
- def create_trust_context(self):
- """
- If cfg.CONF.deferred_auth_method is trusts, we create a
-diff --git a/heat/engine/clients.py b/heat/engine/clients.py
-index 6deae5b..a9475f7 100644
---- a/heat/engine/clients.py
-+++ b/heat/engine/clients.py
-@@ -103,12 +103,16 @@ class OpenStackClients(object):
- 'service_type': service_type,
- 'username': None,
- 'api_key': None,
-- 'extensions': extensions
-+ 'extensions': extensions,
-+ 'cacert': self._get_client_option('nova', 'ca_file'),
-+ 'insecure': self._get_client_option('nova', 'insecure')
- }
-
- client = novaclient.Client(1.1, **args)
-
-- management_url = self.url_for(service_type=service_type)
-+ management_url = self.url_for(
-+ service_type=service_type,
-+ endpoint_type=self._get_client_option('nova', 'endpoint_type'))
- client.client.auth_token = self.auth_token
- client.client.management_url = management_url
-
-@@ -133,7 +137,12 @@ class OpenStackClients(object):
- 'key': None,
- 'authurl': None,
- 'preauthtoken': self.auth_token,
-- 'preauthurl': self.url_for(service_type='object-store')
-+ 'preauthurl': self.url_for(
-+ service_type='object-store',
-+ endpoint_type=self._get_client_option(
-+ 'swift', 'endpoint_type')),
-+ 'cacert': self._get_client_option('swift', 'ca_file'),
-+ 'insecure': self._get_client_option('swift', 'insecure')
- }
- self._swift = swiftclient.Connection(**args)
- return self._swift
-@@ -153,7 +162,12 @@ class OpenStackClients(object):
- 'auth_url': con.auth_url,
- 'service_type': 'network',
- 'token': self.auth_token,
-- 'endpoint_url': self.url_for(service_type='network')
-+ 'endpoint_url': self.url_for(
-+ service_type='network',
-+ endpoint_type=self._get_client_option(
-+ 'neutron', 'endpoint_type')),
-+ 'ca_cert': self._get_client_option('neutron', 'ca_file'),
-+ 'insecure': self._get_client_option('neutron', 'insecure')
- }
-
- self._neutron = neutronclient.Client(**args)
-@@ -176,11 +190,16 @@ class OpenStackClients(object):
- 'auth_url': con.auth_url,
- 'project_id': con.tenant,
- 'username': None,
-- 'api_key': None
-+ 'api_key': None,
-+ 'cacert': self._get_client_option('cinder', 'ca_file'),
-+ 'insecure': self._get_client_option('cinder', 'insecure')
- }
-
- self._cinder = cinderclient.Client('1', **args)
-- management_url = self.url_for(service_type='volume')
-+ management_url = self.url_for(
-+ service_type='volume',
-+ endpoint_type=self._get_client_option(
-+ 'cinder', 'endpoint_type'))
- self._cinder.client.auth_token = self.auth_token
- self._cinder.client.management_url = management_url
-
-@@ -201,7 +220,14 @@ class OpenStackClients(object):
- 'service_type': 'metering',
- 'project_id': con.tenant,
- 'token': lambda: self.auth_token,
-- 'endpoint': self.url_for(service_type='metering'),
-+ 'endpoint': self.url_for(
-+ service_type='metering',
-+ endpoint_type=self._get_client_option(
-+ 'ceilometer', 'endpoint_type')),
-+ 'ca_file': self._get_client_option('ceilometer', 'ca_file'),
-+ 'cert_file': self._get_client_option('ceilometer', 'cert_file'),
-+ 'key_file': self._get_client_option('ceilometer', 'key_file'),
-+ 'insecure': self._get_client_option('ceilometer', 'insecure')
- }
-
- client = ceilometerclient.Client(**args)
-@@ -209,6 +235,15 @@ class OpenStackClients(object):
- self._ceilometer = client
- return self._ceilometer
-
-+ def _get_client_option(self, client, option):
-+ try:
-+ group_name = 'clients_' + client
-+ cfg.CONF.import_opt(option, 'heat.common.config',
-+ group=group_name)
-+ return getattr(getattr(cfg.CONF, group_name), option)
-+ except (cfg.NoSuchGroupError, cfg.NoSuchOptError):
-+ cfg.CONF.import_opt(option, 'heat.common.config', group='clients')
-+ return getattr(cfg.CONF.clients, option)
-
- if cfg.CONF.cloud_backend:
- cloud_backend_module = importutils.import_module(cfg.CONF.cloud_backend)
-@@ -217,3 +252,4 @@ else:
- Clients = OpenStackClients
-
- logger.debug('Using backend %s' % Clients)
-+
-diff --git a/heat/tests/test_heatclient.py b/heat/tests/test_heatclient.py
-index 7e195dc..712ffa5 100644
---- a/heat/tests/test_heatclient.py
-+++ b/heat/tests/test_heatclient.py
-@@ -51,7 +51,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_client = heat_keystoneclient.kc.Client(
- auth_url=mox.IgnoreArg(),
- tenant_name='test_tenant',
-- token='abcd1234')
-+ token='abcd1234',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_client.authenticate().AndReturn(auth_ok)
- elif method == 'password':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
-@@ -59,14 +63,22 @@ class KeystoneClientTest(HeatTestCase):
- tenant_name='test_tenant',
- tenant_id='test_tenant_id',
- username='test_username',
-- password='password')
-+ password='password',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_client.authenticate().AndReturn(auth_ok)
- if method == 'trust':
- self.mock_ks_client = heat_keystoneclient.kc.Client(
- auth_url='http://server.test:5000/v2.0',
- password='verybadpass',
- tenant_name='service',
-- username='heat')
-+ username='heat',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_client.authenticate(trust_id='atrust123',
- tenant_id='test_tenant_id'
- ).AndReturn(auth_ok)
-@@ -81,7 +93,11 @@ class KeystoneClientTest(HeatTestCase):
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
- token='abcd1234', project_name='test_tenant',
- auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
-+ endpoint='http://server.test:5000/v3',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- elif method == 'password':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
- username='test_username',
-@@ -89,13 +105,21 @@ class KeystoneClientTest(HeatTestCase):
- project_name='test_tenant',
- project_id='test_tenant_id',
- auth_url='http://server.test:5000/v3',
-- endpoint='http://server.test:5000/v3')
-+ endpoint='http://server.test:5000/v3',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- elif method == 'trust':
- self.mock_ks_v3_client = heat_keystoneclient.kc_v3.Client(
- username='heat',
- password='verybadpass',
- project_name='service',
-- auth_url='http://server.test:5000/v3')
-+ auth_url='http://server.test:5000/v3',
-+ cacert=None,
-+ cert=None,
-+ insecure=False,
-+ key=None)
- self.mock_ks_v3_client.authenticate().AndReturn(auth_ok)
-
- def test_username_length(self):
---
-1.7.9.5
-
. /etc/rc.d/init.d/functions
-prog=heat-api-cfn
-exec="/usr/bin/$prog"
+prog=openstack-heat-api-cfn
+exec="/usr/bin/heat-api-cfn"
config="/etc/heat/heat.conf"
pidfile="/var/run/heat/$prog.pid"
. /etc/rc.d/init.d/functions
-prog=heat-api-cloudwatch
-exec="/usr/bin/$prog"
+prog=openstack-heat-api-cloudwatch
+exec="/usr/bin/heat-api-cloudwatch"
config="/etc/heat/heat.conf"
pidfile="/var/run/heat/$prog.pid"
. /etc/rc.d/init.d/functions
-prog=heat-api
-exec="/usr/bin/$prog"
+prog=openstack-heat-api
+exec="/usr/bin/heat-api"
config="/etc/heat/heat.conf"
pidfile="/var/run/heat/$prog.pid"
. /etc/rc.d/init.d/functions
-prog=heat-engine
-exec="/usr/bin/$prog"
+prog=openstack-heat-engine
+exec="/usr/bin/heat-engine"
config="/etc/heat/heat.conf"
pidfile="/var/run/heat/$prog.pid"
Name: openstack-heat
Summary: OpenStack Orchestration (heat)
-Version: 2013.2
-Release: 1.0%{?dist}
+Version: 2013.2.3
+Release: 1.1%{?dist}
License: ASL 2.0
Group: System Environment/Base
URL: http://www.openstack.org
Source5: openstack-heat-api-cloudwatch.init
Source20: heat-dist.conf
-Patch0: switch-to-using-m2crypto.patch
-Patch1: remove-pbr-runtime-dependency.patch
+#
+# patches_base=2013.2.3
+#
+Patch0001: 0001-Switch-to-using-M2Crypto.patch
+Patch0002: 0002-remove-pbr-runtime-dependency.patch
+Patch0003: 0003-Adjust-to-handle-parallel-installed-packages.patch
# EPEL specific patch, not upstream
-Patch100: heat-newdeps.patch
Patch200: Ability-to-configure-various-clients-used-by-the-Heat.patch
-Patch300: Allow-Address-Pairs-feature.patch
+Patch300: Allow-Address-Pairs-feature.patch
BuildArch: noarch
BuildRequires: git
%prep
%setup -q -n %{full_release}
-%patch0 -p1
-%patch1 -p1
-%patch100 -p1
+
+%patch0001 -p1
+%patch0002 -p1
+%patch0003 -p1
%patch200 -p1
%patch300 -p1
-
sed -i s/REDHATHEATVERSION/%{version}/ heat/version.py
sed -i s/REDHATHEATRELEASE/%{release}/ heat/version.py
Requires: python-paste-deploy1.5
Requires: python-routes1.12
Requires: python-sqlalchemy0.7
-Requires: python-webob1.2
+Requires: python-webob
Requires(pre): shadow-utils
%changelog
+* Mon Apr 7 2014 Jeff Peeler <jpeeler@redhat.com> 2013.2.3-1.1
+- update to 2013.2.3
+
+* Wed Feb 19 2014 Jeff Peeler <jpeeler@redhat.com> 2013.2.2-1
+- update to 2013.2.2
+
+* Fri Jan 03 2014 Pádraig Brady <pbrady@redhat.com> 2013.2.1-2
+- Fix heat-manage to work with parallel installed packages
+
+* Mon Dec 16 2013 Jeff Peeler <jpeeler@redhat.com> 2013.2.1-1
+- update to 2013.2.1
+
* Thu Oct 17 2013 Jeff Peeler <jpeeler@redhat.com> 2013.2-1
- update to havana final
Code Review / openstack-build / heat-build.git / commitdiff