This PS bumps up Airflow version to the latest
2.8.2 and also bumps up openstack dependences to
Antelope 2023.1
Change-Id: I61b5b39079f9c3360f5dfaafb1f961b629795c1c
This PS updates python modules and code to match Airflow 2.6.2:
- bionic py36 gates were removed
- python code corrected to match new modules versions
- selection of python modules versions was perfrmed based on
airflow-2.6.2 constraints
- postgresql image updated to 14.8
Change-Id: Ibdcc75e600166c20b842508aa5539587cca466f0
This PS implements the following changes:
- switches freeze approach to requirements-direct.txt and
requirements-frozen.txt files
- adjusts code tabulation style according to yapf recommendations
- replaces deprecated usage of responce.body attribute with
responce.text
- fixes integration tests in controlled by Makefile + tox
- uplifts Helm to v3.9.4
Change-Id: I751db72eb8f670825382f11a36657112faeb169a
- uplifted some python modules
- fixed tox4 requirements
- added focal build node as a default one
- added bindep.txt and bindep role to playbooks and docker image build process
- changes Makefile to reflect GoLang and dependency management changes
- upgraded Helm to v3 for chart build process
- uplifted postgresql version to 14.6
- fixed deprecated falcon.API - replaced with falcon.APP
- fixed upstream docker image publishing process
Change-Id: I307d72bb7680f6f5c71e42ad30666cf786420460
Patch PyYAML (via the pylibyaml library) to automatically enable the
LibYAML parser and emitter, which are faster than the Python versions.
https://pypi.org/project/pylibyaml/
Change-Id: Iaddc0f30ed99b1f9a999f5365e9e8bf43349b82f
When pip is upgraded to 20.3, the pip dependency resolver is much more
strict and will no longer install a combination of packages that is mutually
inconsistent[0].
These changes account for the fact that Shipyard imports Armada, Drydock,
Promenade, and Deckhand. Having said that, with pip 20.3, the pip
packages amongst those projects cannot conflict. A follow-up change may
be needed if more conflicts are found.
[0] https://pip.pypa.io/en/latest/user_guide/#changes-to-the-pip-dependency-resolver-in-20-2-2020
Change-Id: I89c6dc728824f00f964c794142766012c407c4ed
Automatic security alerts were created for pyyaml==3.12 and
requests==2.19.1 suggesting these packages be upgraded to 2.20.0 and
5.1 respectively.
Vulnerabilities addressed:
CVE-2018-18074 on requests package
CVE-2017-18342 on PyYAML package
Change-Id: Iff5bc11d60c2724fef0bb8b2552e17573c79dc9f
Signed-off-by: Alexander Hughes <Alexander.Hughes@pm.me>
With Ubuntu bionic base image for drydock docker image, uwsig crashes
with segmentation fault when it tries to load/import the psycopg2 package.
The reason for this is that uwsgi and psycopg2 packages are built with
incopatible ssl libraries.
Upgrading uwsgi and psycopg2 to address this issue for bionic based
images.
Change-Id: I3d0bfb96c19849f5c2925366f8712bf47985df67
This patch implements Refish as new OOB driver for Drydock.
All the existing Drydock Orchestrator actions are implemented.
Change-Id: I31d653fb41189a18c34cfafb0f490ca4f4d661b5
The attempted rollback to 1.0.44 still showed instability
in controlling baremetal. This rolls all the way back to the version
used prior to the upgrade.
Change-Id: If8cb8580043575eb68510ca00a2cb19e881ae76e
- Pyghmi 1.0.44 uses pycrypto 2.6.1 which has an open CVE
against it.
- Updating Pyghmi to 1.1.0+ to absorb the change to cryptography
breaks functionality in all testing against baremetal IPMI
interfaces.
- This reversion has minimal risk because the only usage of pycrypto
in Drydock is via the Pyghmi library to initiate connections to
server IPMI interfaces. Arbitrary user input is not used for any
pycrypto arguments.
- This is a temporary solution, longterm Drydock will move away from
Pyghmi - either to a different IPMI library or to no IPMI support
and instead using Redfish.
Change-Id: Ie5cd021528f61a3a2c04b156bf60b94b8f42dd5c
- Updating pyghmi to 1.2.x to fix a vulnerability in dependency
pycrypto caused the baremetal gates to fail. Backing off to 1.1.0
does fix the pycrypto issue, but hopefully reverts the functionality
failure
Change-Id: Ie4927fc974b059c643ba32530ed5f3287726480b
The version of pyghmi being used depends on a vulnerable pycrypto
version. Updating to the latest, which depends on cryptography.
This also updates the `freeze` tox job to recreate to ensure proper
updating of the lockfile.
Change-Id: I4a7d82dc8bfad1609a5d5b4e663cf74266b7f6f0
Adding the baclient code to Drydock requires a refactor
of the build automation to support multiple languages
and multiple artifacts included in a single Docker image
NOTE: the go source here is a placeholder 'hello world' sample
Change-Id: I1b4883f018b33b3d4fcd7cbcb6cba660fcdc93de