This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393



Change-Id: I568123c93c32cb224628c4a8371a9a0e7c19cf67
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>

Change-Id: I2e8599555571539e2befb5842e83ca81454fb150

This commit add a new user guide about how a service
developer can easily integrate oslo_limit and use
Keystone unified limit system.

Change-Id: I415fdef757e5f78f1c201c32489bc00a1f3cebd0

Switch to openstackdocstheme 2.2.1 and reno 3.1.0 versions. Using
these versions will allow especially:
* Linking from HTML to PDF document
* Allow parallel building of documents
* Fix some rendering problems

Update Sphinx version as well.

Remove doc requirments from lower-constraints, they are not used for
install. Remove also hacking, the version is ancient and not needed
there either.

openstackdocstheme renames some variables, so follow the renames. A
couple of variables are also not needed anymore, remove them.

Set openstackdocs_auto_name to use project as name.

Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.

See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html

Change-Id: I5ec9dda8582f55fc0b287c422d5c43ad2e23b9b8

Python modules related to coding style checks (listed in blacklist.txt in
openstack/requirements repo) are dropped from lower-constraints.txt
as they are not actually used in tests (other than pep8).

more info: https://github.com/openstack/requirements/blob/master/blacklist.txt

Change-Id: I9360028e96dd2b99fee1e31ebf9645e44e845d5f

These translation sections are not needed anymore, Babel can
generate translation files without them.

Change-Id: I18696d80bad13d2f3e31ed1ad8f046fb9a202e16

Related to:
- https://review.opendev.org/#/c/723044/
- https://governance.openstack.org/tc/goals/selected/ussuri/project-ptl-and-contrib-docs.html

Change-Id: I6e02e68b689176a1a5e6adff0f32adf79ec473cf

Change-Id: Ie3794ae02083f5b1fc2026d9189e7ded399b9bda

This is an automatically generated patch to ensure unit testing
is in place for all the of the tested runtimes for victoria.

See also the PTI in governance [1].

[1]: https://governance.openstack.org/tc/reference/project-testing-interface.html

Change-Id: I5b9f15bb2a8f90938f682cc9589357619799bfd0

Add file to the reno documentation build to show release notes for
stable/ussuri.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/ussuri.

Change-Id: I28d813d853e7961adcf617e452769b64f9e7eccc
Sem-Ver: feature

Update to hacking 3.0.

Change-Id: I688ac4aea53d783ff8ae585d42efd8acab067f85

The repo is Python 3 now, so update hacking to version 2.0 which
supports Python 3.

Blacklist: W504 line break after binary operator

Change-Id: I7ca780a2cff32031c562482b804888e5d49712c1

Now that we no longer support py27, we can use the standard library
unittest.mock module instead of the third party mock lib.

Change-Id: I0d2b84e2ed627481118151b36386014ed0930452
Signed-off-by: Sean McGinnis <sean.mcginnis@gmail.com>

Update the minversion parameter to use the python -m pip to install
python packages:

https://tox.readthedocs.io/en/latest/changelog.html#id185

It's recommend to use this. Remove the useless install_command
parameter.

Change-Id: Ic5c0f747c8d579ce3369635b67cdbf2d134c175d

Change-Id: Ifde690d7e5f59fc95533bc97d513d6aa6c432599

Change-Id: I40bb06d1d445d8eb8281f421a94d7dead2a89872

For further reading:
http://lists.openstack.org/pipermail/openstack-discuss/2020-February/012606.html

Change-Id: I44cb645bd118c17e1f067cb617dbce845dacd5c6

Change-Id: I1bda5a8ccc9df040bf88df6bf8f428b6502f4542

OpenStack is dropping the py2.7 support in Ussuri cycle.

Complete discussion & schedule can be found in
-
http://lists.openstack.org/pipermail/openstack-discuss/2019-October/010142.html
- https://etherpad.openstack.org/p/drop-python2-support

Ussuri Communtiy-wide goal:
https://governance.openstack.org/tc/goals/selected/ussuri/drop-py27.html

Change-Id: Ie48c796b6c83b42c85555d13a09f3b3ed96428f8
Sem-Ver: api-break

move 'basepython' to the top-level 'testenv'

Change-Id: I197d6486a3b126f616ffe2f7e3e669d922a1e337

We know we want to have some level of functional testing to verify
enforcement models. This commit uses one approach to add a base
devstack job to oslo.limit's .zuul.conf so that we have a minimal-ish
installation to configure with limits and write actual integration and
functional tests against.

Change-Id: I50c41805b8e196fdaf20c95e9aa687b98c369a57

Taking the Nova work as an example, looking to add a basic flat enforcer
that meets Nova's needs.

The user of the Enforce provides a callback. You can see an example of
the callback in the unit tests:

  def fake_callback(project_id, resources):
    return {
      "a": 5,
      "b": 10,
      "c": 0,
    }

In the code where you want to check if you increase the amount of
resources that are being consumed, you can make this call:

   enforcer = limit.Enforcer(fake_callback)
   enforcer.enforce(project_id, {"a": 5})

The enforce function looks up the limits that apply for the given
project_id, uses the callback to count the current usage. The proposed
usage is then calculated be adding the delta and the current usage
together. This is compared to any limits that apply.

If you later want to check if you have races that mean you are
over your limit, you can do this call:

   enforcer.enforce(project_id, {'a': 0})

Summary of key design points:

* single set of logic to enforce limits shared between all projects
  that adopt unified limits

* interface should work for both flat and strict-two-level enforcement

* it is assumed that oslo.limit will control which type of enforcement
  is being applied

* callback lists all resources that need counting
  for the given project_id, in Nova this helps limit
  the number of API calls made to placement

* allows to check if proposed additional usage means you are over
  your limit, and also double check if the current usages means
  you are over quota

* if the code is checking a resource where you do not have a
  registered limit, we default to a limit of zero, i.e. no
  resources can be created unless you set that registered limit
  There will be an appropriate warning logged to help the operator
  understand what needs to be setup in keystone.

This builds on various previous prototypes from:
Co-Authored-By: Lance <Bragstad&lt;lbragstad@gmail.com>
Co-Authored-By: wangxiyuan <wangxiyuan@huawei.com>

Change-Id: I294a922ea80af673291c991f07a4a203f25c289d

For a given resource find out the current limits for the project.
If there are no per project limits look up the registered limits
that act as a default for when there are no project limits.

Future patches will look at comparing these limits with the current and
proposed resource usage to enforce the limits.

Change-Id: Ia5ced4a46833b194f397ac936b99b0c9573b50d1
Co-Authored-By: wangxiyuan <wangxiyuan1007@gmail.com>
Co-Authored-By: Lance Bragstad <lbragstad@gmail.com>

The enforcer needs to be able to determine which model to use and pass
information to it. This commit sets the model attribute on the
enforcer, adds a method to determine which model to use, and
defines a basic interface for enforcement models to use.

Change-Id: Id03d361b702c2ee0811f37ad23bb2b9a3171b1f7
Co-Authored-By: wangxiyuan <wangxiyuan1007@gmail.com>
Co-Authored-By: Lance Bragstad <lbragstad@gmail.com>
Co-Authored-By: John Garbutt <john.garbutt@stackhpc.com>

This commit pulls the ksa-specific logic from a previous attempt:

  Ibc35360dd4a952bbe63ee68ddafd5def0608949d

Subsequent patches will use this connection to query unified limit
information out of keystone.

Change-Id: Iae45df091e98904fd6a30db9923b141279fb2cc0
Co-Authored-By: wangxiyuan <wangxiyuan1007@gmail.com>

Sphinx 1.8 introduced [1] the '--keep-going' argument which, as its name
suggests, keeps the build running when it encounters non-fatal errors.
This is exceptionally useful in avoiding a continuous edit-build loop
when undertaking large doc reworks where multiple errors may be
introduced.

[1] https://github.com/sphinx-doc/sphinx/commit/e3483e9b045

Change-Id: Ib1749e690c22663955985f0c3b718ed6223be223

Add file to the reno documentation build to show release notes for
stable/train.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/train.

Change-Id: I07dc249c5fdd264c40407b4d1e9fd3b0ea40f43c
Sem-Ver: feature

This is a mechanically generated patch to ensure unit testing is in place
for all of the Tested Runtimes for Train.

See the Train python3-updates goal document for details:
https://governance.openstack.org/tc/goals/train/python3-updates.html

Change-Id: I78d3a9c14f54dd38d834f99a33c41494fa22255b
Story: #2005924
Task: #34234

filter_resources doesn't make as much sense as resource_filters.
filter_resources almost sounds like a boolean, when the argument is
designed to contain a list of strings that represent resources to
filter.

Change-Id: Idc787052ac41744075d4a4860d06a3529fd271bb