Due to parallel development paths, the release note added for the fixes to
the secure-RBAC patches implied it was adding a new feature when in fact the
feature already existed.

Change-Id: Ia9a904403a2336cc9cd4645d918fc0ff64d5e871

This adds a check to validate if we need to
keep retrying the current action.

Change-Id: I4b2991499f33e65790388aea902a8b3e6023eb4e
(cherry picked from commit dc45a035)

Change-Id: I38efa22bb8b0de6fd9a70339e8044fea70080004
(cherry picked from commit 291558c3)

According to ITEF https://tools.ietf.org/html/rfc2181#section-8
the definition of the ttl value is unsigned integer and can have a
minimum value of 0. This patch changes the minimum value of 1 to allow
for 0. Unit test have also been modified accordingly.

Closes-Bug: #1926429
Change-Id: I7876b4c1e2c800b654ca750211ee2e58f3ea4309
(cherry picked from commit 6ac659d2)

This patch defines the situation where the import_zone exception handler
produces the message 'An undefined error occurred' to the exception during
the zone import where an underlying exception occurred from the rpc
dispatcher at the same time as a duplicate zone exception. Kiall Mac Innes
explains this in
https://opendev.org/openstack/designate/commit/2c9460505d07d0e46765a552b637e5a3296b667b
the problem here is in the way the _import_zone was written where
https://github.com/openstack/designate/commit/9b809a11b3068552274340606eb76d2217411b85
was written with threading.local, so it only works if it stays within the same
thread. Since _import_zone is created on a separate thread, the necessity to add
the decorator @rpc_expected_exceptions() at the top.

Closes-bug: #1950118
Closes-bug: #1964323
Change-Id: If7d50cbd4fa0ce86e0ddf03068da36acd7d72cb4
(cherry picked from commit d705c5d6)

Zuul is changing how queues are declared[1]. This patch updates Designate for the new way to define the queue.

[1] https://lists.zuul-ci.org/pipermail/zuul-discuss/2022-May/001801.html

Change-Id: I94324104a7ed89e757d48bb250d8b1132026ce46
(cherry picked from commit fe9fb45c)

This patch improves the quotas API validations and test coverage. Invalid quota settings will now be caught at the API/Central layer and not down in the storage layer(DB).

Closes-Bug: #1934596
Change-Id: I474bdd988a6cc3a9bcce1b65c2f49216dd85addf
(cherry picked from commit 38178c07)

Pip is pulling in unstrained dependencies during the "sibblings" package
install step. Normally this is fine as the dependencies have already been
installed and it's just installing the package under test. However, with
designate there are a lot of overlapping dependencies and pip will end up
reinstalling an unconstrained version. In this case it was Jinja2.

Change-Id: Ie49f99ba8e86913471ee6cd078f5afd28282c0f5
(cherry picked from commit 30a03e10)

This patch fixes an issue were deleting a zone transfer request with a scoped
token may fail.

Change-Id: I4522796ac056630c63798830e8f8d92628f14a37
(cherry picked from commit 6f847aeb)

Previously, if set-quotas was called with a non-project scoped token and the all-projects flag was not set, the quotas would be updated but the result returned
would always be the default quota values.
This patch changes the API to require the all-projects flag when set-quota is called and the token is not project scoped.

Closes-Bug: #1966128
Change-Id: I55ca76ef7c2cbeb5fdae1aed1dcbe58b7acddc34
(cherry picked from commit 158e017b)

Update the URL to the upper-constraints file to point to the redirect
rule on releases.openstack.org so that anyone working on this branch
will switch to the correct upper-constraints list automatically when
the requirements repository branches.

Until the requirements repository has as stable/yoga branch, tests will
continue to use the upper-constraints list on master.

Change-Id: I24d9480ae50dc9dfd39ae885f14b2074843faee7

Change-Id: Ic589933124f66d994c0c8b7fa409f619f192096f

When a new Bind9 is added to the pool, Designate will trigger 'modzone'
rndc command that will fail, unless zone is already present on the backend.

This change will first verify that the zone is present on the backend,
before an update attempt. If zone is not present - zone creation will be
triggered.

Closes-Bug: 1958409

Co-authored-by: Kiran Pawar <kinpaa@gmail.com>
Change-Id: I782bf38a68f24a2e7133ff2afad7c96e2ae6b7f0

This patch adds a new status value for floating ips called
inactive that is used to indicate if there is not a dns record
assosciated with a floating ip.

Partial-Bug: #1932026

Change-Id: Ieca3cb06b99ba4556f4e6e770f82ec594d1ab1b6

This patch updates Designate to be compatible with oslo.context>=4.0.0.
Oslo.context has removed support for "tenant" in the context.

Change-Id: I49ed7df40bdd2dfbdc4b21817b23e4e21c8ce400

Devstack is using poor settings when generating certificates when tls-proxy
is enabled[1]. These settings do not work at all on CentOS 9 Stream causing
devtack to fail[2].
This patch will make the CentOS 9 Stream job non-voting until devstack can be
fixed.

[1] https://opendev.org/openstack/devstack/src/branch/master/lib/tls#L304
[2] https://zuul.opendev.org/t/openstack/build/1d90b22a39c74e24a8390861b3c5f957/log/job-output.txt#5535

Change-Id: I9ea2bdb73854b10c155a44f6025f07b433d407c3

Adds new field check method DenyListFields to validate
the pattern string. in addition, check for a zero
length string as well.

Closes-Bug: #1934252
Change-Id: I2b69025fc11125bb73a4e0f8c0dedad951399cbf

This patch updates the grenade job to migrate from using Apache mod_wsgi
to using uwsgi for the Designate API when upgrading from Xena to Yoga.

It also splits out the wsgi devstack configuration into a library file.

Change-Id: Icf8ee4a8e7e2dff67257b0e5f82fbeab6cb7e0b8

This patch adds a message to OverQuota containing information
on the actual quota reached and fixes a minor visual bug
with QuotaResourceUnknown.

Change-Id: Ibd01f6ad3046ca29eec02032e9115183f89a6a4b

Closes-Bug: #1960764
Change-Id: Ib91e49081855e5f4ec9f46a060d1587dcfeaac29

Removed unnecessarily complex threading code.

Change-Id: If00b37e72dabd1bc66a78d9a832c3847c12f6692