ironic-inspector 10.10.0 release

meta:version: 10.10.0
meta:diff-start: -
meta:series: yoga
meta:release-type: release
meta:pypi: no
meta:first: no
meta:release:Author: Iury Gregory Melo Ferreira <iurygregory@gmail.com>
meta:release:Commit: Iury Gregory Melo Ferreira <iurygregory@gmail.com>
meta:release:Change-Id: Ia2329fdf6142ca6b4a2c91acec7675b0fbba4dc2
meta:release:Code-Review+2: Thierry Carrez <thierry@openstack.org>
meta:release:Code-Review+1: Riccardo Pittau <elfosardo@gmail.com>
meta:release:Code-Review+2: Elod Illes <elod.illes@est.tech>
meta:release:Workflow+1: Elod Illes <elod.illes@est.tech>

The systemd service named openstack-ironic-inspector-dnsmasq is a name
which was only ever used by TripleO and hasn't been used since before
Train when the services were containerized and the dnsmasq process
management was no longer handled by inspector at all.

This change removes this rootwrap rule as unused for some years. Any
configuration tool which is setting
[dnsmasq_pxe_filter]dnsmasq_start_command also needs to be writing an
appropriate rootwrap.d file, as the inspector devstack plugin does.

Change-Id: I38974faa8897daabf88ff63402d42a3ef93e675c

It turns out that eventlet has been injecting a
``Transfer-Encoding`` header as of recent into WSGI application
response headers. The result of this ultimately depends on how
the HTTP client which is passing the request to the server is
written to handle data.

Apache, for example, will return that an invalid response was
received. In part because it sees the request end, with an HTTP
204 response code, but also an encoding indicating there is
a multipart body encoding inbound. Which is confusing.

Other C based HTTP clients can have any number of reactions up to
and including disconnecting sessions. Curl, depending on the
headers present either returns success but notes body weirdness
or actually returns return code 18.

Python-Requests kind of has it a little worse, and we see this
with clients. With it, it tries to prepare a respones content
body based upon the presence of the header indicating there is
a body. But it blows up thinking there is more data to read on
the socket when there is not more data to read.

Regardless, all of this is an RFC7230 violation.

Neither Content-Length nor Transfer-Encoding should be on an HTTP
204 response. However, Content-Length is the lesser evil, and we
have a similar endpoing in Ironic which *does* explicitly get
returned with a zero length content-length, and does not
demonstrate such issues.

As such, in the interest of the lesser evils until Eventlet's evil
ways of header injection are remedied, we're explicitly going to
force a Content-Length header to be sent indicating a zero length
response.

For more information, please see: https://github.com/eventlet/eventlet/issues/746

Change-Id: I014cc65c79222f4d4d7c2b6ff11a76e56659340c

We have updated the yoga testing runtime to keep the
py36 testing.

- https://review.opendev.org/c/openstack/governance/+/820195

Unit tests job template is also updated to keep python
3.6 as a voting job. So with the py3.6 and py3.9 testing as voting
job template, we are keeping python 3.6, 3.7, 3.8, and 3.8 as
tested versions in the Yoga cycle.

- https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/820286

This commit re-add the python 3.6/3.7 versions in setup.cfg classifier.

Change-Id: I1600a9c56e85e8c6dcb68277f9d0e3396f92dac9

Change-Id: I3fcc7b473629803e57fb379a1946ca088f3d88e4

Yoga testing runtime has been updated with py38 and py39
as voting and removed the py36 testing. Unit tests update are
handled by the job template change in openstack-zuul-job and you
can see the updated jobs running in gate.

- https://review.opendev.org/c/openstack/openstack-zuul-jobs/+/818609

this commit updates the tested py versions in setup.cfg classifier.

[1] https://governance.openstack.org/tc/reference/runtimes/yoga.html

Change-Id: Idbc2a716eec5fd5710fc5ea493600a3519a37bdb

Also adds root=/dev/ram0 for the ramdisk initialization which seems
to be required with the switch to UEFI.

Depends-On: https://review.opendev.org/c/openstack/ironic/+/812167
Change-Id: I77aedafb121f9b8b009a424da11c82acca2216cd

This commit add support for state selector to the list introspection.

* ``GET /v1/introspection?state=[starting, waiting, processing,
                                 finished, error, reapplying,
				 enrolling]``

Story: 1625183
Task: 11350
Change-Id: I2c5222110487a08a4e7b1efbcbc5dc3d552fae3e

ironic-inspector 10.8.0 release

meta:version: 10.8.0
meta:diff-start: -
meta:series: xena
meta:release-type: release
meta:pypi: no
meta:first: no
meta:release:Author: Hervé Beraud <hberaud@redhat.com>
meta:release:Commit: Iury Gregory Melo Ferreira <iurygregory@gmail.com>
meta:release:Change-Id: Ic1ba6b8a0db76946cd84bb9d001020ddc74ad227
meta:release:Code-Review+2: Hervé Beraud <herveberaud.pro@gmail.com>
meta:release:Code-Review+2: Elod Illes <elod.illes@est.tech>
meta:release:Workflow+1: Elod Illes <elod.illes@est.tech>

This is an automatically generated patch to ensure unit testing
is in place for all the of the tested runtimes for yoga.

See also the PTI in governance [1].

[1]: https://governance.openstack.org/tc/reference/project-testing-interface.html

Change-Id: I6617d6025be66cd7d99c05dd5c0542acf6790dbc

Add file to the reno documentation build to show release notes for
stable/xena.

Use pbr instruction to increment the minor version number
automatically so that master versions are higher than the versions on
stable/xena.

Sem-Ver: feature
Change-Id: I09dd83c307547b7bfbd638942a4d5b9156337446

Inplicit execution was deprecated in SQLAlhcemy, version 1.4 doesn't
support and we need to convert to explicit[1]

[1] https://docs.sqlalchemy.org/en/14/changelog/migration_20.html#implicit-and-connectionless-execution-bound-metadata-removed

Change-Id: I4a780567fb92c32cf55c54e2e134df9456e36165

This change allows uses to enable the healthcheck middleware from
oslo.middleware in API pipeline, by setting the [healthcheck]/enabled
option. This middleware provides an API endpoint at /healthcheck path
which allows load balancers or monitoring applications to determine
a service is up using HTTP requests.

This change basically follows the same change merged in ironic[1] repo.

[1] 6f439414bdcef9fc02f844f475ec798d48d42558

Change-Id: Ic2ee2bca74ea2a5a0723ef54b10c531f77ea7b8d

Since we run inspector jobs in ironic gate, we need to
include `ironic/tests` in the irrelevant-files so
we don't run the jobs when there is only changes in unit tests.

Change-Id: I98757ab78716689355f70c7735480d4dc8e04320

ironic-inspector 10.7.0 release

meta:version: 10.7.0
meta:diff-start: -
meta:series: xena
meta:release-type: release
meta:pypi: no
meta:first: yes
meta:release:Author: Riccardo Pittau <elfosardo@gmail.com>
meta:release:Commit: Riccardo Pittau <elfosardo@gmail.com>
meta:release:Change-Id: Ib6733f0b1aa2e8cfb6f6e162591b5ba1fe56487b
meta:release:Code-Review+1: Dmitry Tantsur <dtantsur@protonmail.com>
meta:release:Code-Review+2: Elod Illes <elod.illes@est.tech>
meta:release:Code-Review+2: Thierry Carrez <thierry@openstack.org>
meta:release:Workflow+1: Thierry Carrez <thierry@openstack.org>

... to avoid warnings from the middleware about deprecated parameters.
Currently parameters of each auth plugin are not loaded in unit tests
so user credentials are not updated but just removed.

Change-Id: I6e420dac51ac8cf92eadb1c3a3d4716a96c22001

Some actions can fail due to the node being locked as part of
normal operations. This was previously handled silently by
python-ironicclient, but when inspector was changed to use
openstacksdk, this was no longer handled.

Adds the retry wrapper around critical path methods involving
power/reboot ops and node updates which require locks.

Change-Id: I3d26cf46da02b3e8f3f773c0aeaed6843e0f26e5
Story: 2009107
Task: 42966

The lower-constraints test was removed because of an issue where pip
could not correctly determine the required packages versions to install,
ending in an almost infinite loop that would end up in timeout, failure,
and general mayhem.
Recently the issue has been fixed and, if properly configured, the
lower-constraints test can provide good indication of which minimum
versions are required to support the current code.
This patch adds the test back to the current development branch, and it
runs only on master.
The lower-constraints file will stay in the future stable branches.

Change-Id: I2e247ff2d68705d04d40c7ea653a8d3e0daf17d8

Fix errors in unit tests

Change-Id: Ibc8648b64887daac6fb5ec8a6dd61d9312a52ef3

Update minimum required versions of python packages.
The updates is based on crosscheck requirements from required
packages:

oslo-policy 3.7.0 depends on oslo.context>=2.22.0

increase oslo-service version to be able to use eventlet 0.26.0
oslo-service 1.24.0 depends on eventlet!=0.18.3, !=0.20.1, <0.21.0 and >=0.18.2

increase oslo-log version to fix error:
AttributeError: type object 'deprecated' has no attribute 'WALLABY'

oslo-log 4.3.0 depends on oslo.serialization>=2.25.0
oslo-log 4.3.0 depends on pbr>=3.1.1
oslo-log 4.3.0 depends on oslo.i18n>=3.20.0

Change-Id: I20a5a20b94ffd27ea34f23ac89ca2826eb548b1a

This fix the below warning for DeprecatedRule:

Since 3.7.0, oslo policy started the DeprecationWarning[1] if
deprecated_reason and deprecated_since param are not passed
in DeprecatedRule or they are passed in RuleDefault object.

Andf suppress the policy deprecation and default change warnings

Oslo policy log warnings if defaults for policies are changed.
With new RBAC change every policy rules' default is changed,
which end up lot of warnings in logs. We can suppress these for now
until we are enforcing new defaults.

- https://zuul.opendev.org/t/openstack/build/5cefaef6d02a4b7abe3c449491b81e68/log/job-output.txt#879

[1] https://github.com/openstack/oslo.policy/blob/3.7.0/oslo_policy/policy.py#L1538

Change-Id: If481a5afc3b23d1d196ffd7576d0784a9702da59