openstack/swift - swift - OpenDev: Free Software Needs Free Tools

This patch updates the overview_encryption page to add a
`Changing the encryption root secret of external KMS's` section
to point out the slight difference in naming. I.E:
 key_id_<secret_id> vs. encryption_root_secret_<secret_id>
This patch refers to both multikey support in the KMIP and KMS
key masters, so really should land after both of them.
Related-Change-Id: Ie52508e47d15ec5c4e96902d3c9f5f282d275683
Related-Change-Id: I4f485dcb31e5bea511c4e539c54681091fc5bb1c
Change-Id: Ie4cd8ae038501c8abc43d09cf0b207ca375a4366

Now that the trivial keymaster supports multiple keys, let's not
forget about the KMS/Barbican keymaster. Additional keys are
configured as:
 key_id_<secret_id> = <KMS unique identifier>
As with the trivial keymaster, the key to use for PUTs and POSTs is
specified with:
 active_root_secret_id = <secret_id>
Change-Id: I4f485dcb31e5bea511c4e539c54681091fc5bb1c

get_hub function was added in commit b155da42 with the idea to bypass
eventlet automatic hub selection that prefers epoll if available by default.
Since version 0.20.0 eventlet removed select.poll() function in its patched
select module (eventlet.green.select), see:
 - https://github.com/eventlet/eventlet/commit/614a20462
So if eventlet monkey patching is done before a get_hub() call (as now in
wsgi.py since commit c9410c7d) if we use 'import select' we get the eventlet
version that don't have poll attribute.
To prevent that we use eventlet.patcher.original function to get python select
module to test if poll() is available on current platform.
Change-Id: I69b3db3951b3d3b6583845978deb2883492e7f0f
Closes-Bug: 1804627

Change-Id: Ic680a11fa3133b3d6f3fa6fa007ccfbeb540899a

This got away from me a bit with the functional tests masquerading as
unit tests.
Change-Id: I1237c02eff96e53fff8f9661a2d85c4695b73371

This is to add missing ws seperator between words, usually
in log messages.
Change-Id: I6b88fab428b93def77632f9aed29fc2de4380b0d

When computing the base-64 encoded continuation token, s3Api should
UTF-8 encode the object names.
Change-Id: I3f3edc17e05e7c1e7c6afec66973179e51c7d9d8

Change-Id: I03f05c0f7683ded756f19b50243af2108aae7b3e

Previously, we'd even url-quote ETags, leading to weird things like
 <ETag>%22a27a822070b843ed6407f4f38afdaa20%22</ETag>
in listings, where those '%22's should be double quotes.
Change-Id: I0f5e0e410c8297a4898caae00c196fa3b3862100

Fix the typo 'a' to 'an' in test_diskfile.py
Change-Id: I26332766e76b4f0b728e0e7a41fa75afae2517a8

Fix typo in test_auditor.py
Change-Id: I23a95d251bf034a41f2d6aaf825b9a29fadf39c4

We still don't have support for toggling S3 bucket versioning, but we
can at least support getting the latest versions of all objects.
See https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETVersion.html
for more information about the API. Note that the returned format is
distinct from both "GET Bucket (List Objects) Version 1" and "GET Bucket
(List Objects) Version 2" APIs.
Change-Id: Ic57c273a3d5d7cdc34ca3a03e35e99b202a0bb01

Using "python setup.py check -r -s" method of checking the package has
been deprecated with the new recommendation to build the sdist and
wheel, then running "twine check" against the output.
Luckily, there is already a job that covers this that only runs when the
README, setup.py, or setup.cfg files change, making running this in the
pep8 job redundant. This covered by the test-release-openstack-python3
that is defined in the publish-to-pypi-python3 template.
More details can be found in this mailing list post:
http://lists.openstack.org/pipermail/openstack-dev/2018-October/136136.html
Change-Id: I6ff57e0146da44ec736cfe7a61d45dd31ea65b90

Change-Id: Ia2662d8f75883e1cc41b9277c65f8b771f56f902

I'm tired of creating code churn where I just slap
 .decode("nearly arbitrary choice of encoding")
in a bunch of places.
Change-Id: I79b2bc59fed130ca537e96c1074212861d7db6b8

The commands used by constraints need at least tox 2.3.2. Update to
reflect reality, which should help with local running of constraints
targets.
Change-Id: I0051938d70bdb3060981e8ce1cd2a72ca8d292ff

Change-Id: Ib00193b62c1f35b06a93f261bd6cb0d2f9167b86

Previously, we'd sometimes shove strings into HASH_PATH_PREFIX or
HASH_PATH_SUFFIX, which would blow up on py3. Now, always use bytes.
Change-Id: Icab9981e8920da505c2395eb040f8261f2da6d2e

Change-Id: I196fc4212b5405c410c9bfb850cd0d4737094c47

As long as the reconstructor collects parts from all policies each job
must be considered to have it's storage policy index and we can't use
global state for policy specific headers. It's good hygiene to avoid
mutating the global state regardless.
Under load with multiple policies we observed essentially empty handoff
parts "re-appearing" on nodes until adding these changes.
Closes-Bug: #1671180
Change-Id: Id0e5f2743e05d81da7b26b2f05c90ba3c68e4d72

Some tests make use of multiple accounts without checking of they have
been set up. This commit tries to fix some of these situations.
Change-Id: I461679e78e19ce0866c7618c581a8cb573cca7f5

Most daemons have a "go as fast as you can then sleep for 30 seconds"
strategy towards resource utilization; the object-updater and
object-auditor however have some "X_per_second" options that allow
operators much better control over how they spend their I/O budget.
This change extends that pattern into the account-replicator,
container-replicator, and container-sharder which have been known to peg
CPUs when they're not IO limited.
Partial-Bug: #1784753
Change-Id: Ib7f2497794fa2f384a1a6ab500b657c624426384

Change-Id: Iaba8abb81dec792ee92e3715ecc459b57755fcae

Change-Id: Ia431d20e1132cc139ac067d66d5d1626ec07117f

Change-Id: Id5988887f01532b27c3888a126764524d2466011

Change-Id: Ie5264af0bf2a8d557489c597c3fdc5728e69c6e8