openstack/swift - swift - OpenDev: Free Software Needs Free Tools

By setting the TZ environment variable for the WSGI process we avoid
the stat("/etc/localtime") on every request handled that logs using
strftime().
Change-Id: Ifc78236a99ed193a42389e383d062b38f57a5a31
Signed-off-by: Peter Portante <peter.portante@redhat.com>

Follow-on to https://review.openstack.org/#/c/28895/
Moved the tests for the code that was moved to obj.base and also made
the new test file flake8 compliant.
Change-Id: I4be718927b6cd2de8efe32f8e54b458a4e05291b

Autocreate was messy - now cleaned.
Auto-create now occurs at account POST, and container PUT only.
A method for autocreation was added
Autocreation was removed from account_info and container_info.
Fake-it as if the account exists on account HEAD and account GET.
Return 404 on everything else when the account does not exist.
Fix: Bug #1172223
Fix: Bug #1179140
Change-Id: Iac54c1438eb09883fbc29a1ad2ac2245b95efc92

While it is true that one *could* call ContainerBroker.get_info() with
include_metadata=True, it is also true that nobody actually does.
It's also true that the code path taken when include_metadata=True is
broken in the case of non-ASCII metadata keys
(e.g. X-Container-Meta-☃: snowman), so leaving it around is just
asking for future pain.
Change-Id: I4931add4b8fb7c4f57820e52f182c21040d8db10

Encode metadata key as utf8 if key is unicode when
retriving it from sqlite database.
Change-Id: I4ba11543d1bed17098b5e52dd768c75b403188a1
Fixes: bug #1172202 

All the other methods (POST, GET, HEAD, DELETE and REPLICATE) first
validate the REST parameters and headers before performing the mount
check. Do the same for PUT.
Change-Id: I6e5f34cc65b57662b7f88224ca0e1501787e0f43
Signed-off-by: Peter Portante <peter.portante@redhat.com>

With the container quota middleware on, if you made a request similar to the
following one you'd get a 500 response.
curl -i -X PUT -H 'X-Auth-Token: token'
http://127.0.0.1:8080/v1/AUTH_testhttp://something/something_else
(Note the double url.)
This was due to a mismatch in how split_path() was called in the middleware and
in the get_container_info().
This change fixes that mismatch and the bug.
Change-Id: Ie42ab585b942b7201e13b02a0c706532952aac60

Enhance internally logged messages to report referer and user-agent.
Pass the referering URL and METHOD between internal servers (when
known), and set the user-agent to be the server type (obj-server,
container-server, proxy-server, obj-updater, obj-replicator,
container-updater, direct-client, etc.) with the process PID. In
conjunction with the transaction ID, it helps to track down which PID
from a given system was responsible for initiating the request and
what that server was working on to make this request.
This has been helpful in tracking down interactions between object,
container and account servers.
We also take things a bit further performaing a bit of refactoring to
consolidate calls to transfer_headers() now that we have a helper
method for constructing them.
Finally we performed further changes to avoid header key duplication
due to string literal header key values and the various objects
representing headers for requests and responses. See below for more
details.
====
Header Keys
There seems to be a bit of a problem with the case of the various
string literals used for header keys and the interchangable way
standard Python dictionaries, HeaderKeyDict() and HeaderEnvironProxy()
objects are used.
If one is not careful, a header object of some sort (one that does not
normalize its keys, and that is not necessarily a dictionary) can be
constructed containing header keys which differ only by the case of
their string literals. E.g.:
 { 'x-trans-id': '1234', 'X-Trans-Id': '5678' }
Such an object, when passed to http_connect() will result in an
on-the-wire header where the key values are merged together, comma
separated, that looks something like:
 HTTP_X_TRANS_ID: 1234,5678
For some headers in some contexts, this is behavior is desirable. For
example, one can also use a list of tuples which enumerate the multiple
values a single header should have.
However, in almost all of the contexts used in the code base, this is
not desirable.
This behavior arises from a combination of factors:
 1. Header strings are not constants and different lower-case and
 title-case header strings values are used interchangably in the
 code at times
 It might be worth the effort to make a pass through the code to
 stop using string literals and use constants instead, but there
 are plusses and minuses to doing that, so this was not attempted
 in this effort
 2. HeaderEnvironProxy() objects report their keys in ".title()"
 case, but normalize all other key references to the form
 expected by the Request class's environ field
 swob.Request.headers fields are HeaderEnvironProxy() objects.
 3. HeaderKeyDict() objects report their keys in ".lower()" case,
 and normalize all other key references to ".lower()" case
 swob.Response.headers fields are HeaderKeyDict() objects.
Depending on which object is used and how it is used, one can end up
with such a mismatch.
This commit takes the following steps as a (PROPOSED) solution:
 1. Change HeaderKeyDict() to normalize using ".title()" case to
 match HeaderEnvironProxy()
 2. Replace standard python dictionary objects with HeaderKeyDict()
 objects where possible
 This gives us an object that normalizes key references to avoid
 fixing the code to normalize the string literals.
 3. Fix up a few places to use title case string literals to match
 the new defaults
Change-Id: Ied56a1df83ffac793ee85e796424d7d20f18f469
Signed-off-by: Peter Portante <peter.portante@redhat.com>

This will be needed in future replication work to avoid circular
imports.
I used swift.obj.base as the module name just because we seemed to
avoid putting code in __init__.py files so far and I didn't want to
buck the trend.
I would love to see other obj things like *_metadata and DiskFile
move into swift.obj.base as well and swift.obj.server just be the
WSGI server logic, but I'll leave that for the future.
I have changed the tests as little as possible (just the references
to where they get the code to test) to show the refactor has not
broken anything. I did add a test for tpool_reraise since there was
none before.
There will be a follow on patch for moving the tests to their new
location(s). I figured I'd wait to put the bikes in the shed until
everyone's done painting it.
Change-Id: I32b4ac88be21eb76c877d3f4cc1e6ac33304835b

The crossdomain doc was named *.xml instead of *.rst causing it to not
get built or included in the toctree where it was supposed to.
The apache deployment guide wasn't linked to from anywhere, so I added
it under the normal deployment guide.
Change-Id: I817a1f2ca1ed7913e8ea5155cc1fac07caf0b637

When swift-bench is run in direct mode, don't try to delete the
containers which weren't created.
Fixes bug 1177960.
Change-Id: Ice07e8729bb776e2b215894cf95fb80b64167a8d

Change-Id: I8ea0ff86518d453597faae44ec3918298e2d5147

This allows users to rotate their TempURL keys without invalidating
all existing signed URLs. This is handy if you have multiple systems
generating signed URLs, but you want to change your keys for some
reason (e.g. keys compromised, company policy, general paranoia).
Both the first and second keys are optional, so existing accounts'
signed URLs will continue to work as before.
This commit does change the memcache key used to store the fetched
TempURL keys. This is because we were storing the old key as a string
in memcached, but the new one is a list of keys. Since the key cache
lifetime here is only 60 seconds, it doesn't seem like too big a deal
to completely flush the TempURL cache.
Also, this commit adds caching of a negative TempURL result. If the
account HEAD reveals no TempURL keys at all, that result is now stored
for 60 seconds the same way that a positive result would be.
Change-Id: I40a02bd607283fbce11aa52a9bb8a5846ab17f5e

Change-Id: I431cac1e9818a335ff8d20288ab6acf39d6b6d5e

Currently if you have a container with objects named
x/y and x0 and you use delimiter=/ in your query, x0
will be excluded from the results. This patch resolves
this problem.
To replicate the original issue, create a container
called 'test' with the following objects:
x/y
x0
x1
Then do a GET with 'accnt/test?delimiter=/' and the
following is returned:
x/
x1
i.e. x0 is missing from output.
Change-Id: If196e3075612b121ef8da4a9128167d00a248c27

dnspython was added recently to the list of requirments.
This patch completes the change:
1. The new requirement is documented
2. The need for tox --recreate is documented
(assuming there is no way to automate 2 above)
Change-Id: I49f0cb4b01b79dd7cf4329984a2f8416378ebe19
Fixes: Bug #1176627 

It already skips IPv4 addresses, and since IPv6 is the future of the
Internet*, we should probably do the right thing with those too.
* IPv6: Just two years away for over fifteen years!
Change-Id: I54f1db4e936fd38d05ac8b5c709efba76525b9d2

cname_lookup cannot resolve IP addresses as CNAME records, and therefore
should not attempt to resolve the host in that case. The middleware is
skipped when the host is an IP address.
Change-Id: I6961ec205e771116ace1ebcb8c088f3116eb38f0
Fixes: bug #1172289 

Broke this out into a separate commit since adding five characters
caused a few lines to get re-wrapped, adding more diffs.
See John's comment from Patch Set #3 for the motivation for this
change in review https://review.openstack.org/27149.
Change-Id: I1edf2cb468dcda0b781569161ada6e4016c1141c
Signed-off-by: Peter Portante <peter.portante@redhat.com>

Before when iterating using this object, the call to the underlying file object
was made without a chunk_size. This is bad because this would cause the entire
contents of the file to be read.
Change-Id: I9956e5d2d693a6260252fff331d4f78f70179a6c

Change-Id: I3d4a31111c3044da06611405ce80f208ef8a0ce3

Forgot to update dicts with changeset I4a89afad, which updated lists.
Change-Id: Ieca71b9c90ee5dae83a43f6851b6b8b2924bcb8e
Fixes: bug 1174809

Addressing bug 1174809, changes use of mutable lists as as default
arguments and defaults them within the function. Otherwise, those
defaults can be unexpectedly persisted with the function between
invocations and erupt into mass hysteria on the streets.
To my knowledge there aren't known cases of the current use causing
specific issues, but even stylistically needs addressing to avoid
problems in the future. I couldn't find any comments or related
historical commit messages indicating the current use is meant to take
advantage of this behavior in Python.
Change-Id: I4a89afada08b2ce220724f585631a9e2072bf1bd
Fixes: bug 1174809

Allow Swift daemons and servers to optionally accept a directory as the
configuration parameter. Directory based configuration leverages
ConfigParser's native multi-file support. Files ending in '.conf' in the
given directory are parsed in lexicographical order. Filenames starting with
'.' are ignored. A mixture of file and directory configuration paths is not
supported - if the configuration path is a file behavior is unchanged.
 * update swift-init to search for conf.d paths when building servers
 (e.g. /etc/swift/proxy-server.conf.d/)
 * new script swift-config can be used to inspect the cumulative configuration
 * pull a little bit of code out of run_wsgi and test separately
 * fix example config bug for the proxy servers client_disconnect option
 * added section on directory based configuration to deployment guide
DocImpact
Implements: blueprint confd
Change-Id: I89b0f48e538117f28590cf6698401f74ef58003b

Including the time inside the trans_id can be very useful for knowing
which logs to scan. I made this so the trans_id will still be the
same length (the randomness of the remaining uuid4 should be enough
for this use). I also added a convenience function for retreiving the
time information from a trans_id.
If you're wondering why I just didn't use uuid1 that embeds the time,
it's because it also embeds uuid.getnode() which "The first time this
runs, it may launch a separate program, which could be quite slow."
We could supply our own getnode value, but then we have to guarantee
its uniqueness, yada yada yada.
Change-Id: Ie33caf1e839fd1a21b01a928a8b301126bef7396