openstack/swift - swift - OpenDev: Free Software Needs Free Tools

Test B109 was removed from bandit in release 1.5.0[1]
[1] - d93eed5492
Change-Id: I57ea610b924c2140b7572762c44cbc6510d0f549

Otherwise, users can create buckets in accounts they don't own.
Change-Id: I13d557c32b12529ef1087c52f7af302a33d33acb

On vanilla Swift, deleting an object that doesn't exist will 404.
On AWS, deleting a key that doesn't exist will either 404 if the bucket
doesn't exist (with a NoSuchBucket code) or 204 (because yep, that's not
accessible).
Change-Id: Ied2a78b56522316bb374f23961621641af3adc83
Related-Change: I6e154594dfda6c3065774c23b24f728625a842bc

It was actually testing the invalid-JSON handling before...
Change-Id: Ia8b5eaeb42fea5136525c80e67e8d33548c2a8df

Added healthcheck middleware to account, container, object servers
Added the s3api, keymaster, encryption config to the proxy config
file to make it easy to enable it.
Change-Id: I96f120c5bc416e9aba388cbfa6c30b648d6ade2f

For more information about this automatic import see:
https://docs.openstack.org/i18n/latest/reviewing-translation-import.html
Change-Id: I04d4c26b762ba3e1c540b0de95d293e77ad9add6

Change-Id: I3bce1c4efeb3a3a7319020de76ba7f06015a5a36

We don't support it yet, so return 501 Not Implemented.
Change-Id: Ie2f4bd1bfdb1bcbdf1a0f0db9d542b6057e9d2ec

...instead of just check jobs. While we're at it, drop the voting line;
it's voting by default.
Change-Id: I478a82bbac7ba19ed81aae1f5225ffc4e10fb2cb

We don't support it yet, so return 501 Not Implemented. Previously, we'd
store the aws-chunked content (!) and most clients would see it as data
corruption.
See https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
for more information.
Change-Id: I697962039667980ef89212bc480f8b1d3fbd718c

These files are imported (and very lightly edited) from the old
ocata user-guide. It has a few other swift-related docs that seemed
more duplacative of what we already have, but these seem to fill
existing gaps in our docs.
Change-Id: Ib00bf6992327f15f271120dc5dbc86a4a235baec

Change-Id: Ia420ac3f84284eab9d0a371e4d56be6e45994fae

I don't see why running `python setup.py sdist` should leave me
with a dirty checkout.
Change-Id: Id932780c2e555b77a0066c70641684c0ddfdd79e

This used to be necessary on older eventlet, or you'd get TypeErrors
when you went to reraise. Following eventlet 0.13.0, however, it's just
extra code.
For the original eventlet issue, see
https://web.archive.org/web/20140823005223/https://bitbucket.org/eventlet/eventlet/issue/149/yield-in-except-clause-with-wilcard-raise
Change-Id: I19ad0968a82827bdd4ef75fde9ed51f193627d6e
Related-Bug: 1181146

Change-Id: Iddc0f333861b6c1f81e181f006cd592b5eb6ea17

... instead of having KmipKeyMaster instantiate its own logger
inside of _get_root_secret.
Bonus: KmsKeyMaster uses its own log route now.
Bonus bonus: get rid of KmsKeyMaster's pointlessly-overriden
__init__ method.
Change-Id: Idb4b832e5ca0e3d749fe2c0b7ba283447a4dc69e

Create a tox environment for running the unit tests against the lower
bounds of the dependencies.
Create a lower-constraints.txt to be used to enforce the lower bounds
in those tests.
Add openstack-tox-lower-constraints job to the zuul configuration.
See http://lists.openstack.org/pipermail/openstack-dev/2018-March/128352.html
for more details.
Change-Id: Iac4a202a1d723822d10f4d34a397eff9de3f2108
add the job in project-config:
Depends-On: https://review.openstack.org/555034
remove branch optimiazation in check and add swift exclusions (series):
Depends-On: https://review.openstack.org/560109
Signed-off-by: Doug Hellmann <doug@doughellmann.com>
Co-Authored-By: Nguyen Hai <nguyentrihai93@gmail.com>

Change-Id: If8a77bb9de48890858b3de3b9297f6182c1cce05

The @requires_acls decorator already checks for cluster_info["tempauth"]
Change-Id: I2c40fbea1fd799059dca6bfb82d5fed833991826

Latest version of CentOS should not need this anymore
Change-Id: Ief83c39420cfb4509f16d4e357d704025b116134

CentOS 7 distributes 1.0.16, and there is no real reason to avoid it.
Plus, in our probetests we apparently cannot avoid the system package.
Change-Id: I108ec2438dbc02f3e85f8da43e11ff4cdcfd1e4b

The object server can be configured to leave a certain amount of disk
space free; default is 1%. This is useful in avoiding 100%-full
filesystems, as those can get Swift in a state where the filesystem is
too full to write tombstones, so you can't delete objects to free up
space.
When a cluster has accounts/containers and objects on the same disks,
then you can wind up with a 100%-full disk since account and container
servers don't respect fallocate_reserve. This commit makes account and
container servers respect fallocate_reserve so that disks shared
between account/container and object rings won't get 100% full.
When a disk's free space falls below the configured reserve, account
and container PUT, POST, and REPLICATE requests will fail with a 507
status code. These are the operations that can significantly increase
the disk space used by a given database.
I called the parameter "fallocate_reserve" for consistency with the
object server. No actual fallocate() call happens under Swift's
control in the account or container servers (sqlite3 might make such a
call, but it's out of our hands).
Change-Id: I083442eef14bf83c0ea717b1decb3e6b56dbf1d0

Change-Id: Ie34ce2a33f2a642b97986fa28cf9db9e6da964d5
Related-Change: I67478923619b00ec1a37d56b6fec6a218453dafc
Related-Change: Ibaa630b5b4251cc4f821c01d3c09a8b8a6be342c

Related-Change-Id: I67478923619b00ec1a37d56b6fec6a218453dafc
Change-Id: Ibaa630b5b4251cc4f821c01d3c09a8b8a6be342c

Change-Id: I5b6b5c283a9e2533a2e753fe81ba429792e590cd
Closes-Bug: 1781297

Container servers will store an etag like
 <MD5 of manifest on disk>; slo_etag=<MD5 on concatenated ETags>
which the SLO middleware will break out into separate
 "hash": "<MD5 of manifest on disk",
 "slo_etag": "\"<MD5 of concatenated ETags\"",
keys for JSON listings. Text and XML listings are unaffected.
If a middleware left of SLO already specified a container update
override, the slo_etag parameter will be appended. If the base header
value was blank, the MD5 of the manifest will be inserted.
SLOs that were created on previous versions of Swift will continue to
just have the MD5 of the manifest in container listings.
Closes-Bug: 1618573
Change-Id: I67478923619b00ec1a37d56b6fec6a218453dafc

Change-Id: Ifd2f468ad745d19ef474ae7503a8bd79d429fc1b

This patch adds Alpine Linux (apk) entries to bindep.txt.
closes-bug: #1780163
Change-Id: Iff24a2b02b8927113d616a5af06331f1a1e31170