def _check_policy(self): """Checks to see if policy file is overwritten with the new defaults. """ msg = _("Your policy file contains rules which examine token scope, " "which may be due to generation with the new defaults. " "If that is done intentionally to migrate to the new rule " "format, then you are required to enable the flag " "'oslo_policy.enforce_scope=True' and educate end users on " "how to request scoped tokens from Keystone. Another easy " "and recommended way for you to achieve the same is via two " "flags, 'oslo_policy.enforce_scope=True' and " "'oslo_policy.enforce_new_defaults=True' and avoid " "overwriting the file. Please refer to this document to " "know the complete migration steps: " "https://docs.openstack.org/nova/latest/configuration" "/policy-concepts.html. If you did not intend to migrate " "to new defaults in this upgrade, then with your current " "policy file the scope checking rule will fail. A possible " "reason for such a policy file is that you generated it with " "'oslopolicy-sample-generator' in json format. " "Three ways to fix this until you are ready to migrate to " "scoped policies: 1. Generate the policy file with " "'oslopolicy-sample-generator' in yaml format, keep " "the generated content commented out, and update " "the generated policy.yaml location in " "``oslo_policy.policy_file``. " "2. Use a pre-existing sample config file from the Train " "release. 3. Use an empty or non-existent file to take all " "the defaults.") rule = "system_admin_api" rule_new_default = "role:admin and system_scope:all" status = upgradecheck.Result(upgradecheck.Code.SUCCESS) # NOTE(gmann): Initialise the policy if it not initialized. # We need policy enforcer with all the rules loaded to check # their value with defaults. try: if policy._ENFORCER is None: policy.init(suppress_deprecation_warnings=True) # For safer side, recheck that the enforcer is available before # upgrade checks. If something is wrong on oslo side and enforcer # is still not available the return warning to avoid any false # result. if policy._ENFORCER is not None: current_rule = str(policy._ENFORCER.rules[rule]).strip("()") if (current_rule == rule_new_default and not CONF.oslo_policy.enforce_scope): status = upgradecheck.Result(upgradecheck.Code.WARNING, msg) else: status = upgradecheck.Result( upgradecheck.Code.WARNING, _('Policy is not initialized to check the policy rules')) except Exception as ex: status = upgradecheck.Result( upgradecheck.Code.WARNING, _('Unable to perform policy checks due to error: %s') % six.text_type(ex)) # reset the policy state so that it can be initialized from fresh if # operator changes policy file after running this upgrade checks. policy.reset() return status
def _sample_check(self): """This is sample check added to test the upgrade check framework It needs to be removed after adding any real upgrade check """ return upgradecheck.Result(upgradecheck.Code.SUCCESS, 'Sample detail')
def _check_ironic_flavor_migration(self): """In Pike, ironic instances and flavors need to be migrated to use custom resource classes. In ironic, the node.resource_class should be set to some custom resource class value which should match a "resources:<custom resource class name>" flavor extra spec on baremetal flavors. Existing ironic instances will have their embedded instance.flavor.extra_specs migrated to use the matching ironic node.resource_class value in the nova-compute service, or they can be forcefully migrated using "nova-manage db ironic_flavor_migration". In this check, we look for all ironic compute nodes in all non-cell0 cells, and from those ironic compute nodes, we look for an instance that has a "resources:CUSTOM_*" key in it's embedded flavor extra specs. """ cell_mappings = self._get_non_cell0_mappings() ctxt = nova_context.get_admin_context() # dict of cell identifier (name or uuid) to number of unmigrated # instances unmigrated_instance_count_by_cell = collections.defaultdict(int) for cell_mapping in cell_mappings: with nova_context.target_cell(ctxt, cell_mapping) as cctxt: # Get the (non-deleted) ironic compute nodes in this cell. meta = MetaData(bind=db_session.get_engine(context=cctxt)) compute_nodes = Table('compute_nodes', meta, autoload=True) ironic_nodes = (compute_nodes.select().where( and_(compute_nodes.c.hypervisor_type == 'ironic', compute_nodes.c.deleted == 0)).execute().fetchall()) if ironic_nodes: # We have ironic nodes in this cell, let's iterate over # them looking for instances. instances = Table('instances', meta, autoload=True) extras = Table('instance_extra', meta, autoload=True) for node in ironic_nodes: nodename = node['hypervisor_hostname'] # Get any (non-deleted) instances for this node. ironic_instances = (instances.select().where( and_(instances.c.node == nodename, instances.c.deleted == 0)).execute().fetchall()) # Get the instance_extras for each instance so we can # find the flavors. for inst in ironic_instances: if not self._is_ironic_instance_migrated( extras, inst): # We didn't find the extra spec key for this # instance so increment the number of # unmigrated instances in this cell. unmigrated_instance_count_by_cell[ cell_mapping.uuid] += 1 if not cell_mappings: # There are no non-cell0 mappings so we can't determine this, just # return a warning. The cellsv2 check would have already failed # on this. msg = (_('Unable to determine ironic flavor migration without ' 'cell mappings.')) return upgradecheck.Result(upgradecheck.Code.WARNING, msg) if unmigrated_instance_count_by_cell: # There are unmigrated ironic instances, so we need to fail. msg = ( _('There are (cell=x) number of unmigrated instances in ' 'each cell: %s. Run \'nova-manage db ' 'ironic_flavor_migration\' on each cell.') % ' '.join('(%s=%s)' % (cell_id, unmigrated_instance_count_by_cell[cell_id]) for cell_id in sorted( unmigrated_instance_count_by_cell.keys()))) return upgradecheck.Result(upgradecheck.Code.FAILURE, msg) # Either there were no ironic compute nodes or all instances for # those nodes are already migrated, so there is nothing to do. return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def check_invalid_settings(dummy=None): # This list can be updated using the tools/find_settings.py script. KNOWN_SETTINGS_NON_DASHBOARD = [ 'ABSOLUTE_URL_OVERRIDES', 'ADD_INSTALLED_APPS', 'ADD_TEMPLATE_DIRS', 'ADD_TEMPLATE_LOADERS', 'ADMINS', 'ALLOWED_HOSTS', 'APPEND_SLASH', 'AUTHENTICATION_BACKENDS', 'AUTH_PASSWORD_VALIDATORS', 'AUTH_USER_MODEL', 'CACHED_TEMPLATE_LOADERS', 'CACHES', 'CACHE_MIDDLEWARE_ALIAS', 'CACHE_MIDDLEWARE_KEY_PREFIX', 'CACHE_MIDDLEWARE_SECONDS', 'COMPRESSORS', 'COMPRESS_CACHEABLE_PRECOMPILERS', 'COMPRESS_CACHE_BACKEND', 'COMPRESS_CACHE_KEY_FUNCTION', 'COMPRESS_CLEAN_CSS_ARGUMENTS', 'COMPRESS_CLEAN_CSS_BINARY', 'COMPRESS_CLOSURE_COMPILER_ARGUMENTS', 'COMPRESS_CLOSURE_COMPILER_BINARY', 'COMPRESS_CSS_COMPRESSOR', 'COMPRESS_CSS_FILTERS', 'COMPRESS_CSS_HASHING_METHOD', 'COMPRESS_DATA_URI_MAX_SIZE', 'COMPRESS_DEBUG_TOGGLE', 'COMPRESS_ENABLED', 'COMPRESS_FILTERS', 'COMPRESS_JINJA2_GET_ENVIRONMENT', 'COMPRESS_JS_COMPRESSOR', 'COMPRESS_JS_FILTERS', 'COMPRESS_MINT_DELAY', 'COMPRESS_MTIME_DELAY', 'COMPRESS_OFFLINE', 'COMPRESS_OFFLINE_CONTEXT', 'COMPRESS_OFFLINE_MANIFEST', 'COMPRESS_OFFLINE_TIMEOUT', 'COMPRESS_OUTPUT_DIR', 'COMPRESS_PARSER', 'COMPRESS_PRECOMPILERS', 'COMPRESS_REBUILD_TIMEOUT', 'COMPRESS_ROOT', 'COMPRESS_STORAGE', 'COMPRESS_TEMPLATE_FILTER_CONTEXT', 'COMPRESS_URL', 'COMPRESS_URL_PLACEHOLDER', 'COMPRESS_VERBOSE', 'COMPRESS_YUGLIFY_BINARY', 'COMPRESS_YUGLIFY_CSS_ARGUMENTS', 'COMPRESS_YUGLIFY_JS_ARGUMENTS', 'COMPRESS_YUI_BINARY', 'COMPRESS_YUI_CSS_ARGUMENTS', 'COMPRESS_YUI_JS_ARGUMENTS', 'CSRF_COOKIE_AGE', 'CSRF_COOKIE_DOMAIN', 'CSRF_COOKIE_HTTPONLY', 'CSRF_COOKIE_NAME', 'CSRF_COOKIE_PATH', 'CSRF_COOKIE_SAMESITE', 'CSRF_COOKIE_SECURE', 'CSRF_FAILURE_VIEW', 'CSRF_HEADER_NAME', 'CSRF_TRUSTED_ORIGINS', 'CSRF_USE_SESSIONS', 'DATABASES', 'DATABASE_ROUTERS', 'DATA_UPLOAD_MAX_MEMORY_SIZE', 'DATA_UPLOAD_MAX_NUMBER_FIELDS', 'DATEPICKER_LOCALES', 'DATETIME_FORMAT', 'DATETIME_INPUT_FORMATS', 'DATE_FORMAT', 'DATE_INPUT_FORMATS', 'DEBUG', 'DEBUG_PROPAGATE_EXCEPTIONS', 'DECIMAL_SEPARATOR', 'DEFAULT_CHARSET', 'DEFAULT_CONTENT_TYPE', 'DEFAULT_EXCEPTION_REPORTER_FILTER', 'DEFAULT_FILE_STORAGE', 'DEFAULT_FROM_EMAIL', 'DEFAULT_INDEX_TABLESPACE', 'DEFAULT_TABLESPACE', 'DISALLOWED_USER_AGENTS', 'EMAIL_BACKEND', 'EMAIL_HOST', 'EMAIL_HOST_PASSWORD', 'EMAIL_HOST_USER', 'EMAIL_PORT', 'EMAIL_SSL_CERTFILE', 'EMAIL_SSL_KEYFILE', 'EMAIL_SUBJECT_PREFIX', 'EMAIL_TIMEOUT', 'EMAIL_USE_LOCALTIME', 'EMAIL_USE_SSL', 'EMAIL_USE_TLS', 'FILE_CHARSET', 'FILE_UPLOAD_DIRECTORY_PERMISSIONS', 'FILE_UPLOAD_HANDLERS', 'FILE_UPLOAD_MAX_MEMORY_SIZE', 'FILE_UPLOAD_PERMISSIONS', 'FILE_UPLOAD_TEMP_DIR', 'FIRST_DAY_OF_WEEK', 'FIXTURE_DIRS', 'FORCE_SCRIPT_NAME', 'FORMAT_MODULE_PATH', 'FORM_RENDERER', 'HORIZON_CONFIG', 'IGNORABLE_404_URLS', 'IMAGE_RESERVED_CUSTOM_PROPERTIES', 'INSTALLED_APPS', 'INTERNAL_IPS', 'LANGUAGES', 'LANGUAGES_BIDI', 'LANGUAGE_CODE', 'LANGUAGE_COOKIE_AGE', 'LANGUAGE_COOKIE_DOMAIN', 'LANGUAGE_COOKIE_NAME', 'LANGUAGE_COOKIE_PATH', 'LOCALE_PATHS', 'LOCAL_PATH', 'LOCAL_SETTINGS_DIR_PATH', 'LOGGING', 'LOGGING_CONFIG', 'LOGOUT_REDIRECT_URL', 'MANAGERS', 'MESSAGE_STORAGE', 'MIDDLEWARE', 'MIDDLEWARE_CLASSES', 'MIGRATION_MODULES', 'MONTH_DAY_FORMAT', 'NUMBER_GROUPING', 'OPENSTACK_HEAT_STACK', 'OPENSTACK_HOST', 'OPENSTACK_IMAGE_FORMATS', 'PASSWORD_HASHERS', 'PASSWORD_RESET_TIMEOUT_DAYS', 'PREPEND_WWW', 'ROOT_PATH', 'ROOT_URLCONF', 'SECRET_KEY', 'SECURE_BROWSER_XSS_FILTER', 'SECURE_CONTENT_TYPE_NOSNIFF', 'SECURE_HSTS_INCLUDE_SUBDOMAINS', 'SECURE_HSTS_PRELOAD', 'SECURE_HSTS_SECONDS', 'SECURE_PROXY_SSL_HEADER', 'SECURE_REDIRECT_EXEMPT', 'SECURE_SSL_HOST', 'SECURE_SSL_REDIRECT', 'SERVER_EMAIL', 'SESSION_CACHE_ALIAS', 'SESSION_COOKIE_AGE', 'SESSION_COOKIE_DOMAIN', 'SESSION_COOKIE_HTTPONLY', 'SESSION_COOKIE_NAME', 'SESSION_COOKIE_PATH', 'SESSION_COOKIE_SAMESITE', 'SESSION_COOKIE_SECURE', 'SESSION_ENGINE', 'SESSION_EXPIRE_AT_BROWSER_CLOSE', 'SESSION_FILE_PATH', 'SESSION_SAVE_EVERY_REQUEST', 'SESSION_SERIALIZER', 'SETTINGS_MODULE', 'SHORT_DATETIME_FORMAT', 'SHORT_DATE_FORMAT', 'SIGNING_BACKEND', 'SILENCED_SYSTEM_CHECKS', 'STATICFILES_DIRS', 'STATICFILES_FINDERS', 'STATICFILES_STORAGE', 'TEMPLATES', 'TESTSERVER', 'TEST_GLOBAL_MOCKS_ON_PANELS', 'TEST_NON_SERIALIZED_APPS', 'TEST_RUNNER', 'THOUSAND_SEPARATOR', 'TIME_FORMAT', 'TIME_INPUT_FORMATS', 'USE_ETAGS', 'USE_I18N', 'USE_L10N', 'USE_THOUSAND_SEPARATOR', 'USE_TZ', 'USE_X_FORWARDED_HOST', 'USE_X_FORWARDED_PORT', 'WSGI_APPLICATION', 'XSTATIC_MODULES', 'X_FRAME_OPTIONS', 'YEAR_MONTH_FORMAT', ] KNOWN_SETTINGS_DASHBOARD = dir(defaults) KNOWN_SETTINGS = set(KNOWN_SETTINGS_DASHBOARD + KNOWN_SETTINGS_NON_DASHBOARD) invalid = [] for setting in dir(settings): if not setting.isupper() or setting.startswith("_"): continue if setting not in KNOWN_SETTINGS: invalid.append(setting) if invalid: return upgradecheck.Result( upgradecheck.Code.WARNING, _("Unknown settings: {}.").format(", ".join(invalid)), ) return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def _check_placeholder(self): # This is just a placeholder for upgrade checks, it should be # removed when the actual checks are added return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def _check_nothing(self): # NOTE(slaweq) This is only example Noop check, it can be removed when # some real check methods will be added return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def _check_console_auths(self): """Checks for console usage and warns with info for rolling upgrade. Iterates all cells checking to see if the nova-consoleauth service is non-deleted/non-disabled and whether there are any console token auths in that cell database. If there is a nova-consoleauth service being used and no console token auths in the cell database, emit a warning telling the user to set [workarounds]enable_consoleauth = True if they are performing a rolling upgrade. """ # If the operator has already enabled the workaround, we don't need # to check anything. if CONF.workarounds.enable_consoleauth: return upgradecheck.Result(upgradecheck.Code.SUCCESS) # We need to check cell0 for nova-consoleauth service records because # it's possible a deployment could have services stored in the cell0 # database, if they've defaulted their [database]connection in # nova.conf to cell0. mappings = self._get_cell_mappings() if not mappings: # There are no cell mappings so we can't determine this, just # return a warning. The cellsv2 check would have already failed # on this. msg = (_('Unable to check consoles without cell mappings.')) return upgradecheck.Result(upgradecheck.Code.WARNING, msg) ctxt = nova_context.get_admin_context() # If we find a non-deleted, non-disabled nova-consoleauth service in # any cell, we will assume the deployment is using consoles. using_consoles = False for mapping in mappings: with nova_context.target_cell(ctxt, mapping) as cctxt: # Check for any non-deleted, non-disabled nova-consoleauth # service. meta = MetaData(bind=db_session.get_engine(context=cctxt)) services = Table('services', meta, autoload=True) consoleauth_service_record = (select([ services.c.id ]).select_from(services).where( and_(services.c.binary == 'nova-consoleauth', services.c.deleted == 0, services.c.disabled == false())).execute().first()) if consoleauth_service_record: using_consoles = True break if using_consoles: # If the deployment is using consoles, we can only be certain the # upgrade is complete if each compute service is >= Rocky and # supports storing console token auths in the database backend. for mapping in mappings: # Skip cell0 as no compute services should be in it. if mapping.is_cell0(): continue # Get the minimum nova-compute service version in this # cell. with nova_context.target_cell(ctxt, mapping) as cctxt: min_version = self._get_min_service_version( cctxt, 'nova-compute') # We could get None for the minimum version in the case of # new install where there are no computes. If there are # compute services, they should all have versions. if min_version is not None and min_version < 35: msg = _("One or more cells were found which have " "nova-compute services older than Rocky. " "Please set the " "'[workarounds]enable_consoleauth' " "configuration option to 'True' on your " "console proxy host if you are performing a " "rolling upgrade to enable consoles to " "function during a partial upgrade.") return upgradecheck.Result(upgradecheck.Code.WARNING, msg) return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def _check_placeholder(self): # TODO(whoami-rajat):This is just a placeholder for upgrade checks, # it should be removed when the actual checks are added return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def _check_placeholder(self): """This is just a placeholder to test the test framework.""" return uc.Result(SUCCESS, 'Some details')
def failure(self): return upgradecheck.Result(upgradecheck.Code.FAILURE, 'Always fails')
def test_get_details(self): result = upgradecheck.Result(upgradecheck.Code.SUCCESS, '*' * 70) upgrade_commands = upgradecheck.UpgradeCommands() details = upgrade_commands._get_details(result) wrapped = '*' * 60 + '\n ' + '*' * 10 self.assertEqual(wrapped, details)
def warning(self): return upgradecheck.Result(upgradecheck.Code.WARNING, 'Always warns')
def success(self): return upgradecheck.Result(upgradecheck.Code.SUCCESS, 'Always succeeds')
def test_details(self): result = upgradecheck.Result(upgradecheck.Code.SUCCESS, 'test details') self.assertEqual(0, result.code) self.assertEqual('test details', result.details)
def check_invalid_settings(dummy=None): # This list can be updated using the tools/find_settings.py script. KNOWN_SETTINGS = { 'ABSOLUTE_URL_OVERRIDES', 'ACTION_CSS_CLASSES', 'ADD_INSTALLED_APPS', 'ADD_TEMPLATE_DIRS', 'ADD_TEMPLATE_LOADERS', 'ADMINS', 'ALLOWED_HOSTS', 'ALLOWED_PRIVATE_SUBNET_CIDR', 'ANGULAR_FEATURES', 'API_RESULT_LIMIT', 'API_RESULT_PAGE_SIZE', 'APPEND_SLASH', 'AUTHENTICATION_BACKENDS', 'AUTHENTICATION_URLS', 'AUTH_PASSWORD_VALIDATORS', 'AUTH_USER_MODEL', 'AVAILABLE_REGIONS', 'AVAILABLE_THEMES', 'CACHED_TEMPLATE_LOADERS', 'CACHES', 'CACHE_MIDDLEWARE_ALIAS', 'CACHE_MIDDLEWARE_KEY_PREFIX', 'CACHE_MIDDLEWARE_SECONDS', 'COMPRESS_CACHEABLE_PRECOMPILERS', 'COMPRESS_CACHE_BACKEND', 'COMPRESS_CACHE_KEY_FUNCTION', 'COMPRESS_CLEAN_CSS_ARGUMENTS', 'COMPRESS_CLEAN_CSS_BINARY', 'COMPRESS_CLOSURE_COMPILER_ARGUMENTS', 'COMPRESS_CLOSURE_COMPILER_BINARY', 'COMPRESS_CSS_COMPRESSOR', 'COMPRESS_CSS_FILTERS', 'COMPRESS_CSS_HASHING_METHOD', 'COMPRESS_DATA_URI_MAX_SIZE', 'COMPRESS_DEBUG_TOGGLE', 'COMPRESS_ENABLED', 'COMPRESS_JINJA2_GET_ENVIRONMENT', 'COMPRESS_JS_COMPRESSOR', 'COMPRESS_JS_FILTERS', 'COMPRESS_MINT_DELAY', 'COMPRESS_MTIME_DELAY', 'COMPRESS_OFFLINE', 'COMPRESS_OFFLINE_CONTEXT', 'COMPRESS_OFFLINE_MANIFEST', 'COMPRESS_OFFLINE_TIMEOUT', 'COMPRESS_OUTPUT_DIR', 'COMPRESS_PARSER', 'COMPRESS_PRECOMPILERS', 'COMPRESS_REBUILD_TIMEOUT', 'COMPRESS_ROOT', 'COMPRESS_STORAGE', 'COMPRESS_TEMPLATE_FILTER_CONTEXT', 'COMPRESS_URL', 'COMPRESS_URL_PLACEHOLDER', 'COMPRESS_VERBOSE', 'COMPRESS_YUGLIFY_BINARY', 'COMPRESS_YUGLIFY_CSS_ARGUMENTS', 'COMPRESS_YUGLIFY_JS_ARGUMENTS', 'COMPRESS_YUI_BINARY', 'COMPRESS_YUI_CSS_ARGUMENTS', 'COMPRESS_YUI_JS_ARGUMENTS', 'CONSOLE_TYPE', 'CREATE_INSTANCE_FLAVOR_SORT', 'CSRF_COOKIE_AGE', 'CSRF_COOKIE_DOMAIN', 'CSRF_COOKIE_HTTPONLY', 'CSRF_COOKIE_NAME', 'CSRF_COOKIE_PATH', 'CSRF_COOKIE_SECURE', 'CSRF_FAILURE_VIEW', 'CSRF_HEADER_NAME', 'CSRF_TRUSTED_ORIGINS', 'CSRF_USE_SESSIONS', 'DATABASES', 'DATABASE_ROUTERS', 'DATA_UPLOAD_MAX_MEMORY_SIZE', 'DATA_UPLOAD_MAX_NUMBER_FIELDS', 'DATEPICKER_LOCALES', 'DATETIME_FORMAT', 'DATETIME_INPUT_FORMATS', 'DATE_FORMAT', 'DATE_INPUT_FORMATS', 'DEBUG', 'DEBUG_PROPAGATE_EXCEPTIONS', 'DECIMAL_SEPARATOR', 'DEFAULT_CHARSET', 'DEFAULT_CONTENT_TYPE', 'DEFAULT_EXCEPTION_REPORTER_FILTER', 'DEFAULT_FILE_STORAGE', 'DEFAULT_FROM_EMAIL', 'DEFAULT_INDEX_TABLESPACE', 'DEFAULT_SERVICE_REGIONS', 'DEFAULT_TABLESPACE', 'DEFAULT_THEME', 'DISALLOWED_USER_AGENTS', 'DROPDOWN_MAX_ITEMS', 'EMAIL_BACKEND', 'EMAIL_HOST', 'EMAIL_HOST_PASSWORD', 'EMAIL_HOST_USER', 'EMAIL_PORT', 'EMAIL_SSL_CERTFILE', 'EMAIL_SSL_KEYFILE', 'EMAIL_SUBJECT_PREFIX', 'EMAIL_TIMEOUT', 'EMAIL_USE_LOCALTIME', 'EMAIL_USE_SSL', 'EMAIL_USE_TLS', 'ENABLE_CLIENT_TOKEN', 'ENFORCE_PASSWORD_CHECK', 'EXTERNAL_MONITORING', 'FILE_CHARSET', 'FILE_UPLOAD_DIRECTORY_PERMISSIONS', 'FILE_UPLOAD_HANDLERS', 'FILE_UPLOAD_MAX_MEMORY_SIZE', 'FILE_UPLOAD_PERMISSIONS', 'FILE_UPLOAD_TEMP_DIR', 'FILTER_DATA_FIRST', 'FIRST_DAY_OF_WEEK', 'FIXTURE_DIRS', 'FORCE_SCRIPT_NAME', 'FORMAT_MODULE_PATH', 'FORM_RENDERER', 'HORIZON_COMPRESS_OFFLINE_CONTEXT_BASE', 'HORIZON_CONFIG', 'HORIZON_IMAGES_UPLOAD_MODE', 'IGNORABLE_404_URLS', 'IMAGES_ALLOW_LOCATION', 'IMAGES_LIST_FILTER_TENANTS', 'IMAGE_CUSTOM_PROPERTY_TITLES', 'IMAGE_RESERVED_CUSTOM_PROPERTIES', 'INSTALLED_APPS', 'INSTANCE_LOG_LENGTH', 'INTEGRATION_TESTS_SUPPORT', 'INTERNAL_IPS', 'KEYSTONE_PROVIDER_IDP_ID', 'KEYSTONE_PROVIDER_IDP_NAME', 'LANGUAGES', 'LANGUAGES_BIDI', 'LANGUAGE_CODE', 'LANGUAGE_COOKIE_AGE', 'LANGUAGE_COOKIE_DOMAIN', 'LANGUAGE_COOKIE_NAME', 'LANGUAGE_COOKIE_PATH', 'LAUNCH_INSTANCE_DEFAULTS', 'LAUNCH_INSTANCE_LEGACY_ENABLED', 'LAUNCH_INSTANCE_NG_ENABLED', 'LOCALE_PATHS', 'LOCAL_PATH', 'LOCAL_SETTINGS_DIR_PATH', 'LOGGING', 'LOGGING_CONFIG', 'LOGIN_ERROR', 'LOGIN_REDIRECT_URL', 'LOGIN_URL', 'LOGOUT_REDIRECT_URL', 'LOGOUT_URL', 'MANAGERS', 'MEDIA_ROOT', 'MEDIA_URL', 'MEMOIZED_MAX_SIZE_DEFAULT', 'MESSAGES_PATH', 'MESSAGE_STORAGE', 'MIDDLEWARE', 'MIDDLEWARE_CLASSES', 'MIGRATION_MODULES', 'MONTH_DAY_FORMAT', 'NG_TEMPLATE_CACHE_AGE', 'NUMBER_GROUPING', 'OPENRC_CUSTOM_TEMPLATE', 'OPENSTACK_API_VERSIONS', 'OPENSTACK_CINDER_FEATURES', 'OPENSTACK_CLOUDS_YAML_CUSTOM_TEMPLATE', 'OPENSTACK_CLOUDS_YAML_NAME', 'OPENSTACK_CLOUDS_YAML_PROFILE', 'OPENSTACK_ENABLE_PASSWORD_RETRIEVE', 'OPENSTACK_ENDPOINT_TYPE', 'OPENSTACK_HEAT_STACK', 'OPENSTACK_HOST', 'OPENSTACK_HYPERVISOR_FEATURES', 'OPENSTACK_IMAGE_BACKEND', 'OPENSTACK_IMAGE_FORMATS', 'OPENSTACK_KEYSTONE_ADMIN_ROLES', 'OPENSTACK_KEYSTONE_BACKEND', 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN', 'OPENSTACK_KEYSTONE_DEFAULT_ROLE', 'OPENSTACK_KEYSTONE_DOMAIN_DROPDOWN', 'OPENSTACK_KEYSTONE_FEDERATION_MANAGEMENT', 'OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT', 'OPENSTACK_KEYSTONE_URL', 'OPENSTACK_NEUTRON_NETWORK', 'OPENSTACK_PROFILER', 'OPENSTACK_SSL_CACERT', 'OPENSTACK_SSL_NO_VERIFY', 'OPERATION_LOG_ENABLED', 'OPERATION_LOG_OPTIONS', 'OVERVIEW_DAYS_RANGE', 'PASSWORD_HASHERS', 'PASSWORD_RESET_TIMEOUT_DAYS', 'POLICY_CHECK_FUNCTION', 'POLICY_DIRS', 'POLICY_FILES', 'POLICY_FILES_PATH', 'PREPEND_WWW', 'PROJECT_TABLE_EXTRA_INFO', 'REST_API_ADDITIONAL_SETTINGS', 'REST_API_REQUIRED_SETTINGS', 'ROOT_PATH', 'ROOT_URLCONF', 'SECONDARY_ENDPOINT_TYPE', 'SECRET_KEY', 'SECURE_BROWSER_XSS_FILTER', 'SECURE_CONTENT_TYPE_NOSNIFF', 'SECURE_HSTS_INCLUDE_SUBDOMAINS', 'SECURE_HSTS_PRELOAD', 'SECURE_HSTS_SECONDS', 'SECURE_PROXY_SSL_HEADER', 'SECURE_REDIRECT_EXEMPT', 'SECURE_SSL_HOST', 'SECURE_SSL_REDIRECT', 'SECURITY_GROUP_RULES', 'SELECTABLE_THEMES', 'SERVER_EMAIL', 'SESSION_CACHE_ALIAS', 'SESSION_COOKIE_AGE', 'SESSION_COOKIE_DOMAIN', 'SESSION_COOKIE_HTTPONLY', 'SESSION_COOKIE_MAX_SIZE', 'SESSION_COOKIE_NAME', 'SESSION_COOKIE_PATH', 'SESSION_COOKIE_SECURE', 'SESSION_ENGINE', 'SESSION_EXPIRE_AT_BROWSER_CLOSE', 'SESSION_FILE_PATH', 'SESSION_REFRESH', 'SESSION_SAVE_EVERY_REQUEST', 'SESSION_SERIALIZER', 'SESSION_TIMEOUT', 'SETTINGS_MODULE', 'SHORT_DATETIME_FORMAT', 'SHORT_DATE_FORMAT', 'SHOW_KEYSTONE_V2_RC', 'SHOW_OPENRC_FILE', 'SHOW_OPENSTACK_CLOUDS_YAML', 'SIGNING_BACKEND', 'SILENCED_SYSTEM_CHECKS', 'SITE_BRANDING', 'SITE_BRANDING_LINK', 'STATICFILES_DIRS', 'STATICFILES_FINDERS', 'STATICFILES_STORAGE', 'STATIC_ROOT', 'STATIC_URL', 'SWIFT_FILE_TRANSFER_CHUNK_SIZE', 'TEMPLATES', 'TESTSERVER', 'TEST_GLOBAL_MOCKS_ON_PANELS', 'TEST_NON_SERIALIZED_APPS', 'TEST_RUNNER', 'THEME_COLLECTION_DIR', 'THEME_COOKIE_NAME', 'THOUSAND_SEPARATOR', 'TIME_FORMAT', 'TIME_INPUT_FORMATS', 'TIME_ZONE', 'TOKEN_TIMEOUT_MARGIN', 'USER_MENU_LINKS', 'USER_TABLE_EXTRA_INFO', 'USE_ETAGS', 'USE_I18N', 'USE_L10N', 'USE_THOUSAND_SEPARATOR', 'USE_TZ', 'USE_X_FORWARDED_HOST', 'USE_X_FORWARDED_PORT', 'WEBROOT', 'WEBSSO_CHOICES', 'WEBSSO_DEFAULT_REDIRECT', 'WEBSSO_DEFAULT_REDIRECT_LOGOUT', 'WEBSSO_DEFAULT_REDIRECT_PROTOCOL', 'WEBSSO_DEFAULT_REDIRECT_REGION', 'WEBSSO_ENABLED', 'WEBSSO_IDP_MAPPING', 'WEBSSO_INITIAL_CHOICE', 'WEBSSO_KEYSTONE_URL', 'WSGI_APPLICATION', 'XSTATIC_MODULES', 'X_FRAME_OPTIONS', 'YEAR_MONTH_FORMAT', } invalid = [] for setting in dir(settings): if not setting.isupper() or setting.startswith("_"): continue if setting not in KNOWN_SETTINGS: invalid.append(setting) if invalid: return upgradecheck.Result( upgradecheck.Code.WARNING, _("Unknown settings: {}.").format(u", ".join(invalid)), ) return upgradecheck.Result(upgradecheck.Code.SUCCESS)
def noop_check(checker): # NOTE(slaweq) This is only example Noop check, it can be removed when # some real check methods will be added return upgradecheck.Result(upgradecheck.Code.SUCCESS, _("Always succeed (placeholder)"))