Synchronise yoga with upstream #55
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
This patch fixes the Quobyte driver unit tests that forcefully replace the 'convert_image' method in 'image_utils' with a Mock and then doesn't restore it afterwards, so any method that runs afterwards and expects 'convert_image' to actually run code will fail. This patch uses the proper mocking mechanisms that restore things afterwards. Change-Id: Iec1cf6ade1d97900d4db6e29555ddef8d45b9534 (cherry picked from commit e92c4d0)
In yoga there are test failures with cinder-plugin-ceph-tempest job. One type of failure is related to snapshot in use the other type is snapshot delete timeout. Change-Id: I19e8c6822178eec3769cd18f3c676ca7425262ec
Adds code to image_utils to check for a qcow2 external data file, a recent feature of qemu which we do not support and which can be used maliciously. Advice from the qemu-img community is that it is dangerous to call qemu-img info on untrusted files, so we copy over the format_inspector module from Glance. This performs basic analysis on the image data file so we can detect problematic images before we call qemu-img info to get all the image attributes. It is expected that this code will eventually be added to oslo so it can be consumed by Glance, Cinder, and Nova. Because cinder itself may create qcow2 format images with a backing file in nfs-based backends, the glance format_inspector has been modified to optionally allow such files. Since we are monkeying with the format_inspector code, we also copy over its unit tests to prevent regressions and to add tests for the changed code. Includes an additional fix to prevent an issue where a user could mount a raw volume and write a qcow2 header with a larger virtual size on it. On reattaching the volume it would have the new larger virtual size avaialable without actually changing the size value in cinder. While we cannot prevent this we can prevent the user from using this volume again, which makes this exploit pointless. unmaintained/yoga only: The tests cinder.tests.unit.volume.drivers.test_quobyte.QuobyteDriverTestCase. * test_copy_volume_from_snapshot_not_cached_overlay * test_copy_volume_from_snapshot * test_copy_volume_from_snapshot_not_cached failed as convert_image mock was not called, remove this mock from yoga and on older branches. With older qemu installed one of the qemu-img create commands fails, let's skip it from unmaintained/yoga and below that in test_qcow2_safety_checks. Co-authored-by: Dan Smith <[email protected]> Co-authored-by: Felix Huettner <[email protected]> Change-Id: I65857288b797cde573e7443ac6e7e6f57fedde01 Closes-bug: #2059809 (cherry picked from commit 4aa6590) (cherry picked from commit d6a1869) (cherry picked from commit db98dc2) (cherry picked from commit 9e667b0) (cherry picked from commit 5f5e86e)
Initially before the change https://review.opendev.org/c/openstack/os-brick/+/810419 was merged to close the bug https://bugs.launchpad.net/os-brick/+bug/1929223, verify_cert was always set to False which can lead to security issues. It has been decided through this change that this option can be set to True or False based upon security requirements. This change introduced a regression failure as the value set to the option is not part of connection_properties. This patch adds additional params during initialization so that it can be carried over os-brick and get adequate REST API response. Closes-Bug: 1990136 Change-Id: I0d266a57f68221a3b1740a7376e152bb64cac729 (cherry picked from commit 82823ac) (cherry picked from commit 8794f84) (cherry picked from commit be3c66e)
…rtificates" into unmaintained/yoga
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains a snapshot of yoga from upstream unmaintained/yoga.