Bug 1553521
Summary: | Bump python-cryptography to >=2.1 and pyOpenSSL >= 17.1.0 | ||
---|---|---|---|
Product: | [Community] RDO | Reporter: | Carlos Goncalves <cgoncalves> |
Component: | openstack-octavia | Assignee: | Carlos Goncalves <cgoncalves> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Alexander Stafeyev <astafeye> |
Severity: | high | Docs Contact: | |
Priority: | unspecified | ||
Version: | trunk | CC: | amuller, apevec, bcafarel, cgoncalves, jschluet |
Target Milestone: | --- | Keywords: | Rebase |
Target Release: | trunk | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-04-03 09:00:26 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1553517 | ||
Bug Blocks: | 1553520, 1556933 |
Description
Carlos Goncalves
2018-03-09 01:36:04 UTC
Once python-cryptography is updated, we need to bump Requires: in https://github.com/rdo-packages/octavia-distgit/blob/rpm-master/openstack-octavia.spec#L113-L114 Please file BZ against RHEL7 to rebase or backport the fix, we should not be overriding base OS packages. Retargeted bz#1553752 to RHEL7. python-cryptography>=1.9 is not good enough as recently discovered with a new gate using lower-constraints [1]. Octavia requires python-cryptography>=2.1. Version bump being requested upstream for global-requirements.txt and lower-constraints.txt in [2]. Submitted new patch set for openstack-octavia.spec [3]. [1] https://review.openstack.org/#/c/553134/ [2] https://review.openstack.org/#/c/553136/ [3] https://review.rdoproject.org/r/#/c/12857 Created lower-constraints.txt out of requirements.txt from octavia stable/queens, bumped jinja2 and python-barbicanclient versions. I then ran ran unit and functional tests. Results: - FAIL: http://paste.openstack.org/show/701685/ (python-cryptography==1.9) - FAIL: http://paste.openstack.org/show/701695/ (python-cryptography==2.1) - SUCCESS: http://paste.openstack.org/show/701690/ (python-cryptography==2.1 AND pyOpenSSL==17.1.0) lower-constraints.txt for stable/queens verified to work with Octavia stable/queens: # The order of packages is significant, because pip processes them in the order # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. alembic==0.8.10 # MIT cotyledon==1.3.0 # Apache-2.0 pecan==1.0.0 # BSD pbr==2.0.0 # Apache-2.0 SQLAlchemy==1.0.10 # MIT Babel==2.3.4 # BSD futurist==1.2.0 # Apache-2.0 requests==2.14.2 # Apache-2.0 rfc3986==0.3.1 # Apache-2.0 keystoneauth1==3.3.0 # Apache-2.0 keystonemiddleware==4.17.0 # Apache-2.0 python-neutronclient==6.3.0 # Apache-2.0 WebOb==1.7.1 # MIT six==1.10.0 # MIT stevedore==1.20.0 # Apache-2.0 oslo.config==5.1.0 # Apache-2.0 oslo.context==2.19.2 # Apache-2.0 oslo.db==4.27.0 # Apache-2.0 oslo.i18n==3.15.3 # Apache-2.0 oslo.log==3.36.0 # Apache-2.0 oslo.messaging==5.29.0 # Apache-2.0 oslo.middleware==3.31.0 # Apache-2.0 oslo.policy==1.30.0 # Apache-2.0 oslo.reports==1.18.0 # Apache-2.0 oslo.utils==3.33.0 # Apache-2.0 pyasn1==0.1.8 # BSD pyasn1-modules==0.0.6 # BSD PyMySQL==0.7.6 # MIT License python-barbicanclient==4.5.2 # Apache-2.0 python-glanceclient==2.8.0 # Apache-2.0 python-novaclient==9.1.0 # Apache-2.0 pyOpenSSL==16.2.0 # Apache-2.0 WSME==0.8.0 # MIT Jinja2==2.10 # BSD License (3 clause) taskflow==2.16.0 # Apache-2.0 diskimage-builder==1.1.2 # Apache-2.0 futures==3.0.0;python_version=='2.7' or python_version=='2.6' # BSD castellan==0.16.0 # Apache-2.0 #for the amphora api Flask==0.10 # BSD netifaces==0.10.4 # MIT ipaddress==1.0.16;python_version<'3.3' # PSF cryptography==1.9 # BSD/Apache-2.0 pyroute2==0.4.21;sys_platform!='win32' # Apache-2.0 (+ dual licensed GPL2) gunicorn==19.0.0 # MIT Only one patch remains in-review: https://review.rdoproject.org/r/#/c/12878/ |