diff -Nru murano-2.0.0/contrib/plugins/cloudify_plugin/murano_cloudify_plugin/cloudify_tosca_package.py murano-2.0.2/contrib/plugins/cloudify_plugin/murano_cloudify_plugin/cloudify_tosca_package.py --- murano-2.0.0/contrib/plugins/cloudify_plugin/murano_cloudify_plugin/cloudify_tosca_package.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/contrib/plugins/cloudify_plugin/murano_cloudify_plugin/cloudify_tosca_package.py 2016-08-25 21:34:26.000000000 +0300 @@ -143,7 +143,8 @@ data = yaml.safe_load(blueprint) return data.get('inputs') or {}, data.get('outputs') or {} - def _generate_application_ui_section(self, inputs): + def _generate_application_ui_section(self, inputs, package_name=None, + package_version=None): section = { key: YAQL( '$.appConfiguration.' + key) for key in six.iterkeys(inputs) @@ -153,6 +154,10 @@ 'type': self.full_name } }) + if package_name: + section['?']['package'] = package_name + if package_version: + section['?']['classVersion'] = package_version return section @staticmethod @@ -176,7 +181,8 @@ inputs, outputs = self._get_inputs_outputs() ui = { 'Version': '2.2', - 'Application': self._generate_application_ui_section(inputs), + 'Application': self._generate_application_ui_section( + inputs, self.full_name, str(self.version)), 'Forms': self._generate_form_ui_section(inputs) } return yaml.dump(ui, Dumper=Dumper, default_style='"') diff -Nru murano-2.0.0/contrib/plugins/murano_exampleplugin/example-app/io.murano.apps.demo.DemoApp/Classes/ImageValidatorMixin.yaml murano-2.0.2/contrib/plugins/murano_exampleplugin/example-app/io.murano.apps.demo.DemoApp/Classes/ImageValidatorMixin.yaml --- murano-2.0.0/contrib/plugins/murano_exampleplugin/example-app/io.murano.apps.demo.DemoApp/Classes/ImageValidatorMixin.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/contrib/plugins/murano_exampleplugin/example-app/io.murano.apps.demo.DemoApp/Classes/ImageValidatorMixin.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -1,6 +1,7 @@ Namespaces: =: io.murano.apps.example.plugin res: io.murano.resources + std: io.murano Name: ImageValidatorMixin diff -Nru murano-2.0.0/contrib/plugins/murano_exampleplugin/murano_exampleplugin/__init__.py murano-2.0.2/contrib/plugins/murano_exampleplugin/murano_exampleplugin/__init__.py --- murano-2.0.0/contrib/plugins/murano_exampleplugin/murano_exampleplugin/__init__.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/contrib/plugins/murano_exampleplugin/murano_exampleplugin/__init__.py 2016-08-25 21:34:26.000000000 +0300 @@ -75,7 +75,7 @@ LOG.debug("Creating a glance client") params = auth_utils.get_session_client_parameters( service_type='image', conf=CONF, region=region) - return glanceclient.Client(CONF.api_version, **params) + return glanceclient.Client(CONF.images.api_version, **params) class AmbiguousNameException(Exception): diff -Nru murano-2.0.0/contrib/plugins/murano_exampleplugin/setup.cfg murano-2.0.2/contrib/plugins/murano_exampleplugin/setup.cfg --- murano-2.0.0/contrib/plugins/murano_exampleplugin/setup.cfg 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/contrib/plugins/murano_exampleplugin/setup.cfg 2016-08-25 21:34:26.000000000 +0300 @@ -1,5 +1,4 @@ [metadata] -version = 1.0 name = murano.plugins.example description = Example Plugin to extend collection of MuranoPL system classes summary = An example Murano Plugin demonstrating extensibility of MuranoPL diff -Nru murano-2.0.0/contrib/plugins/murano_heat-translator_plugin/plugin/csar_package.py murano-2.0.2/contrib/plugins/murano_heat-translator_plugin/plugin/csar_package.py --- murano-2.0.0/contrib/plugins/murano_heat-translator_plugin/plugin/csar_package.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/contrib/plugins/murano_heat-translator_plugin/plugin/csar_package.py 2016-08-25 21:34:26.000000000 +0300 @@ -355,8 +355,11 @@ ] destroy = [ + {YAQL('$environment'): YAQL( + "$.find('io.murano.Environment').require()" + )}, {YAQL('$stack'): YAQL( - "new('io.murano.system.HeatStack', " + "new('io.murano.system.HeatStack', $environment, " "name => $.getAttr(generatedHeatStackName))")}, YAQL('$stack.delete()') @@ -494,12 +497,17 @@ return translated @staticmethod - def _generate_application_ui(groups, type_name): + def _generate_application_ui(groups, type_name, package_name=None, + package_version=None): app = { '?': { 'type': type_name } } + if package_name: + app['?']['package'] = package_name + if package_version: + app['?']['classVersion'] = package_version for i, record in enumerate(groups): section = app.setdefault('templateParameters', {}) @@ -522,7 +530,7 @@ translated = { 'Version': 2.2, 'Application': CSARPackage._generate_application_ui( - groups, self.full_name), + groups, self.full_name, self.full_name, str(self.version)), 'Forms': forms } return yaml.dump(translated, Dumper=Dumper, default_style='"') diff -Nru murano-2.0.0/contrib/plugins/murano_heat-translator_plugin/setup.cfg murano-2.0.2/contrib/plugins/murano_heat-translator_plugin/setup.cfg --- murano-2.0.0/contrib/plugins/murano_heat-translator_plugin/setup.cfg 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/contrib/plugins/murano_heat-translator_plugin/setup.cfg 2016-08-25 21:34:26.000000000 +0300 @@ -1,5 +1,4 @@ [metadata] -version = 2.0.0 name = io.murano.plugins.oasis.tosca description = Heat-Translator Plugin for Murano summary = This plugin enables import and deployment of OASIS TOSCA diff -Nru murano-2.0.0/debian/changelog murano-2.0.2/debian/changelog --- murano-2.0.0/debian/changelog 2016-04-07 22:47:32.000000000 +0300 +++ murano-2.0.2/debian/changelog 2016-09-09 18:50:59.000000000 +0300 @@ -1,3 +1,10 @@ +murano (1:2.0.2-1) UNRELEASED; urgency=medium + + * Package new version from stable/mitaka branch. + (LP: #1621936) + + -- Ivan Udovichenko Fri, 09 Sep 2016 13:11:40 +0300 + murano (1:2.0.0-1) unstable; urgency=medium * New upstream release. diff -Nru murano-2.0.0/devstack/plugin.sh murano-2.0.2/devstack/plugin.sh --- murano-2.0.0/devstack/plugin.sh 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/devstack/plugin.sh 2016-08-25 21:34:26.000000000 +0300 @@ -126,6 +126,7 @@ iniset $MURANO_CONF_FILE DEFAULT debug $MURANO_DEBUG iniset $MURANO_CONF_FILE DEFAULT use_syslog $SYSLOG + iniset $MURANO_CONF_FILE DEFAULT home_region $REGION_NAME # Murano Policy Enforcement Configuration if [[ -n "$MURANO_ENABLE_MODEL_POLICY_ENFORCEMENT" ]]; then diff -Nru murano-2.0.0/devstack/README.rst murano-2.0.2/devstack/README.rst --- murano-2.0.0/devstack/README.rst 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/devstack/README.rst 2016-08-25 21:34:26.000000000 +0300 @@ -18,6 +18,16 @@ enable_service murano-cfapi +#. If you want to use Glare Artifact Repository as a strorage for packages, + add the following line to ``local.conf``: + + .. code-block:: ini + + enable_service g-glare + + For more information on how to use Glare Artifact Repository, + see :ref:`glare_usage`. + #. (Optional) To import Murano packages when DevStack is up, define an ordered list of packages FQDNs in ``local.conf``. Make sure to list all package dependencies. These packages will by default be imported from the murano-apps diff -Nru murano-2.0.0/doc/source/draft/admin-guide/deploy_murano/devstack.rst murano-2.0.2/doc/source/draft/admin-guide/deploy_murano/devstack.rst --- murano-2.0.0/doc/source/draft/admin-guide/deploy_murano/devstack.rst 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/doc/source/draft/admin-guide/deploy_murano/devstack.rst 2016-08-25 21:34:26.000000000 +0300 @@ -31,6 +31,16 @@ enable_service murano-cfapi +#. If you want to use Glare Artifact Repository as a strorage for packages, + add the following line to ``local.conf``: + + .. code-block:: ini + + enable_service g-glare + + For more information on how to use Glare Artifact Repository, + see :ref:`glare_usage`. + #. (Optional) To import murano packages when DevStack is up, define an ordered list of FQDN packages in ``local.conf``. Verify that you list all package dependencies. These packages will be imported from the ``murano-apps`` diff -Nru murano-2.0.0/doc/source/draft/admin-guide/using_glare.rst murano-2.0.2/doc/source/draft/admin-guide/using_glare.rst --- murano-2.0.0/doc/source/draft/admin-guide/using_glare.rst 1970-01-01 03:00:00.000000000 +0300 +++ murano-2.0.2/doc/source/draft/admin-guide/using_glare.rst 2016-08-25 21:34:26.000000000 +0300 @@ -0,0 +1,133 @@ +.. _glare_usage: + + +=================================== +Using Glare as a storage for packages +=================================== + +DevStack installation +--------------------- + +#. Enable Glare service in DevStack + + To enable the Glare service in DevStack, edit the ``local.conf`` file: + + .. code-block:: console + + $ cat local.conf + [[local|localrc]] + enable_service g-glare + +#. Run DevStack: + + .. code-block:: console + + $ ./stack.sh + + **Result** Glare service is installed with DevStack. + You can find logs in ``g-glare`` screen session. + +#. Install the ``muranoartifact`` plug-in from ``murano/contrib`` + + .. code-block:: console + + $ cd $DEST/murano/contrib/glance/ + $ sudo pip install -e . + +#. Restart ``Glare`` + +#. Set Glare as packages service in murano-engine. For this, + edit the ``[engine]`` section in the ``murano.conf`` file. + By default, ``murano.conf`` is located in the ``/etc/murano`` directory + + .. code-block:: ini + + [engine] + + packages_service = glare + +#. Restart ``murano-engine`` + + .. note:: You also can use ``glance`` as a value of the + ``packages_service`` option for the same behaviour + +#. Enable Glare in ``murano-dashboard``. For this, add the following line + to the ``local_settins.py`` file + + .. code-block:: python + + MURANO_USE_GLARE = True + + By default, the ``local_settings.py`` file is located in + ``$DEST/horizon/openstack_dashboard/local/``. + +#. Restart the ``apache2`` service. + Now ``murano-dashboard`` will retrieve packages from Glare. + +#. Log in to Dashboard and navigate to :menuselection:`Murano > Manage > Packages` + to view the empty list of packages. + Alternatively, use the :command:`murano` command. + +#. Use :option:`--murano-packages-service` option to specify backend, + used by :command:`murano` command. Set it to ``glare`` for using ``Glare`` + + .. note:: You also can use ``glance`` as value + of :option:`--murano-packages-service` option or environment variable + :option:`MURANO_PACKAGES_SERVICE` for same behaviour + + + View list of packages: + + .. code-block:: console + + $ source {DEVSTACK_SOURCE_DIR}/openrc admin admin + $ murano --murano-packages-service=glare package-list + + +----+------+-----+--------+--------+-----------+------+---------+ + | ID | Name | FQN | Author | Active | Is Public | Type | Version | + +----+------+-----+--------+--------+-----------+------+---------+ + +----+------+-----+--------+--------+-----------+------+---------+ + + + Importing ``Core library`` + + .. code-block:: console + + $ cd $DEST/murano/meta/io.murano/ + $ zip io.murano.zip -r * + $ murano --murano-packages-service=glare package-import \ + --is-public /opt/stack/murano/meta/io.murano/io.murano.zip + + Importing package io.murano + +--------------------------------------+--------------+-----------+-----------+--------+-----------+---------+---------+ + | ID | Name | FQN | Author | Active | Is Public | Type | Version | + +--------------------------------------+--------------+-----------+-----------+--------+-----------+---------+---------+ + | 91a9c78f-f23a-4c82-aeda-14c8cbef096a | Core library | io.murano | murano.io | True | | Library | 0.0.0 | + +--------------------------------------+--------------+-----------+-----------+--------+-----------+---------+---------+ + +Set up Glare API entrypoint manually +------------------------------------ + +If you do not plan to get Glare service from keystone application catalog, +specify where g-glare service is running. + +#. Specify Glare URL in ``murano.conf``.It is http://0.0.0.0:9494 by default + and can be changed by setting `bind_host` and `bind_port` options in + the ``glance-glare.conf`` file. + + .. code-block:: ini + + [glare] + + url = http://: + +#. Specify Glare URL in the Dashboard settings file: + + .. code-block:: python + + GLARE_API_URL = 'http://:' + +#. Set the ``GLARE_URL`` environment variable for python-muranoclient. + Alternatively, use the :option:`--glare-url` option in CLI. + + .. code-block:: console + + $ murano --murano-packages-service=glare --glare-url=http://0.0.0.0:9494 package-list diff -Nru murano-2.0.0/doc/source/draft/index.rst murano-2.0.2/doc/source/draft/index.rst --- murano-2.0.0/doc/source/draft/index.rst 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/doc/source/draft/index.rst 2016-08-25 21:34:26.000000000 +0300 @@ -74,6 +74,7 @@ admin-guide/murano_agent admin-guide/policy_enf admin-guide/configure_cloud_foundry_service_broker + admin-guide/using_glare.rst admin-guide/admin_troubleshooting Developing Applications diff -Nru murano-2.0.0/doc/source/install/ssl.rst murano-2.0.2/doc/source/install/ssl.rst --- murano-2.0.0/doc/source/install/ssl.rst 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/doc/source/install/ssl.rst 2016-08-25 21:34:26.000000000 +0300 @@ -96,6 +96,7 @@ password = guest virtual_host = / ssl = True + insecure = False If you want to configure Murano Agent in a different way change the default template. It can be found in Murano Core Library, located at *http://git.openstack.org/cgit/openstack/murano/tree/meta/io.murano/Resources/Agent-v1.template*. Take diff -Nru murano-2.0.0/meta/io.murano/Classes/Environment.yaml murano-2.0.2/meta/io.murano/Classes/Environment.yaml --- murano-2.0.0/meta/io.murano/Classes/Environment.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Classes/Environment.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -61,6 +61,7 @@ virtual_host: $.string() or '/' ssl: $.bool() or false ca_certs: $.string() or '' + insecure: $.bool() or false Usage: Config region: diff -Nru murano-2.0.0/meta/io.murano/Classes/resources/ExistingNeutronNetwork.yaml murano-2.0.2/meta/io.murano/Classes/resources/ExistingNeutronNetwork.yaml --- murano-2.0.0/meta/io.murano/Classes/resources/ExistingNeutronNetwork.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Classes/resources/ExistingNeutronNetwork.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -145,7 +145,7 @@ describe: Body: - $.deploy() - - $subnet: $._getSubnetworks.where( + - $subnet: $._getSubnetworks().where( $.network_id = $this._internalNetworkId).first() - Return: provider: Neutron diff -Nru murano-2.0.0/meta/io.murano/Classes/resources/LinuxMuranoInstance.yaml murano-2.0.2/meta/io.murano/Classes/resources/LinuxMuranoInstance.yaml --- murano-2.0.0/meta/io.murano/Classes/resources/LinuxMuranoInstance.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Classes/resources/LinuxMuranoInstance.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -45,6 +45,7 @@ - config: {get_resource: $bootConfigResourceName} - config: {get_resource: $bootScriptResourceName} + - $.setAttr(resourceCloudConfig, [$bootScriptResourceName, $userDataResourceName, $bootConfigResourceName]) - $environment.stack.updateTemplate($template) - Return: {get_resource: $userDataResourceName} @@ -73,13 +74,18 @@ "%RABBITMQ_PASSWORD%": $rabbitMqParams.password "%RABBITMQ_VHOST%": $rabbitMqParams.virtual_host "%RABBITMQ_SSL%": str($rabbitMqParams.ssl).toLower() + "%RABBITMQ_INSECURE%": str($rabbitMqParams.insecure).toLower() "%RABBITMQ_INPUT_QUEUE%": $.agent.queueName() "%RESULT_QUEUE%": $environment.agentListener.queueName() - $scriptReplacements: "%AGENT_CONFIG_BASE64%": base64encode($configFile.replace($configReplacements)) "%INTERNAL_HOSTNAME%": $.name "%MURANO_SERVER_ADDRESS%": coalesce(config(file_server), $rabbitMqParams.host) - "%CA_ROOT_CERT_BASE64%": "" + - If: config(rabbitmq, ca_certs) + Then: + - $scriptReplacements["%CA_ROOT_CERT_BASE64%"]: base64encode(config(rabbitmq, ca_certs, true)) + Else: + - $scriptReplacements["%CA_ROOT_CERT_BASE64%"]: '' - $muranoReplacements: "%MURANO_AGENT_CONF%": base64encode($muranoAgentConf) "%MURANO_AGENT_SERVICE%": base64encode($muranoAgentService) @@ -87,6 +93,15 @@ - $userData: $muranoScript.replace($muranoReplacements) + $initScript.replace($scriptReplacements) - Return: $userData + + releaseResources: + Body: + - $environment: $.find(std:Environment).require() + - $template: $environment.stack.current() + - If: bool($template.resources) and bool($template.outputs) + Then: + - $resourcesToDelete: $.getAttr(resourceCloudConfig, []) + - $template.resources: $template.resources.deleteAll($resourcesToDelete) + - $environment.stack.setTemplate($template) - - + - $.super($.releaseResources()) \ No newline at end of file diff -Nru murano-2.0.0/meta/io.murano/Classes/resources/NeutronNetworkBase.yaml murano-2.0.2/meta/io.murano/Classes/resources/NeutronNetworkBase.yaml --- murano-2.0.0/meta/io.murano/Classes/resources/NeutronNetworkBase.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Classes/resources/NeutronNetworkBase.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -20,6 +20,11 @@ Extends: Network Methods: + initialize: + Body: + - $._netExplorer: new(sys:NetworkExplorer, $this) + - $._securityGroupsEnabled: $._netExplorer.listNeutronExtensions().alias.contains('security-group') + joinInstanceToNetwork: Arguments: - instance: @@ -49,7 +54,7 @@ - subnet: $subnetRef replacement_policy: AUTO - - If: bool($securityGroupName) + - If: bool($securityGroupName) and $this._securityGroupsEnabled Then: - $template: resources: @@ -107,4 +112,9 @@ - environment: Contract: $.class(std:Environment).notNull() Body: - - Return: new(sys:NeutronSecurityGroupManager, environment => $environment) + - If: $this._securityGroupsEnabled + Then: + - Return: new(sys:NeutronSecurityGroupManager, environment => $environment) + Else: + - $environment.reporter.report($this, "Warning! Security groups are disabled!") + - Return: new(sys:DummySecurityGroupManager, environment => $environment) diff -Nru murano-2.0.0/meta/io.murano/Classes/system/DummySecurityGroupManager.yaml murano-2.0.2/meta/io.murano/Classes/system/DummySecurityGroupManager.yaml --- murano-2.0.0/meta/io.murano/Classes/system/DummySecurityGroupManager.yaml 1970-01-01 03:00:00.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Classes/system/DummySecurityGroupManager.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -0,0 +1,23 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +Namespaces: + =: io.murano.system + std: io.murano + +Name: DummySecurityGroupManager +Extends: SecurityGroupManager + +# This class actually adds nothing to the base SecurityGroupManager, +# so a base class could be used instead. However, it's better to explicitly +# declare this class and use it, since the base one is supposed to remain +# "abstract" and never be instantiated. diff -Nru murano-2.0.0/meta/io.murano/Classes/system/SecurityGroupManager.yaml murano-2.0.2/meta/io.murano/Classes/system/SecurityGroupManager.yaml --- murano-2.0.0/meta/io.murano/Classes/system/SecurityGroupManager.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Classes/system/SecurityGroupManager.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -22,7 +22,7 @@ defaultGroupName: Contract: $.string() - Default: format('MuranoSecurityGroup-{0}', $.environment.name) + Default: format('MuranoSecurityGroup-{0}', $.environment.id()) Methods: addGroupIngress: @@ -49,4 +49,4 @@ Ethertype: $.string().check($ in list(null, 'IPv4', 'IPv6')) - groupName: Contract: $.string().notNull() - Default: $this.defaultGroupName \ No newline at end of file + Default: $this.defaultGroupName diff -Nru murano-2.0.0/meta/io.murano/manifest.yaml murano-2.0.2/meta/io.murano/manifest.yaml --- murano-2.0.0/meta/io.murano/manifest.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/manifest.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -67,6 +67,7 @@ io.murano.system.SecurityGroupManager: system/SecurityGroupManager.yaml io.murano.system.NeutronSecurityGroupManager: system/NeutronSecurityGroupManager.yaml io.murano.system.AwsSecurityGroupManager: system/AwsSecurityGroupManager.yaml + io.murano.system.DummySecurityGroupManager: system/DummySecurityGroupManager.yaml io.murano.system.MistralClient: system/MistralClient.yaml io.murano.test.TestFixture: test/TestFixture.yaml diff -Nru murano-2.0.0/meta/io.murano/Resources/Agent-v2.template murano-2.0.2/meta/io.murano/Resources/Agent-v2.template --- murano-2.0.0/meta/io.murano/Resources/Agent-v2.template 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Resources/Agent-v2.template 2016-08-25 21:34:26.000000000 +0300 @@ -24,8 +24,11 @@ # Use SSL for RabbitMQ connections (True or False) ssl = %RABBITMQ_SSL% +# Do not verify SSL certificates +insecure = %RABBITMQ_INSECURE% + # Path to SSL CA certificate or empty to allow self signed server certificate -ca_certs = +ca_certs = '/etc/murano/certs/ca_certs' # RabbitMQ credentials. Fresh RabbitMQ installation has "guest" account with "guest" password. login = %RABBITMQ_USER% diff -Nru murano-2.0.0/meta/io.murano/Resources/linux-init.sh murano-2.0.2/meta/io.murano/Resources/linux-init.sh --- murano-2.0.0/meta/io.murano/Resources/linux-init.sh 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Resources/linux-init.sh 2016-08-25 21:34:26.000000000 +0300 @@ -14,6 +14,7 @@ service murano-agent stop AgentConfigBase64='%AGENT_CONFIG_BASE64%' +RMQCaCertBase64='%CA_ROOT_CERT_BASE64%' if [ ! -d /etc/murano ]; then mkdir /etc/murano @@ -21,4 +22,10 @@ echo $AgentConfigBase64 | base64 -d > /etc/murano/agent.conf chmod 664 /etc/murano/agent.conf +if [ ! -d /etc/murano/certs ]; then + mkdir /etc/murano/certs +fi +echo $RMQCaCertBase64 | base64 -d > /etc/murano/certs/ca_certs +chmod 664 /etc/murano/certs/ca_certs + service murano-agent start diff -Nru murano-2.0.0/meta/io.murano/Resources/windows-init.ps1 murano-2.0.2/meta/io.murano/Resources/windows-init.ps1 --- murano-2.0.0/meta/io.murano/Resources/windows-init.ps1 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/meta/io.murano/Resources/windows-init.ps1 2016-08-25 21:34:26.000000000 +0300 @@ -1,3 +1,5 @@ +#ps1 + # Licensed under the Apache License, Version 2.0 (the "License"); you may # not use this file except in compliance with the License. You may obtain # a copy of the License at @@ -10,7 +12,6 @@ # License for the specific language governing permissions and limitations # under the License. -#ps1 $WindowsAgentConfigBase64 = '%AGENT_CONFIG_BASE64%' $WindowsAgentConfigFile = "C:\Murano\Agent\WindowsAgent.exe.config" diff -Nru murano-2.0.0/murano/api/middleware/context.py murano-2.0.2/murano/api/middleware/context.py --- murano-2.0.0/murano/api/middleware/context.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/api/middleware/context.py 2016-08-25 21:34:26.000000000 +0300 @@ -14,6 +14,7 @@ from oslo_config import cfg from oslo_middleware import request_id as oslo_request_id +from oslo_serialization import jsonutils from murano.common.i18n import _ from murano.common import wsgi @@ -50,6 +51,9 @@ 'request_id': req.environ.get(oslo_request_id.ENV_REQUEST_ID), 'roles': roles } + sc_header = req.headers.get('X-Service-Catalog') + if sc_header: + kwargs['service_catalog'] = jsonutils.loads(sc_header) req.context = murano.context.RequestContext(**kwargs) @classmethod diff -Nru murano-2.0.0/murano/api/v1/catalog.py murano-2.0.2/murano/api/v1/catalog.py --- murano-2.0.0/murano/api/v1/catalog.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/api/v1/catalog.py 2016-08-25 21:34:26.000000000 +0300 @@ -18,6 +18,8 @@ import tempfile import jsonschema +from keystoneclient import exceptions as keystone_ex +from keystoneclient import service_catalog from oslo_config import cfg from oslo_db import exception as db_exc from oslo_log import log as logging @@ -34,6 +36,7 @@ from murano.common.i18n import _, _LW from murano.packages import exceptions as pkg_exc from murano.packages import load_utils +from muranoclient.glance import client as glare_client LOG = logging.getLogger(__name__) @@ -266,11 +269,23 @@ os.remove(tempf.name) def get_ui(self, req, package_id): - target = {'package_id': package_id} - policy.check("get_package", req.context, target) + if CONF.engine.packages_service == 'murano': + target = {'package_id': package_id} + policy.check("get_package", req.context, target) - package = db_api.package_get(package_id, req.context) - return package.ui_definition + package = db_api.package_get(package_id, req.context) + return package.ui_definition + else: + g_client = self._get_glare_client(req) + blob_data = g_client.artifacts.download_blob(package_id, 'archive') + with tempfile.NamedTemporaryFile() as tempf: + for chunk in blob_data: + tempf.write(chunk) + tempf.flush() + os.fsync(tempf.file.fileno()) + with load_utils.load_from_file(tempf.name, target_dir=None, + drop_dir=True) as pkg: + return pkg.ui def get_logo(self, req, package_id): target = {'package_id': package_id} @@ -392,6 +407,38 @@ raise exc.HTTPForbidden(explanation=msg) db_api.category_delete(category_id) + def _get_glare_client(self, request): + glare_settings = CONF.glare + token = request.context.auth_token + url = glare_settings.url + if not url: + url = self._get_glare_url(request) + client = glare_client.Client( + endpoint=url, token=token, insecure=glare_settings.insecure, + key_file=glare_settings.key_file or None, + ca_file=glare_settings.ca_file or None, + cert_file=glare_settings.cert_file or None, + type_name='murano', + type_version=1) + return client + + def _get_glare_url(self, request): + sc = request.context.service_catalog + token = request.context.auth_token + try: + return service_catalog.ServiceCatalogV2( + {'serviceCatalog': sc}).url_for( + service_type='artifact', + endpoint_type=CONF.glare.endpoint_type, + region_name=CONF.home_region) + except keystone_ex.EndpointNotFound: + return service_catalog.ServiceCatalogV3( + token, + {'catalog': sc}).url_for( + service_type='artifact', + endpoint_type=CONF.glare.endpoint_type, + region_name=CONF.home_region) + def create_resource(): specific_content_types = { diff -Nru murano-2.0.0/murano/cmd/manage.py murano-2.0.2/murano/cmd/manage.py --- murano-2.0.0/murano/cmd/manage.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/cmd/manage.py 2016-08-25 21:34:26.000000000 +0300 @@ -17,7 +17,6 @@ This file is about to be deprecated, please use python-muranoclient. *** Deprecation warning *** """ - import sys import traceback diff -Nru murano-2.0.0/murano/common/auth_utils.py murano-2.0.2/murano/common/auth_utils.py --- murano-2.0.0/murano/common/auth_utils.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/common/auth_utils.py 2016-08-25 21:34:26.000000000 +0300 @@ -29,12 +29,12 @@ 'auth_url': cfg.CONF.keystone_authtoken.auth_uri.replace('v2.0', 'v3'), 'username': cfg.CONF.keystone_authtoken.admin_user, 'password': cfg.CONF.keystone_authtoken.admin_password, - 'user_domain_name': 'default' + 'user_domain_name': "Default" } if scoped: settings.update({ 'project_name': cfg.CONF.keystone_authtoken.admin_tenant_name, - 'project_domain_name': 'default' + 'project_domain_name': "Default" }) return settings diff -Nru murano-2.0.0/murano/common/config.py murano-2.0.2/murano/common/config.py --- murano-2.0.0/murano/common/config.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/common/config.py 2016-08-25 21:34:26.000000000 +0300 @@ -54,8 +54,13 @@ cfg.BoolOpt('ssl', default=False, help='Boolean flag to enable SSL communication through the ' 'RabbitMQ broker between murano-engine and guest agents.'), + cfg.StrOpt('ca_certs', default='', - help='SSL cert file (valid only if SSL enabled).') + help='SSL cert file (valid only if SSL enabled).'), + + cfg.BoolOpt('insecure', default=False, + help='This option explicitly allows Murano to perform ' + '"insecure" SSL connections to RabbitMQ'), ] heat_opts = [ diff -Nru murano-2.0.0/murano/common/messaging/mqclient.py murano-2.0.2/murano/common/messaging/mqclient.py --- murano-2.0.0/murano/common/messaging/mqclient.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/common/messaging/mqclient.py 2016-08-25 21:34:26.000000000 +0300 @@ -25,13 +25,19 @@ class MqClient(object): def __init__(self, login, password, host, port, virtual_host, - ssl=False, ca_certs=None): + ssl=False, ca_certs=None, insecure=False): ssl_params = None - if ssl is True: + if ssl: + cert_reqs = ssl_module.CERT_REQUIRED + if insecure: + if ca_certs: + cert_reqs = ssl_module.CERT_OPTIONAL + else: + cert_reqs = ssl_module.CERT_NONE ssl_params = { 'ca_certs': ca_certs, - 'cert_reqs': ssl_module.CERT_REQUIRED + 'cert_reqs': cert_reqs } self._connection = kombu.Connection( diff -Nru murano-2.0.0/murano/common/server.py murano-2.0.2/murano/common/server.py --- murano-2.0.0/murano/common/server.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/common/server.py 2016-08-25 21:34:26.000000000 +0300 @@ -17,10 +17,10 @@ from oslo_config import cfg from oslo_log import log as logging import oslo_messaging as messaging -from oslo_messaging.notify import dispatcher as oslo_dispatcher from oslo_messaging import target from oslo_service import service from oslo_utils import timeutils +import pytz from sqlalchemy import desc from murano.common.helpers import token_sanitizer @@ -178,6 +178,9 @@ del report['id'] status = models.Status() + if 'timestamp' in report: + dt = timeutils.parse_isotime(report.pop('timestamp')) + report['created'] = dt.astimezone(pytz.utc).replace(tzinfo=None) status.update(report) unit = session.get_session() @@ -226,10 +229,10 @@ transport = messaging.get_transport(CONF) s_target = target.Target(topic='murano', server=str(uuid.uuid4())) - dispatcher = oslo_dispatcher.NotificationDispatcher( - [s_target], endpoints, None, True) - self.server = messaging.MessageHandlingServer( - transport, dispatcher, 'eventlet') + + self.server = messaging.get_notification_listener( + transport, [s_target], endpoints, executor='eventlet') + self.server.start() super(NotificationService, self).start() diff -Nru murano-2.0.0/murano/common/statservice.py murano-2.0.2/murano/common/statservice.py --- murano-2.0.0/murano/common/statservice.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/common/statservice.py 2016-08-25 21:34:26.000000000 +0300 @@ -14,6 +14,7 @@ import json +import multiprocessing import socket import time @@ -72,7 +73,7 @@ v1.stats.error_count, v1.stats.average_time, v1.stats.requests_per_tenant, - psutil.NUM_CPUS, + multiprocessing.cpu_count(), psutil.cpu_percent()) return diff -Nru murano-2.0.0/murano/context.py murano-2.0.2/murano/context.py --- murano-2.0.0/murano/context.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/context.py 2016-08-25 21:34:26.000000000 +0300 @@ -25,12 +25,12 @@ """ def __init__(self, session=None, - roles=None, is_admin=None, + roles=None, is_admin=None, service_catalog=None, **kwargs): super(RequestContext, self).__init__(**kwargs) self.session = session self.roles = roles or [] - + self.service_catalog = service_catalog self.is_admin = is_admin if self.is_admin is None: self.is_admin = policy.check_is_admin(self) diff -Nru murano-2.0.0/murano/dsl/executor.py murano-2.0.2/murano/dsl/executor.py --- murano-2.0.0/murano/dsl/executor.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/dsl/executor.py 2016-08-25 21:34:26.000000000 +0300 @@ -274,13 +274,13 @@ def _list_potential_object_ids(self, data): if isinstance(data, dict): + for val in six.itervalues(data): + for res in self._list_potential_object_ids(val): + yield res sys_dict = data.get('?') if (isinstance(sys_dict, dict) and sys_dict.get('id') and sys_dict.get('type')): yield sys_dict['id'] - for val in six.itervalues(data): - for res in self._list_potential_object_ids(val): - yield res elif isinstance(data, collections.Iterable) and not isinstance( data, six.string_types): for val in data: diff -Nru murano-2.0.0/murano/dsl/yaql_integration.py murano-2.0.2/murano/dsl/yaql_integration.py --- murano-2.0.0/murano/dsl/yaql_integration.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/dsl/yaql_integration.py 2016-08-25 21:34:26.000000000 +0300 @@ -362,13 +362,14 @@ murano_class return helpers.evaluate(cls(*args, **kwargs), __context) - if '__init__' in cls.__dict__: + try: fd = specs.get_function_definition( helpers.function(cls.__init__), parameter_type_func=lambda name: _infer_parameter_type( name, cls.__name__), convention=CONVENTION) - else: + except AttributeError: + # __init__ is a slot wrapper inherited from object or other C type fd = specs.get_function_definition(lambda self: None) fd.meta[constants.META_NO_TRACE] = True fd.insert_parameter(specs.ParameterDefinition( diff -Nru murano-2.0.0/murano/engine/package_loader.py murano-2.0.2/murano/engine/package_loader.py --- murano-2.0.0/murano/engine/package_loader.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/package_loader.py 2016-08-25 21:34:26.000000000 +0300 @@ -200,7 +200,7 @@ return packages[0] else: LOG.debug('There are no packages matching filter ' - '{filter}'.format(optst=filter_opts)) + '{opts}'.format(opts=filter_opts)) raise LookupError() except muranoclient_exc.HTTPException: LOG.debug('Failed to get package definition from repository') diff -Nru murano-2.0.0/murano/engine/system/common.py murano-2.0.2/murano/engine/system/common.py --- murano-2.0.0/murano/engine/system/common.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/system/common.py 2016-08-25 21:34:26.000000000 +0300 @@ -29,6 +29,7 @@ 'port': rabbitmq.port, 'virtual_host': rabbitmq.virtual_host, 'ssl': rabbitmq.ssl, - 'ca_certs': rabbitmq.ca_certs.strip() or None + 'ca_certs': rabbitmq.ca_certs.strip() or None, + 'insecure': rabbitmq.insecure } return mqclient.MqClient(**connection_params) diff -Nru murano-2.0.0/murano/engine/system/heat_stack.py murano-2.0.2/murano/engine/system/heat_stack.py --- murano-2.0.0/murano/engine/system/heat_stack.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/system/heat_stack.py 2016-08-25 21:34:26.000000000 +0300 @@ -215,50 +215,66 @@ template = copy.deepcopy(self._template) LOG.debug('Pushing: {template}'.format(template=template)) - current_status = self._get_status() - resources = template.get('Resources') or template.get('resources') - if current_status == 'NOT_FOUND': - if resources is not None: - token_client = self._get_token_client() - token_client.stacks.create( - stack_name=self._name, - parameters=self._parameters, - template=template, - files=self._files, - environment=self._hot_environment, - disable_rollback=True, - tags=self._tags) + while True: + try: + current_status = self._get_status() + resources = template.get('Resources') or template.get( + 'resources') + if current_status == 'NOT_FOUND': + if resources is not None: + token_client = self._get_token_client() + token_client.stacks.create( + stack_name=self._name, + parameters=self._parameters, + template=template, + files=self._files, + environment=self._hot_environment, + disable_rollback=True, + tags=self._tags) - self._wait_state(lambda status: status == 'CREATE_COMPLETE') - else: - if resources is not None: - self._client.stacks.update( - stack_id=self._name, - parameters=self._parameters, - files=self._files, - environment=self._hot_environment, - template=template, - disable_rollback=True, - tags=self._tags) - self._wait_state( - lambda status: status == 'UPDATE_COMPLETE', True) + self._wait_state( + lambda status: status == 'CREATE_COMPLETE') + else: + if resources is not None: + self._client.stacks.update( + stack_id=self._name, + parameters=self._parameters, + files=self._files, + environment=self._hot_environment, + template=template, + disable_rollback=True, + tags=self._tags) + self._wait_state( + lambda status: status == 'UPDATE_COMPLETE', True) + else: + self.delete() + except heat_exc.HTTPConflict as e: + LOG.warning(_LW('Conflicting operation: {msg}').format(msg=e)) + eventlet.sleep(3) else: - self.delete() + break self._applied = not utils.is_different(self._template, template) def delete(self): - try: - if not self.current(): - return - self._wait_state(lambda s: True) - self._client.stacks.delete(stack_id=self._name) - self._wait_state( - lambda status: status in ('DELETE_COMPLETE', 'NOT_FOUND'), - wait_progress=True) - except heat_exc.NotFound: - LOG.warning(_LW('Stack {stack_name} already deleted?') - .format(stack_name=self._name)) + while True: + try: + if not self.current(): + return + self._wait_state(lambda s: True) + self._client.stacks.delete(stack_id=self._name) + self._wait_state( + lambda status: status in ('DELETE_COMPLETE', 'NOT_FOUND'), + wait_progress=True) + except heat_exc.NotFound: + LOG.warning(_LW('Stack {stack_name} already deleted?') + .format(stack_name=self._name)) + break + except heat_exc.HTTPConflict as e: + LOG.warning(_LW('Conflicting operation: {msg}').format(msg=e)) + eventlet.sleep(3) + else: + break self._template = {} self._applied = True diff -Nru murano-2.0.0/murano/engine/system/net_explorer.py murano-2.0.2/murano/engine/system/net_explorer.py --- murano-2.0.0/murano/engine/system/net_explorer.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/system/net_explorer.py 2016-08-25 21:34:26.000000000 +0300 @@ -190,3 +190,7 @@ def list_ports(self): return self._client.list_ports()['ports'] + + @session_local_storage.execution_session_memoize + def list_neutron_extensions(self): + return self._client.list_extensions()['extensions'] diff -Nru murano-2.0.0/murano/engine/system/status_reporter.py murano-2.0.2/murano/engine/system/status_reporter.py --- murano-2.0.0/murano/engine/system/status_reporter.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/system/status_reporter.py 2016-08-25 21:34:26.000000000 +0300 @@ -16,6 +16,7 @@ from oslo_config import cfg import oslo_messaging as messaging +from oslo_utils import timeutils import six from murano.common import uuidutils @@ -47,7 +48,8 @@ 'text': msg, 'details': details, 'level': level, - 'environment_id': self._environment_id + 'environment_id': self._environment_id, + 'timestamp': timeutils.isotime() } self._notifier.info({}, 'murano.report_notification', body) diff -Nru murano-2.0.0/murano/engine/system/yaql_functions.py murano-2.0.2/murano/engine/system/yaql_functions.py --- murano-2.0.0/murano/engine/system/yaql_functions.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/system/yaql_functions.py 2016-08-25 21:34:26.000000000 +0300 @@ -93,8 +93,14 @@ @specs.parameter('group', yaqltypes.String()) @specs.parameter('setting', yaqltypes.String()) -def config(group, setting): - return cfg.CONF[group][setting] +@specs.parameter('read_as_file', bool) +def config(group, setting, read_as_file=False): + config_value = cfg.CONF[group][setting] + if read_as_file: + with open(config_value) as target_file: + return target_file.read() + else: + return config_value @specs.parameter('setting', yaqltypes.String()) diff -Nru murano-2.0.0/murano/engine/yaql_yaml_loader.py murano-2.0.2/murano/engine/yaql_yaml_loader.py --- murano-2.0.0/murano/engine/yaql_yaml_loader.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/engine/yaql_yaml_loader.py 2016-08-25 21:34:26.000000000 +0300 @@ -43,7 +43,7 @@ node.end_mark.line + 1, node.end_mark.column + 1) - class MuranoPlYamlConstructor(yaml.constructor.Constructor): + class MuranoPlYamlConstructor(yaml.constructor.SafeConstructor): def construct_yaml_map(self, node): data = MuranoPlDict() data.source_file_position = build_position(node) @@ -51,7 +51,7 @@ value = self.construct_mapping(node) data.update(value) - class YaqlYamlLoader(yaml.Loader, MuranoPlYamlConstructor): + class YaqlYamlLoader(yaml.SafeLoader, MuranoPlYamlConstructor): pass YaqlYamlLoader.add_constructor( @@ -60,7 +60,7 @@ # workaround for PyYAML bug: http://pyyaml.org/ticket/221 resolvers = {} - for k, v in yaml.Loader.yaml_implicit_resolvers.items(): + for k, v in yaml.SafeLoader.yaml_implicit_resolvers.items(): resolvers[k] = v[:] YaqlYamlLoader.yaml_implicit_resolvers = resolvers diff -Nru murano-2.0.0/murano/packages/hot_package.py murano-2.0.2/murano/packages/hot_package.py --- murano-2.0.0/murano/packages/hot_package.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/packages/hot_package.py 2016-08-25 21:34:26.000000000 +0300 @@ -331,10 +331,12 @@ ] destroy = [ + {YAQL('$environment'): YAQL( + "$.find('io.murano.Environment').require()" + )}, {YAQL('$stack'): YAQL( - "new('io.murano.system.HeatStack', " + "new('io.murano.system.HeatStack', $environment, " "name => $.getAttr(generatedHeatStackName))")}, - YAQL('$stack.delete()') ] @@ -490,12 +492,17 @@ return translated @staticmethod - def _generate_application_ui(groups, type_name): + def _generate_application_ui(groups, type_name, + package_name=None, package_version=None): app = { '?': { 'type': type_name } } + if package_name: + app['?']['package'] = package_name + if package_version: + app['?']['classVersion'] = package_version for i, record in enumerate(groups): if i == 0: section = app @@ -525,7 +532,7 @@ translated = { 'Version': 2, 'Application': HotPackage._generate_application_ui( - groups, self.full_name), + groups, self.full_name, self.full_name, str(self.version)), 'Forms': forms } diff -Nru murano-2.0.0/murano/tests/functional/common/utils.py murano-2.0.2/murano/tests/functional/common/utils.py --- murano-2.0.0/murano/tests/functional/common/utils.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/tests/functional/common/utils.py 2016-08-25 21:34:26.000000000 +0300 @@ -247,7 +247,7 @@ """ component = service.to_dict() component = json.dumps(component) - return yaml.load(component) + return yaml.safe_load(component) @classmethod def get_service_id(cls, service): @@ -517,7 +517,13 @@ def _get_stack(cls, environment_id): for stack in cls.heat_client().stacks.list(): - if environment_id in stack.description: + stack_description = ( + cls.heat_client().stacks.get(stack.id).description) + if not stack_description: + err_msg = ("Stack {0} description is empty".format(stack.id)) + LOG.error(err_msg) + raise RuntimeError(err_msg) + if environment_id in stack_description: return stack @classmethod diff -Nru murano-2.0.0/murano/tests/unit/policy/test_congress_rules.py murano-2.0.2/murano/tests/unit/policy/test_congress_rules.py --- murano-2.0.0/murano/tests/unit/policy/test_congress_rules.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano/tests/unit/policy/test_congress_rules.py 2016-08-25 21:34:26.000000000 +0300 @@ -87,7 +87,7 @@ os.path.dirname(inspect.getfile(self.__class__)), file_name) with open(model_file) as stream: - return yaml.load(stream) + return yaml.safe_load(stream) def _create_rules_str(self, model_file, package_loader=None): model = self._load_file(model_file) diff -Nru murano-2.0.0/murano_tempest_tests/clients.py murano-2.0.2/murano_tempest_tests/clients.py --- murano-2.0.0/murano_tempest_tests/clients.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano_tempest_tests/clients.py 2016-08-25 21:34:26.000000000 +0300 @@ -23,7 +23,7 @@ class Manager(clients.Manager): def __init__(self, - credentials=common_creds.get_configured_credentials( + credentials=common_creds.get_configured_admin_credentials( 'identity_admin'), service=None): super(Manager, self).__init__(credentials, service) @@ -37,4 +37,4 @@ class AltManager(Manager): def __init__(self, service=None): super(AltManager, self).__init__( - common_creds.get_configured_credentials('alt_user'), service) + common_creds.get_configured_admin_credentials('alt_user'), service) diff -Nru murano-2.0.0/murano_tempest_tests/tests/api/application_catalog/base.py murano-2.0.2/murano_tempest_tests/tests/api/application_catalog/base.py --- murano-2.0.0/murano_tempest_tests/tests/api/application_catalog/base.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano_tempest_tests/tests/api/application_catalog/base.py 2016-08-25 21:34:26.000000000 +0300 @@ -47,7 +47,7 @@ cls.dynamic_cred = dynamic_creds.DynamicCredentialProvider( identity_version=CONF.identity.auth_version, name=cls.__name__, admin_role=cls.admin_role, - admin_creds=common_creds.get_configured_credentials( + admin_creds=common_creds.get_configured_admin_credentials( 'identity_admin')) if type_of_creds == 'primary': creds = cls.dynamic_cred.get_primary_creds() @@ -59,7 +59,7 @@ creds = cls.dynamic_cred.get_credentials(type_of_creds) cls.dynamic_cred.type_of_creds = type_of_creds - return creds + return creds.credentials @classmethod def verify_nonempty(cls, *args): diff -Nru murano-2.0.0/murano_tempest_tests/tests/api/service_broker/base.py murano-2.0.2/murano_tempest_tests/tests/api/service_broker/base.py --- murano-2.0.0/murano_tempest_tests/tests/api/service_broker/base.py 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/murano_tempest_tests/tests/api/service_broker/base.py 2016-08-25 21:34:26.000000000 +0300 @@ -121,14 +121,5 @@ @classmethod def resource_setup(cls): - if hasattr(CONF.identity, 'admin_username'): - cls.username = CONF.identity.admin_username - cls.password = CONF.identity.admin_password - cls.tenant_name = CONF.identity.admin_tenant_name - else: - cls.username = CONF.auth.admin_username - cls.password = CONF.auth.admin_password - cls.tenant_name = CONF.auth.admin_tenant_name - cls.verify_nonempty(cls.username, cls.password, cls.tenant_name) cls.os = clients.Manager() super(BaseServiceBrokerAdminTest, cls).resource_setup() diff -Nru murano-2.0.0/releasenotes/notes/cinder-volumes-0412875c1011f8eb.yaml murano-2.0.2/releasenotes/notes/cinder-volumes-0412875c1011f8eb.yaml --- murano-2.0.0/releasenotes/notes/cinder-volumes-0412875c1011f8eb.yaml 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/releasenotes/notes/cinder-volumes-0412875c1011f8eb.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -2,5 +2,5 @@ features: - Classes to work with Cinder volumes were added to core library. Now it is possible to create new volume from various sources or use - existing volume. Also it is possible to attach volumes to instances. - This doesn't include ability to boot instances from volumes. + existing volume. Also it is possible to attach volumes to instances + and boot instances from volumes. diff -Nru murano-2.0.0/releasenotes/notes/enable-hot-for-glare-8026f2dccad1732e.yaml murano-2.0.2/releasenotes/notes/enable-hot-for-glare-8026f2dccad1732e.yaml --- murano-2.0.0/releasenotes/notes/enable-hot-for-glare-8026f2dccad1732e.yaml 1970-01-01 03:00:00.000000000 +0300 +++ murano-2.0.2/releasenotes/notes/enable-hot-for-glare-8026f2dccad1732e.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -0,0 +1,6 @@ +--- +fixes: + - Fixed a bug when the UI dialog was not displayed in Murano Dashboard for + applications which don't have UI definitions bundled in the package but + generate them based on the package contents instead. This usually affected + HOT-based packages and other non-muranopl-based applications. diff -Nru murano-2.0.0/releasenotes/notes/no-neutron-sec-group-support-2d69082b7226d6c0.yaml murano-2.0.2/releasenotes/notes/no-neutron-sec-group-support-2d69082b7226d6c0.yaml --- murano-2.0.0/releasenotes/notes/no-neutron-sec-group-support-2d69082b7226d6c0.yaml 1970-01-01 03:00:00.000000000 +0300 +++ murano-2.0.2/releasenotes/notes/no-neutron-sec-group-support-2d69082b7226d6c0.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -0,0 +1,5 @@ +--- +fixes: + - Murano is now able to deploy applications in the environments with disabled + Neutron Security Groups. Detection is based on the presence of + 'security-group' Neutron extension. diff -Nru murano-2.0.0/releasenotes/notes/safeloader-cve-2016-4972-4e7e42b9257c5628.yaml murano-2.0.2/releasenotes/notes/safeloader-cve-2016-4972-4e7e42b9257c5628.yaml --- murano-2.0.0/releasenotes/notes/safeloader-cve-2016-4972-4e7e42b9257c5628.yaml 1970-01-01 03:00:00.000000000 +0300 +++ murano-2.0.2/releasenotes/notes/safeloader-cve-2016-4972-4e7e42b9257c5628.yaml 2016-08-25 21:34:26.000000000 +0300 @@ -0,0 +1,9 @@ +--- +security: + - cve-2016-4972 has been addressed. In ceveral places + Murano used loaders inherited directly from yaml.Loader + when parsing MuranoPL and UI files from packages. + This is unsafe, because this loader is capable of creating + custom python objects from specifically constructed + yaml files. With this change all yaml loading operations are done + using safe loaders instead. diff -Nru murano-2.0.0/requirements.txt murano-2.0.2/requirements.txt --- murano-2.0.0/requirements.txt 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/requirements.txt 2016-08-25 21:34:26.000000000 +0300 @@ -2,14 +2,14 @@ # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. pbr>=1.6 # Apache-2.0 -Babel>=1.3 # BSD +Babel!=2.3.0,!=2.3.1,!=2.3.2,!=2.3.3,>=1.3 # BSD SQLAlchemy<1.1.0,>=1.0.10 # MIT stevedore>=1.5.0 # Apache-2.0 alembic>=0.8.0 # MIT eventlet!=0.18.3,>=0.18.2 # MIT PasteDeploy>=1.5.0 # MIT -Routes!=2.0,!=2.1,>=1.12.3;python_version=='2.7' # MIT -Routes!=2.0,>=1.12.3;python_version!='2.7' # MIT +Routes!=2.0,!=2.1,!=2.3.0,>=1.12.3;python_version=='2.7' # MIT +Routes!=2.0,!=2.3.0,>=1.12.3;python_version!='2.7' # MIT retrying!=1.3.0,>=1.2.3 # Apache-2.0 WebOb>=1.2.3 # MIT kombu>=3.0.25 # BSD @@ -26,7 +26,7 @@ Paste # MIT jsonschema!=2.5.0,<3.0.0,>=2.0.0 # MIT -python-keystoneclient!=1.8.0,!=2.1.0,>=1.6.0 # Apache-2.0 +python-keystoneclient!=1.8.0,!=2.1.0,<3.0.0,>=1.6.0 # Apache-2.0 python-heatclient>=0.6.0 # Apache-2.0 python-neutronclient!=4.1.0,>=2.6.0 # Apache-2.0 python-muranoclient>=0.8.2 # Apache-2.0 @@ -34,7 +34,7 @@ python-mistralclient>=1.0.0 # Apache-2.0 oslo.db>=4.1.0 # Apache-2.0 oslo.config>=3.7.0 # Apache-2.0 -oslo.concurrency>=3.5.0 # Apache-2.0 +oslo.concurrency>=3.7.1 # Apache-2.0 oslo.context>=0.2.0 # Apache-2.0 oslo.policy>=0.5.0 # Apache-2.0 oslo.messaging>=4.0.0 # Apache-2.0 diff -Nru murano-2.0.0/test-requirements.txt murano-2.0.2/test-requirements.txt --- murano-2.0.0/test-requirements.txt 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/test-requirements.txt 2016-08-25 21:34:26.000000000 +0300 @@ -4,7 +4,7 @@ hacking<0.11,>=0.10.0 coverage>=3.6 # Apache-2.0 -fixtures>=1.3.1 # Apache-2.0/BSD +fixtures<2.0,>=1.3.1 # Apache-2.0/BSD mock>=1.2 # BSD nose # LGPL oslotest>=1.10.0 # Apache-2.0 diff -Nru murano-2.0.0/tox.ini murano-2.0.2/tox.ini --- murano-2.0.0/tox.ini 2016-03-31 20:12:27.000000000 +0300 +++ murano-2.0.2/tox.ini 2016-08-25 21:34:26.000000000 +0300 @@ -5,7 +5,7 @@ [testenv] usedevelop = True -install_command = pip install -U {opts} {packages} +install_command = pip install -c{env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt?h=stable/mitaka} {opts} {packages} setenv = VIRTUAL_ENV={envdir} DISCOVER_DIRECTORY=murano/tests/unit