From fungi at yuggoth.org Tue Apr 5 19:23:33 2022 From: fungi at yuggoth.org (Jeremy Stanley) Date: Tue, 5 Apr 2022 19:23:33 +0000 Subject: [service-announce] Zuul behavior change with Depends-On across queues Message-ID: <20220405192332.3pzyk6w5hmd65po4@yuggoth.org> A recent improvement to more accurately report Zuul's enqueuing has resulted in an unanticipated difference in behavior for changes declaring a Depends-On relationship between projects which don't share a dependent queue. If you approve the depending change before the dependency has merged, Zuul will now report a Verified -2 vote on the depending change (where previously it just ignored your approval entirely). As a result, because the openstack tenant is configured to require a positive Verified vote before enqueuing into the gate pipeline, this means the depending change will need to be rechecked in order to replace that -2 vote with a +1 in that tenant. For tenants without such a "clean check" rule, the change in behavior is entirely cosmetic. One thing you can do to avoid this is make sure any projects which regularly utilize Depends-On between their changes are configured to belong to the same named queue, which will result in Zuul enqueuing those approved changes into the gate pipeline together without needing to wait for one to merge before the other can be tested. Zuul expects related projects to share a queue and, on approval, will only look up parent and child changes to enqueue within the related projects list, as determined by the queue to which they belong. An alternative workaround is to only approve a change once you've confirmed that any Depends-On has merged, if that dependency is in another project which does not share the same queue. Feel free to follow up on the service-discuss ML with any comments/concerns, or find us in the #opendev channel on OFTC as usual. -- Jeremy Stanley -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 963 bytes Desc: not available URL: From cboylan at sapwetik.org Wed Apr 6 22:52:42 2022 From: cboylan at sapwetik.org (Clark Boylan) Date: Wed, 06 Apr 2022 15:52:42 -0700 Subject: [service-announce] review.opendev.org Gerrit downtime for project renames April 15, 2022 Message-ID: <45af5a24-6239-47c1-9622-6f751de3e017@www.fastmail.com> Hello, The OpenDev team will be renaming Gerrit projects on April 15, 2022 beginning at 15:00 UTC. This process requires a Gerrit downtime for the service running on review.opendev.org and is expected to last no more than an hour. If you would like to rename a project, now is the time to begin planning for that work ensuring the necessary changes are proposed. If you have any questions please feel free to respond to this email or reach out to the team. Clark From fungi at yuggoth.org Tue Apr 19 18:25:43 2022 From: fungi at yuggoth.org (Jeremy Stanley) Date: Tue, 19 Apr 2022 18:25:43 +0000 Subject: [service-announce] bindep 2.11.0 Message-ID: <20220419182542.tn5i6sutctv24bpe@yuggoth.org> It's my pleasure to announce the release of bindep 2.11.0. These are the corresponding release notes since the previous release: New Features ------------ * Add support for AlmaLinux to Bindep. As always, the latest version of bindep is available from PyPI: https://pypi.org/project/bindep Current documentation can be found here: https://docs.opendev.org/opendev/bindep Its source code can be obtained from the OpenDev Collaboratory: https://opendev.org/opendev/bindep Please don't hesitate to follow up through the service-discuss at lists.opendev.org mailing list or in the #opendev channel on the OFTC IRC network if you have any questions. -- Jeremy Stanley -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 963 bytes Desc: not available URL: From fungi at yuggoth.org Tue Apr 19 18:34:38 2022 From: fungi at yuggoth.org (Jeremy Stanley) Date: Tue, 19 Apr 2022 18:34:38 +0000 Subject: [service-announce] git-review 2.3.0 and 2.3.1 Message-ID: <20220419183438.o5aad5zhmaypvjmf@yuggoth.org> It's my pleasure to announce the release of git-review 2.3.0 and follow-up fix version 2.3.1. These are the corresponding release notes since the previous release: ======= 2.3.1 ======= Bug Fixes --------- * Improved version string parsing for Git in order to no longer break on Mac OSX/Darwin systems (story 2010002). ======= 2.3.0 ======= Upgrade Notes ------------- * Python 3.5 is no longer supported. * Git 2.10.0 or later is required as git-review now needs the ``--no-show-signature`` option for git-log. Bug Fixes --------- * Git's log.ShowSignature option is now supported. Previously, setting it would confuse git-review into thinking there were twice as many changes to push. * OpenSSH has deprecated its use of scp/rcp protocol in favor of SFTP, which the embedded Apache mina-sshd in widely-deployed Gerrit versions does not yet support. The default officially changed in OpenSSH 9.0 (some distributions, such as Fedora and CentOS, switched their default behavior to this as early as OpenSSH 8.7 or 8.8), leading to a "subsystem request failed on channel 0" error during commit-msg hook retrieval. Now git-review will attempt to detect whether scp's -O option is available to force use of the legacy scp/rcp protocol, and apply it if so. Future git-review versions may change the fallback behavior once an SFTP subsystem is implemented and available for a new Gerrit release. As always, the latest version of git-review is available from PyPI: https://pypi.org/project/git-review Current documentation can be found here: https://docs.opendev.org/opendev/git-review Its source code can be obtained from the OpenDev Collaboratory: https://opendev.org/opendev/git-review Please don't hesitate to follow up through the service-discuss at lists.opendev.org mailing list or in the #opendev channel on the OFTC IRC network if you have any questions. -- Jeremy Stanley -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 963 bytes Desc: not available URL: From cboylan at sapwetik.org Fri Apr 22 19:44:21 2022 From: cboylan at sapwetik.org (Clark Boylan) Date: Fri, 22 Apr 2022 12:44:21 -0700 Subject: [service-announce] A not so Short OpenDev Activity Update Message-ID: <49a0c293-0260-4157-859e-605a0a465bb5@www.fastmail.com> It has been a busy few weeks for the OpenDev team. We thought it would be a good idea to capture some of the more user facing aspects of what we have been doing lately. Git-review and Bindep both have new releases. Git-review 2.3.0 and 2.3.1 [0] bring better support for newer OpenSSH and signed Git commits, as well as drop compatibility with Python 3.5. Bindep 2.11.0 [1] adds support for AlmaLinux. Git fixed a security issue [2] that broke DevStack and other test jobs. The OpenDev team helped to quickly diagnose the problem and proposed fixes to projects once the issue was understood. If you have jobs with unexpected git operation failures or Python package install issues there is a good chance it is related to this update. You will want to ensure that the user running git commands in a repo is the same user that owns the files in the repo (typically "zuul"). Otherwise you will need to mark the repository as a "safe" repository. Our Twitter status account [3] has been resurrected to provide another way for our users to follow along as we make changes. Whenever we make `#status` messages in IRC that content gets mirrored to this account which you can follow on Twitter. We have also been doing quite a bit of Spring Cleaning (it is spring for some of us anyway). We no longer build Debian Buster or Python 3.7 versions of opendevorg/python-builder and opendevorg/python-base. We did our best to check that no one was using these images, but if you are, the images will remain on Docker Hub until Docker Hub times them out. You should update to a Bullseye Python 3.8 or newer image. Bullseye Python 3.10 images are newly available too. The OpenStack Health service was shut down some time ago, and its configuration management and source repositories have been retired or cleaned up as appropriate. The ELK system that powered elastic-recheck is in the process of being shutdown and retired in favor of a new OpenSearch hosted system managed by OpenStack more directly. Please read the documentation [4] for using the new system if you would like to continue to query job logs using Kibana. Our distro mirrors are getting a haircut to remove packages for unused architectures in our CI system, ISOs/images, and old distro releases. This cleanup will ensure we have plenty of room to add a Jammy Jellyfish mirror to our collection. We'd like to remind our users that while these mirrors are publicly available they are not intended for public consumption. We can and do modify them as our CI system needs change. Finally, looking ahead we'll begin to work on rolling out Jammy Jellyfish images for the CI system now that this latest Ubuntu LTS is available. Our Gerrit 3.5 upgrade should also pick up steam. Most of the changes we expect Gerrit users to see will be in the UI itself. You can read the release notes [5] to find out more. We aren't ready to set a date for this, but you should expect a short downtime which we will announce via service-announce at lists.opendev.org. Unfortunately, the Gerrit problems with SSH RSA keys won't be resolved until Gerrit 3.6. [0] https://lists.opendev.org/pipermail/service-announce/2022-April/000036.html [1] https://lists.opendev.org/pipermail/service-announce/2022-April/000035.html [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24765 [3] https://twitter.com/opendevinfra/ [4] https://governance.openstack.org/sigs/tact-sig.html#opensearch [5] https://www.gerritcodereview.com/3.5.html