Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Drop Python2 build, test, and install #615

Merged
merged 1 commit into from May 18, 2020
Merged

Drop Python2 build, test, and install #615

merged 1 commit into from May 18, 2020

Conversation

ericwb
Copy link
Member

@ericwb ericwb commented May 18, 2020

This commit drops building of Python 2.7 in our build matrix. It
also changes the testing of pylint and pep8 from 2.7 to 3.5. And
no longer should the binary be installable on Py2.7 via the change
to setup.py.

Partially-Fixes: #584

Signed-off-by: Eric Brown browne@vmware.com

@ericwb
Drop Python2 build, test, and install
4154a07 
This commit drops building of Python 2.7 in our build matrix. It
also changes the testing of pylint and pep8 from 2.7 to 3.5. And
no longer should the binary be installable on Py2.7 via the change
to setup.py.

Partially-Fixes: #584

Signed-off-by: Eric Brown <browne@vmware.com>
@ericwb ericwb merged commit b78c938 into PyCQA:master May 18, 2020
@ericwb ericwb deleted the drop_py2 branch December 6, 2020 10:01
@ericwb ericwb added this to the Release 1.6.3 milestone Dec 6, 2020
@karrtikr karrtikr mentioned this pull request Dec 7, 2020
Merged
openstack-mirroring pushed a commit to openstack/swift that referenced this pull request Dec 15, 2020
@lyarwood
[stable-only] Cap bandit to 1.6.2
19218d3 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Closes-Bug: #1907438
Change-Id: I294d5350e2f418614e54ff7bdd47dff16bfdcdbc
(cherry picked from commit 1f2326cd7cf5f8e32a55091f976f917093a0bede)
(cherry picked from commit cac096fcd64213f1e2cfa0848ca9af40a89fc952)
(cherry picked from commit b2f96a1f9361c0245faca24702d2843d53e10175)
(cherry picked from commit 1a6eb97)
openstack-mirroring pushed a commit to openstack/nova that referenced this pull request Dec 16, 2020
@lyarwood
[stable-only] Cap bandit to 1.6.2
4887f10 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Depends-On: https://review.opendev.org/c/openstack/swift/+/766495

Conflicts:
  test-requirements.txt

Closes-Bug: #1907438
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a
openstack-mirroring pushed a commit to openstack/swift that referenced this pull request Dec 16, 2020
@lyarwood
[stable-only] Cap bandit to 1.6.2
1a6eb97 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Conflicts:
  test-requirements.txt

Closes-Bug: #1907438
Change-Id: I294d5350e2f418614e54ff7bdd47dff16bfdcdbc
(cherry picked from commit 1f2326cd7cf5f8e32a55091f976f917093a0bede)
(cherry picked from commit cac096fcd64213f1e2cfa0848ca9af40a89fc952)
(cherry picked from commit b2f96a1f9361c0245faca24702d2843d53e10175)
openstack-mirroring pushed a commit to openstack/nova that referenced this pull request Dec 17, 2020
@lyarwood
[stable-only] Cap bandit to 1.6.2
2592ee9 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Depends-On: https://review.opendev.org/c/openstack/swift/+/766494

Conflicts:
  test-requirements.txt

Closes-Bug: #1907438
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a
openstack-mirroring pushed a commit to openstack/swift that referenced this pull request Dec 18, 2020
@lyarwood
[stable-only] Cap bandit to 1.6.2
61f46a7 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

Also fix sphinx doc requirements to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Closes-Bug: #1907438
Change-Id: I294d5350e2f418614e54ff7bdd47dff16bfdcdbc
(cherry picked from commit 1f2326cd7cf5f8e32a55091f976f917093a0bede)
(cherry picked from commit cac096fcd64213f1e2cfa0848ca9af40a89fc952)
@ericwb ericwb mentioned this pull request Dec 20, 2020
Closed
openstack-mirroring pushed a commit to openstack/swift that referenced this pull request Jan 7, 2021
@lyarwood
[stable-only] Cap bandit to 1.6.2
c304f11 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

Also fix sphinx doc requirements and xattr requirement to make
requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Depends-On: https://review.opendev.org/c/openstack/devstack/+/768257

Closes-Bug: #1907438
Change-Id: I294d5350e2f418614e54ff7bdd47dff16bfdcdbc
(cherry picked from commit 1f2326cd7cf5f8e32a55091f976f917093a0bede)
openstack-mirroring pushed a commit to openstack/swift that referenced this pull request Jan 8, 2021
@lyarwood @tipabu
[stable-only] Cap bandit to 1.6.2
41bec52 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Closes-Bug: #1907438
Change-Id: I294d5350e2f418614e54ff7bdd47dff16bfdcdbc
openstack-mirroring pushed a commit to openstack/swift that referenced this pull request Jan 8, 2021
@lyarwood
[stable-only] Cap bandit to 1.6.2
d63b701 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

swift-multinode-rolling-upgrade is also made non-voting in order for
this change to land as we cannot deploy from stable/train without this
change.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Depends-On: https://review.opendev.org/c/openstack/devstack/+/768256
Depends-On: https://review.opendev.org/c/openstack/devstack/+/768257
Closes-Bug: #1907438
Change-Id: I294d5350e2f418614e54ff7bdd47dff16bfdcdbc
openstack-mirroring pushed a commit to openstack/ironic that referenced this pull request Jan 8, 2021
[stable-only] Fix bandit upper constraint
59525df 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I64da924b84d6a96d0440a562c0a7925406aff4c4
openstack-mirroring pushed a commit to openstack/nova that referenced this pull request Jan 9, 2021
@lyarwood
[stable-only] Cap bandit to 1.6.2 and raise hacking, flake8 and stestr
b2037fc 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

This change also raises hacking to 1.1.0 in lower-constraints.txt after
it was bumped by I35c654bd39f343417e0a1124263ff31dcd0b05c9. This also
means that flake8 is bumped to 2.6.0. stestr is also bumped to 2.0.0 as
required by oslotest 3.8.0.

All of these changes are squashed into a single change to pass the gate.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Depends-On: https://review.opendev.org/c/openstack/devstack/+/768256
Depends-On: https://review.opendev.org/c/openstack/swift/+/766214

Closes-Bug: #1907438
Closes-Bug: #1907756
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a
openstack-mirroring pushed a commit to openstack/neutron that referenced this pull request Jan 9, 2021
@voyageur
[train] Fix tests with new pip resolver
c9416b1 
Bump minimum keystoneauth1 as openstacksdk needs a newer version
Bump minimum debtcollerctor, ovsdbapp as os-vif needs a newer version
In lower-constraints, bump os-service-types, and fix pycodestyle bound
to align with test requirements

This change also caps bandit to <= 1.6.2 after the now yanked 1.6.3
release dropped py27 support [1][2]. 1.7.0 has since been released [3]
but is still present in the universal wheel and thus will be pulled in
by py27 incorrectly.

Also disable networking-ovn-tempest-dsvm-ovs-release job to allow
https://review.opendev.org/c/openstack/networking-ovn/+/767424 fix to
merge (they depend on each other), follow-up patch will restore it

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] https://github.com/PyCQA/bandit/releases/tag/1.7.0

Depends-On: https://review.opendev.org/c/openstack/devstack/+/768256
Depends-On: https://review.opendev.org/c/openstack/swift/+/766214

Change-Id: Idb98850d1ef09e4ae82b42a7f1930b99ae74e0a1
openstack-mirroring pushed a commit to openstack/nova that referenced this pull request Jan 14, 2021
@lyarwood
[stable-only] Cap bandit and make lower-constraints job non-voting
c9f50e9 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

sphinx requirements needed to be changed in doc/requirements.txt to
make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Closes-Bug: #1907438
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a
openstack-mirroring pushed a commit to openstack/oslo.limit that referenced this pull request Jan 16, 2021
[stable-only] Cap bandit and fix lower-constraints
45eeda8 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt).

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I2df0f9778b029ea369492649041ed375dccef2a7
openstack-mirroring pushed a commit to openstack/designate that referenced this pull request Jan 16, 2021
[stable-only] Cap bandit and fix lowwer-constraints
8654415 
bandit 1.6.3 [1] release has dropped support for py2 [2] but the
release is faulty and pip still picks it up for py2 [3][4], so cap to
1.6.2 when using py2.

With the new pip dependency resolver (introduced in pip 20.3) the
lower-constraints job started to fail. Problem is here with the
'install_command' in tox.ini, which uses both the upper- and lower-
constraints files, causing the job to fail. This patch adds separate
install_command without the upper constraints, so that only the
lower-constraints.txt is used.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: If8738f5005e60cf46ed93edbefa272bc2611b53f
openstack-mirroring pushed a commit to openstack/oslo.serialization that referenced this pull request Jan 19, 2021
[stable-only] Cap bandit and fix lower-constraints
bbf30b5 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt), which pulls in newer flake8, too.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I404810487e68042a2ae7de888a1225a0fcd23252
openstack-mirroring pushed a commit to openstack/nova that referenced this pull request Jan 22, 2021
@lyarwood
[stable-only] Cap bandit and make lower-constraints job non-voting
ddbcf57 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

doc/requirements.txt also updated to make requirements-check job pass.

Closes-Bug: #1907438
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a
openstack-mirroring pushed a commit to openstack/osprofiler that referenced this pull request Feb 3, 2021
[stable-only] Cap bandit to 1.6.2
30ffa27 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I8762bad8821868c97af8114e49f51b6383df3e5c
openstack-mirroring pushed a commit to openstack/oslo.reports that referenced this pull request Feb 4, 2021
[stable-only] Cap bandit and fix lower-constraints
53c69e7 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt), which pulls in newer flake8, too.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I0c50a5d70cd288cea3fe05a23dcb474cde176caa
openstack-mirroring pushed a commit to openstack/cinder that referenced this pull request Feb 10, 2021
[stable-only] Cap bandit and fix lower-constrains
cff32e1 
bandit 1.6.3 [1] release has dropped support for py2 [2] but the
release is faulty and pip still picks it up for py2 [3][4], so cap to
1.6.2 when using py2.

With the new pip dependency resolver (introduced in pip 20.3) the
lower-constraints job started to timeout and fail. This patch fixes
package version constraint contradictions and add some new lower
constraints to speed up pip's dependency resolution.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ib3ff3bd2df8954407e880a759082ef1eee3e76a1
openstack-mirroring pushed a commit to openstack/osprofiler that referenced this pull request Feb 24, 2021
[stable-only] Cap bandit to 1.6.2
2dc5a92 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx and elasticsearch requirement needed to be updated to make
requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I8762bad8821868c97af8114e49f51b6383df3e5c
(cherry picked from commit 30ffa27)
openstack-mirroring pushed a commit to openstack/oslo.service that referenced this pull request Feb 24, 2021
[stable-only] Cap bandit and fix lower-constraints
8231396 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt), which pulls in newer flake8, too.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ifd2bce1552e092a605f96d404ad12a4bbd03fe0c
openstack-mirroring pushed a commit to openstack/oslo.privsep that referenced this pull request Feb 24, 2021
[stable-only] Cap bandit and fix lower-constraints
8c2cdca 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt), which pulls in newer flake8, too.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I86312e5f46d4e880fbe7d230a6ac7d6a2f3ba5ae
openstack-mirroring pushed a commit to openstack/oslo.middleware that referenced this pull request Feb 24, 2021
[stable-only] Cap bandit to 1.6.2
fba3b78 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I787a0276ec0a62bc9e2f068e4e4ee1219a306474
openstack-mirroring pushed a commit to openstack/oslo.reports that referenced this pull request Feb 24, 2021
[stable-only] Cap bandit and fix lower-constraints
9d74e73 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt), which pulls in newer flake8, too.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I0c50a5d70cd288cea3fe05a23dcb474cde176caa
(cherry picked from commit 53c69e7)
openstack-mirroring pushed a commit to openstack/monasca-notification that referenced this pull request Feb 26, 2021
@chaconpiza
[stable-only] Cap bandit to 1.6.2
293306e 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to
1.6.2 when using py2.

This change also raises hacking to 1.1.0 in lower-constraints.txt
This also means that flake8 is bumped to 2.6.0

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Change-Id: Ib4ecaf8398a54543d2d9f452681ca46a056d8dc5
openstack-mirroring pushed a commit to openstack/oslo.rootwrap that referenced this pull request Mar 1, 2021
[stable-only] Cap bandit and fix lower-constraints
f3e5c77 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Contradicting hacking version replaced (in lower-constraints.txt to
match with test-requirements.txt), which pulls in newer flake8, too.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ibdc46d188a6025a42a6c7244cb0700563f56b3d1
openstack-mirroring pushed a commit to openstack/oslo.reports that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
e279ddf 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ic49c9bffc970b34ffa85696e9f8abbd8e8a1a776
openstack-mirroring pushed a commit to openstack/oslo.reports that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit and fix lower-constraints
3d7d336 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Id83f06c2f7a120960083b05d01b311e733bd0369
openstack-mirroring pushed a commit to openstack/osprofiler that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
72958e6 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement updated to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Id412a175c8b2a9c8c62105f5a6205b1330a9883f
openstack-mirroring pushed a commit to openstack/oslo.service that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
cae223b 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I4cdc6d038911283f3eeedbdf70fc6c24933f4d28
openstack-mirroring pushed a commit to openstack/oslo.service that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit and fix lower-constraints
5625fd7 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ifde30bc88e77c027c3dce12417c0718f5ae56f23
openstack-mirroring pushed a commit to openstack/oslo.service that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
50e005a 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ia4a143d0c17e5471868d1508be1ec391d8c21090
openstack-mirroring pushed a commit to openstack/oslo.privsep that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit and fix lower-constraints
af755f3 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I12478b0b85aad91bcf71500e0cef59698c528417
openstack-mirroring pushed a commit to openstack/oslo.privsep that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
84ac9dd 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I3ee4f975ed968e73c553e12fdc53c03c1e4f8064
openstack-mirroring pushed a commit to openstack/oslo.middleware that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
26621ec 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Id39cd1f6ed61a3fa457f461fc8d399b550f3bb57
openstack-mirroring pushed a commit to openstack/oslo.rootwrap that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit and fix lower-constraints
b38b0ca 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ib53ba3d18179fd773ace2fc26479b60ecd4c820c
openstack-mirroring pushed a commit to openstack/osprofiler that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
c3f9d3d 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement updated to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I95461280d11b14199ba64a2da5709a1e2f4531df
openstack-mirroring pushed a commit to openstack/osprofiler that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
65df9fc 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement updated to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I95461280d11b14199ba64a2da5709a1e2f4531df
openstack-mirroring pushed a commit to openstack/oslo.middleware that referenced this pull request Mar 2, 2021
[stable-only] Cap bandit to 1.6.2
9ba4498 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

sphinx requirement needed to be updated to make requirements-check job
pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I787a0276ec0a62bc9e2f068e4e4ee1219a306474
(cherry picked from commit fba3b78)
nectar-gerrit pushed a commit to NeCTAR-RC/nova that referenced this pull request Mar 4, 2021
@lyarwood @spearki
[stable-only] Cap bandit to 1.6.2 and raise hacking, flake8 and stestr
34affa7 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

This change also raises hacking to 1.1.0 in lower-constraints.txt after
it was bumped by I35c654bd39f343417e0a1124263ff31dcd0b05c9. This also
means that flake8 is bumped to 2.6.0. stestr is also bumped to 2.0.0 as
required by oslotest 3.8.0.

All of these changes are squashed into a single change to pass the gate.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Depends-On: https://review.opendev.org/c/openstack/devstack/+/768256
Depends-On: https://review.opendev.org/c/openstack/swift/+/766214

Closes-Bug: #1907438
Closes-Bug: #1907756
Change-Id: Ie5221bf37c6ed9268a4aa0737ffcdd811e39360a
(cherry picked from commit b2037fc)
openstack-mirroring pushed a commit to openstack/oslo.rootwrap that referenced this pull request Mar 17, 2021
[stable-only] Cap bandit to 1.6.2
3a8652e 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I69fde94a9a5b57ab131b56320a0d2ed2f8596729
openstack-mirroring pushed a commit to openstack/oslo.rootwrap that referenced this pull request Mar 17, 2021
[stable-only] Cap bandit to 1.6.2
7ba241f 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I543337fc3d6b6815de9b0bffe10ba09cda6b1821
openstack-mirroring pushed a commit to openstack/oslo.log that referenced this pull request Mar 22, 2021
@4383
[stable-only] Cap bandit to 1.6.2
6b4ffe0 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

lower-constraints job fixed with
* correcting contradicting/missing constraints
* setting default install_command to not use upper-constraints.txt

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ib2bad4cbd1ac9a63cd8c8e48f5cd5bf8c5cde595
openstack-mirroring pushed a commit to openstack/oslo.log that referenced this pull request Mar 22, 2021
@4383
[stable-only] Cap bandit to 1.6.2
17c6c52 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

Sphinx requirements also fixed to make requirements-check job pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ib2bad4cbd1ac9a63cd8c8e48f5cd5bf8c5cde595
openstack-mirroring pushed a commit to openstack/murano that referenced this pull request Apr 6, 2021
[stable-only] Cap bandit and fix constraints
43997de 
The 1.6.3 [1] release has dropped support for py2 [2] but the release
is faulty and pip still picks it up for py2 [3][4], so cap to 1.6.2
when using py2.

With the introduction of the new dependency resolver in 20.3 pip the
lower-constraints job starts to fail as now the constraints are working
as they should. Multiple fixes needed:
* lower-constraints job uses the [testenv]install_command, so it gives
  both the upper-constraints and lower-constraints, which causes the
  job to fail. As an easy fix install_command is added to this target
  without the upper constraints.
* duplicate stestr constraint removed
* cryptography lower constraint is bumped as with version 2.1 the
  new resolver of pip takes hours to install the packages
* contradicting hacking version replaced (in lower-constraints.txt to
  match with test-requirements.txt), which pulls in newer flake8, too
* lower-constraints test job failed with error message:
  "[..] unexpected keyword argument 'barbican_endpoint_type'"
  which is due to old version of castellan.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: I4b33c2544c911bd68ed8af4c754c9f5dc0c93be8
openstack-mirroring pushed a commit to openstack/cinder that referenced this pull request Jun 4, 2021
@e0ne
[stable-only] Cap bandit to v1.6.2 and fix constraints
62fc927 
This patch has multiple fixes to unblock gate.

1. bandit

We don't have bandit requirements in upper-constraints, so we need
to cap it in stable branches manually to work with Python 2.7, as
bandit 1.6.3 [1] release has dropped support for py2 [2] but the
release is faulty and pip still picks it up for py2 [3][4].

2. pip resolver

With the new pip resolver the following issues needed to be fixed:
* SQLAlchemy-Utils constraint conflicts with rocky's upper constraints
* bump lower constraint of cryptography
* bump lower constraint of oslo.messaging
* bump lower constraint of oslo.utils

3. lower-constraints

In lower-constraints job lxml requires libxml2-dev and libxslt1-dev
packages, so bindep.txt is extended with them.

install_command needs to be added to lower-constraints tox target to
work properly.

4. cinder-tempest-dsvm-lvm-lio-barbican

Fix for overlapping CIDR issue in cinder-tempest-dsvm-lvm-lio-barbican
is the same as in patch I068cf1e9618d305b5a9383c283bfa0f120bfe905.

5. pin nodeset to xenial for requirements-check job

The default nodeset for zuul jobs is now ubuntu-focal, and
requirements-check job fails on focal, because the mysql it contains is
not compatible with the commands that is used in tools/test-setup.sh.
This patch pins the nodeset to ubuntu-xenial for requirements-check job
to make it pass.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615
[3] PyCQA/bandit#663
[4] PyCQA/bandit#665

Change-Id: Ie597e778e3efa61bfd98eaaa92730b5050195e7a
(cherry picked from commit a512bfc233fc76c4375388b8546ab9e60459e1d3)
openstack-mirroring pushed a commit to openstack/python-openstackclient that referenced this pull request Jul 13, 2021
@stephenfin
[stable-only] Cap bandit to 1.6.2, bump lower-constraints
a69cc3d 
The 1.6.3 [1] release has dropped support for py2 [2] so cap to 1.6.2
when using py2.

We also need to bump the lower constraint of keystoneauth1 since our
minimum version of openstacksdk, 0.17.0, depends on keystoneauth1>=3.8.0
and PyPI 20.1+ won't allow this to stand.

[1] https://github.com/PyCQA/bandit/releases/tag/1.6.3
[2] PyCQA/bandit#615

Change-Id: Iad568c152d49c2fe5dd31dc9b05c07e3d4fd1a83
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
@renovate renovate bot mentioned this pull request Mar 7, 2022
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 1.6.3
Development

Successfully merging this pull request may close these issues.

Deprecate Python 2
1 participant
@ericwb