Merge "Use yaml.safe_load instead of yaml.load" into stable/wallaby

Since PyYAML 5.1, yaml.load without specifying the Loader option is
deprecated and shows the following warning.

YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated,
as the default Loader is unsafe.
Please read https://msg.pyyaml.org/load for full details.

This change replaces usage of yaml.load by yaml.safe_load, to get rid
of that warning message.

Change-Id: Ibe25c4aaf3aa7226f28ec60b8a929ecc143face1
(cherry picked from commit f83108d858)

.gitreview

@@ -2,3 +2,4 @@
 host=review.opendev.org
 port=29418
 project=openstack/python-neutronclient.git
+defaultbranch=stable/wallaby

.zuul.yaml

@@ -1,7 +1,6 @@
 - project:
     templates:
       - openstack-cover-jobs
-      - openstack-lower-constraints-jobs
       - openstack-python3-wallaby-jobs
       - publish-openstack-docs-pti
       - check-requirements

lower-constraints.txt

@@ -1,111 +0,0 @@
-alabaster==0.7.10
-amqp==2.1.1
-appdirs==1.3.0
-asn1crypto==0.23.0
-Babel==2.3.4
-cachetools==2.0.0
-cffi==1.14.0
-cliff==3.4.0
-cmd2==0.8.0
-contextlib2==0.4.0
-coverage==4.0
-cryptography==2.7
-debtcollector==1.2.0
-decorator==3.4.0
-deprecation==1.0
-docutils==0.11
-dogpile.cache==0.6.2
-dulwich==0.15.0
-eventlet==0.18.2
-extras==1.0.0
-fasteners==0.7.0
-fixtures==3.0.0
-flake8-import-order==0.12
-flake8==2.5.5
-future==0.16.0
-futurist==1.2.0
-greenlet==0.4.10
-hacking==1.1.0
-idna==2.6
-imagesize==0.7.1
-iso8601==0.1.11
-Jinja2==2.10
-jmespath==0.9.0
-jsonpatch==1.16
-jsonpointer==1.13
-jsonschema==2.6.0
-keystoneauth1==3.4.0
-kombu==4.0.0
-linecache2==1.0.0
-MarkupSafe==1.0
-mccabe==0.2.1
-monotonic==0.6
-msgpack-python==0.4.0
-munch==2.1.0
-netaddr==0.7.18
-netifaces==0.10.4
-openstacksdk==0.11.2
-os-client-config==1.28.0
-os-service-types==1.2.0
-osc-lib==1.12.0
-oslo.concurrency==3.25.0
-oslo.config==5.2.0
-oslo.context==2.19.2
-oslo.i18n==3.15.3
-oslo.log==3.36.0
-oslo.messaging==5.29.0
-oslo.middleware==3.31.0
-oslo.serialization==2.18.0
-oslo.service==1.24.0
-oslo.utils==3.33.0
-oslotest==3.2.0
-osprofiler==2.3.0
-paramiko==2.0.0
-Paste==2.0.2
-PasteDeploy==1.5.0
-pbr==2.0.0
-pika-pool==0.1.3
-pika==0.10.0
-positional==1.2.1
-prettytable==0.7.2
-pyasn1==0.1.8
-pycodestyle==2.3.1
-pycparser==2.18
-pyflakes==0.8.1
-Pygments==2.2.0
-pyinotify==0.9.6
-pyOpenSSL==17.1.0
-pyparsing==2.1.0
-pyperclip==1.5.27
-python-cinderclient==3.3.0
-python-dateutil==2.5.3
-python-glanceclient==2.8.0
-python-keystoneclient==3.8.0
-python-mimeparse==1.6.0
-python-novaclient==9.1.0
-python-openstackclient==3.12.0
-python-subunit==1.0.0
-pytz==2013.6
-PyYAML==3.13
-repoze.lru==0.7
-requests-mock==1.2.0
-requests==2.14.2
-requestsexceptions==1.2.0
-rfc3986==0.3.1
-Routes==2.3.1
-simplejson==3.5.1
-snowballstemmer==1.2.1
-statsd==3.2.1
-stestr==2.0.0
-stevedore==1.20.0
-tempest==17.1.0
-tenacity==3.2.1
-testscenarios==0.4
-testtools==2.2.0
-traceback2==1.4.0
-unittest2==1.1.0
-urllib3==1.21.1
-vine==1.1.4
-warlock==1.2.0
-WebOb==1.7.1
-wrapt==1.7.0

neutronclient/client.py

@@ -189,7 +189,7 @@ class HTTPClient(object):
         try:
             kwargs['headers'] = kwargs.get('headers') or {}
             if self.auth_token is None:
-                self.auth_token = ""
+                self.auth_token = ""    # nosec
             kwargs['headers']['X-Auth-Token'] = self.auth_token
             resp, body = self._cs_request(self.endpoint_url + url, method,
                                           **kwargs)

neutronclient/tests/functional/core/test_cli_formatter.py

@@ -43,7 +43,7 @@ class TestCLIFormatter(base.ClientTestBase):
         result = self._create_net('yaml', ['name', 'admin_state_up'])
         self.assertDictEqual({'name': self.net_name,
                               'admin_state_up': True},
-                             yaml.load(result))
+                             yaml.safe_load(result))
 
     def test_net_create_with_value_formatter(self):
         # NOTE(amotoki): In 'value' formatter, there is no guarantee

neutronclient/tests/unit/test_cli20.py

@@ -1159,7 +1159,7 @@ class CLITestV20OutputFormatter(CLITestV20Base):
 
     def test_create_resource_yaml(self):
         self._test_create_resource_with_formatter('yaml')
-        data = yaml.load(self.fake_stdout.make_string())
+        data = yaml.safe_load(self.fake_stdout.make_string())
         self.assertEqual('myname', data['name'])
         self.assertEqual('myid', data['id'])
 
@@ -1184,7 +1184,7 @@ class CLITestV20OutputFormatter(CLITestV20Base):
 
     def test_show_resource_yaml(self):
         self._test_show_resource_with_formatter('yaml')
-        data = yaml.load(''.join(self.fake_stdout.content))
+        data = yaml.safe_load(''.join(self.fake_stdout.content))
         self.assertEqual('myname', data['name'])
         self.assertEqual('myid', data['id'])
 
@@ -1211,5 +1211,5 @@ class CLITestV20OutputFormatter(CLITestV20Base):
 
     def test_list_resources_yaml(self):
         self._test_list_resources_with_formatter('yaml')
-        data = yaml.load(''.join(self.fake_stdout.content))
+        data = yaml.safe_load(''.join(self.fake_stdout.content))
         self.assertEqual(['myid1', 'myid2'], [d['id'] for d in data])

neutronclient/tests/unit/test_command_meta.py

@@ -20,7 +20,6 @@
 import logging
 
 import testtools
-from testtools import helpers
 
 from neutronclient.neutron import v2_0 as neutronV20
 
@@ -30,7 +29,7 @@ class TestCommandMeta(testtools.TestCase):
         class FakeCommand(neutronV20.NeutronCommand):
             pass
 
-        self.assertTrue(helpers.safe_hasattr(FakeCommand, 'log'))
+        self.assertTrue(hasattr(FakeCommand, 'log'))
         self.assertIsInstance(FakeCommand.log, logging.getLoggerClass())
         self.assertEqual(__name__ + ".FakeCommand", FakeCommand.log.name)
 
@@ -38,5 +37,5 @@ class TestCommandMeta(testtools.TestCase):
         class FakeCommand(neutronV20.NeutronCommand):
             log = None
 
-        self.assertTrue(helpers.safe_hasattr(FakeCommand, 'log'))
+        self.assertTrue(hasattr(FakeCommand, 'log'))
         self.assertIsNone(FakeCommand.log)

requirements.txt

@@ -12,7 +12,7 @@ oslo.log>=3.36.0 # Apache-2.0
 oslo.serialization!=2.19.1,>=2.18.0 # Apache-2.0
 oslo.utils>=3.33.0 # Apache-2.0
 os-client-config>=1.28.0 # Apache-2.0
-keystoneauth1>=3.4.0 # Apache-2.0
+keystoneauth1>=3.8.0 # Apache-2.0
 # keystoneclient is used only by neutronclient.osc.utils
 # TODO(amotoki): Drop this after osc.utils has no dependency on keystoneclient
 python-keystoneclient>=3.8.0 # Apache-2.0

tox.ini

@@ -13,7 +13,7 @@ setenv = VIRTUAL_ENV={envdir}
          PYTHONWARNINGS=default::DeprecationWarning
 usedevelop = True
 install_command = pip install {opts} {packages}
-deps = -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+deps = -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
        -r{toxinidir}/requirements.txt
        -r{toxinidir}/test-requirements.txt
 # Delete bytecodes from normal directories before running tests.
@@ -52,7 +52,7 @@ commands =
 
 [testenv:docs]
 deps =
-  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
   -r{toxinidir}/doc/requirements.txt
 commands = sphinx-build -W -b html doc/source doc/build/html
 
@@ -67,7 +67,7 @@ commands =
 
 [testenv:releasenotes]
 deps =
-  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/wallaby}
   -r{toxinidir}/doc/requirements.txt
 commands = sphinx-build -a -E -d releasenotes/build/doctrees -b html releasenotes/source releasenotes/build/html
 
@@ -83,9 +83,3 @@ enable-extensions=H904
 # B303: blacklist calls: md5, sha1
 deps = -r{toxinidir}/test-requirements.txt
 commands = bandit -r neutronclient -x tests -n5 -s B303
-
-[testenv:lower-constraints]
-deps =
-  -c{toxinidir}/lower-constraints.txt
-  -r{toxinidir}/test-requirements.txt
-  -r{toxinidir}/requirements.txt