AWS_BUCKETNAME is only needed in order to write on the bucket, but
read-only access should be allowed for other environments.
Fixes bug introduced by 6c3b610610
The name of the libs and python packages are different, Odoo expects
the inner python package in the manifest, but setuptools cannot find the
libs in pypi, overrides them with the libs names.
OVH's Swift applies a rate limit on the authentication.
attachment_swift authenticates again each time it has to read/write an
attachment. When running upgrades on upgrades of files or installing a
new DB, at some point, we get rejected with HTTP 429.
This commit introduces a shared storage for Swift Session. All
connections will reuses the same authentication token created the first
time a connection needs a Session.
Note: needs python-swiftclient>=3.7.0 to have
https://github.com/openstack/python-swiftclient/commit/1971ef880ff225379d4a91f00f89f323a1605eeb
Assume the following situation:
* We have installed addons base, sale and attachment_s3 (hence
base_attachment_object_storage as dependency)
* All attachments are in S3 already
* We run an upgrade of the 'base' addon, 'sale' is upgraded before
attachment_s3 in the order of loading.
* Sale updates the icon of the Sale menu
* As attachment_s3 is not loaded yet, the attachment is created in the
filestore
Now if we don't persist the filestore or use different servers, we'll
lose the images of the menus (or any attachment loaded by the
install/upgrade of an addon).
The implemented solution is to move the attachments from the filestore
to the object storage at the loading of the module. However, this
operation can take time and it shouldn't be run by 2 processes at the
same time, so we want to detect if the module is loaded during a normal odoo
startup or when some addons have been upgraded. There is nothing anymore
at this point which allow us to know that modules just have been
upgraded except... in the caller frame (load_modules). We have to rely
on the inpect module and get the caller frame, which is not recommended,
but seems the only way, besides, it's not called often and if
_register_hook was called from another place, it would have no effect
(unless the other place has a variable 'update_module' too).
When moving attachments from the filestore to an object storage, the
filesystem files will be deleted only after the commit, so if the
transaction is rollbacked, we still have the local files for another
try.
Odoo introduced a token on 2018-03-19, this token is
used for checking the rights.
The token itself is generated from data as a hash.
The redis_session module handle it correctly by saving it aside other
data in json format. Nevertheless, when reading it, from json format,
it forces all strings to unicode whereas some dumped string where str.
Thus it fails on comparison between str and unicode.
This fix solves it by always using token in unicode format.
[1] https://github.com/odoo/odoo/pull/22612
The default expiration of sessions is 7 days. With healthchecks run
every few seconds, we quickly have millions of anonymous sessions in
Redis. Allow to define a custom expiration for some sessions and set a
very short one for the monitoring requests.
Hiren PattaniandNils Hamerlinck
Guewen BaconnierandGitHub
Laurent Mignon (ACSONE)
Stéphane Bidoul
Patrick TombezandGitHub
Akim JuilleratandPatrick Tombez
Mussie SirakandPatrick Tombez
Simone Orsi
Yannick VaucherandGitHub
Denis Leemann
Simone OrsiandGitHub
Alexandre Fayolle
jcouxandGitHub