Update Release Candidate

ced6a6a7 · Jérome Perrin · c5170f0b · 0b08baab · c5170f0b · ced6a6a7
Commit ced6a6a7 authored May 27, 2022 by Jérome Perrin
32 changed files
--- a/component/egg-patch/Zope/PythonScript-2.13.patch
+++ b/component/egg-patch/Zope/PythonScript-2.13.patch
--- Zope2-2.13.30/src/Shared/DC/Scripts/Signature.py	2022-04-25 08:05:09.312966168 +0000
-+++ Zope2-2.13.30/src/Shared/DC/Scripts/Signature.py	2022-04-25 08:06:20.120743425 +0000
-@@ -35,7 +35,7 @@ def _setFuncSignature(self, defaults=None, varnames=(), argcount=-1):
-         argcount = len(varnames)
-     # Generate a change only if we have to.
-     if self.func_defaults != defaults:
-        self.func_defaults = defaults
-+        self.func_defaults = self.__defaults__ = defaults
-     code = FuncCode(varnames, argcount)
-     if self.func_code != code:
-        self.func_code = code
-+        self.func_code = self.__code__ = code
--- a/component/readline/buildout.cfg
+++ b/component/readline/buildout.cfg
@@ -31,8 +31,7 @@ md5sum = e39331f32ad14009b9ff49cc10c5e751
 configure-options =
  --enable-multibyte
  --disable-static
-environment =
-  PATH=${patch:location}/bin:%(PATH)s
+patch-binary = ${patch:location}/bin/patch

 [readline]
 recipe = slapos.recipe.cmmi
@@ -47,3 +46,4 @@ configure-options =
 environment =
  CPPFLAGS=-I${ncurses:location}/include
  LDFLAGS=-L${ncurses:location}/lib -Wl,-rpath=${ncurses:location}/lib
+patch-binary = ${patch:location}/bin/patch
--- a/component/slapos/obs.cfg
+++ b/component/slapos/obs.cfg
@@ -29,8 +29,8 @@ download-cache = download-cache
 init +=
  buildout = self.buildout['buildout']
  assert buildout['directory'] == buildout['destdir'] + buildout['rootdir'], (
-    "Buildout MUST BE launched in destdir/rootdir (currently launched in %s but should be launched in %s)",
-    buildout['directory'], buildout['destdir'] + buildout['rootdir'])
+    "Buildout MUST BE launched in destdir/rootdir (currently launched in %s but should be launched in %s)" %
+    (buildout['directory'], buildout['destdir'] + buildout['rootdir']))

 [python3-common]
 configure-options +=

--- a/setup.py
+++ b/setup.py
@@ -28,7 +28,7 @@ from setuptools import setup, find_packages
 import glob
 import os

-version = '1.0.244'
+version = '1.0.246'
 name = 'slapos.cookbook'
 long_description = open("README.rst").read()


--- a/slapos/recipe/librecipe/execute.py
+++ b/slapos/recipe/librecipe/execute.py
@@ -67,7 +67,7 @@ def generic_exec(args, extra_environ=None, wait_list=None,
    else:
      # With chained shebangs, several paths may be inserted at the beginning.
      n = len(args)
-      for i in xrange(1+len(running)-n):
+      for i in six.moves.xrange(1+len(running)-n):
        if args == running[i:n+i]:
          sys.exit("Already running with pid %s." % pid)
    with open(pidfile, 'w') as f:
@@ -91,16 +91,19 @@ def generic_exec(args, extra_environ=None, wait_list=None,
    uid = os.getuid()
    gid = os.getgid()
    unshare(CLONE_NEWUSER |CLONE_NEWNS)
-    with open('/proc/self/setgroups', 'wb') as f: f.write('deny')
-    with open('/proc/self/uid_map',   'wb') as f: f.write('%s %s 1' % (uid, uid))
-    with open('/proc/self/gid_map',   'wb') as f: f.write('%s %s 1' % (gid, gid))
+    with open('/proc/self/setgroups', 'w') as f:
+      f.write('deny')
+    with open('/proc/self/uid_map', 'w') as f:
+      f.write('%s %s 1' % (uid, uid))
+    with open('/proc/self/gid_map', 'w') as f:
+      f.write('%s %s 1' % (gid, gid))
    for size, path in private_tmpfs:
      try:
        os.mkdir(path)
      except OSError as e:
        if e.errno != errno.EEXIST:
          raise
-      mount('tmpfs', path, 'tmpfs', 0, 'size=' + size)
+      mount(b'tmpfs', path.encode(), b'tmpfs', 0, ('size=' + size).encode())

  if extra_environ:
    env = os.environ.copy()

--- a/slapos/test/recipe/test_re6stnet.py
+++ b/slapos/test/recipe/test_re6stnet.py
@@ -52,13 +52,15 @@ class Re6stnetTest(unittest.TestCase):
      return makeRecipe(
            re6stnet.Recipe,
            options=self.options,
-            slap_connection={
+            buildout={
+              'slap-connection': {
                   'computer-id': 'comp-test',
                   'partition-id': 'slappart0',
                   'server-url': 'http://server.com',
                   'software-release-url': 'http://software.com',
                   'key-file': '/path/to/key',
                   'cert-file': '/path/to/cert'
+              }
            },
            name='re6stnet')


--- a/slapos/test/recipe/test_redis.py
+++ b/slapos/test/recipe/test_redis.py
--- a/slapos/test/recipe/test_urlparse.py
+++ b/slapos/test/recipe/test_urlparse.py
--- a/slapos/test/recipe/test_wrapper.py
+++ b/slapos/test/recipe/test_wrapper.py
+import errno
+import functools
+import os
+import shutil
+import subprocess
+import sys
+import tempfile
+import textwrap
+import time
+import unittest
+
+from slapos.recipe import wrapper
+from slapos.test.utils import makeRecipe
+
+
+class WrapperTestCase(unittest.TestCase):
+  def getOptions(self):
+    raise NotImplementedError()
+
+  def setUp(self):
+    self.buildout_directory = tempfile.mkdtemp()
+    self.addCleanup(shutil.rmtree, self.buildout_directory)
+    self.getTempPath = functools.partial(os.path.join, self.buildout_directory)
+
+    self.wrapper_path = self.getTempPath('wrapper')
+
+    self.recipe = makeRecipe(
+      wrapper.Recipe,
+      options=self.getOptions(),
+      name="wrapper",
+      buildout={'buildout': {
+        'directory': self.buildout_directory,
+      }})
+
+  def terminate_process(self, process):
+    try:
+      process.terminate()
+    except OSError as e:
+      if e.errno != errno.ESRCH:
+        raise
+    process.wait()
+
+
+class TestSimpleCommandLineWrapper(WrapperTestCase):
+  def getOptions(self):
+    return {
+      'command-line': 'echo hello world',
+      'wrapper-path': self.wrapper_path,
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+    self.assertEqual(
+      subprocess.check_output(installed, universal_newlines=True),
+      'hello world\n')
+
+
+class TestEscapeCommandLine(WrapperTestCase):
+  def getOptions(self):
+    return {
+      'command-line': "echo esca $PE",
+      'wrapper-path': self.wrapper_path,
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+    self.assertEqual(
+      subprocess.check_output(installed, universal_newlines=True),
+      "esca $PE\n")
+
+
+class TestEnvironment(WrapperTestCase):
+  def getOptions(self):
+    return {
+      'command-line': 'sh -c "echo $FOO"',
+      'wrapper-path': self.wrapper_path,
+      'environment': 'FOO=bar',
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+
+    output = subprocess.check_output(
+      installed, universal_newlines=True, env={'FOO': 'foo'})
+    self.assertEqual(output, 'bar\n')
+
+
+class TestHashFiles(WrapperTestCase):
+  def getOptions(self):
+    hashed_file = self.getTempPath('hashed_file')
+    with open(hashed_file, 'w') as f:
+      f.write('hello world')
+    return {
+      'command-line': "cat " + hashed_file,
+      'wrapper-path': self.wrapper_path,
+      'hash-files': hashed_file
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    # 83af3240d992b2165abbd245a3e43368 is hashlib.md5(b'11\nhello world').hexdigest()
+    self.assertEqual(
+      installed, self.wrapper_path + '-83af3240d992b2165abbd245a3e43368')
+    self.assertEqual(
+      subprocess.check_output(installed, universal_newlines=True),
+      "hello world")
+
+
+class TestPidFile(WrapperTestCase):
+  def getOptions(self):
+    self.pidfile = self.getTempPath('hello.pid')
+    return {
+      'command-line': "/bin/sleep 10",
+      'wrapper-path': self.wrapper_path,
+      'pidfile': self.pidfile
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+    process = subprocess.Popen(
+      installed,
+      stdout=subprocess.PIPE,
+      stderr=subprocess.STDOUT,
+      universal_newlines=True,
+    )
+    self.addCleanup(self.terminate_process, process)
+    if process.poll():
+      self.fail(process.stdout.read())
+
+    for _ in range(20):
+      time.sleep(0.1)
+      if os.path.exists(self.pidfile):
+        break
+
+    with open(self.pidfile) as f:
+      pid = int(f.read())
+    self.assertEqual(process.pid, pid)
+
+    with self.assertRaises(subprocess.CalledProcessError) as ctx:
+      subprocess.check_output(
+        installed, stderr=subprocess.STDOUT, universal_newlines=True)
+    self.assertEqual(
+      ctx.exception.output, 'Already running with pid %s.\n' % pid)
+
+  def test_stale_pidfile_is_ignored(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+    with open(self.pidfile, 'w') as f:
+      f.write('1234')
+
+    process = subprocess.Popen(
+      installed,
+      stdout=subprocess.PIPE,
+      stderr=subprocess.STDOUT,
+      universal_newlines=True,
+    )
+    self.addCleanup(self.terminate_process, process)
+    if process.poll():
+      self.fail(process.stdout.read())
+
+    for _ in range(20):
+      time.sleep(0.1)
+      with open(self.pidfile) as f:
+        pid = int(f.read())
+      if process.pid == pid:
+        break
+    else:
+      self.fail('pidfile not updated', process.stdout.read())
+
+
+class TestWaitForFiles(WrapperTestCase):
+  def getOptions(self):
+    self.waitfile = self.getTempPath('wait')
+    return {
+      'command-line': "/bin/echo done",
+      'wrapper-path': self.wrapper_path,
+      'wait-for-files': self.waitfile,
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+
+    process = subprocess.Popen(
+      installed,
+      stdout=subprocess.PIPE,
+      stderr=subprocess.STDOUT,
+      universal_newlines=True,
+    )
+    self.addCleanup(self.terminate_process, process)
+    if process.poll():
+      self.fail(process.stdout.read())
+
+    # nothing happens when file is not there
+    for _ in range(10):
+      time.sleep(0.1)
+      if process.poll():
+        self.fail(process.stdout.read())
+
+    open(self.waitfile, 'w').close()
+    for _ in range(20):
+      time.sleep(0.1)
+      if process.poll() is not None:
+        self.assertEqual(process.stdout.read(), 'done\n')
+        self.assertEqual(process.returncode, 0)
+        break
+    else:
+      self.fail('process did not start after file was created')
+
+
+class TestPrivateTmpFS(WrapperTestCase):
+  def getOptions(self):
+    self.tmpdir = self.getTempPath('tmpdir')
+    self.tmpfile = self.getTempPath('tmpdir', 'file')
+    self.program = self.getTempPath('program')
+    with open(self.program, 'w') as f:
+      f.write(
+        textwrap.dedent(
+          '''\
+          #!{sys_executable}
+          import os
+          with open({tmpfile!r}, 'w') as f:
+            f.write('ok')
+          with open({tmpfile!r}, 'r') as f:
+            print(f.read())
+        ''').format(sys_executable=sys.executable, tmpfile=self.tmpfile))
+    os.chmod(self.program, 0o700)
+    return {
+      'command-line': self.program,
+      'wrapper-path': self.wrapper_path,
+      'private-tmpfs': '1000 ' + self.tmpdir
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+
+    output = subprocess.check_output(
+      installed,
+      universal_newlines=True,
+    )
+    self.assertEqual(output, 'ok\n')
+    self.assertFalse(os.path.exists(self.tmpfile))
+
+
+class TestReserveCPU(WrapperTestCase):
+  def getOptions(self):
+    self.slapos_cpu_exclusive = self.getTempPath('.slapos-cpu-exclusive')
+    self.program = self.getTempPath('program')
+    with open(self.program, 'w') as f:
+      f.write(
+        textwrap.dedent(
+          '''\
+          #!{sys_executable}
+          import os
+          with open({slapos_cpu_exclusive!r}, 'r') as f:
+            print('ok' if int(f.read()) == os.getpid() else 'error')
+        ''').format(
+            sys_executable=sys.executable,
+            slapos_cpu_exclusive=self.slapos_cpu_exclusive,
+          ))
+    os.chmod(self.program, 0o700)
+    return {
+      'command-line': self.program,
+      'wrapper-path': self.wrapper_path,
+      'reserve-cpu': 'true',
+    }
+
+  def test_install_and_execute(self):
+    installed = self.recipe.install()
+    self.assertEqual(installed, self.wrapper_path)
+
+    output = subprocess.check_output(
+      installed,
+      universal_newlines=True,
+      env={'HOME': self.buildout_directory})
+    self.assertEqual(output, 'ok\n')
--- a/slapos/test/utils.py
+++ b/slapos/test/utils.py
@@ -2,18 +2,18 @@
 """
 import os
 import sys
+import six


-def makeRecipe(recipe_class, options, name='test', slap_connection=None):
-  """Instanciate a recipe of `recipe_class` with `options` with a buildout
-  mapping containing a python and an empty `slapos-connection` mapping, unless
-  provided as `slap_connection`.
+def makeRecipe(recipe_class, options, name='test', buildout=None):
+  """Instantiate a recipe of `recipe_class` with `options` with a `buildout`
+  mapping containing by default a python and an empty slap-connection.

  This function expects the test suite to have set SLAPOS_TEST_EGGS_DIRECTORY
  and SLAPOS_TEST_DEVELOP_EGGS_DIRECTORY environment variables, so that the
  test recipe does not need to install eggs again when using working set.
  """
-  buildout = {
+  _buildout = {
    'buildout': {
      'bin-directory': '',
      'find-links': '',
@@ -32,15 +32,17 @@ def makeRecipe(recipe_class, options, name='test', slap_connection=None):
       'software-release-url': '',
     }
  }
-  if slap_connection is not None:
-    buildout['slap-connection'] = slap_connection

-  buildout['buildout']['eggs-directory'] = os.environ['SLAPOS_TEST_EGGS_DIRECTORY']
-  buildout['buildout']['develop-eggs-directory'] = os.environ['SLAPOS_TEST_DEVELOP_EGGS_DIRECTORY']
+  _buildout['buildout']['eggs-directory'] = os.environ['SLAPOS_TEST_EGGS_DIRECTORY']
+  _buildout['buildout']['develop-eggs-directory'] = os.environ['SLAPOS_TEST_DEVELOP_EGGS_DIRECTORY']
+
+  if buildout:
+    for section, _options in six.iteritems(buildout):
+      _buildout.setdefault(section, {}).update(**_options)

  # Prevent test from accidentally writing to the buildout's eggs
-  buildout['buildout']['newest'] = False
-  buildout['buildout']['offline'] = True
+  _buildout['buildout']['newest'] = False
+  _buildout['buildout']['offline'] = True

-  return recipe_class(buildout=buildout, name=name, options=options)
+  return recipe_class(buildout=_buildout, name=name, options=options)

--- a/software/erp5/upgrade_test/test.py
+++ b/software/erp5/upgrade_test/test.py
--- a/software/erp5testnode/testsuite/deploy-test/software.cfg
+++ b/software/erp5testnode/testsuite/deploy-test/software.cfg
@@ -12,6 +12,7 @@ parts =
 recipe = zc.recipe.egg
 eggs =
  erp5.util
+  requests
 interpreter = ${:_buildout_section_name_}

 [python2.7-with-eggs]

--- a/software/kvm/buildout.hash.cfg
+++ b/software/kvm/buildout.hash.cfg
@@ -55,7 +55,7 @@ md5sum = a8cf453d20f01c707f02c4b4014580d8

 [template-kvm-run]
 filename = template/template-kvm-run.in
-md5sum = 395ee373ccda3382d257fde1ff4222b0
+md5sum = 6c100eec00de5e53f64b075dd69a9865

 [template-kvm-controller]
 filename = template/kvm-controller-run.in
@@ -79,11 +79,11 @@ md5sum = 438192aab9f11e40dc521b46a4854dcf

 [image-download-controller]
 filename = template/image-download-controller.py
-md5sum = 4d48b3da5bc611fc6533335b5953c840
+md5sum = 3cc10323fd4d2db4cfbac536b66eae7c

 [image-download-config-creator]
 filename = template/image-download-config-creator.py
-md5sum = 8fbe05c4175a7f31b6bffced9ad4e91d
+md5sum = 22ed19d9b8f7b983c97c52caa686bcd7

 [whitelist-firewall-download-controller]
 filename = template/whitelist-firewall-download-controller.py

--- a/software/kvm/instance-kvm-input-schema.json
+++ b/software/kvm/instance-kvm-input-schema.json
@@ -204,7 +204,7 @@
      "title": "Size of additional disk to create for virtual machine, in Gigabytes",
      "description": "Specify the size of additional disk to create for virtual machine in data folder of SlapOS Node. Requires instance_storage_home to be configured on SlapOS Node.",
      "type": "integer",
-      "minimum": 10,
+      "minimum": 1,
      "default": 20
    },
    "external-disk-format": {

--- a/software/kvm/software-py3.cfg
+++ b/software/kvm/software-py3.cfg
-[buildout]
-extends =
-  software.cfg
-
-[python]
-part = python3
--- a/software/kvm/software.cfg
+++ b/software/kvm/software.cfg
@@ -40,6 +40,9 @@ parts = ${:common-parts}

 #XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu

+[python]
+part = python3
+
 [python-with-eggs]
 recipe = zc.recipe.egg
 interpreter = ${:_buildout_section_name_}

--- a/software/kvm/template/image-download-config-creator.py
+++ b/software/kvm/template/image-download-config-creator.py
@@ -49,6 +49,10 @@ if __name__ == "__main__":
        image_list.append({
          'md5sum': md5sum,
          'url': url,
+          # Note: The destination here it's the waneted md5sum on purpose, as
+          #       it allows to assume, that correctly downloaded and hashed
+          #       image stored at this filename matches the md5sum, so it does
+          #       not have to be hashed on each download run.
          'destination': md5sum,
          'destination-tmp': md5sum + '_tmp',
          'image-number': '%03i' % (image_number,),

--- a/software/kvm/template/image-download-controller.py
+++ b/software/kvm/template/image-download-controller.py
@@ -68,13 +68,17 @@ if __name__ == "__main__":
    destination = os.path.join(
      config['destination-directory'], image['destination'])
    if os.path.exists(destination):
-      if md5Checksum(destination) == image['md5sum']:
-        print('INF: %s : already downloaded' % (image['url'],))
-        continue
-      else:
-        print('INF: %s : Removed, as expected checksum does not match %s' % (
-          image['url'], image['md5sum']))
-        os.remove(destination)
+      # Note: There is no need to recheck md5sum here
+      #       The image name is its md5sum, so if it exists, it means it has
+      #       correct md5sum
+      #       Calculating md5sum of big images takes more time than processing
+      #       of the partition and running promises and this leads to endless
+      #       loop of never ending promise failures
+      #       Of course, someone nasty can come to the partition and damage
+      #       this image, but it's another story, and shall not be fixed
+      #       during download phase.
+      print('INF: %s : already downloaded' % (image['url'],))
+      continue
    # key is str, as the dict is dumped to JSON which does not accept tuples
    md5sum_state_key = '%s#%s' % (image['url'], image['md5sum'])
    md5sum_state_amount = md5sum_state_dict.get(md5sum_state_key, 0)

--- a/software/kvm/template/template-kvm-run.in
+++ b/software/kvm/template/template-kvm-run.in
@@ -130,7 +130,7 @@ def getMapStorageList(disk_storage_dict, external_disk_number):
      # ID are writen in one line: data1 data3 data2 ...
      content = mf.readline()
      for id in content.split(' '):
-        if disk_storage_dict.has_key(id):
+        if id in disk_storage_dict:
          id_list.append(id)
        else:
          # Mean that this disk path has been removed (disk unmounted)

--- a/software/kvm/test/test.py
+++ b/software/kvm/test/test.py
--- a/software/matomo/software.cfg
+++ b/software/matomo/software.cfg
@@ -34,6 +34,9 @@ md5sum = 8d592676bc2c0d51363ad7b2caf171fe
 [custom-application-deployment]
 path = ${template-matomo-instance:output}
 part-list = matomo-backup.sh matomo-backup-cron matomo-apache-httpd
+db-name = matomo
+db-user = matomo
+db-password = 12345678

 [template-matomo-instance]
 recipe = slapos.recipe.template:jinja2

--- a/software/metabase/software.cfg
+++ b/software/metabase/software.cfg
@@ -22,8 +22,8 @@ part = python3

 [metabase.jar]
 recipe = slapos.recipe.build:download
-url = https://downloads.metabase.com/v0.41.4/metabase.jar
-md5sum = 9b81838e5c40302b552c66df5a767f8e
+url = https://downloads.metabase.com/v0.43.1/metabase.jar
+md5sum = 8033ba58825239e7dff29be8d4c885a7

 [instance-profile]
 recipe = slapos.recipe.template

--- a/software/nextcloud/software.cfg
+++ b/software/nextcloud/software.cfg
@@ -12,7 +12,7 @@ url = ${:_profile_base_location_}/${:filename}
 url = https://download.nextcloud.com/server/releases/nextcloud-16.0.3.tar.bz2
 md5sum = d81902d2dec5d547779bec6336a438be

-[template-nextcloud-install.sh] 
+[template-nextcloud-install.sh]
 <= nc-download

 [template-apache-httpd]
@@ -26,7 +26,7 @@ recipe = slapos.recipe.template:jinja2
 url = ${:_profile_base_location_}/${:filename}
 output = ${buildout:directory}/instance-nextcloud.cfg
 extensions = jinja2.ext.do
-context = 
+context =
          key gzip_location          gzip:location
          key python3_location       python3:location
          key news_updater_location  news-updater:location
@@ -41,6 +41,9 @@ context =
 [custom-application-deployment]
 path = ${template-nextcloud-instance:output}
 part-list = nextcloud-install.sh
+db-name = nextcloud
+db-user = nextcloud
+db-password = insecure

 [nc-download-unpacked]
 recipe = slapos.recipe.build:download-unpacked

--- a/software/slapos-sr-testing/software-py3.cfg
+++ b/software/slapos-sr-testing/software-py3.cfg
@@ -19,6 +19,7 @@ extra =
  helloworld ${slapos.test.helloworld-setup:setup}
  hugo ${slapos.test.hugo-setup:setup}
  jupyter ${slapos.test.jupyter-setup:setup}
+  kvm ${slapos.test.kvm-setup:setup}
  matomo ${slapos.test.matomo-setup:setup}
  monitor ${slapos.test.monitor-setup:setup}
  nextcloud ${slapos.test.nextcloud-setup:setup}

--- a/software/slapos-sr-testing/software.cfg
+++ b/software/slapos-sr-testing/software.cfg
@@ -350,7 +350,6 @@ tests =
 # here, to check there's no promise issue when slapos node runs with Python 2.
  erp5 ${slapos.test.erp5-setup:setup}
  fluentd ${slapos.test.fluentd-setup:setup}
-  kvm ${slapos.test.kvm-setup:setup}
  metabase ${slapos.test.metabase-setup:setup}
 ###
  ${:extra}

--- a/stack/erp5/buildout.cfg
+++ b/stack/erp5/buildout.cfg
@@ -469,7 +469,6 @@ eggs = ${neoppod:eggs}
  pytz
  requests
  responses
-  threadframe
  urlnorm
  uuid
  xml_marshaller
@@ -524,9 +523,7 @@ eggs = ${neoppod:eggs}
  five.localsitemanager

 # Other products
-  Products.DCWorkflowGraph
  Products.MimetypesRegistry
-  Products.ExternalEditor
  Products.TIDStorage
  Products.LongRequestLogger

@@ -552,10 +549,8 @@ eggs = ${neoppod:eggs}
  ipykernel

 # Used by DiffTool
-  xmltodict
  deepdiff
  unidiff
-  jsonpickle

 # WSGI server
  zope.globalrequest
@@ -592,8 +587,6 @@ Acquisition-patches = ${:_profile_base_location_}/../../component/egg-patch/Acqu
 Acquisition-patch-options = -p1
 python-magic-patches = ${:_profile_base_location_}/../../component/egg-patch/python_magic/magic.patch#de0839bffac17801e39b60873a6c2068
 python-magic-patch-options = -p1
-Zope2-patches = ${:_profile_base_location_}/../../component/egg-patch/Zope/PythonScript-2.13.patch#124c0d37394dd5020c6fd241ad75cc29
-Zope2-patch-options = -p1

 [eggs-all-scripts]
 recipe = zc.recipe.egg
@@ -634,7 +627,6 @@ pysvn = 1.9.15+SlapOSPatched001
 python-ldap = 2.4.32+SlapOSPatched001
 python-magic = 0.4.12+SlapOSPatched001
 PyPDF2 = 1.26.0+SlapOSPatched001
-Zope2 = 2.13.30+SlapOSPatched001
 ## https://lab.nexedi.com/nexedi/slapos/merge_requests/648
 pylint = 1.4.4+SlapOSPatched002
 # astroid 1.4.1 breaks testDynamicClassGeneration
@@ -668,9 +660,6 @@ zope.app.testing = 3.8.1
 APacheDEX = 1.8
 Pillow = 6.2.2
 Products.CMFActionIcons = 2.1.3
-Products.DCWorkflowGraph = 0.4.1
-# Products.ExternalEditor 2.0.0's dtml is not based on Zope2 OFS's one.
-Products.ExternalEditor = 1.1.1
 Products.GenericSetup = 1.8.6
 Products.LongRequestLogger = 2.1.0
 # Products.MimetypesRegistry 2.1 requires AccessControl>=3.0.0Acquisition.
@@ -713,7 +702,6 @@ rsa = 3.4.2
 spyne = 2.12.14
 suds = 0.4
 facebook-sdk = 2.0.0
-threadframe = 0.2
 urlnorm = 1.1.4
 uuid = 1.30
 validictory = 1.1.0
@@ -732,8 +720,6 @@ zope.globalrequest = 1.5
 waitress = 1.4.4
 xlrd = 1.1.0

-# Re-add for as it is required to be there for uninstallation
-erp5.recipe.w3validator = 1.0.2
 Products.ZSQLMethods = 2.13.5
 fpconst = 0.7.2
 graphviz = 0.5.2
@@ -748,7 +734,6 @@ mpmath = 0.19
 openpyxl = 2.4.8
 sympy = 1.1.1
 jdcal = 1.3
-xmltodict = 0.11.0
 deepdiff = 3.3.0
 unidiff = 0.5.5
 jsonpickle = 0.9.6

--- a/stack/lamp/buildout.cfg
+++ b/stack/lamp/buildout.cfg
@@ -53,6 +53,10 @@ part = python3
 # See software/maarch/software.cfg for an example.
 path =
 part-list =
+# database information
+db-name = lamp
+db-user = lamp
+db-password = insecure

 #----------------
 #-- Instance-level buildout profiles.
@@ -100,6 +104,9 @@ context =
    key unixodbc_location unixodbc:location
    key openssl_location openssl:location
    key custom_application_template custom-application-deployment:path
+    key db_name custom-application-deployment:db-name
+    key db_user custom-application-deployment:db-user
+    key db_password custom-application-deployment:db-password

 [instance-apache-php]
 <= template-download-base

--- a/stack/lamp/buildout.hash.cfg
+++ b/stack/lamp/buildout.hash.cfg
@@ -14,7 +14,7 @@
 # not need these here).
 [instance]
 filename = instance.cfg.in
-md5sum = 29df0dc24386ecb97dc52c9fb59108c8
+md5sum = a5a630377bfb0421d6993c9c2c411a23

 [instance-apache-php]
 filename = instance-apache-php.cfg.in
@@ -22,7 +22,7 @@ md5sum = 0952ef9f6cb5e259ad5519d2975d2f37

 [instance-lamp]
 filename = instance-lamp.cfg.jinja2.in
-md5sum = e0e2e88b6deeb011b998b78e4e468555
+md5sum = b3d68a13d7a7ffcac774f51f02a68359

 [template-apache.conf]
 filename = apache.conf.in

--- a/stack/lamp/instance-lamp.cfg.jinja2.in
+++ b/stack/lamp/instance-lamp.cfg.jinja2.in
@@ -37,8 +37,8 @@ return =
 {% do publish_dict.__setitem__('backend-url', '${request-apache:connection-backend-url}') -%}
 {% do monitor_base_url_dict.__setitem__('apache', '${request-apache:connection-monitor-base-url}') -%}

+{% do mariadb_dict.__setitem__('database-list', [{'name': db_name, 'user': db_user, 'password': db_password}]) -%}

-{% do mariadb_dict.__setitem__('database-list', [{'name': 'nextcloud', 'user': 'nextcloud', 'password': 'insecure'}]) -%}
 {% do mariadb_dict.__setitem__('test-database-amount', 0) -%}
 {% do mariadb_dict.__setitem__('tcpv4-port', 2099) -%}
 {% do mariadb_dict.__setitem__('max-slowqueries-threshold', 1000) -%}
@@ -56,7 +56,7 @@ sla-computer_guid = {{ dumps(slapparameter_dict.get('mariadb-computer-guid', '')
 {% for key, value in mariadb_dict.items() -%}
 config-{{ key }} = {{ dumps(value) }}
 {% endfor -%}
-return = 
+return =
  database-list
  monitor-base-url

@@ -92,7 +92,7 @@ recipe = slapos.cookbook:publish-early

 [monitor-instance-parameter]
 monitor-httpd-port = 8060
-cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.officejs.com') }} 
+cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.officejs.com') }}
 username = admin
 password = ${publish-early:monitor-password}

@@ -120,7 +120,7 @@ parts =

 # Complete parts with sections
  {{ part_list | join('\n  ') }}
- 
+
 eggs-directory = {{ eggs_directory }}
 develop-eggs-directory = {{ develop_eggs_directory }}
 offline = true
--- a/stack/lamp/instance.cfg.in
+++ b/stack/lamp/instance.cfg.in
@@ -49,6 +49,9 @@ url = {{ template_lamp }}
 filename = template-lamp.cfg
 extra-context =
  section parameter_dict dynamic-template-lamp-parameters
+  raw db_name {{ db_name }}
+  raw db_user {{ db_user }}
+  raw db_password {{ db_password }}

 [dynamic-template-apache-php-parameters]
 application-location = {{ application_location }}

--- a/stack/resilient/buildout.hash.cfg
+++ b/stack/resilient/buildout.hash.cfg
@@ -30,7 +30,7 @@ md5sum = 44a3166048a81d0d76d69527b1934ef7

 [template-replicated]
 filename = template-replicated.cfg.in
-md5sum = c4012ccc2c473ae5c7cad9dcac61e0f1
+md5sum = 2eea3b0227c3ae9e44cfc41df9930fa7

 [template-parts]
 filename = template-parts.cfg.in

--- a/stack/resilient/template-replicated.cfg.in
+++ b/stack/resilient/template-replicated.cfg.in
@@ -6,7 +6,7 @@
 {% set monitor_url_list = [] -%}
 # prepare sla-parameters
 {% if slapparameter_dict is defined -%}
-{%   for key in slapparameter_dict.keys() -%}
+{%   for key in list(slapparameter_dict.keys()) -%}
 {%     if key.startswith('-sla-') -%}
 {%       do sla_parameter_dict.__setitem__(key, slapparameter_dict.pop(key)) -%}
 {%     endif -%}
@@ -59,7 +59,7 @@ sla-mode = unique_by_network
 {%   for key in sla_parameter_dict.keys() -%}
 {%     if key.startswith(sla_key_main) -%}
 {%       do sla_dict.__setitem__(key[sla_key_main_length:], sla_parameter_dict.get(key)) -%}
-{%     elif key.startswith(sla_key_secondary) and not sla_dict.has_key(key[sla_key_secondary_length:]) -%}
+{%     elif key.startswith(sla_key_secondary) and key[sla_key_secondary_length:] not in sla_dict -%}
 {%         do sla_dict.__setitem__(key[sla_key_secondary_length:], sla_parameter_dict.get(key)) -%}
 {%     endif -%}
 {%   endfor -%}
@@ -111,7 +111,7 @@ sla-mode = unique_by_network
 {%   for key in sla_parameter_dict.keys() -%}
 {%     if key.startswith(sla_key_main) -%}
 {%       do sla_dict.__setitem__(key[sla_key_main_length:], sla_parameter_dict.get(key)) -%}
-{%     elif key.startswith(sla_key_secondary) and not sla_dict.has_key(key[sla_key_secondary_length:]) -%}
+{%     elif key.startswith(sla_key_secondary) and key[sla_key_secondary_length:] not in sla_dict -%}
 {%         do sla_dict.__setitem__(key[sla_key_secondary_length:], sla_parameter_dict.get(key)) -%}
 {%     endif -%}
 {%   endfor -%}
@@ -214,7 +214,7 @@ sla-mode = unique_by_network
 {%   for key in sla_parameter_dict.keys() -%}
 {%     if key.startswith(sla_key_main) -%}
 {%       do sla_dict.__setitem__(key[sla_key_main_length:], sla_parameter_dict.get(key)) -%}
-{%     elif key.startswith(sla_key_secondary) and not sla_dict.has_key(key[sla_key_secondary_length:]) -%}
+{%     elif key.startswith(sla_key_secondary) and key[sla_key_secondary_length:] not in sla_dict -%}
 {%         do sla_dict.__setitem__(key[sla_key_secondary_length:], sla_parameter_dict.get(key)) -%}
 {%     endif -%}
 {%   endfor -%}