c9cdd7514c
This commit adds a DocumentSecret model to the DB for storing secrets directly in Deckhand as well as references to secrets stored in Barbican if the encryption type for the secret is encrypted. This commit also adds a new class called SecretsManager for managing the lifecycle of secrets from a higher level. This commit also adds Postgres compliance. So now all the DB models should work with Postgres. Also includes unit tests. Change-Id: Id7c4be8de2e70735f42b1f6710139d553ab4bea2 |
||
---|---|---|
deckhand | ||
docs | ||
etc/deckhand | ||
tools | ||
.coveragerc | ||
.gitignore | ||
.gitreview | ||
.testr.conf | ||
AUTHORS | ||
LICENSE | ||
README.rst | ||
requirements.txt | ||
setup.cfg | ||
setup.py | ||
test-requirements.txt | ||
tox.ini |
README.rst
Deckhand
A foundational python REST YAML processing engine providing data and secrets management to other platform services.
To generate a configuration file automatically:
$ tox -e genconfig
Resulting deckhand.conf.sample file is output to :path:etc/deckhand/deckhand.conf.sample
Copy the config file to a directory discoverably by
oslo.conf
:
$ cp etc/deckhand/deckhand.conf.sample ~/deckhand.conf
To setup an in-memory database for testing:
[database]
#
# From oslo.db
#
# The SQLAlchemy connection string to use to connect to the database.
# (string value)
connection = sqlite:///:memory:
To run locally in a development environment:
$ sudo pip install uwsgi
$ virtualenv -p python3 /var/tmp/deckhand
$ . /var/tmp/deckhand/bin/activate
$ sudo pip install .
$ sudo python setup.py install
$ uwsgi --http :9000 -w deckhand.cmd --callable deckhand_callable --enable-threads -L