A configuration management service with support for secrets.

Go to file

Felipe Monteiro e0fc59e89b Deckhand schemas as YAML files Use YAML formatting for built-in Deckhand schemas used for validations to align with other UCP services. The second most important intention behind this PS is to allow pre_validate flag to cascade correctly between the layering and document_validation modules. If pre_validate is true, then: * the base_schema validates ALL documents * ALL built-in schemas validate the appropriate document given a schema match * NO externally registered DataSchema documents are used for validation Else (if pre_validate is false): * the base_schema validates ALL documents * ALL built-in schemas validate the appropriate document given a schema match * ALL externally registered DataSchema documents are used for validation given a schema match A more minor change is setting pre_validate flags in all modules to True for consistency. The idea is to facilitate the way other projects that import Deckhand in directly interface with Deckhand. Change-Id: I859f61989ec15bede1c104b86625d116064f056d		2018-02-27 11:16:30 -05:00
charts/deckhand	Collect profile data on DH requests	2018-02-15 13:09:16 -05:00
deckhand	Deckhand schemas as YAML files	2018-02-27 11:16:30 -05:00
doc	Deckhand schemas as YAML files	2018-02-27 11:16:30 -05:00
etc/deckhand	Rename Deckhand bucket endpoint to buckets for consistency	2017-10-27 19:21:03 +01:00
images/deckhand	Update Deckhand Dockerfile	2018-02-27 09:46:10 -05:00
releasenotes	Only allow one LayeringPolicy to exist in the system.	2017-10-26 17:38:24 -04:00
tools	Merge "Improve document validation module."	2018-01-19 13:04:06 -05:00
.coveragerc	Add Deckhand coverage job	2017-08-15 16:11:35 -04:00
.dockerignore	Collect profile data on DH requests	2018-02-15 13:09:16 -05:00
.gitignore	Remove auto-generated AUTHORS file	2018-02-23 21:40:38 -06:00
.gitreview	Add gitreview file	2017-08-11 01:22:26 -05:00
.testr.conf	Allow unit tests to be run against in-memory sqlite	2018-02-12 22:10:29 -05:00
HACKING.rst	Add sphinx job for auto-generating docs	2017-09-21 16:16:23 +01:00
LICENSE	Initial commit	2017-06-16 08:29:03 -07:00
Makefile	Update Deckhand Dockerfile	2018-02-27 09:46:10 -05:00
README.rst	Docs: Update README and create Getting Started docs	2018-02-21 15:26:22 -05:00
entrypoint.sh	Fix: Inject secret payload rather than reference into document	2018-02-26 10:17:50 -05:00
requirements.txt	Collect profile data on DH requests	2018-02-15 13:09:16 -05:00
setup.cfg	Integrate Deckhand with keystone auth	2017-10-16 19:54:46 +01:00
setup.py	Oslo config integration (#1 )	2017-06-26 16:57:50 -07:00
test-requirements.txt	Bump up package requirements versions	2018-02-13 22:54:44 -05:00
tox.ini	Fix tox -v skipping over sqlite unit test jobs	2018-02-16 20:12:44 -05:00
uwsgi.ini	Add health resource for ucp-integration API convention	2017-10-23 17:34:03 +01:00

README.rst

Deckhand

Deckhand is a storage service for YAML-based configuration documents, which are managed through version control and automatically validated. Deckhand provides users with a variety of different document types that describe complex configurations using the features listed below.

Core Responsibilities

layering - helps reduce duplication in configuration while maintaining auditability across many sites
substitution - provides separation between secret data and other configuration data, while allowing a simple interface for clients
revision history - improves auditability and enables services to provide functional validation of a well-defined collection of documents that are meant to operate together
validation - allows services to implement and register different kinds of validations and report errors

Getting Started

For more detailed installation and setup information, please refer to the Getting Started guide.

Testing

Automated Testing

To run unit tests using sqlite, execute:

$ tox -epy27
$ tox -epy35

against a py27- or py35-backed environment, respectively. To run individual unit tests, run:

$ tox -e py27 -- deckhand.tests.unit.db.test_revisions

for example.

To run functional tests:

$ tox -e functional

You can also run a subset of tests via a regex:

$ tox -e functional -- gabbi.suitemaker.test_gabbi_document-crud-success-multi-bucket

Intgration Points

Deckhand has the following integration points:

Keystone (OpenStack Identity service) provides authentication and support for role based authorization.

PostgreSQL is used to persist information to correlate workflows with users and history of workflow commands.

Note

Currently, other database backends are not supported.

Though, being a low-level service, has many other UCP services that integrate with it, including:

Drydock is orchestrated by Shipyard to perform bare metal node provisioning.

Promenade is indirectly orchestrated by Shipyard to configure and join Kubernetes nodes.

Armada is orchestrated by Shipyard to deploy and test Kubernetes workloads.