airship
/
pegleg
Code Issues Proposed changes
A configuration organization tool.
314 Commits 3 Branches 0 Tags 9.9 MiB
Python 98.4%
Shell 0.8%
Makefile 0.8%
Go to file
HUGHES, ALEXANDER (ah8742) d888b3e138 Add support for globally encrypted secrets 
This patchset adds support for globally encrypted secrets.
Documents with a "site" layer will be encrypted/decrypted with the
standard PEGLEG_PASSPHRASE and PEGLEG_SALT environment variables.

If any secrets exist for the site with a schema of "global_passphrase"
or "global_salt" their values will be captured and used to decrypt
any secrets that do not belong to "site" layer.  If the global keys
do not exist, Pegleg will default to using site keys.

Expected usage:
1. Set site passphrase/salt environment variables
2. Select a global passphrase and salt
3. Use Pegleg's "wrap" command to wrap and encrypt the global keys
4. Encrypt or wrap documents with "global" layer
5. Provide Pegleg path to decrypt

In the case of (4) and (5) Pegleg will determine the correct keys
to use automatically

Change-Id: I5de6d63573619b346fe011628ae21e053e0711f6
 		2019-07-02 13:54:04 -05:00
doc Merge "Remove duplicate flags as options" 2019-06-18 21:06:04 +00:00
images/pegleg Add Ubuntu Bionic support to Pegleg 2019-06-07 20:05:33 +00:00
pegleg Add support for globally encrypted secrets 2019-07-02 13:54:04 -05:00
releasenotes Add releasenotes 2018-11-28 02:48:40 -06:00
site_yamls/site CLI capability to generate and encrypt passphrases 2019-01-29 16:24:31 -06:00
tests Add support for globally encrypted secrets 2019-07-02 13:54:04 -05:00
tools Update Pegleg docs jobs 2019-05-20 08:16:16 -05:00
.dockerignore Update to UCP layout standard 2018-03-05 07:42:00 -06:00
.gitignore Update .gitignore 2018-10-31 15:08:42 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:52:19 +00:00
.style.yapf trivial: fix yapf/pep8 interaction failing on logical operator 2019-03-25 05:07:59 +00:00
.zuul.yaml Make OpenSuse build non-voting 2019-06-19 15:55:25 -05:00
LICENSE Initial commit 2018-01-26 15:47:15 -06:00
Makefile Support pegleg to run on opensuse leap15 image 2019-05-14 09:41:21 -07:00
README.rst Typo fix: getting started URL 2019-01-23 09:35:27 +01:00
requirements.txt Uplift deckhand dependency 2019-07-01 14:09:03 -05:00
setup.py Update references from openstack to opendev 2019-04-24 15:22:53 -05:00
test-requirements.txt Requests Dependency Error 2019-06-13 16:51:49 +00:00
tox.ini Add support for globally encrypted secrets 2019-07-02 13:54:04 -05:00

README.rst

Pegleg

Docker Repository on Quay Doc Status

Introduction

Pegleg is a document aggregator that provides early linting and validations via Deckhand, a document management micro-service within Airship.

Pegleg supports local and remote Git repositories. Remote repositories can be cloned using a variety of protocols -- HTTP(S) or SSH. Afterward, specific revisions within those repositories can be checked out, their documents aggregated, linted, and passed to the rest of Airship for orchestration, allowing document authors to manage their site definitions using version control.

Find more documentation for Pegleg on Read the Docs.

Core Responsibilities

  • aggregation - Aggregates all documents required for site deployment across multiple Git repositories, each of which can be used to maintain separate document sets in isolation
  • linting - Configurable linting checks documents for common syntactical and semantical mistakes

Getting Started

For more detailed installation and setup information, please refer to the Getting Started guide.

Integration Points

Pegleg has the following integration points:

  • Deckhand which provides document revision management, storage and rendering functionality upon which the rest of the Airship components rely for orchestration of infrastructure provisioning.

Further Reading

Airship.