======== Deckhand ======== |Doc Status| Deckhand is a storage service for YAML-based configuration documents, which are managed through version control and automatically validated. Deckhand provides users with a variety of different document types that describe complex configurations using the features listed below. Find more documentation for Deckhand on `Read the Docs `_. Core Responsibilities ===================== * layering - helps reduce duplication in configuration by applying the notion of inheritance to documents * substitution - provides separation between secret data and other configuration data for security purposes and reduces data duplication by allowing common data to be defined once and substituted elsewhere dynamically * revision history - maintains well-defined collections of documents within immutable revisions that are meant to operate together, while providing the ability to rollback to previous revisions * validation - allows services to implement and register different kinds of validations and report errors * secret management - leverages existing OpenStack APIs -- namely `Barbican`_ -- to reliably and securely store sensitive data .. _Barbican: https://docs.openstack.org/barbican/latest/api/ Getting Started =============== For more detailed installation and setup information, please refer to the `Getting Started `_ guide. Testing ------- Automated Testing ^^^^^^^^^^^^^^^^^ To run unit tests using sqlite, execute: :: $ tox -epy27 $ tox -epy35 against a py27- or py35-backed environment, respectively. To run individual unit tests, run: :: $ tox -e py27 -- deckhand.tests.unit.db.test_revisions for example. To run functional tests: :: $ tox -e functional You can also run a subset of tests via a regex: :: $ tox -e functional -- gabbi.suitemaker.test_gabbi_document-crud-success-multi-bucket Integration Points ================== Deckhand has the following integration points: * `Barbican (OpenStack Key Manager) `_ provides secure storage for sensitive data. * `Keystone (OpenStack Identity service) `_ provides authentication and support for role based authorization. * `PostgreSQL `_ is used to persist information to correlate workflows with users and history of workflow commands. .. note:: Currently, other database back-ends are not supported. Though, being a low-level service, has many other UCP services that integrate with it, including: * `Drydock `_ is orchestrated by Shipyard to perform bare metal node provisioning. * `Promenade `_ is indirectly orchestrated by Shipyard to configure and join Kubernetes nodes. * `Armada `_ is orchestrated by Shipyard to deploy and test Kubernetes workloads. Further Reading =============== `Airship `_. .. |Doc Status| image:: https://readthedocs.org/projects/deckhand/badge/?version=latest :target: http://deckhand.readthedocs.io/