airship
/
pegleg
Code Issues Proposed changes
474 Commits 3 Branches 0 Tags 9.9 MiB
Commit Graph

9 Commits

Author SHA1 Message Date
Rajeshwari Dharwadkar 6ee2aaf845 Support pegleg to run on opensuse leap15 image 
Add DISTRO parameter to support multiple distros
Add Dockerfile for opensuse to build leap 15 image.

Change-Id: I7a529476937494e042a4801117489325aa6621c7
 2019-05-14 09:41:21 -07:00
Felipe Monteiro 2a8d2638b3 pki: Port Promenade's PKI catalog into Pegleg 
This patch set implements the PKICatalog [0] requirements
as well as PeglegManagedDocument [1] generation requirements
outlined in the spec [2].

Included in this patch set:

* New CLI entry point called "pegleg site secrets generate-pki"
* PeglegManagedDocument generation logic in
  engine.cache.managed_document
* Refactored PKICatalog logic in engine.cache.pki_catalog derived
  from the Promenade PKI implementation [3], responsible for
  generating certificates, CAs, and keypairs
* Refactored PKIGenerator logic in engine.cache.pki_generator
  derived from Promenade Generator implementation [4],
  responsible for reading in pegleg/PKICatalog/v1 documents (as
  well as promenade/PKICatalog/v1 documents for backwards
  compatibility) and generating required secrets and storing
  them into the paths specified under [0]
* Unit tests for all of the above [5]
* Example pki-catalog.yaml document under pegleg/site_yamls
* Validation schema for pki-catalog.yaml (TODO: implement
  validation logic here: [6])
* Updates to CLI documentation and inclusion of PKICatalog
  and PeglegManagedDocument documentation
* Documentation updates with PKI information [7]

TODO (in follow-up patch sets):

* Expand on overview documentation to include new Pegleg
  responsibilities
* Allow the original repository (not the copied one) to
  be the destination where the secrets are written to
* Finish up cert expiry/revocation logic

[0] https://airship-specs.readthedocs.io/en/latest/specs/approved/pegleg-secrets.html#document-generation
[1] https://airship-specs.readthedocs.io/en/latest/specs/approved/pegleg-secrets.html#peglegmanageddocument
[2] https://airship-specs.readthedocs.io/en/latest/specs/approved/pegleg-secrets.html
[3] https://github.com/openstack/airship-promenade/blob/master/promenade/pki.py
[4] https://github.com/openstack/airship-promenade/blob/master/promenade/generator.py
[5] https://review.openstack.org/#/c/611739/
[6] https://review.openstack.org/#/c/608159/
[7] https://review.openstack.org/#/c/611738/

Change-Id: I3010d04cac6d22c656d144f0dafeaa5e19a13068
 2019-01-15 13:29:21 -06:00
Tin Lam 253b15cc33 Remove py35 support 
As the default Docker image support for Pegleg is using py36 as a base
image, this patch set simply removes the support for py35. This allows
us to use py36 features such as secrets and f-strings without needing to
cope with backward compatibility.

Change-Id: Ic156ca67d2a0fe6fdc74c2c9da253a1cb8a3f456
Signed-off-by: Tin Lam <tin@irrational.io>
 2018-11-07 13:04:34 -06:00
Felipe Monteiro ec34ed056f Allow tox to support regexes for unit tests 
This patch set adds a shell wrapper script to allow
tox to be used to run a subset of unit tests via regexes:

To run all unit tests, execute::

  $ tox -epy35

To run unit tests using a regex, execute::

  $ tox -epy35 -- <regex>

Change-Id: I2ba1e18226d686cb549a075e020ba02e24204829
 2018-10-22 10:18:05 -04:00
Zuul 8207a33a6a Merge "docs: Include venv workflow guide under "Developer Workflow"" 2018-10-02 17:32:32 +00:00
Roman Gorshunov c48b0ef565 Fix: various documentation and URL fixes 
1) UCP -> Airship
2) readthedocs.org -> readthedocs.io (there is redirect)
3) http -> https
4) attcomdev -> airshipit (repo on quay.io)
5) att-comdev -> openstack/airship-* (repo on github/openstack git)
6) many URLs have been verified and adjusted to be current
7) no need for 'en/latest/' path in URL of the RTD
8) added more info to some setup.cfg and setup.py files
9) ucp-integration docs are now in airship-in-a-bottle
10) various other minor fixes

Change-Id: I3a325f004d47d69f2d382f071e342c4e4c50ab0b
 2018-09-25 11:44:57 +02:00
Felipe Monteiro 7401dabe5b docs: Include venv workflow guide under "Developer Workflow" 
This patch set includes information to the "Developer Workflow"
guide in order to enable developers to more quickly test local
code changes.

Rather than, after each local code change, rebuilding the
Pegleg image and overriding the ``IMAGE`` environment variable
so ``tools/pegleg.sh`` uses the latest code changes, it is
possible to use a virtual environment for much faster development.

Change-Id: Ie115744c5b473fcebc8d98f7c850e0c835c49afa
 2018-09-24 20:23:33 +00:00
Felipe Monteiro 893ea9f4bb Standardize Pegleg directory structure 
This patch set standardizes the Pegleg directory
structure because of the following reasons:

1) src/bin/pegleg is not necessary and only makes
building (e.g. documentation building) and running
of tox targets unnecessarily difficult.
2) src/bin/pegleg is a Java-like standard that
bears no relevance to Python.

Change-Id: I37d39d3d6186b92f8fbfe234221c9e44da48cf10
 2018-09-23 10:33:40 -04:00
Felipe Monteiro adb23bc2a6 docs: Add developer overview guide 
This patch set introduces a developer overview documentation
page to Pegleg to help developers onboard.

Change-Id: Ia453d76f024db39c6bdd97a44bfe1db1c25193f9
 2018-09-13 18:28:58 -06:00