Merge tag '0.18.0' into debian/rocky
castellan 0.18.0 release
meta:version: 0.18.0
meta:diff-start: -
meta:series: rocky
meta:release-type: release
meta:pypi: no
meta:first: yes
meta:release:Author: Ben Nemec <bnemec@redhat.com>
meta:release:Commit: Ben Nemec <bnemec@redhat.com>
meta:release:Change-Id: I1ad8057682e860d2f3b5b037c7f1b63e86bed9be
meta:release:Code-Review+2: Tony Breeds <tony@bakeyournoodle.com>
meta:release:Workflow+1: Tony Breeds <tony@bakeyournoodle.com>
Thomas Goirand
5 years ago
25 | 25 | vars: |
26 | 26 | devstack_services: |
27 | 27 | # is there a way to disable all services? I only want barbican |
28 | ceilometer-acentral: False | |
29 | ceilometer-acompute: False | |
30 | ceilometer-alarm-evaluator: False | |
31 | ceilometer-alarm-notifier: False | |
32 | ceilometer-anotification: False | |
33 | ceilometer-api: False | |
34 | ceilometer-collector: False | |
35 | horizon: False | |
36 | s-account: False | |
37 | s-container: False | |
38 | s-object: False | |
39 | s-proxy: False | |
28 | ceilometer-acentral: false | |
29 | ceilometer-acompute: false | |
30 | ceilometer-alarm-evaluator: false | |
31 | ceilometer-alarm-notifier: false | |
32 | ceilometer-anotification: false | |
33 | ceilometer-api: false | |
34 | ceilometer-collector: false | |
35 | horizon: false | |
36 | s-account: false | |
37 | s-container: false | |
38 | s-object: false | |
39 | s-proxy: false | |
40 | 40 | devstack_plugins: |
41 | 41 | barbican: git://git.openstack.org/openstack/barbican |
42 | 42 | tox_environment: |
43 | 43 | PYTHONUNBUFFERED: 'true' |
44 | tox_install_siblings: False # I don't know what this means | |
44 | tox_install_siblings: false # I don't know what this means | |
45 | 45 | tox_envlist: functional |
46 | 46 | zuul_work_dir: src/git.openstack.org/openstack/castellan |
47 | 47 | |
48 | 48 | - project: |
49 | name: openstack/castellan | |
50 | 49 | check: |
51 | 50 | jobs: |
52 | 51 | - castellan-functional-vault |
53 | 52 | - castellan-functional-devstack |
53 | - openstack-tox-lower-constraints | |
54 | - barbican-simple-crypto-devstack-tempest-castellan-from-git | |
54 | 55 | gate: |
55 | 56 | jobs: |
56 | 57 | - castellan-functional-vault |
57 | 58 | - castellan-functional-devstack |
59 | - openstack-tox-lower-constraints | |
60 | - barbican-simple-crypto-devstack-tempest-castellan-from-git |
11 | 11 | Team and repository tags |
12 | 12 | ======================== |
13 | 13 | |
14 | .. image:: https://governance.openstack.org/badges/castellan.svg | |
15 | :target: https://governance.openstack.org/reference/tags/index.html | |
14 | .. image:: https://governance.openstack.org/tc/badges/castellan.svg | |
15 | :target: https://governance.openstack.org/tc/reference/tags/index.html |
69 | 69 | default=True, |
70 | 70 | help='Specifies if insecure TLS (https) requests. If False, ' |
71 | 71 | 'the server\'s certificate will not be validated'), |
72 | cfg.StrOpt('barbican_endpoint_type', | |
73 | default='public', | |
74 | choices=['public', 'internal', 'admin'], | |
75 | help='Specifies the type of endpoint. Allowed values are: ' | |
76 | 'public, private, and admin'), | |
77 | ||
72 | 78 | ] |
73 | 79 | |
74 | 80 | BARBICAN_OPT_GROUP = 'barbican' |
182 | 188 | raise exception.Forbidden(reason=msg) |
183 | 189 | |
184 | 190 | def _get_barbican_endpoint(self, auth, sess): |
185 | if self.conf.barbican.barbican_endpoint: | |
186 | return self.conf.barbican.barbican_endpoint | |
191 | barbican = self.conf.barbican | |
192 | if barbican.barbican_endpoint: | |
193 | return barbican.barbican_endpoint | |
187 | 194 | else: |
188 | 195 | service_parameters = {'service_type': 'key-manager', |
189 | 196 | 'service_name': 'barbican', |
190 | 'interface': 'public'} | |
197 | 'interface': barbican.barbican_endpoint_type} | |
191 | 198 | return auth.get_endpoint(sess, **service_parameters) |
192 | 199 | |
193 | 200 | def _create_base_url(self, auth, sess, endpoint): |
39 | 39 | barbican_api_version=None, auth_endpoint=None, |
40 | 40 | retry_delay=None, number_of_retries=None, verify_ssl=None, |
41 | 41 | api_class=None, vault_root_token_id=None, vault_url=None, |
42 | vault_ssl_ca_crt_file=None, vault_use_ssl=None): | |
42 | vault_ssl_ca_crt_file=None, vault_use_ssl=None, | |
43 | barbican_endpoint_type=None): | |
43 | 44 | """Set defaults for configuration values. |
44 | 45 | |
45 | 46 | Overrides the default options values. |
55 | 56 | :param vault_url: Use this for the url for vault. |
56 | 57 | :param vault_use_ssl: Use this to force vault driver to use ssl. |
57 | 58 | :param vault_ssl_ca_crt_file: Use this for the CA file for vault. |
59 | :param barbican_endpoint_type: Use this to specify the type of URL. | |
60 | : Valid values are: public, internal or admin. | |
58 | 61 | """ |
59 | 62 | conf.register_opts(km.key_manager_opts, group='key_manager') |
60 | 63 | if bkm: |
85 | 88 | group=bkm.BARBICAN_OPT_GROUP) |
86 | 89 | if verify_ssl is not None: |
87 | 90 | conf.set_default('verify_ssl', verify_ssl, |
91 | group=bkm.BARBICAN_OPT_GROUP) | |
92 | if barbican_endpoint_type is not None: | |
93 | conf.set_default('barbican_endpoint_type', barbican_endpoint_type, | |
88 | 94 | group=bkm.BARBICAN_OPT_GROUP) |
89 | 95 | |
90 | 96 | if vkm is not None: |
65 | 65 | options.set_defaults(conf, verify_ssl=True) |
66 | 66 | self.assertEqual(verify_ssl, |
67 | 67 | conf.get(bkm.BARBICAN_OPT_GROUP).verify_ssl) |
68 | ||
69 | barbican_endpoint_type = 'internal' | |
70 | options.set_defaults(conf, barbican_endpoint_type='internal') | |
71 | result_type = conf.get(bkm.BARBICAN_OPT_GROUP).barbican_endpoint_type | |
72 | self.assertEqual(barbican_endpoint_type, result_type) |
28 | 28 | |
29 | 29 | .. note:: |
30 | 30 | |
31 | Other available environments are py35, pypy and pep8. | |
31 | Other available environments are py35 and pep8. | |
32 | 32 | |
33 | 33 | If you do not have the appropriate Python versions available, consider |
34 | 34 | setting up PyEnv to install multiple versions of Python. See the |
43 | 43 | information on this please see `Setting up a Barbican development environment`_ |
44 | 44 | and `Using Keystone Middleware with Barbican`_ |
45 | 45 | |
46 | .. _`Setting up a Barbican development environment`: https://docs.openstack.org/barbican/latest/setup/dev.html | |
47 | .. _`Using Keystone Middleware with Barbican`: https://docs.openstack.org/barbican/latest/setup/keystone.html | |
46 | .. _`Setting up a Barbican development environment`: https://docs.openstack.org/barbican/latest/contributor/dev.html | |
47 | .. _`Using Keystone Middleware with Barbican`: https://docs.openstack.org/barbican/latest/configuration/keystone.html | |
48 | 48 | |
49 | 49 | Castellan uses either ``/etc/castellan/castellan-functional.conf`` or ``./etc/castellan/castellan-functional.conf`` |
50 | 50 | in order to run functional tests. A sample file can be generated by running: |
0 | alabaster==0.7.10 | |
1 | appdirs==1.3.0 | |
2 | asn1crypto==0.23.0 | |
3 | Babel==2.3.4 | |
4 | bandit==1.1.0 | |
5 | cffi==1.7.0 | |
6 | cliff==2.8.0 | |
7 | cmd2==0.8.0 | |
8 | coverage==4.0 | |
9 | cryptography==2.1 | |
10 | debtcollector==1.2.0 | |
11 | docutils==0.11 | |
12 | dulwich==0.15.0 | |
13 | extras==1.0.0 | |
14 | fixtures==3.0.0 | |
15 | flake8==2.5.5 | |
16 | gitdb==0.6.4 | |
17 | GitPython==1.0.1 | |
18 | hacking==0.12.0 | |
19 | idna==2.6 | |
20 | imagesize==0.7.1 | |
21 | iso8601==0.1.11 | |
22 | Jinja2==2.10 | |
23 | keystoneauth1==3.4.0 | |
24 | linecache2==1.0.0 | |
25 | MarkupSafe==1.0 | |
26 | mccabe==0.2.1 | |
27 | mock==2.0.0 | |
28 | monotonic==0.6 | |
29 | mox3==0.20.0 | |
30 | msgpack-python==0.4.0 | |
31 | netaddr==0.7.18 | |
32 | netifaces==0.10.4 | |
33 | openstackdocstheme==1.18.1 | |
34 | os-client-config==1.28.0 | |
35 | oslo.config==5.2.0 | |
36 | oslo.context==2.19.2 | |
37 | oslo.i18n==3.15.3 | |
38 | oslo.log==3.36.0 | |
39 | oslo.serialization==2.18.0 | |
40 | oslo.utils==3.33.0 | |
41 | oslotest==3.2.0 | |
42 | pbr==2.0.0 | |
43 | pep8==1.5.7 | |
44 | pifpaf==0.10.0 | |
45 | prettytable==0.7.2 | |
46 | pycparser==2.18 | |
47 | pyflakes==0.8.1 | |
48 | Pygments==2.2.0 | |
49 | pyinotify==0.9.6 | |
50 | pyparsing==2.1.0 | |
51 | pyperclip==1.5.27 | |
52 | python-barbicanclient==4.5.2 | |
53 | python-dateutil==2.5.3 | |
54 | python-mimeparse==1.6.0 | |
55 | python-subunit==1.0.0 | |
56 | pytz==2013.6 | |
57 | PyYAML==3.12 | |
58 | reno==2.5.0 | |
59 | requests==2.14.2 | |
60 | requestsexceptions==1.2.0 | |
61 | rfc3986==0.3.1 | |
62 | six==1.10.0 | |
63 | smmap==0.9.0 | |
64 | snowballstemmer==1.2.1 | |
65 | Sphinx==1.6.2 | |
66 | sphinxcontrib-websupport==1.0.1 | |
67 | stevedore==1.20.0 | |
68 | testrepository==0.0.18 | |
69 | testscenarios==0.4 | |
70 | testtools==2.2.0 | |
71 | traceback2==1.4.0 | |
72 | unittest2==1.1.0 | |
73 | wrapt==1.7.0 | |
74 | xattr==0.9.2 |
0 | =================================== | |
1 | Queens Series Release Notes | |
2 | =================================== | |
3 | ||
4 | .. release-notes:: | |
5 | :branch: stable/queens |
3 | 3 | |
4 | 4 | pbr!=2.1.0,>=2.0.0 # Apache-2.0 |
5 | 5 | Babel!=2.4.0,>=2.3.4 # BSD |
6 | cryptography!=2.0,>=1.9 # BSD/Apache-2.0 | |
7 | python-barbicanclient!=4.5.0,!=4.5.1,>=4.0.0 # Apache-2.0 | |
8 | oslo.config>=5.1.0 # Apache-2.0 | |
6 | cryptography>=2.1 # BSD/Apache-2.0 | |
7 | python-barbicanclient>=4.5.2 # Apache-2.0 | |
8 | oslo.config>=5.2.0 # Apache-2.0 | |
9 | 9 | oslo.context>=2.19.2 # Apache-2.0 |
10 | 10 | oslo.i18n>=3.15.3 # Apache-2.0 |
11 | oslo.log>=3.30.0 # Apache-2.0 | |
11 | oslo.log>=3.36.0 # Apache-2.0 | |
12 | 12 | oslo.utils>=3.33.0 # Apache-2.0 |
13 | 13 | stevedore>=1.20.0 # Apache-2.0 |
14 | keystoneauth1>=3.3.0 # Apache-2.0 | |
14 | keystoneauth1>=3.4.0 # Apache-2.0 |
3 | 3 | hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0 |
4 | 4 | |
5 | 5 | coverage!=4.4,>=4.0 # Apache-2.0 |
6 | python-barbicanclient!=4.5.0,!=4.5.1,>=4.0.0 # Apache-2.0 | |
6 | python-barbicanclient>=4.5.2 # Apache-2.0 | |
7 | 7 | python-subunit>=1.0.0 # Apache-2.0/BSD |
8 | sphinx>=1.6.2 # BSD | |
9 | openstackdocstheme>=1.17.0 # Apache-2.0 | |
10 | oslotest>=1.10.0 # Apache-2.0 | |
8 | sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD | |
9 | openstackdocstheme>=1.18.1 # Apache-2.0 | |
10 | oslotest>=3.2.0 # Apache-2.0 | |
11 | 11 | testrepository>=0.0.18 # Apache-2.0/BSD |
12 | 12 | testscenarios>=0.4 # Apache-2.0/BSD |
13 | 13 | testtools>=2.2.0 # MIT |
0 | 0 | [tox] |
1 | 1 | minversion = 1.6 |
2 | envlist = py35,py27,pypy,pep8 | |
2 | envlist = py35,py27,pep8 | |
3 | 3 | skipsdist = True |
4 | 4 | |
5 | 5 | [testenv] |
6 | basepython = python3 | |
6 | 7 | usedevelop = True |
7 | 8 | install_command = pip install {opts} {packages} |
8 | 9 | setenv = |
13 | 14 | -r{toxinidir}/requirements.txt |
14 | 15 | -r{toxinidir}/test-requirements.txt |
15 | 16 | commands = python setup.py testr --slowest --testr-args='{posargs}' |
17 | ||
18 | [testenv:py27] | |
19 | basepython = python2.7 | |
16 | 20 | |
17 | 21 | [testenv:pep8] |
18 | 22 | commands = |
80 | 84 | |
81 | 85 | [hacking] |
82 | 86 | import_exceptions = castellan.i18n |
87 | ||
88 | [testenv:lower-constraints] | |
89 | deps = | |
90 | -c{toxinidir}/lower-constraints.txt | |
91 | -r{toxinidir}/test-requirements.txt | |
92 | -r{toxinidir}/requirements.txt |