Commit Graph

44 Commits

Author SHA1 Message Date
Takashi Kajinami 291ad9c778 Bump hacking
hacking 3.0.x is too old.

Change-Id: Ic6d33295b33cff8a68fbb8181973480bc17e7711
2024-02-02 01:50:46 +09:00
Pavlo Shchelokovskyy ecf625b65c Add support for Vault Namespaces
Vault Namespaces [0] is a feature available in Vault Enterprise that
can be considered as a more advanced isolation feature on top of current
KV Mountpoint option in Castellan Vault plugin.

Passing a namespace in all request headers (including Auth) allows to organize
Vault-in-Vault style of isolation, with clients using the same simple URI path
but accessing separate sets of entities in Vault.

[0] https://www.vaultproject.io/docs/enterprise/namespaces

Change-Id: I627c20002bb2a0a1b346b57e824f87f856eca4c9
2021-10-07 12:12:51 +00:00
Zuul ab8cbe2da9 Merge "Adding pre-commit" 2020-10-06 14:18:19 +00:00
Hervé Beraud b719a5b56d Adding pre-commit
Introduced changes:
- pre-commit config and rules
- Add pre-commit to pep8 gate, Flake8 is covered in the pre-commit hooks.
- Applying fixes for pre-commit compliance in all code.

Also commit hash will be used instead of version tags in pre-commit to
prevend arbitrary code from running in developer's machines.

pre-commit will be used to:
- trailing whitespace;
- Replaces or checks mixed line ending (mixed-line-ending);
- Forbid files which have a UTF-8 byte-order marker (check-byte-order-marker);
- Checks that non-binary executables have a proper
  shebang (check-executables-have-shebangs);
- Check for files that contain merge conflict strings (check-merge-conflict);
- Check for debugger imports and py37+ breakpoint()
  calls in python source (debug-statements);
- Attempts to load all yaml files to verify syntax (check-yaml);
- Run flake8 checks (flake8) (local)

For further details about tests please refer to:
https://github.com/pre-commit/pre-commit-hooks

Change-Id: I35e092c472e5d564ebc9bb6c2a4f6d40b54ff120
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
2020-09-29 13:24:21 +00:00
Moisés Guimarães de Medeiros 62a826cf10 Bump bandit version
This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393

Change-Id: Id913a9c9bedb7eb1366ac534ec1371945b0918a6
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
2020-07-24 17:31:40 +02:00
zhangboye c2a9f19f22 migrate testing to ubuntu focal
Change-Id: I2baabd74f0c33514b1ebb9116da4a91d3634ec5e
2020-07-14 10:33:08 +08:00
zhangboye 48f899aaa0 Fix hacking min version to 3.0.1
Change-Id: I27c655e1169e1e1eee418173fcaa672a404b48f3
2020-05-22 11:45:34 +08:00
Andreas Jaeger a1718bb95a Update hacking for Python3
The repo is Python 3 now, so update hacking to version 3.0 which
supports Python 3.

Fix problems found by updated hacking version.

Change-Id: I4f24c0fa5178f15912db899fcf26ca11480eab21
2020-03-31 13:08:37 +00:00
Alexandra Settle 6a90cdc520 PDF Documentation Build tox target
This patch adds a `pdf-docs` tox target that will build
PDF versions of our docs. As per the Train community goal:

  https://governance.openstack.org/tc/goals/selected/train/pdf-doc-generation.html

Add sphinxcontrib-svg2pdfconverter to doc/requirements.txt
to convert our SVGs.

This PR also introduces the docs testenv and a doc
requirements.txt file.

Change-Id: If782737efe7114422be9cc3fc586500a2065f07e
Story: 2006072
2019-10-01 13:53:06 +00:00
Ben Nemec 3e5a18ca7c Cap Bandit below 1.6.0 and update Sphinx requirement
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.

Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.

Change-Id: I659571d084247a6a180d5b665921791d3647038f
Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-15 15:16:59 +00:00
Moises Guimaraes de Medeiros 6e03a68c14 Add Castellan Oslo Config Driver.
This driver is an oslo.config backend driver implemented with
Castellan. It extends oslo.config's capabilities by enabling it
to retrieve configuration values from a secret manager behind
Castellan.

Change-Id: Id7cf99bea5788e0a6309461a75eaa8d08d29641b
Signed-off-by: Moises Guimaraes de Medeiros <moguimar@redhat.com>
2019-01-09 23:17:17 +01:00
Vu Cong Tuan 22a5b8b1ec Switch to stestr
According to Openstack summit session [1],
stestr is maintained project to which all Openstack projects should migrate.
Let's switch to stestr as other projects have already moved to it.

[1] https://etherpad.openstack.org/p/YVR-python-pti

Change-Id: I644c28acb04451113849691cd64c209258cef7d7
2018-07-11 08:56:06 +07:00
OpenStack Proposal Bot a651d07a4b Updated from global requirements
Change-Id: I42173bc2cfbde1a0e6672ec2bbd52c486e1a867f
2018-03-16 07:19:16 +00:00
OpenStack Proposal Bot 7d51c7c0b5 Updated from global requirements
Change-Id: I795e8cde293d4095514d773f32becfa09b100164
2018-03-10 13:08:00 +00:00
OpenStack Proposal Bot 73f0dddd3b Updated from global requirements
Change-Id: Iaac4a955fc23db5ab219af62fafd2c1d715b47de
2018-01-24 00:49:54 +00:00
OpenStack Proposal Bot e587bf6235 Updated from global requirements
Change-Id: I9541b0542d1c6d3ff4c1658fb71d75819c9132dc
2018-01-17 20:28:49 +00:00
OpenStack Proposal Bot 6be0adee96 Updated from global requirements
Change-Id: I9b1a2a43b97f40e5cbd21569f54ad567a023922a
2017-11-16 11:03:50 +00:00
Davanum Srinivas 2140a90509 Add a functional vault job
Since we added a vault driver, we should add a functional job
so updates to castellan won't break the vault integration.

Change-Id: I4c15359618f907a9927ff6a4a730c10f429c0ec8
2017-11-14 16:20:55 -05:00
OpenStack Proposal Bot 1c58e5749a Updated from global requirements
Change-Id: I10aad7a537f8a9bc091d36dbe8e730a2b3d317e9
2017-09-13 12:48:44 +00:00
Jeremy Liu 5d946f0855 Add releasenotes for castellan
Change-Id: I668815f3b353e15b72b88a62ea098fef66a94ae0
2017-09-05 13:40:42 +08:00
OpenStack Proposal Bot 6fe37f79a4 Updated from global requirements
Change-Id: I65e71d4c94a2d8f44923b0aaf99ebbc40eb5ae4b
2017-08-04 12:47:31 +00:00
OpenStack Proposal Bot b0f1e72483 Updated from global requirements
Change-Id: I6353a195fd02ffe05e97b18b194f0ac569a3a6e7
2017-07-28 21:35:28 +00:00
OpenStack Proposal Bot b59de144ee Updated from global requirements
Change-Id: Ia0d65f58950edbc7fe0b405f30c7d2af08ff2f28
2017-07-27 20:19:27 +00:00
Van Hung Pham c9fefc3f51 Switch from oslosphinx to openstackdocstheme
As part of the docs migration work[0] for Pike we need to switch to use
the openstackdocstheme.

[0]https://review.openstack.org/#/c/472275/

Change-Id: I56c71ed3efd01b254567fbae5b35f8270261473b
2017-06-29 17:05:06 +07:00
OpenStack Proposal Bot e594c880ba Updated from global requirements
Change-Id: Icafe35eae4731e9e4f65f91a40657c1c94f58b30
2017-06-27 12:08:20 +00:00
OpenStack Proposal Bot 29500eb696 Updated from global requirements
Change-Id: I94e67b2e776f961a6d5c78b7ba73538078216ca7
2017-05-17 03:46:17 +00:00
OpenStack Proposal Bot a216e48710 Updated from global requirements
Change-Id: I7d1a4805b098aa5f3a387b4792e19b8cb8adc991
2017-05-15 00:42:07 +00:00
OpenStack Proposal Bot bedd3e8e11 Updated from global requirements
Change-Id: If2aac4badadc940adc1053fea03e25b0a6c863f7
2017-03-10 03:28:34 +00:00
Jeremy Liu a076657518 Fix gate failure on pep8
update test-requirements to match global requirements.

Change-Id: Ic0d551db6235f4f27fece011132dbf5f1ead44e8
Partial-Bug: #1668848
2017-03-02 17:05:36 +08:00
OpenStack Proposal Bot b629503da4 Updated from global requirements
Change-Id: I238eb2486db944f2b854fdd86c4924cc1855c95b
2017-02-10 09:38:33 +00:00
OpenStack Proposal Bot cfcdde1947 Updated from global requirements
Change-Id: I35bd94eb03965fa9ba4216cb37b5e7bb3988e424
2016-10-22 01:17:47 +00:00
OpenStack Proposal Bot d9f6415086 Updated from global requirements
Change-Id: I930dd8e9be25889036b166d7c3aab5e577d7a6b5
2016-10-14 23:59:11 +00:00
Jenkins 407fd6bab2 Merge "Remove discover from test-requirements" 2016-10-14 21:04:09 +00:00
OpenStack Proposal Bot 03488d90e0 Updated from global requirements
Change-Id: I230b02ceb28ec02ba1fc07a6d4ab329f9c156fdb
2016-08-04 02:33:56 +00:00
Swapnil Kulkarni (coolsvap) 65d35ca6c7 Remove discover from test-requirements
It's only needed for python < 2.7 which is not supported

Change-Id: I8dc217fd8f360a4e01ca53b8a8f56b2d3edbd3fe
2016-07-21 09:38:43 +00:00
Robert Clark dd6ad90e01 Add a bandit environment to tox
This change is being proposed as part of the OpenStack Security Project
working session at the Austin 2016 summit. It adds support for running
the bandit[1] security linting tool against the Castellan codebase.
This change adds a targetted environment for bandit and also adds
bandit as part of the pep8 job.

The bandit configuration has been tailored to exclude tests that are
currently producing warning against the codebase. These issues will be
followed up with bug reports and patches.

At the time of submission, Castellan passes all Bandit tests configured
in tox.

[1]: https://wiki.openstack.org/wiki/Security/Projects/Bandit

Change-Id: I19368d3440ad5dc862e7d91f7890f9b1901fced3
2016-04-28 17:06:16 -05:00
OpenStack Proposal Bot 46a80444c1 Updated from global requirements
Change-Id: I4e1372a218bd475aa0a71335e3bc4b33fea0e9ad
2016-04-07 17:06:50 +00:00
OpenStack Proposal Bot 5a1d5a58f5 Updated from global requirements
Change-Id: If186fcce8fccdf012d72231b60833147369bc4b4
2016-01-23 09:27:56 +00:00
ting.wang c18e510ff0 Clean up removed hacking rule from [flake8] ignore lists
We bump hacking>=0.10.0, and hacking removed some rules,
for the full list of rules please see [1]. So don't need them any more.

[1]https://github.com/openstack-dev/hacking/blob/master/setup.cfg#L30

Change-Id: I61b57fc7c958a869bc97d1cb73d447413f60cebd
2016-01-21 10:54:24 +08:00
OpenStack Proposal Bot da0e8b1f9f Updated from global requirements
Change-Id: I7c813f20ff34c7fae46f0bb17ca27a4014174007
2016-01-18 22:39:38 +00:00
OpenStack Proposal Bot adc5b74cc6 Updated from global requirements
Change-Id: I724a01fdccc10cedc6d317beceb771c91d4fd037
2015-11-19 15:54:44 +00:00
OpenStack Proposal Bot 4fda4a749f Updated from global requirements
Change-Id: I0865dd73e4c6936cb0935edab34893d377dd040a
2015-09-03 04:12:46 +00:00
Kaitlin Farr 4a0d606f74 Add Barbican key manager
Adds the first usable key manager plugin to Castellan. While there is an
implementation of a mock key manager in the test directories, it is used
only for testing.

This code is based on the barbican key manager code in Nova written by
Brianna Poulos. See: https://review.openstack.org/#/c/104001/

The Barbican API version info will be read from a config option until
the Barbican Version API is fixed.  See fix-version-api blueprint.

Implements: blueprint add-barbican-key-manager
Co-authored-by: Brianna Poulos <brianna.poulos@jhuapl.edu>
Change-Id: Ia27cd831f42c6b027778240b3396b1c4149dc689
2015-07-05 20:08:49 -04:00
Douglas Mendizábal 93eb3a9f16 Initial Cookiecutter Commit. 2014-11-20 15:39:45 -06:00