Adding Nemesis project. A file intelligence API.

Nemesis is a file intelligence API which allows querying of files by
hash and if the file is known intellig ence about said file is returned
such as a Malware likelyness score, the file type and so on. If the file
is not known the user is requested to submit the file to the API where a
number of scalable background workers process the file looking at PE
headers, MIME type and so on as well as running it through a number of
pluggable anti-virus drivers.

The use case is not really for file system scanning, and obviously
heurirstics scanning is not available as there is no running of said
file (yet, maybe later dynamic analysis may be included but this is a
long term stretched goal). Instead the intended purpose is for
developers of websites, APIs or other applications to scan uploads /
submissions on the fly before publishing them, or you could create a
Swift middleware to scan all files before they are accepted and placed
onto object nodes.

I beleive this could be a useful value add / complimentary project to
the OpenStack eco system, and in anycase would use Keystone for auth and
so on.

As of yet there is no code, I will probably end up recycling some
previous code from a personal project I made last year, however the repo
itself should be created fresh for a new start. I am happy as part of
the first patch to ensure the test stuff as provided by cookiecutter is
included and no mass import of existing code will take place.

Change-Id: Ida135e77746d303d8aa894b534d34f3f15466113

accessbot/channels.yaml

@@ -172,6 +172,7 @@ channels:
   - name: openstack-mistral
   - name: openstack-mogan
   - name: openstack-monasca
+  - name: openstack-nemesis
   - name: openstack-net-bgpvpn
   - name: openstack-networking-cisco
   - name: openstack-neutron

gerrit/acls/openstack/nemesis.config

@@ -0,0 +1,15 @@
+[access "refs/heads/*"]
+abandon = group nemesis-core
+create = group nemesis-release
+label-Code-Review = -2..+2 group nemesis-core
+label-Workflow = -1..+1 group nemesis-core
+
+[access "refs/tags/*"]
+pushSignedTag = group nemesis-release
+
+[receive]
+requireChangeId = true
+requireContributorAgreement = true
+
+[submit]
+mergeContent = true

gerrit/projects.yaml

@@ -4947,6 +4947,8 @@
   description: Murano Design Specifications
 - project: openstack/namos
   description: Device and Service manager
+- project: openstack/nemesis
+  description: A malware scanning and file intelligence API for the OpenStack ecosystem.
 - project: openstack/nerd-reviewer
   description: Nerd Reviewer bot reviews patches and checks that they pass common
     project rules e.g. unit test coverage, max amount of loc, well written commit

gerritbot/channels.yaml

@@ -1444,6 +1444,16 @@ openstack-monasca:
   branches:
     - master
 
+openstack-nemesis:
+  events:
+    - patchset-created
+    - change-merged
+    - x-vrif-minus-2
+  projects:
+    - openstack/nemesis
+  branches:
+    - master
+
 openstack-net-bgpvpn:
   events:
     - patchset-created

jenkins/jobs/projects.yaml

@@ -7066,6 +7066,13 @@
     jobs:
       - specs-jobs
 
+- project:
+    name: nemesis
+
+    jobs:
+      - python-jobs
+      - pypi-jobs
+
 - project:
     name: nerd-reviewer
 

zuul/layout.yaml

@@ -12069,6 +12069,14 @@ projects:
       - name: merge-check
       - name: noop-jobs
 
+  - name: openstack/nemesis
+    template:
+      - name: merge-check
+      - name: python-jobs
+      - name: python35-jobs
+      - name: check-requirements
+      - name: publish-to-pypi
+
   - name: openstack/nerd-reviewer
     template:
       - name: merge-check