Make a few cleanups:
- Remove obsolete sections from setup.cfg
- Remove install_command from tox.ini, the default
is fine
- Switch to sphinx-build
- Enable warnings for doc build, fix all warnings
- Remove git handling from conf.py, openstackdocstheme does this now
- Cleanup tox.ini
Change-Id: I51796be20596afc2305c2d8ea189b4037bd28b2d
Updated to remove leftover copy/paste references to Nova, as well
as our use of Storyboard instead of Launchpad.
Change-Id: Ie4c3d86eb4751151409006c817e4da7524d7e39a
- Listed out detail work items in the specification document.
- Listed out detail primary assignee.
- Added assert "assert:supports-rolling-upgrade" tag for Barbican
Change-Id: If758e84b6aa9a86de46ce405d8e174ca56c76723
Updated patch to clarify review comments and correct typos.
Added details around plugin name and how its used in secret_stores
'name' field.
Added changes related to how multiple plugin configuration is going to
be specified and used.
Added field to capture crypto_plugin name in addition to secret store plugin
name. This is done as both software only and pkcs11 plugin uses database
(store_crypto) as storage backend. Difference is in crypto plugin used
(simple crypto vs p11_crypto).
APIImpact
SecurityImpact
Change-Id: I02054d80f68f38145b399909d60db80a4d91c1ba
The blueprint for this feature was approved in the Liberty cycle.
However, the feature was not implemented. This CR proposes a slightly
modified blueprint for the Newton cycle.
Change-Id: I6b27c7b2b73c429b53bd235b46f7ea753166406a
This blueprint discusses the creation of a new key manager wrapper
in Castellan for KMIP devices. This provides a way for Castellan
to interact with a KMIP device directly.
Change-Id: Ib77707a12dbfdb72a66c2bfbe9e17711cb7e9bcd
Depends-On: I34243c7a2523d9d0aa4e86d823dd28f1beed821a
This blueprint discusses adding additional Keystone auth
types to Castellan for the Barbican Key manager.
This was discussed as a need in previous meeting, to allow
for future Castellan integration into Swift for Object
Encryption.
Change-Id: I2247abe5c04c740582fb11b281030532ef00b9bd
The barbican admin will be able to configure a cronjob to
clean up soft deletions in the database.
Change-Id: I96e42c2341206c52dc0ed86e2f98f4eefc7b65a6
This blueprint discuss and defines a new admin command called
"barbican-manage" which interacts with Barbican service for all
management operations. The initial implementation will consolidate
several existing admin commands into it.
Change-Id: I8a69b9ed4035a1a1ff9240d1124cdc7363376ed0
Upon discovery and discussion, this commit brings three changes to the
design spec for project quotas.
1) Removal of quota support for transport keys. It turns out they
are not a project resource and should not be managed on a per
project basis.
2) New role for quota management. The management of project quotas
can not fall to project level admins. This must be the responsibility
of a service level admin. A new keystone role is introduced to
implement this change.
3) Clarification of paging support. The examples are updated to clarify
the paging support to be implemented for listing project quotas.
Change-Id: I4d5fb76e2868f63f623a8a3cd0b14d0bba31290a
Relates-to: blueprint quota-support-on-barbican-resources
Changes to spec to treat configured project values as a REST object.
This implies some changes on how to handle specific CRUD operations.
Change the data model to move away from previous generic design
to a Barbican quota specific model.
Changes for specific use cases based on reviews, discussion, and and
community consensus.
Change-Id: Ie46eb9e7918c4e719437af7fc31d76db7aa8abb5
Relates-to: blueprint quota-support-on-barbican-resources
Added section for client (python and CLI) impact as well as a
link near the top so that an API blueprint can point to its
related client blueprint.
Change-Id: I4bc22933f27efcd59363e9e09ca117ad01f001cb
Change project-quotas and project-id to project_quotas and project_id.
To be consistent with the OpenStack API WG recommendations: we should
use dashes in the resource names (the request URLs) and use underscores
in the field names (the JSON response).
Relates-to: blueprint quota-support-on-barbican-resources
Change-Id: Icebf327c3c3b52afb0f847d6ab626e6d8eda12aa
Moved to Liberty.
Adding audit middleware option emitting CADF events.
Clarified testing details are requested in review comments.
Change-Id: I4692f183190ed6e4d364bd7d69e0db65f9232094