Switch to newer openstackdocstheme version

Switch to openstackdocstheme 2.2.1 version. Using
this version will allow especially:
* Linking from HTML to PDF document
* Allow parallel building of documents
* Fix some rendering problems

Update Sphinx version as well.

Change pygments_style to 'native' since old theme version always used
'native' and the theme now respects the setting and using 'sphinx' can
lead to some strange rendering.

openstackdocstheme renames some variables, so follow the renames
before the next release removes them. A couple of variables are also
not needed anymore, remove them.

See also
http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014971.html

Update to use openstackdocstheme, cleanup setup.cfg, tox.ini for
python3.

Fix build problems with newer Sphinx.

Change-Id: I433dee9372af6e477d96ded8cb93bc04f85e209d

doc/source/artifacts/barbican/newton/architecture-page.rst

@@ -170,8 +170,7 @@ Data Assets:
   - Availability Failure Impact: barbican could no longer create new secrets
     without access to the queue.
 
-- *Identity Service (keystone) Event Queue Credentials [Including endpoint
-address]*:
+- *Identity Service (keystone) Event Queue Credentials [Including endpoint address]*:
 
   - Integrity Failure Impact: An attacker could setup their own queue, point
     barbican to this rogue queue and by publishing events, delete all

doc/source/artifacts/keystonemiddleware/pike/architecture-page.rst

@@ -68,10 +68,12 @@ Data asset impact analysis
 
 Data Assets:
 - *Authorization Token*:
+
   - Integrity Failure Impact: Attacker that can capture and hijack a valid
     auth token can get access to anything scoped to the token.
 
 - *keystonemiddleware.conf*:
+
   - Integrity Failure Impact: Attacker who can read the config file can gain
     access to the memcache encryption key, which can allow them to access and
     modify all cached tokens.
@@ -81,6 +83,7 @@ Interfaces
 ~~~~~~~~~~
 
 1. User -> KeystoneMiddleware *[TLS]*:
+
    - Assets in flight: keystone Token
    - An attacker who can successfully intercept the token can modify anything
      that the token is scoped to. This has potential availability impact.

doc/source/artifacts/keystonemiddleware/pike/review-findings.rst

@@ -26,7 +26,7 @@ keystonemiddleware security review findings - 4.17.1/pike
 
 
 1. Security memcache with Pycrypto library
-~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 - Risk: Project documentation recommends use of the pycrypto library to secure
   memcache. Pycrypto is no longer maintained [0] with a last release made in

doc/source/conf.py

@@ -23,7 +23,7 @@ sys.path.insert(0, os.path.abspath('../..'))
 extensions = [
     'sphinx.ext.autodoc',
     #'sphinx.ext.intersphinx',
-    'oslosphinx'
+    'openstackdocstheme'
 ]
 
 # autodoc generation is a bit aggressive and a nuisance when doing heavy
@@ -40,6 +40,11 @@ master_doc = 'index'
 project = u'security-analysis'
 copyright = u'2013, OpenStack Foundation'
 
+# openstackdocstheme options
+openstackdocs_repo_name = 'openstack/security-analysis'
+openstackdocs_bug_project = 'openstack-ossg'
+openstackdocs_bug_tag = ''
+
 # If true, '()' will be appended to :func: etc. cross-reference text.
 add_function_parentheses = True
 
@@ -48,7 +53,7 @@ add_function_parentheses = True
 add_module_names = True
 
 # The name of the Pygments (syntax highlighting) style to use.
-pygments_style = 'sphinx'
+pygments_style = 'native'
 
 # -- Options for HTML output --------------------------------------------------
 
@@ -57,6 +62,7 @@ pygments_style = 'sphinx'
 # html_theme_path = ["."]
 # html_theme = '_theme'
 # html_static_path = ['static']
+html_theme = 'openstackdocs'
 
 # Output file base name for HTML help builder.
 htmlhelp_basename = '%sdoc' % project

doc/source/index.rst

@@ -42,6 +42,14 @@ Barbican (Newton)
    artifacts/barbican/newton/architecture-page.rst
    artifacts/barbican/newton/review-findings.rst
 
+Keystonemiddleware (Pike)
+-------------------------
+.. toctree::
+   :maxdepth: 1
+
+   artifacts/keystonemiddleware/pike/architecture-page.rst
+   artifacts/keystonemiddleware/pike/review-findings.rst
+
 
 Indices and tables
 ==================

setup.cfg

@@ -22,31 +22,3 @@ classifier =
 [files]
 packages =
     security-analysis
-
-[build_sphinx]
-source-dir = doc/source
-build-dir = doc/build
-all_files = 1
-
-[upload_sphinx]
-upload-dir = doc/build/html
-
-[compile_catalog]
-directory = security-analysis/locale
-domain = security-analysis
-
-[update_catalog]
-domain = security-analysis
-output_dir = security-analysis/locale
-input_file = security-analysis/locale/security-analysis.pot
-
-[extract_messages]
-keywords = _ gettext ngettext l_ lazy_gettext
-mapping_file = babel.cfg
-output_file = security-analysis/locale/security-analysis.pot
-
-[pbr]
-# Treat sphinx warnings as errors during the docs build; this helps us keep
-# the documentation clean.
-warnerrors = true
-

test-requirements.txt

@@ -2,5 +2,5 @@
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.
 
-sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2
-oslosphinx>=2.5.0 # Apache-2.0
+sphinx>=2.0.0,!=2.1.0 # BSD
+openstackdocstheme>=2.2.1 # Apache-2.0

tox.ini

@@ -4,22 +4,19 @@ envlist = docs
 skipsdist = True
 
 [testenv]
+basepython = python3
 usedevelop = True
-install_command = pip install -U {opts} {packages}
 setenv =
    VIRTUAL_ENV={envdir}
 deps = -r{toxinidir}/test-requirements.txt
 
 [testenv:venv]
-basepython = python3
 commands = {posargs}
 
 [testenv:docs]
-basepython = python3
-commands = python setup.py build_sphinx
+commands = sphinx-build -W -b html -d doc/build/doctrees doc/source doc/build/html
 
 [testenv:bindep]
-basepython = python3
 # Do not install any requirements. We want this to be fast and work even if
 # system dependencies are missing, since it's used to tell you what system
 # dependencies are missing! This also means that bindep must be installed