Hello community, here is the log from the commit of package python-castellan for openSUSE:Factory checked in at 2017-02-21 13:39:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-castellan (Old) and /work/SRC/openSUSE:Factory/.python-castellan.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-castellan" Changes: -------- --- /work/SRC/openSUSE:Factory/python-castellan/python-castellan.changes 2016-10-13 11:28:49.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.python-castellan.new/python-castellan.changes 2017-02-21 13:39:59.415973857 +0100 @@ -1,0 +2,39 @@ +Fri Feb 10 15:37:48 UTC 2017 - [email protected] + +- update to version 0.5.0: + - Cleanup created secrets after functional test + - Remove tempest plugin from Castellan + - Cookiecutter commit for Security Tempest plugin + - Add Python 3.5 classifier and venv for castellan + - Add keystoneauth to requirements.txt + - H803 hacking has been removed + - Remove default=None when set value in Config + - Add a bandit environment to tox + - Remove discover from test-requirements + - Update docs for reading conf files + - Update doc + - Show team and repo badges on README + - Support upper-constraints in tox.ini + - Enable coverage report in console output + - Correct castellan reraising of exception + - Use international logging message + - Use keystoneauth1 instead of keystoneclient + - Update .gitignore + - Update flake8 ignore list + - MockKeyManager create_key change key_length to length + - Use generic keystoneauth plugin identity interfaces + - remove obsolete oslo incubator code + - Add prefix "$" for command examples + - Refactor Barbican Key Manager Tests + - Remove unused requirements + - Modify the home-page info + - Updated from global requirements + - Making sensitive parameters secret to avoid logging + - Add Barbicanclient dependancy + +------------------------------------------------------------------- +Tue Nov 22 06:24:36 UTC 2016 - [email protected] + +- Switch to stable/newton + +------------------------------------------------------------------- Old: ---- castellan-0.4.0.tar.gz New: ---- castellan-0.5.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-castellan.spec ++++++ --- /var/tmp/diff_new_pack.WOpH4W/_old 2017-02-21 13:39:59.975894868 +0100 +++ /var/tmp/diff_new_pack.WOpH4W/_new 2017-02-21 13:39:59.975894868 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-castellan # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,19 +18,18 @@ %global sname castellan Name: python-castellan -Version: 0.4.0 +Version: 0.5.0 Release: 0 Summary: Generic Key Manager interface for OpenStack License: Apache-2.0 -Group: Developement/Languages/Python +Group: Development/Languages/Python Url: http://launchpad.net/castellan Source0: https://pypi.io/packages/source/c/%{sname}/%{sname}-%{version}.tar.gz BuildRequires: openstack-macros BuildRequires: python-barbicanclient >= 4.0.0 -BuildRequires: python-coverage >= 3.6 BuildRequires: python-cryptography >= 1.0 BuildRequires: python-oslo.config >= 3.14.0 -BuildRequires: python-oslo.log >= 1.14.0 +BuildRequires: python-oslo.log >= 3.11.0 BuildRequires: python-oslotest >= 1.10.0 BuildRequires: python-python-subunit >= 0.0.18 BuildRequires: python-setuptools >= 16.0 @@ -40,11 +39,11 @@ Requires: python-Babel >= 2.3.4 Requires: python-cryptography >= 1.0 Requires: python-oslo.config >= 3.14.0 -Requires: python-oslo.context >= 2.6.0 -Requires: python-oslo.log >= 1.14.0 -Requires: python-oslo.policy >= 1.9.0 +Requires: python-oslo.context >= 2.9.0 +Requires: python-oslo.log >= 3.11.0 +Requires: python-oslo.policy >= 1.17.0 Requires: python-oslo.serialization >= 1.10.0 -Requires: python-oslo.utils >= 3.16.0 +Requires: python-oslo.utils >= 3.18.0 BuildArch: noarch %description @@ -54,14 +53,15 @@ Summary: Documentation for castellan Group: Documentation BuildRequires: python-Sphinx -BuildRequires: python-oslosphinx >= 2.5.0 +BuildRequires: python-oslosphinx >= 4.7.0 %description doc Castellan is a generic Key Manager interface for OpenStack. This package contains the documentation %prep -%setup -q -n %{sname}-%{version} +%autosetup -n %{sname}-%{version} +%py_req_cleanup %build %py2_build ++++++ _service ++++++ --- /var/tmp/diff_new_pack.WOpH4W/_old 2017-02-21 13:40:00.007890354 +0100 +++ /var/tmp/diff_new_pack.WOpH4W/_new 2017-02-21 13:40:00.007890354 +0100 @@ -1,13 +1,12 @@ <services> <service mode="disabled" name="renderspec"> - <param name="input-template">https://raw.githubusercontent.com/openstack/rpm-packaging/master/openstack/castellan/castellan.spec.j2</param> + <param name="input-template">https://raw.githubusercontent.com/openstack/rpm-packaging/stable/ocata/openstack/castellan/castellan.spec.j2</param> <param name="output-name">python-castellan.spec</param> - <param name="requirements">https://raw.githubusercontent.com/openstack/rpm-packaging/master/global-requirements.txt</param> + <param name="requirements">https://raw.githubusercontent.com/openstack/rpm-packaging/stable/ocata/global-requirements.txt</param> + <param name="changelog-email">[email protected]</param> + <param name="changelog-provider">gh,openstack,castellan</param> </service> <service mode="disabled" name="download_files"> - <param name="changesgenerate">enable</param> - </service> - <service name="refresh_patches" mode="disabled"> - <param name="changesgenerate">enable</param> </service> + <service name="format_spec_file" mode="disabled"/> </services> ++++++ castellan-0.4.0.tar.gz -> castellan-0.5.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/.coveragerc new/castellan-0.5.0/.coveragerc --- old/castellan-0.4.0/.coveragerc 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/.coveragerc 2017-01-16 13:37:48.000000000 +0100 @@ -1,7 +1,7 @@ [run] branch = True source = castellan -omit = castellan/tests/*,castellan/openstack/* +omit = castellan/tests/* [report] ignore_errors = True diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/AUTHORS new/castellan-0.5.0/AUTHORS --- old/castellan-0.4.0/AUTHORS 2016-03-02 22:44:38.000000000 +0100 +++ new/castellan-0.5.0/AUTHORS 2017-01-16 13:40:36.000000000 +0100 @@ -1,20 +1,36 @@ Brianna Poulos <[email protected]> Brianna Poulos <[email protected]> +Chris Solis <[email protected]> Christopher Solis <[email protected]> Dave McCowan <[email protected]> Doug Hellmann <[email protected]> Douglas Mendizábal <[email protected]> Fernando Diaz <[email protected]> +Flavio Percoco <[email protected]> +Jamie Lennox <[email protected]> +Jeremy Liu <[email protected]> Jeremy Stanley <[email protected]> +Jiong Liu <[email protected]> Joel Coffman <[email protected]> +Juan Antonio Osorio Robles <[email protected]> Juan Antonio Osorio Robles <[email protected]> Kaitlin Farr <[email protected]> Michael McCune <[email protected]> Monty Taylor <[email protected]> +Niall Bunting <[email protected]> +Robert Clark <[email protected]> +Steve Martinelli <[email protected]> Sungjin Yook <[email protected]> +Swapnil Kulkarni (coolsvap) <[email protected]> Tim Kelsey <[email protected]> Tom Cocozzello <[email protected]> +Yushiro FURUKAWA <[email protected]> Zhao Lei <[email protected]> +dane-fichter <[email protected]> +gecong1973 <[email protected]> +gengchc2 <[email protected]> +liujiong <[email protected]> sonu.kumar <[email protected]> ting.wang <[email protected]> +xhzhf <[email protected]> “Fernando <[email protected]> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/ChangeLog new/castellan-0.5.0/ChangeLog --- old/castellan-0.4.0/ChangeLog 2016-03-02 22:44:38.000000000 +0100 +++ new/castellan-0.5.0/ChangeLog 2017-01-16 13:40:36.000000000 +0100 @@ -1,6 +1,53 @@ CHANGES ======= +0.5.0 +----- + +* Updated from global requirements +* Update doc +* Enable coverage report in console output +* H803 hacking has been removed +* Use generic keystoneauth plugin identity interfaces +* Remove tempest plugin from Castellan +* Show team and repo badges on README +* Add keystoneauth to requirements.txt +* Updated from global requirements +* Cookiecutter commit for Security Tempest plugin +* remove obsolete oslo incubator code +* Cleanup created secrets after functional test +* Updated from global requirements +* Updated from global requirements +* Updated from global requirements +* Update .gitignore +* Updated from global requirements +* Support upper-constraints in tox.ini +* Update .gitignore +* Remove default=None when set value in Config +* Add prefix "$" for command examples +* Update flake8 ignore list +* Remove discover from test-requirements +* Use international logging message +* Add Python 3.5 classifier and venv for castellan +* Correct castellan reraising of exception +* Remove unused requirements +* Modify the home-page info +* Use international logging message +* Add Barbicanclient dependancy +* Updated from global requirements +* Remove discover from test-requirements +* Updated from global requirements +* Use keystoneauth1 instead of keystoneclient +* Updated from global requirements +* Add a bandit environment to tox +* Making sensitive parameters secret to avoid logging +* Updated from global requirements +* Updated from global requirements +* Updated from global requirements +* MockKeyManager create_key change key_length to length +* Refactor Barbican Key Manager Tests +* Update docs for reading conf files + 0.4.0 ----- diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/PKG-INFO new/castellan-0.5.0/PKG-INFO --- old/castellan-0.4.0/PKG-INFO 2016-03-02 22:44:39.000000000 +0100 +++ new/castellan-0.5.0/PKG-INFO 2017-01-16 13:40:37.000000000 +0100 @@ -1,12 +1,21 @@ Metadata-Version: 1.1 Name: castellan -Version: 0.4.0 +Version: 0.5.0 Summary: Generic Key Manager interface for OpenStack -Home-page: http://www.openstack.org/ +Home-page: http://docs.openstack.org/developer/castellan/ Author: OpenStack Author-email: [email protected] License: UNKNOWN -Description: ========= +Description: ======================== + Team and repository tags + ======================== + + .. image:: http://governance.openstack.org/badges/castellan.svg + :target: http://governance.openstack.org/reference/tags/index.html + + .. Change things from this point on + + ========= Castellan ========= @@ -29,3 +38,4 @@ Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 Classifier: Programming Language :: Python :: 3.4 +Classifier: Programming Language :: Python :: 3.5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/README.rst new/castellan-0.5.0/README.rst --- old/castellan-0.4.0/README.rst 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/README.rst 2017-01-16 13:37:48.000000000 +0100 @@ -1,3 +1,12 @@ +======================== +Team and repository tags +======================== + +.. image:: http://governance.openstack.org/badges/castellan.svg + :target: http://governance.openstack.org/reference/tags/index.html + +.. Change things from this point on + ========= Castellan ========= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/common/exception.py new/castellan-0.5.0/castellan/common/exception.py --- old/castellan-0.4.0/castellan/common/exception.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/common/exception.py 2017-01-16 13:37:48.000000000 +0100 @@ -19,7 +19,7 @@ import six.moves.urllib.parse as urlparse -from castellan.openstack.common import _i18n as u +from castellan.i18n import _ _FATAL_EXCEPTION_FORMAT_ERRORS = False @@ -36,16 +36,16 @@ a 'message' property. That message will get printf'd with the keyword arguments provided to the constructor. """ - message = u._("An unknown exception occurred") + message = _("An unknown exception occurred") def __init__(self, message_arg=None, *args, **kwargs): if not message_arg: message_arg = self.message try: self.message = message_arg % kwargs - except Exception as e: + except Exception: if _FATAL_EXCEPTION_FORMAT_ERRORS: - raise e + raise else: # at least get the core message out if something happened pass @@ -53,22 +53,22 @@ class Forbidden(CastellanException): - message = u._("You are not authorized to complete this action.") + message = _("You are not authorized to complete this action.") class KeyManagerError(CastellanException): - message = u._("Key manager error: %(reason)s") + message = _("Key manager error: %(reason)s") class ManagedObjectNotFoundError(CastellanException): - message = u._("Key not found, uuid: %(uuid)s") + message = _("Key not found, uuid: %(uuid)s") class AuthTypeInvalidError(CastellanException): - message = u._("Invalid auth_type was specified, auth_type: %(type)s") + message = _("Invalid auth_type was specified, auth_type: %(type)s") class InsufficientCredentialDataError(CastellanException): - message = u._("Insufficient credential data was provided, either " - "\"token\" must be set in the passed conf, or a context " - "with an \"auth_token\" property must be passed.") + message = _("Insufficient credential data was provided, either " + "\"token\" must be set in the passed conf, or a context " + "with an \"auth_token\" property must be passed.") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/common/utils.py new/castellan-0.5.0/castellan/common/utils.py --- old/castellan-0.4.0/castellan/common/utils.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/common/utils.py 2017-01-16 13:37:48.000000000 +0100 @@ -21,6 +21,7 @@ from castellan.common.credentials import password from castellan.common.credentials import token from castellan.common import exception +from castellan.i18n import _LE from oslo_config import cfg from oslo_log import log as logging @@ -30,55 +31,55 @@ credential_opts = [ # auth_type opt - cfg.StrOpt('auth_type', default=None, + cfg.StrOpt('auth_type', help="The type of authentication credential to create. " "Possible values are 'token', 'password', 'keystone_token', " "and 'keystone_password'. Required if no context is passed to " "the credential factory."), # token opt - cfg.StrOpt('token', default=None, + cfg.StrOpt('token', secret=True, help="Token for authentication. Required for 'token' and " "'keystone_token' auth_type if no context is passed to the " "credential factory."), # password opts - cfg.StrOpt('username', default=None, + cfg.StrOpt('username', help="Username for authentication. Required for 'password' " "auth_type. Optional for the 'keystone_password' auth_type."), - cfg.StrOpt('password', default=None, + cfg.StrOpt('password', secret=True, help="Password for authentication. Required for 'password' and " "'keystone_password' auth_type."), # keystone credential opts - cfg.StrOpt('user_id', default=None, + cfg.StrOpt('user_id', help="User ID for authentication. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('user_domain_id', default=None, + cfg.StrOpt('user_domain_id', help="User's domain ID for authentication. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('user_domain_name', default=None, + cfg.StrOpt('user_domain_name', help="User's domain name for authentication. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('trust_id', default=None, + cfg.StrOpt('trust_id', help="Trust ID for trust scoping. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('domain_id', default=None, + cfg.StrOpt('domain_id', help="Domain ID for domain scoping. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('domain_name', default=None, + cfg.StrOpt('domain_name', help="Domain name for domain scoping. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('project_id', default=None, + cfg.StrOpt('project_id', help="Project ID for project scoping. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('project_name', default=None, + cfg.StrOpt('project_name', help="Project name for project scoping. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('project_domain_id', default=None, + cfg.StrOpt('project_domain_id', help="Project's domain ID for project. Optional for " "'keystone_token' and 'keystone_password' auth_type."), - cfg.StrOpt('project_domain_name', default=None, + cfg.StrOpt('project_domain_name', help="Project's domain name for project. Optional for " "'keystone_token' and 'keystone_password' auth_type."), cfg.BoolOpt('reauthenticate', default=True, @@ -163,7 +164,7 @@ reauthenticate=conf.key_manager.reauthenticate) else: - LOG.error("Invalid auth_type specified.") + LOG.error(_LE("Invalid auth_type specified.")) raise exception.AuthTypeInvalidError( type=conf.key_manager.auth_type) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/i18n.py new/castellan-0.5.0/castellan/i18n.py --- old/castellan-0.4.0/castellan/i18n.py 1970-01-01 01:00:00.000000000 +0100 +++ new/castellan-0.5.0/castellan/i18n.py 2017-01-16 13:37:48.000000000 +0100 @@ -0,0 +1,37 @@ +# Copyright 2014 IBM Corp. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +"""oslo.i18n integration module. + +See http://docs.openstack.org/developer/oslo.i18n/usage.html . + +""" + +import oslo_i18n + + +_translators = oslo_i18n.TranslatorFactory(domain='castellan') + +# The primary translation function using the well-known name "_" +_ = _translators.primary + +# Translators for log levels. +# +# The abbreviated names are meant to reflect the usual use of a short +# name like '_'. The "L" is for "log" and the other letter comes from +# the level. +_LI = _translators.log_info +_LW = _translators.log_warning +_LE = _translators.log_error +_LC = _translators.log_critical diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/key_manager/barbican_key_manager.py new/castellan-0.5.0/castellan/key_manager/barbican_key_manager.py --- old/castellan-0.4.0/castellan/key_manager/barbican_key_manager.py 2016-03-02 22:44:13.000000000 +0100 +++ new/castellan-0.5.0/castellan/key_manager/barbican_key_manager.py 2017-01-16 13:37:48.000000000 +0100 @@ -22,8 +22,9 @@ from cryptography.hazmat import backends from cryptography.hazmat.primitives import serialization from cryptography import x509 as cryptography_x509 -from keystoneclient.auth import identity -from keystoneclient import session +from keystoneauth1 import identity +from keystoneauth1 import loading +from keystoneauth1 import session from oslo_config import cfg from oslo_log import log as logging from oslo_utils import excutils @@ -37,7 +38,7 @@ from castellan.common.objects import symmetric_key as sym_key from castellan.common.objects import x_509 from castellan.key_manager import key_manager -from castellan.openstack.common import _i18n as u +from castellan.i18n import _, _LE, _LI from barbicanclient import client as barbican_client from barbicanclient import exceptions as barbican_exceptions @@ -85,7 +86,7 @@ self._base_url = None self.conf = configuration self.conf.register_opts(barbican_opts, group=BARBICAN_OPT_GROUP) - session.Session.register_conf_options(self.conf, BARBICAN_OPT_GROUP) + loading.register_session_conf_options(self.conf, BARBICAN_OPT_GROUP) def _get_barbican_client(self, context): """Creates a client to connect to the Barbican service. @@ -99,7 +100,7 @@ # Confirm context is provided, if not raise forbidden if not context: - msg = u._("User is not authorized to use key manager.") + msg = _LE("User is not authorized to use key manager.") LOG.error(msg) raise exception.Forbidden(msg) @@ -117,7 +118,7 @@ self._current_context = context except Exception as e: - LOG.error(u._LE("Error creating Barbican client: %s"), e) + LOG.error(_LE("Error creating Barbican client: %s"), e) raise exception.KeyManagerError(reason=e) self._base_url = self._create_base_url(auth, @@ -130,7 +131,7 @@ auth_url = self.conf.barbican.auth_endpoint if context.__class__.__name__ is 'KeystonePassword': - return identity.v3.Password( + return identity.Password( auth_url=auth_url, username=context.username, password=context.password, @@ -146,7 +147,7 @@ project_domain_name=context.project_domain_name, reauthenticate=context.reauthenticate) elif context.__class__.__name__ is 'KeystoneToken': - return identity.v3.Token( + return identity.Token( auth_url=auth_url, token=context.token, trust_id=context.trust_id, @@ -160,13 +161,13 @@ # this will be kept for oslo.context compatibility until # projects begin to use utils.credential_factory elif context.__class__.__name__ is 'RequestContext': - return identity.v3.Token( + return identity.Token( auth_url=auth_url, token=context.auth_token, project_id=context.tenant) else: - msg = "context must be of type KeystonePassword, KeystoneToken, " - "or RequestContext." + msg = _LE("context must be of type KeystonePassword, " + "KeystoneToken, or RequestContext.") LOG.error(msg) raise exception.Forbidden(reason=msg) @@ -186,7 +187,7 @@ discovery = auth.get_discovery(sess, url=endpoint) raw_data = discovery.raw_version_data() if len(raw_data) == 0: - msg = u._LE( + msg = _LE( "Could not find discovery information for %s") % endpoint LOG.error(msg) raise exception.KeyManagerError(reason=msg) @@ -224,7 +225,7 @@ except (barbican_exceptions.HTTPAuthError, barbican_exceptions.HTTPClientError, barbican_exceptions.HTTPServerError) as e: - LOG.error(u._LE("Error creating key: %s"), e) + LOG.error(_LE("Error creating key: %s"), e) raise exception.KeyManagerError(reason=e) def create_key_pair(self, context, algorithm, length, @@ -262,7 +263,7 @@ except (barbican_exceptions.HTTPAuthError, barbican_exceptions.HTTPClientError, barbican_exceptions.HTTPServerError) as e: - LOG.error(u._LE("Error creating key pair: %s"), e) + LOG.error(_LE("Error creating key pair: %s"), e) raise exception.KeyManagerError(reason=e) def _get_barbican_object(self, barbican_client, managed_object): @@ -341,7 +342,7 @@ except (barbican_exceptions.HTTPAuthError, barbican_exceptions.HTTPClientError, barbican_exceptions.HTTPServerError) as e: - LOG.error(u._LE("Error storing object: %s"), e) + LOG.error(_LE("Error storing object: %s"), e) raise exception.KeyManagerError(reason=e) def _create_secret_ref(self, object_id): @@ -351,7 +352,7 @@ :return: the URL of the requested secret """ if not object_id: - msg = "Key ID is None" + msg = _("Key ID is None") raise exception.KeyManagerError(reason=msg) base_url = self._base_url if base_url[-1] != '/': @@ -375,8 +376,8 @@ kwargs = {"status": error_status, "code": order.error_status_code, "reason": order.error_reason} - msg = u._LE("Order is in %(status)s status - status code: " - "%(code)s, status reason: %(reason)s") % kwargs + msg = _LE("Order is in %(status)s status - status code: " + "%(code)s, status reason: %(reason)s") % kwargs LOG.error(msg) raise exception.KeyManagerError(reason=msg) if order.status != active_status: @@ -385,17 +386,17 @@ 'status': order.status, 'active': active_status, 'delay': retry_delay} - msg = u._LI("Retry attempt #%(attempt)i out of %(total)i: " - "Order status is '%(status)s'. Waiting for " - "'%(active)s', will retry in %(delay)s " - "seconds") + msg = _LI("Retry attempt #%(attempt)i out of %(total)i: " + "Order status is '%(status)s'. Waiting for " + "'%(active)s', will retry in %(delay)s " + "seconds") LOG.info(msg, kwargs) time.sleep(retry_delay) order = barbican_client.orders.get(order_ref) else: return order - msg = u._LE("Exceeded retries: Failed to find '%(active)s' status " - "within %(num_retries)i retries") % { + msg = _LE("Exceeded retries: Failed to find '%(active)s' status " + "within %(num_retries)i retries") % { 'active': active_status, 'num_retries': number_of_retries} LOG.error(msg) @@ -499,7 +500,7 @@ barbican_exceptions.HTTPClientError, barbican_exceptions.HTTPServerError) as e: with excutils.save_and_reraise_exception(): - LOG.error(u._LE("Error getting secret metadata: %s"), e) + LOG.error(_LE("Error getting secret metadata: %s"), e) def _is_secret_not_found_error(self, error): if (isinstance(error, barbican_exceptions.HTTPClientError) and @@ -526,7 +527,7 @@ except (barbican_exceptions.HTTPAuthError, barbican_exceptions.HTTPClientError, barbican_exceptions.HTTPServerError) as e: - LOG.error(u._LE("Error retrieving object: %s"), e) + LOG.error(_LE("Error retrieving object: %s"), e) if self._is_secret_not_found_error(e): raise exception.ManagedObjectNotFoundError( uuid=managed_object_id) @@ -550,7 +551,7 @@ except (barbican_exceptions.HTTPAuthError, barbican_exceptions.HTTPClientError, barbican_exceptions.HTTPServerError) as e: - LOG.error(u._LE("Error deleting object: %s"), e) + LOG.error(_LE("Error deleting object: %s"), e) if self._is_secret_not_found_error(e): raise exception.ManagedObjectNotFoundError( uuid=managed_object_id) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/openstack/common/_i18n.py new/castellan-0.5.0/castellan/openstack/common/_i18n.py --- old/castellan-0.4.0/castellan/openstack/common/_i18n.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/openstack/common/_i18n.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,45 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -"""oslo.i18n integration module. - -See http://docs.openstack.org/developer/oslo.i18n/usage.html - -""" - -try: - import oslo_i18n - - # NOTE(dhellmann): This reference to o-s-l-o will be replaced by the - # application name when this module is synced into the separate - # repository. It is OK to have more than one translation function - # using the same domain, since there will still only be one message - # catalog. - _translators = oslo_i18n.TranslatorFactory(domain='castellan') - - # The primary translation function using the well-known name "_" - _ = _translators.primary - - # Translators for log levels. - # - # The abbreviated names are meant to reflect the usual use of a short - # name like '_'. The "L" is for "log" and the other letter comes from - # the level. - _LI = _translators.log_info - _LW = _translators.log_warning - _LE = _translators.log_error - _LC = _translators.log_critical -except ImportError: - # NOTE(dims): Support for cases where a project wants to use - # code from oslo-incubator, but is not ready to be internationalized - # (like tempest) - _ = _LI = _LW = _LE = _LC = lambda x: x diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/openstack/common/fileutils.py new/castellan-0.5.0/castellan/openstack/common/fileutils.py --- old/castellan-0.4.0/castellan/openstack/common/fileutils.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/openstack/common/fileutils.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,149 +0,0 @@ -# Copyright 2011 OpenStack Foundation. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -import contextlib -import errno -import logging -import os -import stat -import tempfile - -from oslo_utils import excutils - -LOG = logging.getLogger(__name__) - -_FILE_CACHE = {} -DEFAULT_MODE = stat.S_IRWXU | stat.S_IRWXG | stat.S_IRWXO - - -def ensure_tree(path, mode=DEFAULT_MODE): - """Create a directory (and any ancestor directories required) - - :param path: Directory to create - :param mode: Directory creation permissions - """ - try: - os.makedirs(path, mode) - except OSError as exc: - if exc.errno == errno.EEXIST: - if not os.path.isdir(path): - raise - else: - raise - - -def read_cached_file(filename, force_reload=False): - """Read from a file if it has been modified. - - :param force_reload: Whether to reload the file. - :returns: A tuple with a boolean specifying if the data is fresh - or not. - """ - global _FILE_CACHE - - if force_reload: - delete_cached_file(filename) - - reloaded = False - mtime = os.path.getmtime(filename) - cache_info = _FILE_CACHE.setdefault(filename, {}) - - if not cache_info or mtime > cache_info.get('mtime', 0): - LOG.debug("Reloading cached file %s" % filename) - with open(filename) as fap: - cache_info['data'] = fap.read() - cache_info['mtime'] = mtime - reloaded = True - return (reloaded, cache_info['data']) - - -def delete_cached_file(filename): - """Delete cached file if present. - - :param filename: filename to delete - """ - global _FILE_CACHE - - if filename in _FILE_CACHE: - del _FILE_CACHE[filename] - - -def delete_if_exists(path, remove=os.unlink): - """Delete a file, but ignore file not found error. - - :param path: File to delete - :param remove: Optional function to remove passed path - """ - - try: - remove(path) - except OSError as e: - if e.errno != errno.ENOENT: - raise - - [email protected] -def remove_path_on_error(path, remove=delete_if_exists): - """Protect code that wants to operate on PATH atomically. - Any exception will cause PATH to be removed. - - :param path: File to work with - :param remove: Optional function to remove passed path - """ - - try: - yield - except Exception: - with excutils.save_and_reraise_exception(): - remove(path) - - -def file_open(*args, **kwargs): - """Open file - - see built-in open() documentation for more details - - Note: The reason this is kept in a separate module is to easily - be able to provide a stub module that doesn't alter system - state at all (for unit tests) - """ - return open(*args, **kwargs) - - -def write_to_tempfile(content, path=None, suffix='', prefix='tmp'): - """Create temporary file or use existing file. - - This util is needed for creating temporary file with - specified content, suffix and prefix. If path is not None, - it will be used for writing content. If the path doesn't - exist it'll be created. - - :param content: content for temporary file. - :param path: same as parameter 'dir' for mkstemp - :param suffix: same as parameter 'suffix' for mkstemp - :param prefix: same as parameter 'prefix' for mkstemp - - For example: it can be used in database tests for creating - configuration files. - """ - if path: - ensure_tree(path) - - (fd, path) = tempfile.mkstemp(suffix=suffix, dir=path, prefix=prefix) - try: - os.write(fd, content) - finally: - os.close(fd) - return path diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/openstack/common/local.py new/castellan-0.5.0/castellan/openstack/common/local.py --- old/castellan-0.4.0/castellan/openstack/common/local.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/openstack/common/local.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,45 +0,0 @@ -# Copyright 2011 OpenStack Foundation. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -"""Local storage of variables using weak references""" - -import threading -import weakref - - -class WeakLocal(threading.local): - def __getattribute__(self, attr): - rval = super(WeakLocal, self).__getattribute__(attr) - if rval: - # NOTE(mikal): this bit is confusing. What is stored is a weak - # reference, not the value itself. We therefore need to lookup - # the weak reference and return the inner value here. - rval = rval() - return rval - - def __setattr__(self, attr, value): - value = weakref.ref(value) - return super(WeakLocal, self).__setattr__(attr, value) - - -# NOTE(mikal): the name "store" should be deprecated in the future -store = WeakLocal() - -# A "weak" store uses weak references and allows an object to fall out of scope -# when it falls out of scope in the code that uses the thread local storage. A -# "strong" store will hold a reference to the object so that it never falls out -# of scope. -weak_store = WeakLocal() -strong_store = threading.local() diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/tests/functional/key_manager/test_barbican_key_manager.py new/castellan-0.5.0/castellan/tests/functional/key_manager/test_barbican_key_manager.py --- old/castellan-0.4.0/castellan/tests/functional/key_manager/test_barbican_key_manager.py 2016-03-02 22:44:13.000000000 +0100 +++ new/castellan-0.5.0/castellan/tests/functional/key_manager/test_barbican_key_manager.py 2017-01-16 13:37:48.000000000 +0100 @@ -18,12 +18,11 @@ Note: This requires local running instances of Barbican and Keystone. """ - +import abc import uuid -from keystoneclient.auth.identity import v3 -from keystoneclient import session -from keystoneclient.v3 import client +from keystoneauth1 import identity +from keystoneauth1 import session from oslo_config import cfg from oslo_context import context from oslotest import base @@ -39,35 +38,19 @@ CONF = config.get_config() -class BarbicanKeyManagerTestCase(test_key_manager.KeyManagerTestCase, - base.BaseTestCase): +class BarbicanKeyManagerTestCase(test_key_manager.KeyManagerTestCase): def _create_key_manager(self): return barbican_key_manager.BarbicanKeyManager(cfg.CONF) + @abc.abstractmethod + def get_context(self): + """Retrieves Context for Authentication""" + return + def setUp(self): super(BarbicanKeyManagerTestCase, self).setUp() - username = CONF.identity.username - password = CONF.identity.password - project_name = CONF.identity.project_name - auth_url = CONF.identity.auth_url - user_domain_name = CONF.identity.user_domain_name - project_domain_name = CONF.identity.project_domain_name - - auth = v3.Password(auth_url=auth_url, - username=username, - password=password, - project_name=project_name, - user_domain_name=user_domain_name, - project_domain_name=project_domain_name) - sess = session.Session(auth=auth) - keystone_client = client.Client(session=sess) - - project_list = keystone_client.projects.list(name=project_name) - - self.ctxt = context.RequestContext( - auth_token=auth.auth_ref.auth_token, - tenant=project_list[0].id) + self.ctxt = self.get_context() def tearDown(self): super(BarbicanKeyManagerTestCase, self).tearDown() @@ -99,6 +82,7 @@ def test_get_null_context(self): key_uuid = self._get_valid_object_uuid( test_key_manager._get_test_symmetric_key()) + self.addCleanup(self.key_mgr.delete, self.ctxt, key_uuid) self.assertRaises(exception.Forbidden, self.key_mgr.get, None, key_uuid) @@ -118,84 +102,52 @@ self.key_mgr.store, None, key) -class BarbicanKeyManagerKSPasswordTestCase(test_key_manager.KeyManagerTestCase, - base.BaseTestCase): - - def _create_key_manager(self): - return barbican_key_manager.BarbicanKeyManager(cfg.CONF) +class BarbicanKeyManagerOSLOContextTestCase(BarbicanKeyManagerTestCase, + base.BaseTestCase): - def setUp(self): - super(BarbicanKeyManagerKSPasswordTestCase, self).setUp() + def get_context(self): username = CONF.identity.username password = CONF.identity.password project_name = CONF.identity.project_name + auth_url = CONF.identity.auth_url user_domain_name = CONF.identity.user_domain_name project_domain_name = CONF.identity.project_domain_name - self.ctxt = keystone_password.KeystonePassword( - username=username, - password=password, - project_name=project_name, - user_domain_name=user_domain_name, - project_domain_name=project_domain_name) - - def tearDown(self): - super(BarbicanKeyManagerKSPasswordTestCase, self).tearDown() - - def test_create_null_context(self): - self.assertRaises(exception.Forbidden, - self.key_mgr.create_key, None, 'AES', 256) - - def test_create_key_pair_null_context(self): - self.assertRaises(exception.Forbidden, - self.key_mgr.create_key_pair, None, 'RSA', 2048) - - def test_delete_null_context(self): - key_uuid = self._get_valid_object_uuid( - test_key_manager._get_test_symmetric_key()) - self.addCleanup(self.key_mgr.delete, self.ctxt, key_uuid) - self.assertRaises(exception.Forbidden, - self.key_mgr.delete, None, key_uuid) - - def test_delete_null_object(self): - self.assertRaises(exception.KeyManagerError, - self.key_mgr.delete, self.ctxt, None) + auth = identity.V3Password(auth_url=auth_url, + username=username, + password=password, + project_name=project_name, + user_domain_name=user_domain_name, + project_domain_name=project_domain_name) + sess = session.Session(auth=auth) - def test_delete_unknown_object(self): - unknown_uuid = str(uuid.uuid4()) - self.assertRaises(exception.ManagedObjectNotFoundError, - self.key_mgr.delete, self.ctxt, unknown_uuid) + return context.RequestContext(auth_token=auth.get_token(sess), + tenant=auth.get_project_id(sess)) - def test_get_null_context(self): - key_uuid = self._get_valid_object_uuid( - test_key_manager._get_test_symmetric_key()) - self.assertRaises(exception.Forbidden, - self.key_mgr.get, None, key_uuid) - def test_get_null_object(self): - self.assertRaises(exception.KeyManagerError, - self.key_mgr.get, self.ctxt, None) +class BarbicanKeyManagerKSPasswordTestCase(BarbicanKeyManagerTestCase, + base.BaseTestCase): - def test_get_unknown_key(self): - bad_key_uuid = str(uuid.uuid4()) - self.assertRaises(exception.ManagedObjectNotFoundError, - self.key_mgr.get, self.ctxt, bad_key_uuid) + def get_context(self): + username = CONF.identity.username + password = CONF.identity.password + project_name = CONF.identity.project_name + user_domain_name = CONF.identity.user_domain_name + project_domain_name = CONF.identity.project_domain_name - def test_store_null_context(self): - key = test_key_manager._get_test_symmetric_key() + ctxt = keystone_password.KeystonePassword( + username=username, password=password, + project_name=project_name, + user_domain_name=user_domain_name, + project_domain_name=project_domain_name) - self.assertRaises(exception.Forbidden, - self.key_mgr.store, None, key) + return ctxt -class BarbicanKeyManagerKSTokenTestCase(test_key_manager.KeyManagerTestCase, +class BarbicanKeyManagerKSTokenTestCase(BarbicanKeyManagerTestCase, base.BaseTestCase): - def _create_key_manager(self): - return barbican_key_manager.BarbicanKeyManager(cfg.CONF) - - def setUp(self): - super(BarbicanKeyManagerKSTokenTestCase, self).setUp() + def get_context(self): username = CONF.identity.username password = CONF.identity.password project_name = CONF.identity.project_name @@ -203,65 +155,14 @@ user_domain_name = CONF.identity.user_domain_name project_domain_name = CONF.identity.project_domain_name - auth = v3.Password(auth_url=auth_url, - username=username, - password=password, - project_name=project_name, - user_domain_name=user_domain_name, - project_domain_name=project_domain_name) - sess = session.Session(auth=auth) - keystone_client = client.Client(session=sess) - - project_list = keystone_client.projects.list(name=project_name) - - self.ctxt = keystone_token.KeystoneToken( - token=auth.auth_ref.auth_token, - project_id=project_list[0].id) - - def tearDown(self): - super(BarbicanKeyManagerKSTokenTestCase, self).tearDown() - - def test_create_null_context(self): - self.assertRaises(exception.Forbidden, - self.key_mgr.create_key, None, 'AES', 256) - - def test_create_key_pair_null_context(self): - self.assertRaises(exception.Forbidden, - self.key_mgr.create_key_pair, None, 'RSA', 2048) - - def test_delete_null_context(self): - key_uuid = self._get_valid_object_uuid( - test_key_manager._get_test_symmetric_key()) - self.addCleanup(self.key_mgr.delete, self.ctxt, key_uuid) - self.assertRaises(exception.Forbidden, - self.key_mgr.delete, None, key_uuid) - - def test_delete_null_object(self): - self.assertRaises(exception.KeyManagerError, - self.key_mgr.delete, self.ctxt, None) - - def test_delete_unknown_object(self): - unknown_uuid = str(uuid.uuid4()) - self.assertRaises(exception.ManagedObjectNotFoundError, - self.key_mgr.delete, self.ctxt, unknown_uuid) - - def test_get_null_context(self): - key_uuid = self._get_valid_object_uuid( - test_key_manager._get_test_symmetric_key()) - self.assertRaises(exception.Forbidden, - self.key_mgr.get, None, key_uuid) - - def test_get_null_object(self): - self.assertRaises(exception.KeyManagerError, - self.key_mgr.get, self.ctxt, None) - - def test_get_unknown_key(self): - bad_key_uuid = str(uuid.uuid4()) - self.assertRaises(exception.ManagedObjectNotFoundError, - self.key_mgr.get, self.ctxt, bad_key_uuid) - - def test_store_null_context(self): - key = test_key_manager._get_test_symmetric_key() - - self.assertRaises(exception.Forbidden, - self.key_mgr.store, None, key) + auth = identity.V3Password(auth_url=auth_url, + username=username, + password=password, + project_name=project_name, + user_domain_name=user_domain_name, + project_domain_name=project_domain_name) + sess = session.Session() + + return keystone_token.KeystoneToken( + token=auth.get_token(sess), + project_id=auth.get_project_id(sess)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/tests/unit/key_manager/mock_key_manager.py new/castellan-0.5.0/castellan/tests/unit/key_manager/mock_key_manager.py --- old/castellan-0.4.0/castellan/tests/unit/key_manager/mock_key_manager.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/tests/unit/key_manager/mock_key_manager.py 2017-01-16 13:37:48.000000000 +0100 @@ -67,7 +67,7 @@ def _generate_key(self, **kwargs): name = kwargs.get('name', None) algorithm = kwargs.get('algorithm', 'AES') - key_length = kwargs.get('key_length', 256) + key_length = kwargs.get('length', 256) _hex = self._generate_hex_key(key_length) return sym_key.SymmetricKey( algorithm, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan/tests/unit/key_manager/test_mock_key_manager.py new/castellan-0.5.0/castellan/tests/unit/key_manager/test_mock_key_manager.py --- old/castellan-0.4.0/castellan/tests/unit/key_manager/test_mock_key_manager.py 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/castellan/tests/unit/key_manager/test_mock_key_manager.py 2017-01-16 13:37:48.000000000 +0100 @@ -62,7 +62,7 @@ def test_create_key_with_length(self): for length in [64, 128, 256]: - key_id = self.key_mgr.create_key(self.context, key_length=length) + key_id = self.key_mgr.create_key(self.context, length=length) key = self.key_mgr.get(self.context, key_id) self.assertEqual(length / 8, len(key.get_encoded())) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan.egg-info/PKG-INFO new/castellan-0.5.0/castellan.egg-info/PKG-INFO --- old/castellan-0.4.0/castellan.egg-info/PKG-INFO 2016-03-02 22:44:38.000000000 +0100 +++ new/castellan-0.5.0/castellan.egg-info/PKG-INFO 2017-01-16 13:40:36.000000000 +0100 @@ -1,12 +1,21 @@ Metadata-Version: 1.1 Name: castellan -Version: 0.4.0 +Version: 0.5.0 Summary: Generic Key Manager interface for OpenStack -Home-page: http://www.openstack.org/ +Home-page: http://docs.openstack.org/developer/castellan/ Author: OpenStack Author-email: [email protected] License: UNKNOWN -Description: ========= +Description: ======================== + Team and repository tags + ======================== + + .. image:: http://governance.openstack.org/badges/castellan.svg + :target: http://governance.openstack.org/reference/tags/index.html + + .. Change things from this point on + + ========= Castellan ========= @@ -29,3 +38,4 @@ Classifier: Programming Language :: Python :: 2.7 Classifier: Programming Language :: Python :: 3 Classifier: Programming Language :: Python :: 3.4 +Classifier: Programming Language :: Python :: 3.5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan.egg-info/SOURCES.txt new/castellan-0.5.0/castellan.egg-info/SOURCES.txt --- old/castellan-0.4.0/castellan.egg-info/SOURCES.txt 2016-03-02 22:44:39.000000000 +0100 +++ new/castellan-0.5.0/castellan.egg-info/SOURCES.txt 2017-01-16 13:40:37.000000000 +0100 @@ -8,13 +8,13 @@ LICENSE README.rst babel.cfg -openstack-common.conf requirements.txt setup.cfg setup.py test-requirements.txt tox.ini castellan/__init__.py +castellan/i18n.py castellan/options.py castellan.egg-info/PKG-INFO castellan.egg-info/SOURCES.txt @@ -47,11 +47,6 @@ castellan/key_manager/barbican_key_manager.py castellan/key_manager/key_manager.py castellan/key_manager/not_implemented_key_manager.py -castellan/openstack/__init__.py -castellan/openstack/common/__init__.py -castellan/openstack/common/_i18n.py -castellan/openstack/common/fileutils.py -castellan/openstack/common/local.py castellan/tests/__init__.py castellan/tests/base.py castellan/tests/utils.py @@ -92,4 +87,5 @@ doc/source/testing.rst doc/source/usage.rst etc/castellan/functional-config-generator.conf -etc/castellan/sample-config-generator.conf \ No newline at end of file +etc/castellan/sample-config-generator.conf +tools/tox_install.sh \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan.egg-info/pbr.json new/castellan-0.5.0/castellan.egg-info/pbr.json --- old/castellan-0.4.0/castellan.egg-info/pbr.json 2016-03-02 22:44:38.000000000 +0100 +++ new/castellan-0.5.0/castellan.egg-info/pbr.json 2017-01-16 13:40:36.000000000 +0100 @@ -1 +1 @@ -{"git_version": "abf5584", "is_release": true} \ No newline at end of file +{"git_version": "c83eb19", "is_release": true} \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/castellan.egg-info/requires.txt new/castellan-0.5.0/castellan.egg-info/requires.txt --- old/castellan-0.4.0/castellan.egg-info/requires.txt 2016-03-02 22:44:38.000000000 +0100 +++ new/castellan-0.5.0/castellan.egg-info/requires.txt 2017-01-16 13:40:36.000000000 +0100 @@ -1,9 +1,10 @@ -pbr>=1.6 -Babel>=1.3 -cryptography>=1.0 -oslo.config>=3.7.0 -oslo.context>=0.2.0 -oslo.log>=1.14.0 -oslo.policy>=0.5.0 -oslo.serialization>=1.10.0 -oslo.utils>=3.5.0 +pbr>=1.8 +Babel>=2.3.4 +cryptography!=1.3.0,>=1.0 +python-barbicanclient>=4.0.0 +oslo.config!=3.18.0,>=3.14.0 +oslo.context>=2.9.0 +oslo.i18n>=2.1.0 +oslo.log>=3.11.0 +oslo.utils>=3.18.0 +keystoneauth1>=2.16.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/doc/source/testing.rst new/castellan-0.5.0/doc/source/testing.rst --- old/castellan-0.4.0/doc/source/testing.rst 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/doc/source/testing.rst 2017-01-16 13:37:48.000000000 +0100 @@ -24,12 +24,12 @@ .. code-block:: bash # Executes tests on Python 2.7 - tox -e py27 + $ tox -e py27 .. note:: - Other available environments are py34, py26, and pypy. + Other available environments are py35, py34, pypy and pep8. If you do not have the appropriate Python versions available, consider setting up PyEnv to install multiple versions of Python. See the @@ -53,7 +53,7 @@ .. code-block:: bash # Generate a sample configuration file - tox -e genconfig + $ tox -e genconfig ``castellan/etc/castellan/castellan-functional.conf.sample`` is generated. It must be renamed to ``castellan-functional.conf`` and placed in @@ -77,7 +77,7 @@ .. code-block:: bash # Execute Barbican Functional Tests - tox -e functional + $ tox -e functional By default, the functional tox job will use ``testr`` to execute the @@ -93,7 +93,7 @@ .. code-block:: bash # hit the pdb breakpoint - tox -e debug + $ tox -e debug Once in the Python Debugger, you can use the commands as stated in the `Debugger Commands` section here: https://docs.python.org/2/library/pdb.html @@ -108,6 +108,6 @@ .. code-block:: bash # Checks python code style - tox -e pep8 + $ tox -e pep8 Any comments on bad coding style will output to the terminal. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/doc/source/usage.rst new/castellan-0.5.0/doc/source/usage.rst --- old/castellan-0.4.0/doc/source/usage.rst 2016-03-02 22:44:13.000000000 +0100 +++ new/castellan-0.5.0/doc/source/usage.rst 2017-01-16 13:37:48.000000000 +0100 @@ -52,7 +52,7 @@ .. note:: Keystone Token and Password authentication is achieved using - keystoneclient.auth.identity.v3 Token and Password auth plugins. + keystoneauth1.identity Token and Password auth plugins. There are a variety of different variables which can be set for the keystone credential options. @@ -88,23 +88,23 @@ .. code:: python - from keystoneclient.v3 import client + from keystoneauth1 import identity + from keystoneauth1 import session from oslo_context import context username = 'admin' password = 'openstack' project_name = 'admin' - auth_url = 'http://localhost:5000/v3' - keystone_client = client.Client(username=username, - password=password, - project_name=project_name, - auth_url=auth_url, - project_domain_id='default') + auth_url = 'http://localhost:5000/' + auth = identity.Password(auth_url=auth_url, + username=username, + password=password, + project_name=project_name, + default_domain_id='default') + sess = session.Session() - project_list = keystone_client.projects.list(name=project_name) - - ctxt = context.RequestContext(auth_token=keystone_client.auth_token, - tenant=project_list[0].id) + ctxt = context.RequestContext(auth_token=auth.get_token(sess), + tenant=auth.get_project_id(sess)) ctxt can then be passed into any key_manager api call. @@ -270,14 +270,14 @@ Castellan does not parse the configuration files by default. When you create the files and occupy them, you still need to manipulate the -``oslo_config.cfg.ConfigOpts`` object before passing it to the +``oslo_config.cfg`` object before passing it to the ``castellan.key_manager.API`` object. You can create a list of locations where the configuration files reside. If multiple configuration files are specified, the variables will be used from the most recently parsed file and overwrite any previous variables. In the example below, the configuration file in the ``/etc/castellan`` directory will overwrite the values found in the file in the user's home directory. If a file is not found in one of the -specified locations, then a file not found error will occur. +specified locations, then a config file not found error will occur. **Example. Parsing the config files.** @@ -286,8 +286,9 @@ from oslo_config import cfg from castellan import key_manager - conf = cfg.ConfigOpts() - conf(['~/castellan.conf', '/etc/castellan/castellan.conf']) + conf=cfg.CONF + config_files = ['~/castellan.conf', '/etc/castellan/castellan.conf'] + conf(default_config_files=config_files) manager = key_manager.API(configuration=conf) There are two options for parsing the Castellan values from a diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/openstack-common.conf new/castellan-0.5.0/openstack-common.conf --- old/castellan-0.4.0/openstack-common.conf 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/openstack-common.conf 1970-01-01 01:00:00.000000000 +0100 @@ -1,8 +0,0 @@ -[DEFAULT] - -# The list of modules to copy from oslo-incubator.git -module=log -module=policy - -# The base module to hold the copy of openstack.common -base=castellan diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/requirements.txt new/castellan-0.5.0/requirements.txt --- old/castellan-0.4.0/requirements.txt 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/requirements.txt 2017-01-16 13:37:48.000000000 +0100 @@ -2,12 +2,13 @@ # of appearance. Changing the order has an impact on the overall integration # process, which may cause wedges in the gate later. -pbr>=1.6 # Apache-2.0 -Babel>=1.3 # BSD -cryptography>=1.0 # BSD/Apache-2.0 -oslo.config>=3.7.0 # Apache-2.0 -oslo.context>=0.2.0 # Apache-2.0 -oslo.log>=1.14.0 # Apache-2.0 -oslo.policy>=0.5.0 # Apache-2.0 -oslo.serialization>=1.10.0 # Apache-2.0 -oslo.utils>=3.5.0 # Apache-2.0 +pbr>=1.8 # Apache-2.0 +Babel>=2.3.4 # BSD +cryptography!=1.3.0,>=1.0 # BSD/Apache-2.0 +python-barbicanclient>=4.0.0 # Apache-2.0 +oslo.config!=3.18.0,>=3.14.0 # Apache-2.0 +oslo.context>=2.9.0 # Apache-2.0 +oslo.i18n>=2.1.0 # Apache-2.0 +oslo.log>=3.11.0 # Apache-2.0 +oslo.utils>=3.18.0 # Apache-2.0 +keystoneauth1>=2.16.0 # Apache-2.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/setup.cfg new/castellan-0.5.0/setup.cfg --- old/castellan-0.4.0/setup.cfg 2016-03-02 22:44:39.000000000 +0100 +++ new/castellan-0.5.0/setup.cfg 2017-01-16 13:40:37.000000000 +0100 @@ -5,7 +5,7 @@ README.rst author = OpenStack author-email = [email protected] -home-page = http://www.openstack.org/ +home-page = http://docs.openstack.org/developer/castellan/ classifier = Environment :: OpenStack Intended Audience :: Information Technology @@ -17,6 +17,7 @@ Programming Language :: Python :: 2.7 Programming Language :: Python :: 3 Programming Language :: Python :: 3.4 + Programming Language :: Python :: 3.5 [files] packages = @@ -53,7 +54,6 @@ universal = 1 [egg_info] -tag_svn_revision = 0 tag_build = tag_date = 0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/test-requirements.txt new/castellan-0.5.0/test-requirements.txt --- old/castellan-0.4.0/test-requirements.txt 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/test-requirements.txt 2017-01-16 13:37:48.000000000 +0100 @@ -3,13 +3,13 @@ # process, which may cause wedges in the gate later. hacking<0.11,>=0.10.2 # Apache-2.0 -coverage>=3.6 # Apache-2.0 -discover # BSD -python-barbicanclient>=3.3.0 # Apache-2.0 +coverage>=4.0 # Apache-2.0 +python-barbicanclient>=4.0.0 # Apache-2.0 python-subunit>=0.0.18 # Apache-2.0/BSD -sphinx!=1.2.0,!=1.3b1,<1.3,>=1.1.2 # BSD -oslosphinx!=3.4.0,>=2.5.0 # Apache-2.0 +sphinx!=1.3b1,<1.4,>=1.2.1 # BSD +oslosphinx>=4.7.0 # Apache-2.0 oslotest>=1.10.0 # Apache-2.0 testrepository>=0.0.18 # Apache-2.0/BSD testscenarios>=0.4 # Apache-2.0/BSD testtools>=1.4.0 # MIT +bandit>=1.1.0 # Apache-2.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/tools/tox_install.sh new/castellan-0.5.0/tools/tox_install.sh --- old/castellan-0.4.0/tools/tox_install.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/castellan-0.5.0/tools/tox_install.sh 2017-01-16 13:37:48.000000000 +0100 @@ -0,0 +1,53 @@ +#!/usr/bin/env bash + +# [liujiong] This file is refer to tox_install.sh in neutron-lib. +# Library constraint file contains this library version pin that is in conflict +# with installing the library from source. We should replace the version pin in +# the constraints file before applying it for from-source installation. + +ZUUL_CLONER=/usr/zuul-env/bin/zuul-cloner +BRANCH_NAME=master +LIB_NAME=castellan +requirements_installed=$(echo "import openstack_requirements" | python 2>/dev/null ; echo $?) + +set -e + +CONSTRAINTS_FILE=$1 +shift + +install_cmd="pip install" +mydir=$(mktemp -dt "$LIB_NAME-tox_install-XXXXXXX") +trap "rm -rf $mydir" EXIT +localfile=$mydir/upper-constraints.txt +if [[ $CONSTRAINTS_FILE != http* ]]; then + CONSTRAINTS_FILE=file://$CONSTRAINTS_FILE +fi +curl $CONSTRAINTS_FILE -k -o $localfile +install_cmd="$install_cmd -c$localfile" + +if [ $requirements_installed -eq 0 ]; then + echo "Requirements already installed; using existing package" +elif [ -x "$ZUUL_CLONER" ]; then + pushd $mydir + $ZUUL_CLONER --cache-dir \ + /opt/git \ + --branch $BRANCH_NAME \ + git://git.openstack.org \ + openstack/requirements + cd openstack/requirements + $install_cmd -e . + popd +else + if [ -z "$REQUIREMENTS_PIP_LOCATION" ]; then + REQUIREMENTS_PIP_LOCATION="git+https://git.openstack.org/openstack/requirements@$BRANCH_NAME#egg=requirements"; + fi + $install_cmd -U -e ${REQUIREMENTS_PIP_LOCATION} +fi + +# This is the main purpose of the script: Allow local installation of +# the current repo. It is listed in constraints file and thus any +# install will be constrained and we need to unconstrain it. +edit-constraints $localfile -- $LIB_NAME "-e file://$PWD#egg=$LIB_NAME" + +$install_cmd -U $* +exit $? diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/castellan-0.4.0/tox.ini new/castellan-0.5.0/tox.ini --- old/castellan-0.4.0/tox.ini 2016-03-02 22:44:11.000000000 +0100 +++ new/castellan-0.5.0/tox.ini 2017-01-16 13:37:48.000000000 +0100 @@ -1,11 +1,11 @@ [tox] minversion = 1.6 -envlist = py34,py27,pypy,pep8 +envlist = py35,py34,py27,pypy,pep8 skipsdist = True [testenv] usedevelop = True -install_command = pip install -U {opts} {packages} +install_command = {toxinidir}/tools/tox_install.sh {env:UPPER_CONSTRAINTS_FILE:https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt} {opts} {packages} setenv = VIRTUAL_ENV={envdir} OS_TEST_PATH=./castellan/tests/unit @@ -14,7 +14,21 @@ commands = python setup.py testr --slowest --testr-args='{posargs}' [testenv:pep8] -commands = flake8 +commands = + flake8 + bandit -r castellan -x tests -s B105,B106,B107,B607 + +[testenv:bandit] +# This command runs the bandit security linter against the castellan +# codebase minus the tests directory. Some tests are being excluded to +# reduce the number of positives before a team inspection, and to ensure a +# passing gate job for initial addition. The excluded tests are: +# B105-B107: hardcoded password checks - likely to generate false positives +# in a gate environment +# B607: start process with a partial path - this should be a project level +# decision +commands = + bandit -r castellan -x tests -s B105,B106,B107,B607 [testenv:venv] commands = {posargs} @@ -23,7 +37,9 @@ commands = oslo_debug_helper {posargs} [testenv:cover] -commands = python setup.py testr --coverage --testr-args='{posargs}' +commands = + python setup.py testr --coverage --testr-args='{posargs}' + coverage report [testenv:docs] commands = python setup.py build_sphinx @@ -44,9 +60,8 @@ oslo-config-generator --config-file=etc/castellan/sample-config-generator.conf [flake8] -# H803 skipped on purpose per list discussion. -# E123, E125 skipped as they are invalid PEP-8. - show-source = True -ignore = E123,E125 -exclude=.venv,.git,.tox,dist,doc,*openstack/common*,*lib/python*,*egg,build +exclude=.venv,.git,.tox,dist,doc,*lib/python*,*egg,build + +[hacking] +import_exceptions = castellan.i18n
