diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..85f404f --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*.swp +build/* diff --git a/README.md b/README.md index 5a72681..294df70 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,8 @@ -This repo contains scripts used by the OpenStack Jenkins to perform tasks, -the tarmac config used by Jenkins, as well as a a few scripts for creating -new Jenkins slaves and additional utility nodes. - -launch_node.py will launch a base node and add user accounts for everyone in -the ~openstack-admins team - -launch_slave.py will launch a node with everything it needs to perform basic -jenkins slave tasks +This repo contains documentation and scripts for the OpenStack QA team. +Code review is managed via the Gerrit system on http://review.openstack.org. +Please see http://wiki.openstack.org/GerritWorkflow for information about +how to contribute to OpenStack projects using the Gerrit system. +The documentation (see /doc) is published automatically to the +http://qa.openstack.org site. diff --git a/doc/index.rst b/doc/index.rst index b2cc227..7caebb3 100644 --- a/doc/index.rst +++ b/doc/index.rst @@ -10,9 +10,9 @@ tests across the entire OpenStack project. Contents: .. toctree:: - :maxdepth: 2 + :maxdepth: 1 - integration + integration Indices and tables ================== diff --git a/doc/systems.rst b/doc/systems.rst deleted file mode 100644 index 82a2218..0000000 --- a/doc/systems.rst +++ /dev/null @@ -1,77 +0,0 @@ -:title: Infrastructure Systems - -Infrastructure Systems -###################### - -The OpenStack CI team maintains a number of systems that are critical -to the operation of the OpenStack project. At the time of writing, -these include: - - * Gerrit (review.openstack.org) - * Jenkins (jenkins.openstack.org) - * community.openstack.org - -Additionally the team maintains the project sites on Launchpad and -GitHub. The following policies have been adopted to ensure the -continued and secure operation of the project. - -SSH Access -********** - -For any of the systems managed by the CI team, the following practices -must be observed for SSH access: - - * SSH access is only permitted with SSH public/private key - authentication. - * Users must use a strong passphrase to protect their private key. A - passphrase of several words, at least one of which is not in a - dictionary is advised, or a random string of at least 16 - characters. - * To mitigate the inconvenience of using a long passphrase, users may - want to use an SSH agent so that the passphrase is only requested - once per desktop session. - * Users private keys must never be stored anywhere except their own - workstation(s). In particular, they must never be stored on any - remote server. - * If users need to 'hop' from a server or bastion host to another - machine, they must not copy a private key to the intermediate - machine (see above). Instead SSH agent forwarding may be used. - However due to the potential for a compromised intermediate machine - to ask the agent to sign requests without the users knowledge, in - this case only an SSH agent that interactively prompts the user - each time a signing request (ie, ssh-agent, but not gnome-keyring) - is received should be used, and the SSH keys should be added with - the confirmation constraint ('ssh-add -c'). - * The number of SSH keys that are configured to permit access to - OpenStack machines should be kept to a minimum. - * OpenStack CI machines must use puppet to centrally manage and - configure user accounts, and the SSH authorized_keys files from the - openstack-ci-puppet repository. - * SSH keys should be periodically rotated (at least once per year). - During rotation, a new key can be added to puppet for a time, and - then the old one removed. - -GitHub Access -************* - -To ensure that code review and testing are not bypassed in the public -Git repositories, only Gerrit will be permitted to commit code to -OpenStack repositories. Because GitHub always allows project -administrators to commit code, accounts that have access to manage the -GitHub projects necessarily will have commit access to the -repositories. Therefore, to avoid inadvertent commits to the public -repositories, unique administrative-only accounts must be used to -manage the OpenStack GitHub organization and projects. These accounts -will not be used to check out or commit code for any project. - -Launchpad Teams -*************** - -Each OpenStack project should have the following teams on Launchpad: - - * foo -- contributors to project 'foo' - * foo-core -- core developers - * foo-bugs -- people interested in receieving bug reports - * foo-drivers -- people who may approve and target blueprints - -The openstack-admins team should be a member of each of those teams. diff --git a/setup.py b/setup.py new file mode 100644 index 0000000..990ff60 --- /dev/null +++ b/setup.py @@ -0,0 +1,21 @@ +import datetime +from setuptools import setup +from sphinx.setup_command import BuildDoc + +cmdclass={} + +class local_BuildDoc(BuildDoc): + def run(self): + for builder in ['html', 'man']: + self.builder = builder + self.finalize_options() + BuildDoc.run(self) +cmdclass['build_sphinx'] = local_BuildDoc + +setup(name='openstack-qa', + version="%d.%02d" % (datetime.datetime.now().year, datetime.datetime.now().month), + description="OpenStack Quality Assurance and Scripts", + author="OpenStack QA Team", + author_email="openstack-qa@lists.launchpad.net", + url="http://launchpad.net/openstack-qa", + cmdclass=cmdclass)