Update log messages to oslo.i18n

The OpenStack internationalization (i18n) system was moved from oslo-incubator to the oslo.i18n library. This new library also has a refined way to tag logging strings for translation as detailed in on this page: http://docs.openstack.org/developer/oslo.i18n/guidelines.html This CR updates Barbican's logging text messages accordingly. A separate CR will update the barbican/openstack package structure from oslo-incubator to remove all references to the old i18n system. Change-Id: Ibc2700324495d01c571343937a9d1771ba9e5b85
2014-12-01 21:40:46 -06:00 · 2014-12-01 21:40:46 -06:00 · f29d08610d
commit f29d08610d
parent 7b38b5d05e
34 changed files with 690 additions and 451 deletions
--- a/barbican/init.py
+++ b/barbican/init.py
@ -16,7 +16,3 @@
 """
 Cloudkeep's Barbican module root
 """
 import gettext
 gettext.install('barbican', unicode=1)
--- a/barbican/api/init.py
+++ b/barbican/api/init.py
@ -23,7 +23,7 @@ import pecan
 from barbican.common import exception
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.openstack.common import jsonutils as json
 from barbican.openstack.common import policy
 from barbican.plugin.interface import certificate_manager as cert_manager
@ -59,8 +59,8 @@ def load_body(req, resp=None, validator=None):
    try:
        body = req.body_file.read(CONF.max_allowed_request_size_in_bytes)
    except IOError:
-        LOG.exception("Problem reading request JSON stream.")
+        LOG.exception(u._LE("Problem reading request JSON stream."))
-        pecan.abort(500, 'Read Error')
+        pecan.abort(500, u._('Read Error'))
    try:
        # TODO(jwood): Investigate how to get UTF8 format via openstack
@ -69,20 +69,20 @@ def load_body(req, resp=None, validator=None):
        parsed_body = json.loads(body)
        strip_whitespace(parsed_body)
    except ValueError:
-        LOG.exception("Problem loading request JSON.")
+        LOG.exception(u._LE("Problem loading request JSON."))
-        pecan.abort(400, 'Malformed JSON')
+        pecan.abort(400, u._('Malformed JSON'))
    if validator:
        try:
            parsed_body = validator.validate(parsed_body)
        except exception.InvalidObject as e:
-            LOG.exception("Failed to validate JSON information")
+            LOG.exception(u._LE("Failed to validate JSON information"))
            pecan.abort(400, str(e))
        except exception.UnsupportedField as e:
-            LOG.exception("Provided field value is not supported")
+            LOG.exception(u._LE("Provided field value is not supported"))
            pecan.abort(400, str(e))
        except exception.LimitExceeded as e:
-            LOG.exception("Data limit exceeded")
+            LOG.exception(u._LE("Data limit exceeded"))
            pecan.abort(413, str(e))
    return parsed_body
@ -110,18 +110,19 @@ def generate_safe_exception_message(operation_name, excep):
    try:
        raise excep
    except policy.PolicyNotAuthorized:
-        message = u._('{0} attempt not allowed - '
+        message = u._(
-                      'please review your '
+            '{operation} attempt not allowed - '
-                      'user/project privileges').format(operation_name)
+            'please review your '
            'user/project privileges').format(operation=operation_name)
        status = 403
    except s.SecretContentTypeNotSupportedException as sctnse:
-        reason = u._("content-type of '{0}' not "
+        reason = u._("content-type of '{content_type}' not "
-                     "supported").format(sctnse.content_type)
+                     "supported").format(content_type=sctnse.content_type)
        status = 400
    except s.SecretContentEncodingNotSupportedException as ce:
-        reason = u._("content-encoding of '{0}' not "
+        reason = u._("content-encoding of '{content_encoding}' not "
-                     "supported").format(ce.content_encoding)
+                     "supported").format(content_encoding=ce.content_encoding)
        status = 400
    except s.SecretStorePluginNotFound:
        reason = u._("No plugin was found that could support "
@ -159,12 +160,12 @@ def generate_safe_exception_message(operation_name, excep):
        status = 413
    except Exception:
-        message = u._('{0} failure seen - please contact site '
+        message = u._('{operation} failure seen - please contact site '
-                      'administrator.').format(operation_name)
+                      'administrator.').format(operation=operation_name)
    if reason:
-        message = u._('{0} issue seen - {1}.').format(operation_name,
+        message = u._('{operation} issue seen - {reason}.').format(
-                                                      reason)
+            operation=operation_name, reason=reason)
    return status, message
--- a/barbican/api/controllers/init.py
+++ b/barbican/api/controllers/init.py
@ -15,7 +15,7 @@ from webob import exc
 from barbican import api
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 LOG = utils.getLogger(__name__)
@ -95,9 +95,12 @@ def handle_exceptions(operation_name=u._('System')):
            try:
                return fn(inst, *args, **kwargs)
            except exc.HTTPError as f:
-                LOG.exception('Webob error seen')
+                LOG.exception(u._LE('Webob error seen'))
                raise f  # Already converted to Webob exception, just reraise
            except Exception as e:
                # In case intervening modules have disabled logging.
                LOG.logger.disabled = False
                status, message = api.generate_safe_exception_message(
                    operation_name, e)
                LOG.exception(message)
@ -115,8 +118,13 @@ def _do_enforce_content_types(pecan_req, valid_content_types):
    types passed in by our caller.
    """
    if pecan_req.content_type not in valid_content_types:
-        m = ("Unexpected content type: {0}.  Expected content types "
+        m = u._(
-             "are: {1}").format(pecan_req.content_type, valid_content_types)
+            "Unexpected content type: {type}.  Expected content types "
            "are: {expected}"
        ).format(
            type=pecan_req.content_type,
            expected=valid_content_types
        )
        pecan.abort(415, m)
--- a/barbican/api/controllers/consumers.py
+++ b/barbican/api/controllers/consumers.py
@ -19,9 +19,9 @@ from barbican.common import hrefs
 from barbican.common import resources as res
 from barbican.common import utils
 from barbican.common import validators
 from barbican import i18n as u
 from barbican.model import models
 from barbican.model import repositories as repo
 from barbican.openstack.common import gettextutils as u
 LOG = utils.getLogger(__name__)
@ -159,7 +159,7 @@ class ContainerConsumersController(object):
        try:
            self.consumer_repo.delete_entity_by_id(consumer.id, keystone_id)
        except exception.NotFound:
-            LOG.exception('Problem deleting consumer')
+            LOG.exception(u._LE('Problem deleting consumer'))
            _consumer_not_found()
        return self._return_container_data(self.container_id, keystone_id)
--- a/barbican/api/controllers/containers.py
+++ b/barbican/api/controllers/containers.py
@ -20,9 +20,9 @@ from barbican.common import hrefs
 from barbican.common import resources as res
 from barbican.common import utils
 from barbican.common import validators
 from barbican import i18n as u
 from barbican.model import models
 from barbican.model import repositories as repo
 from barbican.openstack.common import gettextutils as u
 LOG = utils.getLogger(__name__)
@ -81,7 +81,7 @@ class ContainerController(object):
                keystone_id=keystone_id
            )
        except exception.NotFound:
-            LOG.exception('Problem deleting container')
+            LOG.exception(u._LE('Problem deleting container'))
            container_not_found()
        for consumer in container_consumers[0]:
@ -169,8 +169,11 @@ class ContainersController(object):
            if not secret:
                # This only partially localizes the error message and
                # doesn't localize secret_ref.name.
-                pecan.abort(404, u._("Secret provided for '{0}' doesn't"
+                pecan.abort(
-                                     " exist.").format(secret_ref.name))
+                    404,
                    u._("Secret provided for '{secret_name}' doesn't "
                        "exist.").format(secret_name=secret_ref.name)
                )
        self.container_repo.create_from(new_container)
--- a/barbican/api/controllers/orders.py
+++ b/barbican/api/controllers/orders.py
@ -19,9 +19,9 @@ from barbican.common import hrefs
 from barbican.common import resources as res
 from barbican.common import utils
 from barbican.common import validators
 from barbican import i18n as u
 from barbican.model import models
 from barbican.model import repositories as repo
 from barbican.openstack.common import gettextutils as u
 from barbican.openstack.common import jsonutils as json
 from barbican.queue import client as async_client
@ -146,7 +146,7 @@ class OrderController(object):
            self.order_repo.delete_entity_by_id(entity_id=self.order_id,
                                                keystone_id=keystone_id)
        except exception.NotFound:
-            LOG.exception('Problem deleting order')
+            LOG.exception(u._LE('Problem deleting order'))
            _order_not_found()
--- a/barbican/api/controllers/secrets.py
+++ b/barbican/api/controllers/secrets.py
@ -22,8 +22,8 @@ from barbican.common import hrefs
 from barbican.common import resources as res
 from barbican.common import utils
 from barbican.common import validators
 from barbican import i18n as u
 from barbican.model import repositories as repo
 from barbican.openstack.common import gettextutils as u
 from barbican.plugin import resources as plugin
 from barbican.plugin import util as putil
@ -139,9 +139,8 @@ class SecretController(object):
                pecan.request.content_type == 'application/json'):
            pecan.abort(
                415,
-                u._("Content-Type of '{0}' is not supported for PUT.").format(
+                u._("Content-Type of '{content_type}' is not supported for "
-                    pecan.request.content_type
+                    "PUT.").format(content_type=pecan.request.content_type)
                )
            )
        transport_key_id = kwargs.get('transport_key_id')
--- a/barbican/api/controllers/transportkeys.py
+++ b/barbican/api/controllers/transportkeys.py
@ -22,9 +22,9 @@ from barbican.common import exception
 from barbican.common import hrefs
 from barbican.common import utils
 from barbican.common import validators
 from barbican import i18n as u
 from barbican.model import models
 from barbican.model import repositories as repo
 from barbican.openstack.common import gettextutils as u
 LOG = utils.getLogger(__name__)
@ -65,7 +65,7 @@ class TransportKeyController(object):
            # TODO(alee) response should be 204 on success
            # pecan.response.status = 204
        except exception.NotFound:
-            LOG.exception('Problem deleting transport_key')
+            LOG.exception(u._LE('Problem deleting transport_key'))
            _transport_key_not_found()
--- a/barbican/api/controllers/versions.py
+++ b/barbican/api/controllers/versions.py
@ -14,7 +14,7 @@ import pecan
 from barbican.api import controllers
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican import version
 LOG = utils.getLogger(__name__)
--- a/barbican/api/middleware/context.py
+++ b/barbican/api/middleware/context.py
@ -20,7 +20,7 @@ import webob.exc
 from barbican.api import middleware as mw
 from barbican.common import utils
 import barbican.context
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.openstack.common import policy
 LOG = utils.getLogger(__name__)
@ -51,7 +51,7 @@ class BaseContextMiddleware(mw.Middleware):
        try:
            request_id = resp.request.context.request_id
        except AttributeError:
-            LOG.warn(u._('Unable to retrieve request id from context'))
+            LOG.warn(u._LW('Unable to retrieve request id from context'))
        else:
            resp.headers['x-openstack-request-id'] = 'req-%s' % request_id
        return resp
@ -115,6 +115,7 @@ class ContextMiddleware(BaseContextMiddleware):
                catalog_header = req.headers.get('X-Service-Catalog')
                service_catalog = json.loads(catalog_header)
            except ValueError:
                LOG.exception(u._LE('Problem processing X-Service-Catalog'))
                raise webob.exc.HTTPInternalServerError(
                    u._('Invalid service catalog json.'))
--- a/barbican/common/exception.py
+++ b/barbican/common/exception.py
@ -19,7 +19,7 @@ Barbican exception subclasses
 import urlparse
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 _FATAL_EXCEPTION_FORMAT_ERRORS = False
--- a/barbican/common/utils.py
+++ b/barbican/common/utils.py
@ -22,7 +22,7 @@ import uuid
 from oslo.config import cfg
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 import barbican.openstack.common.log as logging
--- a/barbican/common/validators.py
+++ b/barbican/common/validators.py
@ -21,8 +21,8 @@ import six
 from barbican.common import exception
 from barbican.common import utils
 from barbican import i18n as u
 from barbican.model import models
 from barbican.openstack.common import gettextutils as u
 from barbican.openstack.common import timeutils
 from barbican.plugin.util import mime_types
@ -77,8 +77,10 @@ class ValidatorBase(object):
        """
        schema_name = self.name
        if parent_schema:
-            schema_name = u._("{0}' within '{1}").format(self.name,
+            schema_name = u._(
-                                                         parent_schema)
+                "{schema_name}' within '{parent_schema_name}").format(
                    schema_name=self.name,
                    parent_schema_name=parent_schema)
        return schema_name
    def _assert_schema_is_valid(self, json_data, schema_name):
@ -220,8 +222,8 @@ class NewSecretValidator(ValidatorBase):
        self._assert_validity(
            content_type.lower() in mime_types.SUPPORTED,
            schema_name,
-            u._("payload_content_type is not one of {0}").format(
+            u._("payload_content_type is not one of {supported}").format(
-                mime_types.SUPPORTED),
+                supported=mime_types.SUPPORTED),
            "payload_content_type")
        if content_type == 'application/octet-stream':
--- a/barbican/i18n.py
+++ b/barbican/i18n.py
@ -0,0 +1,30 @@
 # Copyright 2010-2011 OpenStack LLC.
 # All Rights Reserved.
 #
 #    Licensed under the Apache License, Version 2.0 (the "License"); you may
 #    not use this file except in compliance with the License. You may obtain
 #    a copy of the License at
 #
 #         http://www.apache.org/licenses/LICENSE-2.0
 #
 #    Unless required by applicable law or agreed to in writing, software
 #    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 #    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 #    License for the specific language governing permissions and limitations
 #    under the License.
 from oslo import i18n
 _translators = i18n.TranslatorFactory(domain='barbican')
 # The primary translation function using the well-known name "_"
 _ = _translators.primary
 # Translators for log levels.
 #
 # The abbreviated names are meant to reflect the usual use of a short
 # name like '_'. The "L" is for "log" and the other letter comes from
 # the level.
 _LI = _translators.log_info
 _LW = _translators.log_warning
 _LE = _translators.log_error
 _LC = _translators.log_critical
--- a/barbican/locale/barbican.pot
+++ b/barbican/locale/barbican.pot
@ -6,9 +6,9 @@
 #, fuzzy
 msgid ""
 msgstr ""
-"Project-Id-Version: barbican 2014.2.dev13.ga1f7f13\n"
+"Project-Id-Version: barbican 2015.1.dev86.g7b38b5d\n"
 "Report-Msgid-Bugs-To: EMAIL@ADDRESS\n"
-"POT-Creation-Date: 2014-09-16 06:08+0000\n"
+"POT-Creation-Date: 2014-12-07 19:03-0600\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@ -17,60 +17,74 @@ msgstr ""
 "Content-Transfer-Encoding: 8bit\n"
 "Generated-By: Babel 1.3\n"
 #: barbican/api/__init__.py:63
 msgid "Read Error"
 msgstr ""
 #: barbican/api/__init__.py:73
 msgid "Malformed JSON"
 msgstr ""
 #: barbican/api/__init__.py:113
-msgid "{0} attempt not allowed - please review your user/tenant privileges"
+msgid ""
 "{operation} attempt not allowed - please review your user/project "
 "privileges"
 msgstr ""
-#: barbican/api/__init__.py:119
+#: barbican/api/__init__.py:120
-msgid "content-type of '{0}' not supported"
+msgid "content-type of '{content_type}' not supported"
 msgstr ""
-#: barbican/api/__init__.py:123
+#: barbican/api/__init__.py:124
-msgid "content-encoding of '{0}' not supported"
+msgid "content-encoding of '{content_encoding}' not supported"
 msgstr ""
-#: barbican/api/__init__.py:127
+#: barbican/api/__init__.py:128
 msgid "No plugin was found that could support your request"
 msgstr ""
-#: barbican/api/__init__.py:131 barbican/plugin/interface/secret_store.py:113
+#: barbican/api/__init__.py:132 barbican/plugin/interface/secret_store.py:115
 msgid "Problem decoding payload"
 msgstr ""
-#: barbican/api/__init__.py:134
+#: barbican/api/__init__.py:135
 msgid ""
 "Text-based binary secret payloads must specify a content-encoding of "
 "'base64'"
 msgstr ""
-#: barbican/api/__init__.py:138
+#: barbican/api/__init__.py:139
 msgid "Not Found.  Sorry but your secret is in another castle"
 msgstr ""
-#: barbican/api/__init__.py:142
+#: barbican/api/__init__.py:143
 msgid "Requested algorithm is not supported"
 msgstr ""
-#: barbican/api/__init__.py:154
+#: barbican/api/__init__.py:155
 msgid "No information provided to process"
 msgstr ""
-#: barbican/api/__init__.py:157
+#: barbican/api/__init__.py:158
 msgid "Provided information too large to process"
 msgstr ""
-#: barbican/api/__init__.py:162
+#: barbican/api/__init__.py:163
-msgid "{0} failure seen - please contact site administrator."
+msgid "{operation} failure seen - please contact site administrator."
 msgstr ""
-#: barbican/api/__init__.py:166
+#: barbican/api/__init__.py:167
-msgid "{0} issue seen - {1}."
+msgid "{operation} issue seen - {reason}."
 msgstr ""
 #: barbican/api/controllers/__init__.py:89
 msgid "System"
 msgstr ""
 #: barbican/api/controllers/__init__.py:121
 msgid "Unexpected content type: {type}.  Expected content types are: {expected}"
 msgstr ""
 #: barbican/api/controllers/consumers.py:31
 msgid "Not Found. Sorry but your consumer is in another castle."
 msgstr ""
@ -103,16 +117,16 @@ msgstr ""
 msgid "Container deletion"
 msgstr ""
-#: barbican/api/controllers/containers.py:103
+#: barbican/api/controllers/containers.py:113
 msgid "Containers(s) retrieval"
 msgstr ""
-#: barbican/api/controllers/containers.py:142
+#: barbican/api/controllers/containers.py:151
 msgid "Container creation"
 msgstr ""
-#: barbican/api/controllers/containers.py:163
+#: barbican/api/controllers/containers.py:174
-msgid "Secret provided for '{0}' doesn't exist."
+msgid "Secret provided for '{secret_name}' doesn't exist."
 msgstr ""
 #: barbican/api/controllers/orders.py:33
@ -151,7 +165,7 @@ msgstr ""
 msgid "Order retrieval"
 msgstr ""
-#: barbican/api/controllers/orders.py:98 barbican/api/controllers/orders.py:198
+#: barbican/api/controllers/orders.py:98 barbican/api/controllers/orders.py:197
 msgid "Order update"
 msgstr ""
@ -159,11 +173,11 @@ msgstr ""
 msgid "Order deletion"
 msgstr ""
-#: barbican/api/controllers/orders.py:171
+#: barbican/api/controllers/orders.py:170
 msgid "Order(s) retrieval"
 msgstr ""
-#: barbican/api/controllers/orders.py:204
+#: barbican/api/controllers/orders.py:203
 msgid "Order creation"
 msgstr ""
@ -185,23 +199,23 @@ msgstr ""
 msgid "Secret retrieval"
 msgstr ""
-#: barbican/api/controllers/secrets.py:131
+#: barbican/api/controllers/secrets.py:132
 msgid "Secret update"
 msgstr ""
-#: barbican/api/controllers/secrets.py:141
+#: barbican/api/controllers/secrets.py:142
-msgid "Content-Type of '{0}' is not supported for PUT."
+msgid "Content-Type of '{content_type}' is not supported for PUT."
 msgstr ""
-#: barbican/api/controllers/secrets.py:174
+#: barbican/api/controllers/secrets.py:175
 msgid "Secret deletion"
 msgstr ""
-#: barbican/api/controllers/secrets.py:215
+#: barbican/api/controllers/secrets.py:216
 msgid "Secret(s) retrieval"
 msgstr ""
-#: barbican/api/controllers/secrets.py:266
+#: barbican/api/controllers/secrets.py:267
 msgid "Secret creation"
 msgstr ""
@ -229,32 +243,28 @@ msgstr ""
 msgid "Version retrieval"
 msgstr ""
-#: barbican/api/middleware/context.py:33
+#: barbican/api/middleware/context.py:31
 msgid ""
-"When true, this option sets the owner of an image to be the tenant. "
+"When true, this option sets the owner of an image to be the project. "
 "Otherwise, the owner of the  image will be the authenticated user issuing"
 " the request."
 msgstr ""
-#: barbican/api/middleware/context.py:38
+#: barbican/api/middleware/context.py:36
 msgid "Role used to identify an authenticated user as administrator."
 msgstr ""
-#: barbican/api/middleware/context.py:41
+#: barbican/api/middleware/context.py:39
 msgid ""
 "Allow unauthenticated users to access the API with read-only privileges. "
 "This only applies when using ContextMiddleware."
 msgstr ""
-#: barbican/api/middleware/context.py:56
+#: barbican/api/middleware/context.py:120
 msgid "Unable to retrieve request id from context"
 msgstr ""
 #: barbican/api/middleware/context.py:121
 msgid "Invalid service catalog json."
 msgstr ""
-#: barbican/api/middleware/context.py:144
+#: barbican/api/middleware/context.py:143
 msgid "Missing X-Project-Id"
 msgstr ""
@ -530,166 +540,179 @@ msgid "Cannot generate a fullname for a null instance"
 msgstr ""
 #: barbican/common/validators.py:80
-msgid "{0}' within '{1}"
+msgid "{schema_name}' within '{parent_schema_name}"
 msgstr ""
-#: barbican/common/validators.py:157
+#: barbican/common/validators.py:160
 msgid "If 'payload' specified, must be non empty"
 msgstr ""
-#: barbican/common/validators.py:163
+#: barbican/common/validators.py:166
 msgid "payload must be provided when payload_content_type is specified"
 msgstr ""
-#: barbican/common/validators.py:188 barbican/common/validators.py:357
+#: barbican/common/validators.py:191 barbican/common/validators.py:358
 msgid "Invalid date for 'expiration'"
 msgstr ""
-#: barbican/common/validators.py:202
+#: barbican/common/validators.py:205
 msgid "'expiration' is before current time"
 msgstr ""
-#: barbican/common/validators.py:215
+#: barbican/common/validators.py:218
 msgid "If 'payload' is supplied, 'payload_content_type' must also be supplied."
 msgstr ""
-#: barbican/common/validators.py:222
+#: barbican/common/validators.py:225
-msgid "payload_content_type is not one of {0}"
+msgid "payload_content_type is not one of {supported}"
 msgstr ""
-#: barbican/common/validators.py:230
+#: barbican/common/validators.py:233
 msgid ""
 "payload_content_encoding must be specified when payload_content_type is "
 "application/octet-stream."
 msgstr ""
-#: barbican/common/validators.py:238
+#: barbican/common/validators.py:241
 msgid ""
 "payload_content_encoding must not be specified when payload_content_type "
 "is text/plain"
 msgstr ""
-#: barbican/common/validators.py:299 barbican/common/validators.py:337
+#: barbican/common/validators.py:302 barbican/common/validators.py:320
-#: barbican/common/validators.py:344
+#: barbican/common/validators.py:345
 msgid "'meta' attributes is required"
 msgstr ""
-#: barbican/common/validators.py:305
+#: barbican/common/validators.py:308
 msgid "'payload' not allowed for key type order"
 msgstr ""
-#: barbican/common/validators.py:315
+#: barbican/common/validators.py:330
 msgid "Only 'application/octet-stream' supported"
 msgstr ""
-#: barbican/common/validators.py:322 barbican/common/validators.py:436
+#: barbican/common/validators.py:336
-msgid "Only 'cbc' supported"
+msgid "'algorithm' is required field for asymmetric type order"
 msgstr ""
-#: barbican/common/validators.py:328 barbican/common/validators.py:442
+#: barbican/common/validators.py:370
 msgid "Only 'aes' supported"
 msgstr ""
 #: barbican/common/validators.py:369
 msgid "Must have non-zero positive bit_length to generate secret"
 msgstr ""
-#: barbican/common/validators.py:377 barbican/common/validators.py:450
+#: barbican/common/validators.py:378
 msgid "Must be a positive integer that is a multiple of 8"
 msgstr ""
-#: barbican/common/validators.py:385
+#: barbican/common/validators.py:386
 msgid "Feature not implemented for '{0}' order type"
 msgstr ""
-#: barbican/common/validators.py:412
+#: barbican/common/validators.py:458
 msgid "'secret' attributes are required"
 msgstr ""
 #: barbican/common/validators.py:419
 msgid "'payload' not allowed for secret generation"
 msgstr ""
 #: barbican/common/validators.py:429
 msgid "Only 'application/oc tet-stream' supported"
 msgstr ""
 #: barbican/common/validators.py:523
 msgid "Duplicate reference names are not allowed"
 msgstr ""
-#: barbican/common/validators.py:535
+#: barbican/common/validators.py:470
 msgid "Duplicate secret ids are not allowed"
 msgstr ""
-#: barbican/common/validators.py:553
+#: barbican/common/validators.py:488
 msgid ""
 "only 'private_key', 'public_key' and 'private_key_passphrase' reference "
 "names are allowed for RSA type"
 msgstr ""
-#: barbican/common/validators.py:561
+#: barbican/common/validators.py:496
 msgid ""
 "The minimum required reference names are 'public_key' and'private_key' "
 "for RSA type"
 msgstr ""
-#: barbican/common/validators.py:574
+#: barbican/common/validators.py:509
 msgid ""
 "only 'private_key', 'certificate' , 'private_key_passphrase',  or "
 "'intermediates' reference names are allowed for Certificate type"
 msgstr ""
-#: barbican/common/validators.py:582
+#: barbican/common/validators.py:517
 msgid "The minimum required reference name is 'certificate' for Certificate type"
 msgstr ""
-#: barbican/common/validators.py:628
+#: barbican/common/validators.py:563
 msgid "plugin_name must be provided"
 msgstr ""
-#: barbican/common/validators.py:635
+#: barbican/common/validators.py:570
 msgid "transport_key must be provided"
 msgstr ""
-#: barbican/model/repositories.py:133
+#: barbican/model/repositories.py:398
 msgid "Must supply non-None {entity_name}."
 msgstr ""
 #: barbican/model/repositories.py:404
 msgid "Must supply {entity_name} with id=None(i.e. new entity)."
 msgstr ""
 #: barbican/model/repositories.py:505
 msgid "{entity_name} status is required."
 msgstr ""
 #: barbican/model/repositories.py:510
 msgid "Invalid status '{status}' for {entity_name}."
 msgstr ""
 #: barbican/model/repositories.py:571
 msgid "{entity_name} is missing query build method for get project entities."
 msgstr ""
 #: barbican/model/repositories.py:623
 #, python-format
-msgid ""
+msgid "Error deleting project entities for project_id=%s"
 "Error configuring registry database with supplied sql_connection. Got "
 "error: %s"
 msgstr ""
-#: barbican/model/repositories.py:148
+#: barbican/model/repositories.py:657
-msgid "Updating schema to latest version"
+msgid "No {entity_name} found with keystone-ID {id}"
 msgstr ""
-#: barbican/model/repositories.py:152
+#: barbican/model/repositories.py:864
 msgid "Auto-creating barbican registry DB"
 msgstr ""
 #: barbican/model/repositories.py:159
 msgid "not auto-creating barbican registry DB"
 msgstr ""
 #: barbican/model/repositories.py:198
 #, python-format
 msgid "SQL connection failed. %d attempts left."
 msgstr ""
 #: barbican/model/repositories.py:693
 msgid "Tried to register crypto plugin with null or empty name."
 msgstr ""
 #: barbican/model/repositories.py:1231
 msgid "Could not find {entity_name}"
 msgstr ""
 #: barbican/model/repositories.py:1237
 msgid "Found more than one {entity_name}"
 msgstr ""
 #: barbican/model/repositories.py:1380
 msgid "No {entity} found with ID {id}"
 msgstr ""
 #: barbican/model/repositories.py:1386
 msgid "Entity ID {entity_id} not found"
 msgstr ""
 #: barbican/model/repositories.py:1392
 msgid "No {entity_name}'s found"
 msgstr ""
 #: barbican/model/repositories.py:1398
 msgid "Entity ID {entity_id} already exists!"
 msgstr ""
 #: barbican/openstack/common/eventlet_backdoor.py:142
 #, python-format
 msgid "Eventlet backdoor listening on %(port)s for process %(pid)d"
 msgstr ""
-#: barbican/openstack/common/gettextutils.py:320
+#: barbican/openstack/common/gettextutils.py:305
 msgid "Message objects do not support addition."
 msgstr ""
-#: barbican/openstack/common/gettextutils.py:330
+#: barbican/openstack/common/gettextutils.py:315
 msgid ""
 "Message objects do not support str() because they may contain non-ascii "
 "characters. Please use unicode() or translate() instead."
@ -888,38 +911,120 @@ msgstr ""
 msgid "Length of %(given)d is too long, max = %(maximum)d"
 msgstr ""
-#: barbican/plugin/dogtag.py:40
+#: barbican/plugin/dogtag.py:44
 msgid "Path to PEM file for authentication"
 msgstr ""
-#: barbican/plugin/dogtag.py:43
+#: barbican/plugin/dogtag.py:47
 msgid "Hostname for the Dogtag instance"
 msgstr ""
-#: barbican/plugin/dogtag.py:46
+#: barbican/plugin/dogtag.py:50
 msgid "Port for the Dogtag instance"
 msgstr ""
-#: barbican/plugin/dogtag.py:48
+#: barbican/plugin/dogtag.py:52
 msgid "Path to the NSS certificate database"
 msgstr ""
-#: barbican/plugin/dogtag.py:50
+#: barbican/plugin/dogtag.py:54
 msgid "Password for NSS certificate database"
 msgstr ""
-#: barbican/plugin/dogtag.py:64
+#: barbican/plugin/dogtag.py:68
 msgid "nss_password is required"
 msgstr ""
-#: barbican/plugin/dogtag.py:79
+#: barbican/plugin/dogtag.py:83
 msgid "pem_path is required"
 msgstr ""
-#: barbican/plugin/dogtag.py:90
+#: barbican/plugin/dogtag.py:94
 msgid "Invalid algorithm passed in"
 msgstr ""
 #: barbican/plugin/dogtag.py:98
 msgid "Operation not supported by Dogtag Plugin"
 msgstr ""
 #: barbican/plugin/dogtag.py:357
 msgid ""
 "Passphrase encryption is not supported for symmetric key generating "
 "algorithms."
 msgstr ""
 #: barbican/plugin/dogtag.py:389
 msgid "Passphrase encryption is not supported for DSA algorithm"
 msgstr ""
 #: barbican/plugin/dogtag.py:510
 msgid ""
 "DSA keys should not have a passphrase in the database, for being used "
 "during retrieval."
 msgstr ""
 #: barbican/plugin/dogtag.py:514
 msgid ""
 "Secrets of type {secret_type} should not have a passphrase in the "
 "database, for being used during retrieval."
 msgstr ""
 #: barbican/plugin/dogtag.py:528
 msgid ""
 "Encryption using session key is not supported when retrieving a "
 "{secret_type} key."
 msgstr ""
 #: barbican/plugin/dogtag.py:569
 msgid "{request} not found for {operation} for order_id {order_id}"
 msgstr ""
 #: barbican/plugin/dogtag.py:608
 msgid "No request found for request_id {request_id} for order {order_id}"
 msgstr ""
 #: barbican/plugin/dogtag.py:634
 msgid ""
 "Request {request_id} reports status_complete, but no cert_id has been "
 "returned"
 msgstr ""
 #: barbican/plugin/dogtag.py:645
 msgid "Certificate not found for cert_id: {cert_id}"
 msgstr ""
 #: barbican/plugin/dogtag.py:655
 msgid "Invalid request_status returned by CA"
 msgstr ""
 #: barbican/plugin/dogtag.py:680
 msgid "No profile_id specified"
 msgstr ""
 #: barbican/plugin/dogtag.py:694
 msgid "No request returned in enrollment_results"
 msgstr ""
 #: barbican/plugin/dogtag.py:714
 msgid "request_id {req_id} returns COMPLETE but no cert returned"
 msgstr ""
 #: barbican/plugin/dogtag.py:718
 msgid "Invalid request_status {status} for request_id {request_id}"
 msgstr ""
 #: barbican/plugin/dogtag.py:738
 msgid "Exception thrown by enroll_cert: {message}"
 msgstr ""
 #: barbican/plugin/dogtag.py:764
 msgid "Modify request: unable to cancel: {message}"
 msgstr ""
 #: barbican/plugin/dogtag.py:793
 msgid "no request found for this order"
 msgstr ""
 #: barbican/plugin/kmip_secret_store.py:44
 msgid "The default username for authenticating with KMIP"
 msgstr ""
@ -936,28 +1041,26 @@ msgstr ""
 msgid "Port for the KMIP server"
 msgstr ""
-#: barbican/plugin/simple_certificate_manager.py:40
+#: barbican/plugin/kmip_secret_store.py:60
-msgid "Invoking issue_certificate_request()"
+msgid "SSL version, maps to the module ssl's constants"
 msgstr ""
-#: barbican/plugin/simple_certificate_manager.py:56
+#: barbican/plugin/kmip_secret_store.py:64
-msgid "Invoking modify_certificate_request()"
+msgid "File path to concatenated \"certification authority\" certificates"
 msgstr ""
-#: barbican/plugin/simple_certificate_manager.py:72
+#: barbican/plugin/kmip_secret_store.py:169
-msgid "Invoking cancel_certificate_request()"
+msgid "Feature not yet implemented by KMIP Secret Store plugin"
 msgstr ""
-#: barbican/plugin/simple_certificate_manager.py:88
+#: barbican/plugin/kmip_secret_store.py:269
-msgid "Invoking check_certificate_status()"
+msgid ""
 "Unknown key value type received from KMIP server, expected "
 "{key_value_struct} or {key_value_string}, received: {key_value_type}"
 msgstr ""
-#: barbican/plugin/simple_certificate_manager.py:115
+#: barbican/plugin/kmip_secret_store.py:488
-msgid "Invoking notify_certificate_is_ready()"
+msgid "Status: {status}, Reason: {reason}, Message: {message}"
 msgstr ""
 #: barbican/plugin/simple_certificate_manager.py:128
 msgid "Invoking notify_ca_is_unavailable()"
 msgstr ""
 #: barbican/plugin/symantec.py:34
@ -972,45 +1075,45 @@ msgstr ""
 msgid "Domain of Symantec API"
 msgstr ""
-#: barbican/plugin/symantec.py:51
+#: barbican/plugin/symantec.py:54
 msgid "username is required"
 msgstr ""
-#: barbican/plugin/symantec.py:55
+#: barbican/plugin/symantec.py:57
 msgid "password is required"
 msgstr ""
-#: barbican/plugin/symantec.py:59
+#: barbican/plugin/symantec.py:60
 msgid "url is required"
 msgstr ""
-#: barbican/plugin/crypto/crypto.py:34
+#: barbican/plugin/crypto/crypto.py:35
 #: barbican/plugin/interface/certificate_manager.py:45
 #: barbican/plugin/interface/secret_store.py:36
 msgid "Extension namespace to search for plugins."
 msgstr ""
-#: barbican/plugin/crypto/crypto.py:38
+#: barbican/plugin/crypto/crypto.py:39
 msgid "List of crypto plugins to load."
 msgstr ""
-#: barbican/plugin/crypto/crypto.py:47
+#: barbican/plugin/crypto/crypto.py:48
 msgid "Crypto plugin not found."
 msgstr ""
-#: barbican/plugin/crypto/crypto.py:52
+#: barbican/plugin/crypto/crypto.py:53
-#: barbican/plugin/interface/certificate_manager.py:121
+#: barbican/plugin/interface/certificate_manager.py:123
-#: barbican/plugin/interface/certificate_manager.py:131
+#: barbican/plugin/interface/certificate_manager.py:133
-#: barbican/plugin/interface/certificate_manager.py:141
+#: barbican/plugin/interface/certificate_manager.py:143
-#: barbican/plugin/interface/secret_store.py:101
+#: barbican/plugin/interface/secret_store.py:103
 msgid "Unknown"
 msgstr ""
-#: barbican/plugin/crypto/crypto.py:54
+#: barbican/plugin/crypto/crypto.py:55
-msgid "Failed to bind kek metadata for plugin: {0}"
+msgid "Failed to bind kek metadata for plugin: {name}"
 msgstr ""
-#: barbican/plugin/crypto/crypto.py:64
+#: barbican/plugin/crypto/crypto.py:65
 msgid "Could not generate private key"
 msgstr ""
@ -1046,10 +1149,26 @@ msgstr ""
 msgid "library_path is required"
 msgstr ""
 #: barbican/plugin/crypto/p11_crypto.py:380
 msgid "Feature not implemented for PKCS11"
 msgstr ""
 #: barbican/plugin/crypto/simple_crypto.py:33
 msgid "Key encryption key to be used by Simple Crypto Plugin"
 msgstr ""
 #: barbican/plugin/crypto/simple_crypto.py:48
 msgid "KEK not yet created."
 msgstr ""
 #: barbican/plugin/crypto/simple_crypto.py:62
 msgid "Unencrypted data must be a byte type, but was {unencrypted_type}"
 msgstr ""
 #: barbican/plugin/crypto/simple_crypto.py:132
 msgid "Passphrase not supported for DSA key"
 msgstr ""
 #: barbican/plugin/interface/certificate_manager.py:49
 #: barbican/plugin/interface/certificate_manager.py:69
 msgid "List of certificate plugins to load."
@ -1060,7 +1179,7 @@ msgid "Extension namespace to search for eventing plugins."
 msgstr ""
 #: barbican/plugin/interface/certificate_manager.py:91
-msgid "Certificate plugin \"{0}\" not found or configured."
+msgid "Certificate plugin \"{name}\" not found or configured."
 msgstr ""
 #: barbican/plugin/interface/certificate_manager.py:95
@ -1068,7 +1187,7 @@ msgid "Certificate plugin not found or configured."
 msgstr ""
 #: barbican/plugin/interface/certificate_manager.py:103
-msgid "Certificate event plugin \"{0}\" not found or configured."
+msgid "Certificate event plugin \"{name}\" not found or configured."
 msgstr ""
 #: barbican/plugin/interface/certificate_manager.py:107
@ -1076,19 +1195,19 @@ msgid "Certificate event plugin not found or configured."
 msgstr ""
 #: barbican/plugin/interface/certificate_manager.py:115
-msgid "Certificate status of '{0}' not supported"
+msgid "Certificate status of {status} not supported"
 msgstr ""
-#: barbican/plugin/interface/certificate_manager.py:123
+#: barbican/plugin/interface/certificate_manager.py:125
-msgid "Problem seen during certificate processing - Reason: {0}"
+msgid "Problem seen during certificate processing - Reason: {reason}"
 msgstr ""
-#: barbican/plugin/interface/certificate_manager.py:133
+#: barbican/plugin/interface/certificate_manager.py:135
-msgid "Problem with data in certificate request - Reason: {0}"
+msgid "Problem with data in certificate request - Reason: {reason}"
 msgstr ""
-#: barbican/plugin/interface/certificate_manager.py:143
+#: barbican/plugin/interface/certificate_manager.py:145
-msgid "Invalid operation requested - Reason: {0}"
+msgid "Invalid operation requested - Reason: {reason}"
 msgstr ""
 #: barbican/plugin/interface/secret_store.py:40
@ -1096,111 +1215,128 @@ msgid "List of secret store plugins to load."
 msgstr ""
 #: barbican/plugin/interface/secret_store.py:51
-msgid "Secret store plugin \"{0}\" not found."
+msgid "Secret store plugin \"{name}\" not found."
 msgstr ""
 #: barbican/plugin/interface/secret_store.py:54
 msgid "Secret store plugin not found."
 msgstr ""
 #: barbican/plugin/interface/secret_store.py:60
 msgid "Secret store plugin not found for requested operation."
 msgstr ""
 #: barbican/plugin/interface/secret_store.py:67
-msgid "Secret Content Type of '{0}' not supported"
+msgid "Secret Content Type of '{content_type}' not supported"
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:77
+#: barbican/plugin/interface/secret_store.py:78
-msgid "Secret Content-Encoding of '{0}' not supported"
+msgid "Secret Content-Encoding of '{content_encoding}' not supported"
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:87
+#: barbican/plugin/interface/secret_store.py:89
 msgid "No secret information provided to encrypt."
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:95
+#: barbican/plugin/interface/secret_store.py:97
 msgid "Encoding type must be 'base64' for text-based payloads."
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:103
+#: barbican/plugin/interface/secret_store.py:105
-msgid "Problem seen during crypto processing - Reason: {0}"
+msgid "Problem seen during crypto processing - Reason: {reason}"
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:121
+#: barbican/plugin/interface/secret_store.py:123
-msgid "Secret Accept of '{0}' not supported"
+msgid "Secret Accept of '{accept}' not supported"
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:130
+#: barbican/plugin/interface/secret_store.py:133
 msgid "No secret information found"
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:138
+#: barbican/plugin/interface/secret_store.py:141
-msgid "Secret algorithm of '{0}' not supported"
+msgid "Secret algorithm of '{algorithm}' not supported"
 msgstr ""
-#: barbican/plugin/interface/secret_store.py:148
+#: barbican/plugin/interface/secret_store.py:151
 msgid "No secret store plugins have been configured"
 msgstr ""
-#: barbican/queue/__init__.py:34
+#: barbican/queue/__init__.py:36
 msgid "True enables queuing, False invokes workers synchronously"
 msgstr ""
-#: barbican/queue/__init__.py:37
+#: barbican/queue/__init__.py:39
 msgid "Queue namespace"
 msgstr ""
-#: barbican/queue/__init__.py:39
+#: barbican/queue/__init__.py:41
 msgid "Queue topic name"
 msgstr ""
-#: barbican/queue/__init__.py:41
+#: barbican/queue/__init__.py:43
 msgid "Version of tasks invoked via queue"
 msgstr ""
-#: barbican/queue/__init__.py:43
+#: barbican/queue/__init__.py:45
 msgid "Server name for RPC task processing server"
 msgstr ""
-#: barbican/tasks/resources.py:65
+#: barbican/queue/__init__.py:56
-#, python-format
+msgid "True enables keystone notification listener  functionality."
 msgid "Could not retrieve information needed to process task '%s'."
 msgstr ""
-#: barbican/tasks/resources.py:73
+#: barbican/queue/__init__.py:59
-#, python-format
+msgid ""
-msgid "Could not perform processing for task '%s'."
+"The default exchange under which topics are scoped. May be overridden by "
 "an exchange name specified in  the transport_url option."
 msgstr ""
-#: barbican/tasks/resources.py:83
+#: barbican/queue/__init__.py:63
-#, python-format
+msgid ""
-msgid "Problem handling an error for task '%s', raising original exception."
+"Keystone notification queue topic name. This name needs to match one of "
 "values mentioned in Keystone deployment's 'notification_topics' "
 "configuration e.g.    notification_topics=notifications,     "
 "barbican_notificationsMultiple servers may listen on a topic and messages"
 "  will be dispatched to one of the servers in a round-robin fashion. "
 "That's why Barbican service  should have its own dedicated notification "
 "queue so  that it receives all of Keystone notifications."
 msgstr ""
-#: barbican/tasks/resources.py:92
+#: barbican/queue/__init__.py:75
-#, python-format
+msgid ""
-msgid "Could not process after successfully executing task '%s'."
+"True enables requeue feature in case of notification processing error. "
 "Enable this only when underlying transport supports this feature."
 msgstr ""
 #: barbican/queue/__init__.py:79
 msgid "Version of tasks invoked via notifications"
 msgstr ""
 #: barbican/queue/__init__.py:81
 msgid ""
 "Define the number of max threads to be used for notification server "
 "processing functionality."
 msgstr ""
 #: barbican/tasks/keystone_consumer.py:36
 msgid "Project cleanup via Keystone notifications"
 msgstr ""
 #: barbican/tasks/resources.py:149
 msgid "Create Secret"
 msgstr ""
 #: barbican/tasks/resources.py:215
 msgid "Process TypeOrder"
 msgstr ""
-#: barbican/tasks/resources.py:312
+#: barbican/tasks/resources.py:242 barbican/tasks/resources.py:303
 msgid "Order type \"{order_type}\" not implemented."
 msgstr ""
 #: barbican/tasks/resources.py:249
 msgid "Update Order"
 msgstr ""
-#: barbican/tasks/resources.py:343
+#: barbican/tests/tasks/test_resources.py:142
-msgid "An error has occurred updating the order."
+#: barbican/tests/tasks/test_resources.py:296
 msgstr ""
 #: barbican/tests/tasks/test_resources.py:133
 msgid "Create Secret failure seen - please contact site administrator."
 msgstr ""
 #: barbican/tests/tasks/test_resources.py:288
 #: barbican/tests/tasks/test_resources.py:439
 msgid "Process TypeOrder failure seen - please contact site administrator."
 msgstr ""
--- a/barbican/model/repositories.py
+++ b/barbican/model/repositories.py
@ -31,9 +31,9 @@ import sqlalchemy.orm as sa_orm
 from barbican.common import exception
 from barbican.common import utils
 from barbican import i18n as u
 from barbican.model.migration import commands
 from barbican.model import models
 from barbican.openstack.common import gettextutils as u
 from barbican.openstack.common import timeutils
 LOG = utils.getLogger(__name__)
@ -181,8 +181,8 @@ def get_engine():
            _ENGINE.connect = wrap_db_error(_ENGINE.connect)
            _ENGINE.connect()
        except Exception as err:
-            msg = u._("Error configuring registry database with supplied "
+            msg = u._LE("Error configuring registry database with supplied "
-                      "sql_connection. Got error: %s") % err
+                        "sql_connection. Got error: {error}").format(error=err)
            LOG.exception(msg)
            raise
@ -196,18 +196,18 @@ def get_engine():
            tables = meta.tables
            if tables and 'alembic_version' in tables:
                # Upgrade the database to the latest version.
-                LOG.info(u._('Updating schema to latest version'))
+                LOG.info(u._LI('Updating schema to latest version'))
                commands.upgrade()
            else:
                # Create database tables from our models.
-                LOG.info(u._('Auto-creating barbican registry DB'))
+                LOG.info(u._LI('Auto-creating barbican registry DB'))
                models.register_models(_ENGINE)
                # Sync the alembic version 'head' with current models.
                commands.stamp()
        else:
-            LOG.info(u._('not auto-creating barbican registry DB'))
+            LOG.info(u._LI('not auto-creating barbican registry DB'))
    return _ENGINE
@ -247,7 +247,7 @@ def wrap_db_error(f):
            remaining_attempts = _MAX_RETRIES
            while True:
-                LOG.warning(u._('SQL connection failed. %d attempts left.'),
+                LOG.warning(u._LW('SQL connection failed. %d attempts left.'),
                            remaining_attempts)
                remaining_attempts -= 1
                time.sleep(_RETRY_INTERVAL)
@ -329,8 +329,9 @@ class Repositories(object):
            # Enforce that either all arguments are non-None or else all None.
            test_set = set(kwargs.values())
            if None in test_set and len(test_set) > 1:
-                raise NotImplementedError('No support for mixing None '
+                raise NotImplementedError(u._LE('No support for mixing None '
-                                          'and non-None repository instances')
+                                                'and non-None repository '
                                                'instances'))
            # Only set properties for specified repositories.
            self._set_repo('project_repo', ProjectRepo, kwargs)
@ -383,12 +384,10 @@ class BaseRepo(object):
            entity = query.one()
        except sa_orm.exc.NoResultFound:
-            LOG.exception("Not found for %s", entity_id)
+            LOG.exception(u._LE("Not found for %s"), entity_id)
            entity = None
            if not suppress_exception:
-                raise exception.NotFound(
+                _raise_entity_not_found(self._do_entity_name(), entity_id)
                    "No {0} found with ID {1}".format(
                        self._do_entity_name(), entity_id))
        return entity
@ -396,12 +395,15 @@ class BaseRepo(object):
        """Sub-class hook: create from entity."""
        start = time.time()  # DEBUG
        if not entity:
-            msg = "Must supply non-None {0}.".format(self._do_entity_name)
+            msg = u._(
                "Must supply non-None {entity_name}."
            ).format(entity_name=self._do_entity_name)
            raise exception.Invalid(msg)
        if entity.id:
-            msg = "Must supply {0} with id=None(i.e. new entity).".format(
+            msg = u._(
-                self._do_entity_name)
+                "Must supply {entity_name} with id=None(i.e. new entity)."
            ).format(entity_name=self._do_entity_name)
            raise exception.Invalid(msg)
        LOG.debug("Begin create from...")
@ -417,13 +419,12 @@ class BaseRepo(object):
            LOG.debug("Saving entity...")
            entity.save(session=session)
        except sqlalchemy.exc.IntegrityError:
-            LOG.exception('Problem saving entity for create')
+            LOG.exception(u._LE('Problem saving entity for create'))
            if values:
                values_id = values['id']
            else:
                values_id = None
-            raise exception.Duplicate("Entity ID {0} already exists!"
+            _raise_entity_id_already_exists(values_id)
                                      .format(values_id))
        LOG.debug('Elapsed repo '
                  'create secret:%s', (time.time() - start))  # DEBUG
@ -447,9 +448,8 @@ class BaseRepo(object):
        try:
            entity.save()
        except sqlalchemy.exc.IntegrityError:
-            LOG.exception('Problem saving entity for update')
+            LOG.exception(u._LE('Problem saving entity for update'))
-            raise exception.NotFound("Entity ID %s not found"
+            _raise_entity_id_not_found(entity.id)
                                     % entity.id)
    def update(self, entity_id, values, purge_props=False):
        """Set the given properties on an entity and update it.
@ -469,9 +469,8 @@ class BaseRepo(object):
        try:
            entity.delete(session=session)
        except sqlalchemy.exc.IntegrityError:
-            LOG.exception('Problem finding entity to delete')
+            LOG.exception(u._LE('Problem finding entity to delete'))
-            raise exception.NotFound("Entity ID %s not found"
+            _raise_entity_id_not_found(entity.id)
                                     % entity_id)
    def _do_entity_name(self):
        """Sub-class hook: return entity name, such as for debugging."""
@ -503,12 +502,13 @@ class BaseRepo(object):
        status = values.get('status', None)
        if not status:
            # TODO(jfwood): I18n this!
-            msg = "{0} status is required.".format(self._do_entity_name())
+            msg = u._("{entity_name} status is required.").format(
                entity_name=self._do_entity_name())
            raise exception.Invalid(msg)
        if not models.States.is_valid(status):
-            msg = "Invalid status '{0}' for {1}.".format(
+            msg = u._("Invalid status '{status}' for {entity_name}.").format(
-                status, self._do_entity_name())
+                status=status, entity_name=self._do_entity_name())
            raise exception.Invalid(msg)
        return values
@ -546,13 +546,11 @@ class BaseRepo(object):
        try:
            entity_ref.save(session=session)
        except sqlalchemy.exc.IntegrityError:
-            LOG.exception('Problem saving entity for _update')
+            LOG.exception(u._LE('Problem saving entity for _update'))
            if entity_id:
-                raise exception.NotFound("Entity ID %s not found"
+                _raise_entity_id_not_found(entity_id)
                                         % entity_id)
            else:
-                raise exception.Duplicate("Entity ID %s already exists!"
+                _raise_entity_id_already_exists(values['id'])
                                          % values['id'])
        return self.get(entity_ref.id)
@ -570,8 +568,10 @@ class BaseRepo(object):
        This will filter deleted entities if there.
        """
-        msg = u._("{0} is missing query build method for get project "
+        msg = u._(
-                  "entities.").format(self._do_entity_name())
+            "{entity_name} is missing query build method for get "
            "project entities.").format(
                entity_name=self._do_entity_name())
        raise NotImplementedError(msg)
    def get_project_entities(self, project_id, session=None):
@ -617,10 +617,12 @@ class BaseRepo(object):
                # Its a soft delete so its more like entity update
                entity.delete(session=session)
        except sqlalchemy.exc.SQLAlchemyError:
-            LOG.exception('Problem finding project related entity to delete')
+            LOG.exception(u._LE('Problem finding project related entity to '
                                'delete'))
            if not suppress_exception:
-                raise exception.BarbicanException('Error deleting project '
+                raise exception.BarbicanException(u._('Error deleting project '
-                                                  'entities for project_id=%s',
+                                                      'entities for '
                                                      'project_id=%s'),
                                                  project_id)
@ -651,10 +653,11 @@ class ProjectRepo(BaseRepo):
        except sa_orm.exc.NoResultFound:
            entity = None
            if not suppress_exception:
-                LOG.exception("Problem getting Project %s", keystone_id)
+                LOG.exception(u._LE("Problem getting Project %s"), keystone_id)
-                raise exception.NotFound("No %s found with keystone-ID %s"
+                raise exception.NotFound(u._(
-                                         % (self._do_entity_name(),
+                    "No {entity_name} found with keystone-ID {id}").format(
-                                            keystone_id))
+                        entity_name=self._do_entity_name(),
                        id=keystone_id))
        return entity
@ -719,8 +722,7 @@ class SecretRepo(BaseRepo):
            entities = None
            total = 0
            if not suppress_exception:
-                raise exception.NotFound("No %s's found"
+                _raise_no_entities_found(self._do_entity_name())
                                         % (self._do_entity_name()))
        return entities, offset, limit, total
@ -990,8 +992,7 @@ class OrderRepo(BaseRepo):
            entities = None
            total = 0
            if not suppress_exception:
-                raise exception.NotFound("No %s's found"
+                _raise_no_entities_found(self._do_entity_name())
                                         % (self._do_entity_name()))
        return entities, offset, limit, total
@ -1116,8 +1117,7 @@ class ContainerRepo(BaseRepo):
            entities = None
            total = 0
            if not suppress_exception:
-                raise exception.NotFound("No %s's found"
+                _raise_no_entities_found(self._do_entity_name())
                                         % (self._do_entity_name()))
        return entities, offset, limit, total
@ -1207,8 +1207,7 @@ class ContainerConsumerRepo(BaseRepo):
            entities = None
            total = 0
            if not suppress_exception:
-                raise exception.NotFound("No %ss found"
+                _raise_no_entities_found(self._do_entity_name())
                                         % (self._do_entity_name()))
        return entities, offset, limit, total
@ -1228,12 +1227,15 @@ class ContainerConsumerRepo(BaseRepo):
            consumer = query.one()
        except sa_orm.exc.NoResultFound:
            if not suppress_exception:
-                raise exception.NotFound("Could not find %s"
+                raise exception.NotFound(
-                                         % (self._do_entity_name()))
+                    u._("Could not find {entity_name}").format(
                        entity_name=self._do_entity_name()))
        except sa_orm.exc.MultipleResultsFound:
            if not suppress_exception:
-                raise exception.NotFound("Found more than one %s"
+                raise exception.NotFound(
-                                         % (self._do_entity_name()))
+                    u._("Found more than one {entity_name}").format(
                        entity_name=self._do_entity_name()))
        return consumer
    def create_from(self, new_consumer, container):
@ -1323,8 +1325,7 @@ class TransportKeyRepo(BaseRepo):
            entities = None
            total = 0
            if not suppress_exception:
-                raise exception.NotFound("No {0}'s found".format(
+                _raise_no_entities_found(self._do_entity_name())
                    self._do_entity_name()))
        return entities, offset, limit, total
@ -1373,3 +1374,26 @@ def _get_repository(global_ref, repo_class):
    if not global_ref:
        global_ref = repo_class()
    return global_ref
 def _raise_entity_not_found(entity_name, entity_id):
    raise exception.NotFound(u._("No {entity} found with ID {id}").format(
        entity=entity_name,
        id=entity_id))
 def _raise_entity_id_not_found(entity_id):
    raise exception.NotFound(u._("Entity ID {entity_id} not "
                                 "found").format(entity_id=entity_id))
 def _raise_no_entities_found(entity_name):
    raise exception.NotFound(
        u._("No {entity_name}'s found").format(
            entity_name=entity_name))
 def _raise_entity_id_already_exists(entity_id):
    raise exception.Duplicate(
        u._("Entity ID {entity_id} "
            "already exists!").format(entity_id=entity_id))
--- a/barbican/openstack/common/gettextutils.py
+++ b/barbican/openstack/common/gettextutils.py
@ -16,9 +16,7 @@
 """
 gettext for openstack-common modules.
 Usual usage in an openstack.common module:
    from barbican.openstack.common.gettextutils import _
 """
@ -44,7 +42,6 @@ class TranslatorFactory(object):
    def __init__(self, domain, lazy=False, localedir=None):
        """Establish a set of translation functions for the domain.
        :param domain: Name of translation domain,
                       specifying a message catalog.
        :type domain: str
@ -62,16 +59,13 @@ class TranslatorFactory(object):
    def _make_translation_func(self, domain=None):
        """Return a new translation function ready for use.
        Takes into account whether or not lazy translation is being
        done.
        The domain can be specified to override the default from the
        factory, but the localedir from the factory is always used
        because we assume the log-level translation catalogs are
        installed in the same directory as the main application
        catalog.
        """
        if domain is None:
            domain = self.domain
@ -141,7 +135,6 @@ _LC = _translators.log_critical
 def enable_lazy():
    """Convenience function for configuring _() to use lazy gettext
    Call this at the start of execution to enable the gettextutils._
    function to use lazy gettext functionality. This is useful if
    your project is importing _ directly instead of using the
@ -161,15 +154,12 @@ def enable_lazy():
 def install(domain, lazy=False):
    """Install a _() function using the given translation domain.
    Given a translation domain, install a _() function using gettext's
    install() function.
    The main difference from gettext.install() is that we allow
    overriding the default localedir (e.g. /usr/share/locale) using
    a translation-domain-specific environment variable (e.g.
    NOVA_LOCALEDIR).
    :param domain: the translation domain
    :param lazy: indicates whether or not to install the lazy _() function.
                 The lazy _() introduces a way to do deferred translation
@ -194,7 +184,6 @@ def install(domain, lazy=False):
 class Message(six.text_type):
    """A Message object is a unicode object that can be translated.
    Translation of Message is done explicitly using the translate() method.
    For all non-translation intents and purposes, a Message is simply unicode,
    and can be treated as such.
@ -203,7 +192,6 @@ class Message(six.text_type):
    def __new__(cls, msgid, msgtext=None, params=None,
                domain='barbican', *args):
        """Create a new Message object.
        In order for translation to work gettext requires a message ID, this
        msgid will be used as the base unicode text. It is also possible
        for the msgid and the base unicode text to be different by passing
@ -224,11 +212,9 @@ class Message(six.text_type):
    def translate(self, desired_locale=None):
        """Translate this message to the desired locale.
        :param desired_locale: The desired locale to translate the message to,
                               if no locale is provided the message will be
                               translated to the system's default locale.
        :returns: the translated message in unicode
        """
@ -286,7 +272,6 @@ class Message(six.text_type):
    def _sanitize_mod_params(self, other):
        """Sanitize the object being modded with this Message.
        - Add support for modding 'None' so translation supports it
        - Trim the modded object, which can be a large dictionary, to only
        those keys that would actually be used in a translation
@ -335,7 +320,6 @@ class Message(six.text_type):
 def get_available_languages(domain):
    """Lists the available languages for the given translation domain.
    :param domain: the domain to get languages for
    """
    if domain in _AVAILABLE_LANGUAGES:
@ -383,10 +367,8 @@ def get_available_languages(domain):
 def translate(obj, desired_locale=None):
    """Gets the translated unicode representation of the given object.
    If the object is not translatable it is returned as-is.
    If the locale is None the object is translated to the system locale.
    :param obj: the object to translate
    :param desired_locale: the locale to translate the message to, if None the
                           default system locale will be used
@ -407,14 +389,11 @@ def translate(obj, desired_locale=None):
 def _translate_args(args, desired_locale=None):
    """Translates all the translatable elements of the given arguments object.
    This method is used for translating the translatable values in method
    arguments which include values of tuples or dictionaries.
    If the object is not a tuple or a dictionary the object itself is
    translated if it is translatable.
    If the locale is None the object is translated to the system locale.
    :param args: the args to translate
    :param desired_locale: the locale to translate the args to, if None the
                           default system locale will be used
@ -433,33 +412,26 @@ def _translate_args(args, desired_locale=None):
 class TranslationHandler(handlers.MemoryHandler):
    """Handler that translates records before logging them.
    The TranslationHandler takes a locale and a target logging.Handler object
    to forward LogRecord objects to after translating them. This handler
    depends on Message objects being logged, instead of regular strings.
    The handler can be configured declaratively in the logging.conf as follows:
        [handlers]
        keys = translatedlog, translator
        [handler_translatedlog]
        class = handlers.WatchedFileHandler
        args = ('/var/log/api-localized.log',)
        formatter = context
        [handler_translator]
        class = openstack.common.log.TranslationHandler
        target = translatedlog
        args = ('zh_CN',)
    If the specified locale is not available in the system, the handler will
    log in the default locale.
    """
    def __init__(self, locale=None, target=None):
        """Initialize a TranslationHandler
        :param locale: locale to use for translating messages
        :param target: logging.Handler object to forward
                       LogRecord objects to after translation
--- a/barbican/plugin/crypto/crypto.py
+++ b/barbican/plugin/crypto/crypto.py
@ -18,7 +18,7 @@ import six
 from barbican.common import exception
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 LOG = utils.getLogger(__name__)
@ -53,7 +53,7 @@ class CryptoKEKBindingException(exception.BarbicanException):
    def __init__(self, plugin_name=u._('Unknown')):
        super(CryptoKEKBindingException, self).__init__(
            u._('Failed to bind kek metadata for '
-                'plugin: {0}').format(plugin_name)
+                'plugin: {name}').format(name=plugin_name)
        )
        self.plugin_name = plugin_name
--- a/barbican/plugin/crypto/p11_crypto.py
+++ b/barbican/plugin/crypto/p11_crypto.py
@ -22,7 +22,7 @@ from oslo.config import cfg
 from barbican.common import exception
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.openstack.common import jsonutils as json
 from barbican.plugin.crypto import crypto as plugin
@ -377,7 +377,7 @@ class P11CryptoPlugin(plugin.CryptoPluginBase):
        return self.encrypt(plugin.EncryptDTO(rand), kek_meta_dto, keystone_id)
    def generate_asymmetric(self, generate_dto, kek_meta_dto, keystone_id):
-        raise NotImplementedError("Feature not implemented for PKCS11")
+        raise NotImplementedError(u._("Feature not implemented for PKCS11"))
    def supports(self, type_enum, algorithm=None, bit_length=None, mode=None):
        if type_enum == plugin.PluginSupportTypes.ENCRYPT_DECRYPT:
--- a/barbican/plugin/crypto/simple_crypto.py
+++ b/barbican/plugin/crypto/simple_crypto.py
@ -19,7 +19,7 @@ from cryptography import fernet
 from oslo.config import cfg
 import six
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.plugin.crypto import crypto as c
@ -45,7 +45,7 @@ class SimpleCryptoPlugin(c.CryptoPluginBase):
    def _get_kek(self, kek_meta_dto):
        if not kek_meta_dto.plugin_meta:
-            raise ValueError('KEK not yet created.')
+            raise ValueError(u._('KEK not yet created.'))
        # the kek is stored encrypted. Need to decrypt.
        encryptor = fernet.Fernet(self.master_kek)
        # Note : If plugin_meta type is unicode, encode to byte.
@ -58,8 +58,14 @@ class SimpleCryptoPlugin(c.CryptoPluginBase):
        kek = self._get_kek(kek_meta_dto)
        unencrypted = encrypt_dto.unencrypted
        if not isinstance(unencrypted, str):
-            raise ValueError('Unencrypted data must be a byte type, '
+            raise ValueError(
-                             'but was {0}'.format(type(unencrypted)))
+                u._(
                    'Unencrypted data must be a byte type, but was '
                    '{unencrypted_type}'
                ).format(
                    unencrypted_type=type(unencrypted)
                )
            )
        encryptor = fernet.Fernet(kek)
        cyphertext = encryptor.encrypt(unencrypted)
        return c.ResponseDTO(cyphertext, None)
@ -123,7 +129,7 @@ class SimpleCryptoPlugin(c.CryptoPluginBase):
                                                     generate_dto.passphrase)
        if generate_dto.algorithm.lower() == 'dsa':
            if generate_dto.passphrase:
-                raise ValueError('Passphrase not supported for DSA key')
+                raise ValueError(u._('Passphrase not supported for DSA key'))
            public_key, private_key = self._serialize_dsa_key(public_key,
                                                              private_key)
        private_dto = self.encrypt(c.EncryptDTO(private_key),
--- a/barbican/plugin/dogtag.py
+++ b/barbican/plugin/dogtag.py
@ -30,7 +30,7 @@ from requests import exceptions as request_exceptions
 from barbican.common import exception
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 import barbican.plugin.interface.certificate_manager as cm
 import barbican.plugin.interface.secret_store as sstore
@ -354,8 +354,8 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
        passphrase = key_spec.passphrase
        if passphrase:
            raise DogtagPluginNotSupportedException(
-                "Passphrase encryption is not supported for symmetric"
+                u._("Passphrase encryption is not supported for symmetric"
-                " key generating algorithms.")
+                    " key generating algorithms."))
        response = self.keyclient.generate_symmetric_key(
            client_key_id,
@ -385,9 +385,10 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
        passphrase_metadata = None
        if passphrase:
            if algorithm == key.KeyClient.DSA_ALGORITHM:
-                raise DogtagPluginNotSupportedException("Passphrase encryption"
+                raise DogtagPluginNotSupportedException(
-                                                        " is not supported for"
+                    u._("Passphrase encryption is not "
-                                                        " DSA algorithm")
+                        "supported for DSA algorithm")
                )
            stored_passphrase_info = self.keyclient.archive_key(
                uuid.uuid4().hex,
@ -506,13 +507,13 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
            else:
                if key_spec.alg.upper() == key.KeyClient.DSA_ALGORITHM:
                    raise sstore.SecretGeneralException(
-                        "DSA keys should not have a passphrase in the"
+                        u._("DSA keys should not have a passphrase in the"
-                        " database, for being used during retrieval."
+                            " database, for being used during retrieval.")
                    )
                raise sstore.SecretGeneralException(
-                    "Secrets of type " + secret_type +
+                    u._("Secrets of type {secret_type} should not have a "
-                    " should not have a passphrase in the database, "
+                        "passphrase in the database, for being used during "
-                    "for being used during retrieval."
+                        "retrieval.").format(secret_type=secret_type)
                )
        return passphrase
@ -524,8 +525,10 @@ class DogtagKRAPlugin(sstore.SecretStoreBase):
                           sstore.SecretType.PRIVATE]:
            if twsk:
                raise DogtagPluginNotSupportedException(
-                    "Encryption using session key is not supported when "
+                    u._("Encryption using session key is not supported when "
-                    "retrieving a " + secret_type + " key.")
+                        "retrieving a {secret_type} "
                        "key.").format(secret_type=secret_type)
                )
        return twsk
@ -563,8 +566,15 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
        request_id = plugin_meta.get(self.REQUEST_ID, None)
        if not request_id:
            raise cm.CertificateGeneralException(
-                "{0} not found for {1} for order_id {2}".format(
+                u._(
-                    self.REQUEST_ID, operation, order_id))
+                    "{request} not found for {operation} for "
                    "order_id {order_id}"
                ).format(
                    request=self.REQUEST_ID,
                    operation=operation,
                    order_id=order_id
                )
            )
        return request_id
    @_catch_request_exception
@ -595,8 +605,14 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
        request = self._get_request(request_id)
        if not request:
            raise cm.CertificateGeneralException(
-                "No request found for request_id {0} for order {1}".format(
+                u._(
-                    request_id, order_id))
+                    "No request found for request_id {request_id} for "
                    "order {order_id}"
                ).format(
                    request_id=request_id,
                    order_id=order_id
                )
            )
        request_status = request.request_status
@ -615,20 +631,28 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
            cert_id = request.cert_id
            if not cert_id:
                raise cm.CertificateGeneralException(
-                    "Request {0} reports status_complete, but no cert_id "
+                    u._(
-                    "has been returned".format(request_id))
+                        "Request {request_id} reports status_complete, but no "
                        "cert_id has been returned"
                    ).format(
                        request_id=request_id
                    )
                )
            cert = self._get_cert(cert_id)
            if not cert:
                raise cm.CertificateGeneralException(
-                    "Certificate not found for cert_id: {0}".format(cert_id))
+                    u._("Certificate not found for cert_id: {cert_id}").format(
                        cert_id=cert_id
                    )
                )
            return cm.ResultDTO(
                cm.CertificateStatus.CERTIFICATE_GENERATED,
                certificate=cert.encoded,
                intermediates=cert.pkcs7_cert_chain)
        else:
            raise cm.CertificateGeneralException(
-                "Invalid request_status returned by CA")
+                u._("Invalid request_status returned by CA"))
    @_catch_request_exception
    def issue_certificate_request(self, order_id, order_meta, plugin_meta):
@ -653,7 +677,7 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
        if not profile_id:
            return cm.ResultDTO(
                cm.CertificateStatus.CLIENT_DATA_ISSUE_SEEN,
-                status_message="No profile_id specified")
+                status_message=u._("No profile_id specified"))
        try:
            enrollment_results = self.certclient.enroll_cert(
@ -667,7 +691,7 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
            request = enrollment_result.request
            if not request:
                raise cm.CertificateGeneralException(
-                    "No request returned in enrollment_results")
+                    u._("No request returned in enrollment_results"))
            # store the request_id in the plugin metadata
            plugin_meta[self.REQUEST_ID] = request.request_id
@ -687,12 +711,18 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
                        cm.CertificateStatus.WAITING_FOR_CA)
                elif request_status == pki.cert.CertRequestStatus.COMPLETE:
                    raise cm.CertificateGeneralException(
-                        "request_id {0} returns COMPLETE but no cert returned"
+                        u._("request_id {req_id} returns COMPLETE but no cert "
-                        .format(request.request_id))
+                            "returned").format(req_id=request.request_id))
                else:
                    raise cm.CertificateGeneralException(
-                        "Invalid request_status {0} for request_id {1}"
+                        u._(
-                        .format(request_status, request.request_id))
+                            "Invalid request_status {status} for "
                            "request_id {request_id}"
                        ).format(
                            status=request_status,
                            request_id=request.request_id
                        )
                    )
            return cm.ResultDTO(
                cm.CertificateStatus.CERTIFICATE_GENERATED,
@ -705,7 +735,8 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
                status_message=e.message)
        except pki.PKIException as e:
            raise cm.CertificateGeneralException(
-                "Exception thrown by enroll_cert: {0}".format(e.message))
+                u._("Exception thrown by enroll_cert: {message}").format(
                    message=e.message))
    def modify_certificate_request(self, order_id, order_meta, plugin_meta):
        """Modify a certificate request.
@ -730,8 +761,10 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
        elif result_dto.status == cm.CertificateStatus.INVALID_OPERATION:
            return cm.ResultDTO(
                cm.CertificateStatus.INVALID_OPERATION,
-                status_message="Modify request: unable to cancel: {0}"
+                status_message=u._(
-                .format(result_dto.status_message))
+                    "Modify request: unable to cancel: "
                    "{message}").format(message=result_dto.status_message)
            )
        else:
            # other status (ca_unavailable, client_data_issue)
            # return result from cancel operation
@ -757,7 +790,7 @@ class DogtagCAPlugin(cm.CertificatePluginBase):
        except pki.RequestNotFoundException:
            return cm.ResultDTO(
                cm.CertificateStatus.CLIENT_DATA_ISSUE_SEEN,
-                status_message="no request found for this order")
+                status_message=u._("no request found for this order"))
        except pki.ConflictingOperationException as e:
            return cm.ResultDTO(
                cm.CertificateStatus.INVALID_OPERATION,
--- a/barbican/plugin/interface/certificate_manager.py
+++ b/barbican/plugin/interface/certificate_manager.py
@ -28,7 +28,7 @@ from stevedore import named
 from barbican.common import exception
 import barbican.common.utils as utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 CONF = cfg.CONF
@ -89,8 +89,8 @@ class CertificatePluginNotFound(exception.BarbicanException):
    def __init__(self, plugin_name=None):
        if plugin_name:
            message = u._(
-                "Certificate plugin \"{0}\""
+                'Certificate plugin "{name}"'
-                " not found or configured.").format(plugin_name)
+                ' not found or configured.').format(name=plugin_name)
        else:
            message = u._("Certificate plugin not found or configured.")
        super(CertificatePluginNotFound, self).__init__(message)
@ -101,8 +101,8 @@ class CertificateEventPluginNotFound(exception.BarbicanException):
    def __init__(self, plugin_name=None):
        if plugin_name:
            message = u._(
-                "Certificate event plugin "
+                'Certificate event plugin "{name}" not found or '
-                "\"{0}\" not found or configured.").format(plugin_name)
+                'configured.').format(name=plugin_name)
        else:
            message = u._("Certificate event plugin not found or configured.")
        super(CertificateEventPluginNotFound, self).__init__(message)
@ -112,7 +112,9 @@ class CertificateStatusNotSupported(exception.BarbicanException):
    """Raised when cert status returned is unknown."""
    def __init__(self, status):
        super(CertificateStatusNotSupported, self).__init__(
-            u._("Certificate status of '{0}' not supported").format(status))
+            u._("Certificate status of {status} not "
                "supported").format(status=status)
        )
        self.status = status
@ -121,7 +123,7 @@ class CertificateGeneralException(exception.BarbicanException):
    def __init__(self, reason=u._('Unknown')):
        super(CertificateGeneralException, self).__init__(
            u._('Problem seen during certificate processing - '
-                'Reason: {0}').format(reason)
+                'Reason: {reason}').format(reason=reason)
        )
        self.reason = reason
@ -131,7 +133,7 @@ class CertificateStatusClientDataIssue(exception.BarbicanException):
    def __init__(self, reason=u._('Unknown')):
        super(CertificateStatusClientDataIssue, self).__init__(
            u._('Problem with data in certificate request - '
-                'Reason: {0}').format(reason)
+                'Reason: {reason}').format(reason=reason)
        )
        self.reason = reason
@ -141,7 +143,7 @@ class CertificateStatusInvalidOperation(exception.BarbicanException):
    def __init__(self, reason=u._('Unknown')):
        super(CertificateStatusInvalidOperation, self).__init__(
            u._('Invalid operation requested - '
-                'Reason: {0}').format(reason)
+                'Reason: {reason}').format(reason=reason)
        )
        self.reason = reason
--- a/barbican/plugin/interface/secret_store.py
+++ b/barbican/plugin/interface/secret_store.py
@ -21,7 +21,7 @@ from stevedore import named
 from barbican.common import exception
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 CONF = cfg.CONF
@ -48,8 +48,8 @@ class SecretStorePluginNotFound(exception.BarbicanException):
    """Raised when no plugins are installed."""
    def __init__(self, plugin_name=None):
        if plugin_name:
-            message = u._("Secret store plugin \"{0}\""
+            message = u._('Secret store plugin "{name}"'
-                          " not found.").format(plugin_name)
+                          ' not found.').format(name=plugin_name)
        else:
            message = u._("Secret store plugin not found.")
        super(SecretStorePluginNotFound, self).__init__(message)
@ -57,15 +57,16 @@ class SecretStorePluginNotFound(exception.BarbicanException):
 class SecretStoreSupportedPluginNotFound(exception.BarbicanException):
    """Raised if no plugins are found that support the requested operation."""
-    message = "Secret store plugin not found for requested operation."
+    message = u._("Secret store plugin not found for requested operation.")
 class SecretContentTypeNotSupportedException(exception.BarbicanException):
    """Raised when support for payload content type is not available."""
    def __init__(self, content_type):
        super(SecretContentTypeNotSupportedException, self).__init__(
-            u._("Secret Content Type "
+            u._("Secret Content Type of '{content_type}' "
-                "of '{0}' not supported").format(content_type)
+                "not supported").format(
                    content_type=content_type)
        )
        self.content_type = content_type
@ -74,8 +75,9 @@ class SecretContentEncodingNotSupportedException(exception.BarbicanException):
    """Raised when support for payload content encoding is not available."""
    def __init__(self, content_encoding):
        super(SecretContentEncodingNotSupportedException, self).__init__(
-            u._("Secret Content-Encoding of '{0}' not supported").format(
+            u._("Secret Content-Encoding of '{content_encoding}' "
-                content_encoding)
+                "not supported").format(
                    content_encoding=content_encoding)
        )
        self.content_encoding = content_encoding
@ -101,7 +103,7 @@ class SecretGeneralException(exception.BarbicanException):
    def __init__(self, reason=u._('Unknown')):
        super(SecretGeneralException, self).__init__(
            u._('Problem seen during crypto processing - '
-                'Reason: {0}').format(reason)
+                'Reason: {reason}').format(reason=reason)
        )
        self.reason = reason
@ -118,7 +120,8 @@ class SecretAcceptNotSupportedException(exception.BarbicanException):
    """Raised when requested decrypted content-type is not available."""
    def __init__(self, accept):
        super(SecretAcceptNotSupportedException, self).__init__(
-            u._("Secret Accept of '{0}' not supported").format(accept)
+            u._("Secret Accept of '{accept}' not supported").format(
                accept=accept)
        )
        self.accept = accept
@ -135,8 +138,8 @@ class SecretAlgorithmNotSupportedException(exception.BarbicanException):
    """Raised when support for an algorithm is not available."""
    def __init__(self, algorithm):
        super(SecretAlgorithmNotSupportedException, self).__init__(
-            u._("Secret algorithm of '{0}' not supported").format(
+            u._("Secret algorithm of '{algorithm}' not supported").format(
-                algorithm)
+                algorithm=algorithm)
        )
        self.algorithm = algorithm
--- a/barbican/plugin/kmip_secret_store.py
+++ b/barbican/plugin/kmip_secret_store.py
@ -27,7 +27,7 @@ from kmip.core.factories import credentials
 from kmip.core.factories import secrets
 from kmip.core import objects as kmip_objects
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.openstack.common import log as logging
 from barbican.plugin.interface import secret_store as ss
@ -166,7 +166,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
    def generate_asymmetric_key(self, key_spec):
        raise NotImplementedError(
-            "Feature not yet implemented by KMIP Secret Store plugin")
+            u._("Feature not yet implemented by KMIP Secret Store plugin"))
    def store_secret(self, secret_dto):
        """Stores a secret
@ -217,7 +217,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                                          secret,
                                          self.credential)
        except Exception as e:
-            LOG.exception("Error opening or writing to client")
+            LOG.exception(u._LE("Error opening or writing to client"))
            raise ss.SecretGeneralException(str(e))
        else:
            if result.result_status.enum == enums.ResultStatus.SUCCESS:
@ -247,7 +247,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
                      "retrieval")
            result = self.client.get(uuid, self.credential)
        except Exception as e:
-            LOG.exception("Error opening or writing to client")
+            LOG.exception(u._LE("Error opening or writing to client"))
            raise ss.SecretGeneralException(str(e))
        else:
            if result.result_status.enum == enums.ResultStatus.SUCCESS:
@ -266,12 +266,15 @@ class KMIPSecretStore(ss.SecretStoreBase):
                        secret_block.key_value.key_value.value)
                else:
-                    msg = ("Unknown key value type received from KMIP " +
+                    msg = u._(
-                           "server, expected {0} or {1}, " +
+                        "Unknown key value type received from KMIP "
-                           "received: {2}").format(
+                        "server, expected {key_value_struct} or "
-                               kmip_objects.KeyValueStruct,
+                        "{key_value_string}, received: {key_value_type}"
-                               kmip_objects.KeyValueString,
+                    ).format(
-                               key_value_type)
+                        key_value_struct=kmip_objects.KeyValueStruct,
                        key_value_string=kmip_objects.KeyValueString,
                        key_value_type=key_value_type
                    )
                    LOG.exception(msg)
                    raise ss.SecretGeneralException(msg)
@ -328,7 +331,7 @@ class KMIPSecretStore(ss.SecretStoreBase):
            LOG.debug("Opened connection to KMIP client for secret deletion")
            result = self.client.destroy(uuid, self.credential)
        except Exception as e:
-            LOG.exception("Error opening or writing to client")
+            LOG.exception(u._LE("Error opening or writing to client"))
            raise ss.SecretGeneralException(str(e))
        else:
            if result.result_status.enum == enums.ResultStatus.SUCCESS:
@ -482,9 +485,13 @@ class KMIPSecretStore(ss.SecretStoreBase):
        return None
    def _raise_secret_general_exception(self, result):
-        msg = "Status: {0}, Reason: {1}, Message: {2}".format(
+        msg = u._(
-            result.result_status,
+            "Status: {status}, Reason: {reason}, "
-            result.result_reason,
+            "Message: {message}"
-            result.result_message)
+        ).format(
            status=result.result_status,
            reason=result.result_reason,
            message=result.result_message
        )
        LOG.debug("ERROR from KMIP server: %s", msg)
        raise ss.SecretGeneralException(msg)
--- a/barbican/plugin/simple_certificate_manager.py
+++ b/barbican/plugin/simple_certificate_manager.py
@ -15,7 +15,7 @@
 Default implementation of Barbican certificate processing plugins and support.
 """
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.plugin.interface import certificate_manager as cert
 LOG = utils.getLogger(__name__)
@ -37,7 +37,7 @@ class SimpleCertificatePlugin(cert.CertificatePluginBase):
                  populated by the plugin implementation
        :rtype: :class:`ResultDTO`
        """
-        LOG.info(u._('Invoking issue_certificate_request()'))
+        LOG.info(u._LI('Invoking issue_certificate_request()'))
        return cert.ResultDTO(cert.CertificateStatus.WAITING_FOR_CA)
    def modify_certificate_request(self, order_id, order_meta, plugin_meta):
@ -53,7 +53,7 @@ class SimpleCertificatePlugin(cert.CertificatePluginBase):
                  populated by the plugin implementation
        :rtype: :class:`ResultDTO`
        """
-        LOG.info(u._('Invoking modify_certificate_request()'))
+        LOG.info(u._LI('Invoking modify_certificate_request()'))
        return cert.ResultDTO(cert.CertificateStatus.WAITING_FOR_CA)
    def cancel_certificate_request(self, order_id, order_meta, plugin_meta):
@ -69,7 +69,7 @@ class SimpleCertificatePlugin(cert.CertificatePluginBase):
                  populated by the plugin implementation
        :rtype: :class:`ResultDTO`
        """
-        LOG.info(u._('Invoking cancel_certificate_request()'))
+        LOG.info(u._LI('Invoking cancel_certificate_request()'))
        return cert.ResultDTO(cert.CertificateStatus.REQUEST_CANCELED)
    def check_certificate_status(self, order_id, order_meta, plugin_meta):
@ -85,7 +85,7 @@ class SimpleCertificatePlugin(cert.CertificatePluginBase):
                  populated by the plugin implementation
        :rtype: :class:`ResultDTO`
        """
-        LOG.info(u._('Invoking check_certificate_status()'))
+        LOG.info(u._LI('Invoking check_certificate_status()'))
        return cert.ResultDTO(cert.CertificateStatus.WAITING_FOR_CA)
    def supports(self, certificate_spec):
@ -112,7 +112,7 @@ class SimpleCertificateEventPlugin(cert.CertificateEventPluginBase):
               the certificate
        :returns: None
        """
-        LOG.info(u._('Invoking notify_certificate_is_ready()'))
+        LOG.info(u._LI('Invoking notify_certificate_is_ready()'))
    def notify_ca_is_unavailable(
            self, project_id, order_ref, error_msg, retry_in_msec):
@ -125,4 +125,4 @@ class SimpleCertificateEventPlugin(cert.CertificateEventPluginBase):
               If this is 0, then no attempt will be made.
        :returns: None
        """
-        LOG.info(u._('Invoking notify_ca_is_unavailable()'))
+        LOG.info(u._LI('Invoking notify_ca_is_unavailable()'))
--- a/barbican/plugin/symantec.py
+++ b/barbican/plugin/symantec.py
@ -21,7 +21,7 @@ from requests import exceptions as request_exceptions
 from symantecssl.core import Symantec
 from symantecssl import exceptions as symantec_exceptions
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 from barbican.plugin.interface import certificate_manager as cert
 CONF = cfg.CONF
--- a/barbican/queue/init.py
+++ b/barbican/queue/init.py
@ -23,7 +23,7 @@ from oslo.messaging import server as msg_server
 from barbican.common import exception
 from barbican.common import utils
-from barbican.openstack.common import gettextutils as u
+from barbican import i18n as u
 LOG = utils.getLogger(__name__)
--- a/barbican/tasks/keystone_consumer.py
+++ b/barbican/tasks/keystone_consumer.py
@ -18,8 +18,8 @@ Server-side Keystone notification payload processing logic.
 """
 from barbican.common import utils
 from barbican import i18n as u
 from barbican.model import repositories as rep
 from barbican.openstack.common import gettextutils as u
 from barbican.tasks import resources
@ -75,17 +75,35 @@ class KeystoneEventConsumer(resources.BaseTask):
    def handle_error(self, project, status, message, exception,
                     project_id=None, resource_type=None, operation_type=None):
-        LOG.error('Error processing Keystone event, project_id={0}, event '
+        LOG.error(
-                  'resource={1}, event operation={2}, status={3}, error '
+            u._LE(
-                  'message={4}'.format(project.project_id, resource_type,
+                'Error processing Keystone event, project_id=%(project_id)s, '
-                                       operation_type, status, message))
+                'event resource=%(resource)s, event operation=%(operation)s, '
                'status=%(status)s, error message=%(message)s'
            ),
            {
                'project_id': project.project_id,
                'resource': resource_type,
                'operation': operation_type,
                'status': status,
                'message': message
            }
        )
    def handle_success(self, project, project_id=None, resource_type=None,
                       operation_type=None):
-        LOG.info('Successfully handled Keystone event, project_id={0}, event '
+        LOG.info(
-                 'resource={1}, event operation={2}'.format(project_id,
+            u._LI(
-                                                            resource_type,
+                'Successfully handled Keystone event, '
-                                                            operation_type))
+                'project_id=%(project_id)s, event resource=%(resource)s, '
                'event operation=%(operation)s'
            ),
            {
                'project_id': project_id,
                'resource': resource_type,
                'operation': operation_type
            }
        )
    def handle_cleanup(self, project, project_id=None, resource_type=None,
                       operation_type=None):
@ -101,8 +119,9 @@ class KeystoneEventConsumer(resources.BaseTask):
        etc.) performed on Keystone resource.
        """
        if project is None:
-            LOG.info('No action is needed as there are no Barbican resources '
+            LOG.info(u._LI('No action is needed as there are no Barbican '
-                     'present for Keystone project_id={0}'.format(project_id))
+                           'resources present for Keystone '
                           'project_id=%s'), project_id)
            return
        # barbican entities use projects table 'id' field as foreign key.
@ -114,5 +133,5 @@ class KeystoneEventConsumer(resources.BaseTask):
        # reached here means there is no error so log the successful
        # cleanup log entry.
-        LOG.info('Successfully completed Barbican resources cleanup for '
+        LOG.info(u._LI('Successfully completed Barbican resources cleanup for '
-                 'Keystone project_id={0}'.format(project_id))
+                       'Keystone project_id=%s'), project_id)
--- a/barbican/tasks/resources.py
+++ b/barbican/tasks/resources.py
@ -22,9 +22,9 @@ import six
 from barbican import api
 from barbican.common import utils
 from barbican import i18n as u
 from barbican.model import models
 from barbican.model import repositories as rep
 from barbican.openstack.common import gettextutils as u
 from barbican.plugin import resources as plugin
 from barbican.tasks import certificate_resources as cert
@ -62,16 +62,16 @@ class BaseTask(object):
            entity = self.retrieve_entity(*args, **kwargs)
        except Exception as e:
            # Serious error!
-            LOG.exception(u._("Could not retrieve information needed to "
+            LOG.exception(u._LE("Could not retrieve information needed to "
-                              "process task '%s'."), name)
+                                "process task '%s'."), name)
            raise e
        # Process the target entity.
        try:
            self.handle_processing(entity, *args, **kwargs)
        except Exception as e_orig:
-            LOG.exception(u._("Could not perform processing for "
+            LOG.exception(u._LE("Could not perform processing for "
-                              "task '%s'."), name)
+                                "task '%s'."), name)
            # Handle failure to process entity.
            try:
@ -80,17 +80,17 @@ class BaseTask(object):
                self.handle_error(entity, status, message, e_orig,
                                  *args, **kwargs)
            except Exception:
-                LOG.exception(u._("Problem handling an error for task '%s', "
+                LOG.exception(u._LE("Problem handling an error for task '%s', "
-                                  "raising original "
+                                    "raising original "
-                                  "exception."), name)
+                                    "exception."), name)
            raise e_orig
        # Handle successful conclusion of processing.
        try:
            self.handle_success(entity, *args, **kwargs)
        except Exception as e:
-            LOG.exception(u._("Could not process after successfully executing"
+            LOG.exception(u._LE("Could not process after successfully "
-                              " task '%s'."), name)
+                                "executing task '%s'."), name)
            raise e
    @abc.abstractmethod
@ -239,7 +239,8 @@ class BeginTypeOrder(BaseTask):
            LOG.debug("...done requesting a certificate.")
        else:
            raise NotImplementedError(
-                'Order type "{0}" not implemented.'.format(order_type))
+                u._('Order type "{order_type}" not implemented.').format(
                    order_type=order_type))
 class UpdateOrder(BaseTask):
@ -276,7 +277,7 @@ class UpdateOrder(BaseTask):
        order.status = models.States.ERROR
        order.error_status_code = status
        order.error_reason = message
-        LOG.exception(u._("An error has occurred updating the order."))
+        LOG.exception(u._LE("An error has occurred updating the order."))
        self.repos.order_repo.save(order)
    def handle_success(self, order, *args, **kwargs):
@ -299,6 +300,7 @@ class UpdateOrder(BaseTask):
            LOG.debug("...done updating a certificate order.")
        else:
            raise NotImplementedError(
-                'Order type "{0}" not implemented.'.format(order_type))
+                u._('Order type "{order_type}" not implemented.').format(
                    order_type=order_type))
        LOG.debug("...done updating order.")
--- a/barbican/tests/tasks/test_resources.py
+++ b/barbican/tests/tasks/test_resources.py
@ -15,8 +15,8 @@
 import mock
 from barbican import i18n as u
 from barbican.model import models
 from barbican.openstack.common import gettextutils as u
 from barbican.openstack.common import timeutils
 from barbican.tasks import resources
 from barbican.tests import utils
--- a/bin/barbican-keystone-listener.py
+++ b/bin/barbican-keystone-listener.py
@ -20,7 +20,6 @@ Barbican Keystone notification listener server.
 """
 import eventlet
 import gettext
 import os
 import sys
@ -41,8 +40,6 @@ if os.path.exists(os.path.join(possible_topdir, 'barbican', '__init__.py')):
    sys.path.insert(0, possible_topdir)
 gettext.install('barbican', unicode=1)
 from barbican.common import config
 from barbican.openstack.common import log
 from barbican.openstack.common import service
--- a/bin/barbican-worker.py
+++ b/bin/barbican-worker.py
@ -20,7 +20,6 @@ Barbican worker server.
 """
 import eventlet
 import gettext
 import os
 import sys
@ -37,8 +36,6 @@ if os.path.exists(os.path.join(possible_topdir, 'barbican', '__init__.py')):
    sys.path.insert(0, possible_topdir)
 gettext.install('barbican', unicode=1)
 from barbican.common import config
 from barbican.openstack.common import log
 from barbican.openstack.common import service
--- a/openstack-common.conf
+++ b/openstack-common.conf
@ -1,7 +1,7 @@
 [DEFAULT]
 # The list of modules to copy from openstack-common
-modules=gettextutils,jsonutils,log,local,timeutils,importutils,policy
+modules=jsonutils,log,local,timeutils,importutils,policy
 # The base module to hold the copy of openstack.common
 base=barbican
--- a/requirements.txt
+++ b/requirements.txt
@ -11,6 +11,7 @@ jsonschema>=2.0.0,<3.0.0
 kombu>=2.5.0
 netaddr>=0.7.12
 oslo.config>=1.4.0  # Apache-2.0
 oslo.i18n>=1.0.0  # Apache-2.0
 oslo.messaging>=1.4.0,!=1.5.0
 Paste
 PasteDeploy>=1.5.0