x/tatu
Code Issues Proposed changes

Commit Graph

  • 6480a35530 Minor doc fixes + some sample Tatu API log output. master Pino de Candia 2018-03-14 19:30:24 +00:00
  • 8ba9919b5a Detailed documentation of sudo_pam option and pam-ussh module Pino de Candia 2018-03-13 05:55:26 +00:00
  • bfe0242883 Add API versioning. Pino de Candia 2018-03-12 20:30:39 +00:00
  • e72df954d7 Use sqlalchemy pool_recycle 3600 (seconds) to avoid re-using connections that MySQL already closed. Pino de Candia 2018-03-12 18:38:52 +00:00
  • 3dc247767d Enable pam-ussh module to check user ssh cert on sudo authentication. Pino de Candia 2018-03-12 16:50:31 +00:00
  • 5269c48085 Documentation improvements and clarifications. Pino de Candia 2018-03-09 17:13:43 -06:00
  • 18413ba679 Format INSTALLATION document. New TRY_IT document with basic commands. Pino de Candia 2018-03-09 22:52:18 +00:00
  • 67436e32eb Castellan context based on password instead of short-lived token. Pino de Candia 2018-03-09 21:53:40 +00:00
  • 3a5a9fbe03 Devstack fixes; configurable API address for VMs; documentation refresh. Pino de Candia 2018-03-09 10:47:29 -06:00
  • fe3e41f34e Tatu should be last plugin in local.conf; write vendordata config to NOVA_CONF, not NOVA_CPU_CONF. Pino de Candia 2018-03-08 21:37:04 +00:00
  • 5a2e575a56 Devstack plugin sets up Nova static+dynamic vendor data. Pino de Candia 2018-03-08 05:50:32 +00:00
  • 5a29ced8b2 Devstack plugin fixes Pino de Candia 2018-03-02 21:13:47 +00:00
  • fb3766ef9c Fixed processing of role assignment deletions. Pino de Candia 2018-02-26 21:39:49 +00:00
  • 7679f42150 Fix notification/sync daemon; get principals from keystone roles. Pino de Candia 2018-01-27 23:58:28 -06:00
  • d34125d4f7 Clarification in README about known_hosts file. Pino de Candia 2018-02-15 15:09:16 +00:00
  • 031f13edbd Remove devstack upgrade and gate (for now). Pino de Candia 2018-01-26 17:32:47 -06:00
  • 7f55b15f63 Fix devstack settings and plugin.sh for Tatu. Pino de Candia 2018-01-26 15:58:14 -06:00
  • 6a546abc52 Copied devstack from designate. Pino de Candia 2018-01-26 14:41:34 -06:00
  • b1ed741394 API for single host provides same data as List. Pino de Candia 2018-01-25 16:29:26 -06:00
  • 6fd075dd16 Rename Authority public key fields. Pino de Candia 2018-01-25 13:31:02 -06:00
  • 6ecf7ceec7 Make serial number the main identifier of UserCert Pino de Candia 2018-01-24 00:04:26 -06:00
  • 5153135019 Remove '.' from API object keys. Pino de Candia 2018-01-23 16:56:17 -06:00
  • 2030f2f4bc Merge branch 'master' of https://github.com/pinodeca/tatu Pino de Candia 2018-01-23 22:14:28 +00:00
  • 252e740911 Add method to get UserCert by serial number. Pino de Candia 2018-01-23 22:12:29 +00:00
  • 4147c298b7 Cloud config checks some error conditions. Pino de Candia 2018-01-22 10:15:23 -06:00
  • a061c474c2 pat.py catches nova exceptions on dead servers. Pino de Candia 2018-01-22 16:08:43 +00:00
  • 0d456cc116 New cloud-config uses only bash, no python. Pino de Candia 2018-01-21 15:02:05 -06:00
  • 326f0590ae Add revoked key management script to user-cloud-config. Pino de Candia 2018-01-20 02:25:34 -06:00
  • 4450ba773f Debugged/fixed revoked key file generation. Pino de Candia 2018-01-20 08:23:16 +00:00
  • 0b207f6123 Add a script to revoke certificates. Pino de Candia 2018-01-19 17:59:30 -06:00
  • 8e52c850ce Implemented certificate revocation. Pino de Candia 2018-01-19 16:56:26 -06:00
  • b5991fe143 Added a script that wraps ssh and does an SRV lookup. Pino de Candia 2018-01-19 06:56:21 +00:00
  • be028d5cf3 Make PATEntries and SRV Recordset creation idempotent. Pino de Candia 2018-01-16 23:52:23 +00:00
  • 4a9f96d253 Added list methods for users and hosts. Pino de Candia 2018-01-16 10:57:41 -06:00
  • 512b262470 Merge branch 'master' of https://github.com/pinodeca/tatu Pino de Candia 2018-01-16 14:47:13 +00:00
  • 54874d4c41 Remove key_manager section of config. Pino de Candia 2018-01-16 14:45:54 +00:00
  • 6a1099c89e Add devstack local.conf and .gitignore Pino de Candia 2018-01-05 12:48:31 -06:00
  • d83fca3537 Fixes to PAT and DNS support. Pino de Candia 2018-01-04 14:41:22 -06:00
  • c1239d9a5c Merge branch 'master' of https://github.com/pinodeca/tatu Pino de Candia 2017-12-29 04:09:47 -06:00
  • 27b180f864 Draft bastion support and Designate integration. Pino de Candia 2017-12-29 03:53:32 -06:00
  • 91c0b33338 Use argparse in helper scripts Pino de Candia 2017-12-29 03:51:54 -06:00
  • a419429041 Make Barbican integration work with Keystone middleware. Pino de Candia 2017-12-21 16:39:28 +00:00
  • 6ea9865b2a Merge branch 'master' of https://github.com/pinodeca/tatu Pino de Candia 2017-12-20 15:07:30 -06:00
  • 25fdd3b800 Moved config handling to one file. Pino de Candia 2017-12-20 15:07:15 -06:00
  • 428005ca56 Fixed requirements file. pinodeca 2017-12-20 17:33:29 +00:00
  • 303827c514 Oslo test skeleton. Pino de Candia 2017-12-18 16:09:16 -06:00
  • 6f69ba8090 Initial Devstack support skeleton. Pino de Candia 2017-12-18 15:58:04 -06:00
  • f28231f20d REsolve some differences with cookiecutter project. Pino de Candia 2017-12-18 15:57:26 -06:00
  • 9c51ed1705 Making doc and releasenotes compatible with cookiecutter. Pino de Candia 2017-12-18 21:42:51 +00:00
  • 1a4df292b1 Fixed requirements.txt for tox. Pino de Candia 2017-12-09 00:08:32 +00:00
  • 6d07347367 Fixed issue identified by bandit: hardcoded_tmp_directory Pino de Candia 2017-12-08 22:36:16 +00:00
  • 4597a67e0c Final pep8 fixes. Pino de Candia 2017-12-08 22:21:25 +00:00
  • b494661ad8 More pep8 fixes. Pino de Candia 2017-12-08 15:48:20 -06:00
  • 0a0f5f6e84 Pep8 fixes Pino de Candia 2017-12-08 15:30:38 -06:00
  • 3cee92f37f 79 character length Pino de Candia 2017-12-08 15:11:14 -06:00
  • 7812e1e8b6 4 space indentation Pino de Candia 2017-12-08 15:04:44 -06:00
  • 95c0f1011c Initial tox.ini Pino de Candia 2017-12-08 14:40:32 -06:00
  • 0b1c82f016 Debugged Castellan API with TatuKeyManager Pino de Candia 2017-12-08 00:15:18 +00:00
  • fa70477628 Started integrating Castellan Pino de Candia 2017-12-07 13:54:19 -06:00
  • c425a3d26e Fix CLI scripts for getting user certificates and CA public keys. Pino de Candia 2017-12-01 22:51:39 +00:00
  • 4c4e1159d7 Listen to keystone notifications and automatically add project CAs. Pino de Candia 2017-12-01 22:50:55 +00:00
  • b486bf64bc Enabled Keystone auth middleware via PasteDeploy. Pino de Candia 2017-11-30 20:36:00 +00:00
  • 857d4dd028 Provide ssh setup script via static vendor data. Pino de Candia 2017-11-27 21:50:50 +00:00
  • 6235f5e2b0 Use hash_md5 instead of deprecated hash. Fixed fd leak. Pino de Candia 2017-11-22 21:09:49 +00:00
  • 849152f16d Added stress tests for creating authorities and host certificates. Pino de Candia 2017-11-21 17:42:09 -06:00
  • 21040b39b8 Corrected certificate generation. Pino de Candia 2017-11-21 22:54:18 +00:00
  • d6f4f557ac Debugged cloud-init script; added script to get user cert. Pino de Candia 2017-11-21 01:31:36 -06:00
  • 6075058e1d Added logging. Debugged with ConfigDrive. Pino de Candia 2017-11-20 21:47:15 +00:00
  • 2eeebc8978 Initial cloud-init that uses Tatu vendor data. Pino de Candia 2017-11-06 00:08:39 -06:00
  • 7a09df9dac Added cloud-config and related scripts. Pino de Candia 2017-11-01 02:28:51 +00:00
  • f3b217435a Handle duplicate creation of CA with same UUID. Pino de Candia 2017-10-30 23:29:14 +00:00
  • c81af303b0 Added validation for API objects on POST. Pino de Candia 2017-10-30 23:10:11 +00:00
  • 95a183a301 Added Nova vendordata POST API. Pino de Candia 2017-10-30 20:06:57 +00:00
  • 79a56d259c Server creates CA's private keys (instead of client). Pino de Candia 2017-10-29 03:34:26 +00:00
  • aae0119466 Added tests for GET and error cases. Pino de Candia 2017-10-28 08:13:54 +00:00
  • 13e5e63b81 Added tests for resource Post. Pino de Candia 2017-10-27 23:20:51 +00:00
  • e35a3064ba Added tests for creating User and Host Certs. Pino de Candia 2017-10-24 23:40:30 +00:00
  • 93782dc2b8 Added first test. Pino de Candia 2017-10-24 17:58:57 +00:00
  • 759aedf52a Progress on model creation workflow. Pino de Candia 2017-10-23 21:02:14 +00:00
  • 56e52e5d94 Initial API and Database models.wq Pino de Candia 2017-10-23 17:13:20 +00:00
  • fc8a9eb5cc Added note that Vendor Data may be served by the main API component. Pino de Candia 2017-10-11 09:32:25 -05:00
  • afe0db49c4 Alternative Bastion redundancy using DNS load-balancing. Pino de Candia 2017-10-10 17:20:00 -05:00
  • 12e4d61620 Create architecture.rst Pino de Candia 2017-10-10 17:17:30 -05:00
  • 9ac0b6283f Added details about securing the bastion itself. Pino de Candia 2017-10-10 16:31:38 -05:00
  • dca6bf1757 Clarification about certificate scopes. Pino de Candia 2017-10-10 14:33:38 -05:00
  • fe41bc73ce Delete README.md Pino de Candia 2017-10-10 14:18:27 -05:00
  • 3ccf34625a Initial draft of project functionality. Pino de Candia 2017-10-10 14:18:02 -05:00
  • 1493f04794 Initial commit Pino de Candia 2017-10-10 12:08:12 -05:00