Initial commit
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..aa8e42a
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,5 @@
+.kitchen
+tests/build/
+*.swp
+*.pyc
+.ropeproject
diff --git a/.kitchen.docker.yml b/.kitchen.docker.yml
new file mode 100644
index 0000000..7334571
--- /dev/null
+++ b/.kitchen.docker.yml
@@ -0,0 +1,43 @@
+---
+driver:
+ name: docker
+ hostname: barbican.ci.local
+ use_sudo: false
+
+provisioner:
+ name: salt_solo
+ salt_install: bootstrap
+ salt_bootstrap_url: https://bootstrap.saltstack.com
+ salt_version: latest
+ require_chef: false
+ log_level: error
+ formula: barbican
+ grains:
+ noservices: True
+ state_top:
+ base:
+ "*":
+ - barbican
+ pillars:
+ top.sls:
+ base:
+ "*":
+ - barbican
+
+verifier:
+ name: inspec
+ sudo: true
+
+
+platforms:
+ - name: <%=ENV['PLATFORM'] || 'ubuntu-xenial'%>
+ driver_config:
+ image: <%=ENV['PLATFORM'] || 'trevorj/salty-whales:xenial'%>
+ platform: ubuntu
+
+suites:
+ - name: default
+ # provisioner:
+ # pillars-from-files:
+ # barbican.sls: tests/pillar/default.sls
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.kitchen.openstack.yml b/.kitchen.openstack.yml
new file mode 100644
index 0000000..6dbf7b2
--- /dev/null
+++ b/.kitchen.openstack.yml
@@ -0,0 +1,41 @@
+
+# usage: `KITCHEN_LOCAL_YAML=.kitchen.openstack.yml kitchen test`
+
+# https://docs.chef.io/config_yml_kitchen.html
+# https://github.com/test-kitchen/kitchen-openstack
+
+---
+driver:
+ name: openstack
+ openstack_auth_url: <%= ENV['OS_AUTH_URL'] %>/tokens
+ openstack_username: <%= ENV['OS_USERNAME'] || 'ci' %>
+ openstack_api_key: <%= ENV['OS_PASSWORD'] || 'ci' %>
+ openstack_tenant: <%= ENV['OS_TENANT_NAME'] || 'ci_jenkins' %>
+
+ #floating_ip_pool: <%= ENV['OS_FLOATING_IP_POOL'] || 'nova' %>
+ key_name: <%= ENV['BOOTSTRAP_SSH_KEY_NAME'] || 'bootstrap_insecure' %>
+ private_key_path: <%= ENV['BOOTSTRAP_SSH_KEY_PATH'] || "#{ENV['HOME']}/.ssh/id_rsa_bootstrap_insecure" %>
+
+
+platforms:
+ - name: ubuntu-14.04
+ driver:
+ username: <%= ENV['OS_UBUNTU_IMAGE_USER'] || 'root' %>
+ image_ref: <%= ENV['OS_UBUNTU_IMAGE_REF'] || 'ubuntu-14-04-x64-1455869035' %>
+ flavor_ref: m1.medium
+ network_ref:
+ <% if ENV['OS_NETWORK_REF'] -%>
+ - <% ENV['OS_NETWORK_REF'] %>
+ <% else -%>
+ - ci-net
+ <% end -%>
+ # force update apt cache on the image
+ run_list:
+ - recipe[apt]
+ attributes:
+ apt:
+ compile_time_update: true
+transport:
+ username: <%= ENV['OS_UBUNTU_IMAGE_USER'] || 'root' %>
+
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.kitchen.vagrant.yml b/.kitchen.vagrant.yml
new file mode 100644
index 0000000..da4f80f
--- /dev/null
+++ b/.kitchen.vagrant.yml
@@ -0,0 +1,30 @@
+---
+driver:
+ name: vagrant
+ vm_hostname: barbican.ci.local
+ use_sudo: false
+ customize:
+ memory: 512
+
+
+provisioner:
+ name: salt_solo
+ salt_install: bootstrap
+ salt_bootstrap_url: https://bootstrap.saltstack.com
+ salt_version: latest
+ require_chef: false
+ formula: barbican
+ log_level: info
+ state_top:
+ base:
+ "*":
+ - barbican
+ pillars:
+ top.sls:
+ base:
+ "*":
+ - barbican
+ grains:
+ noservices: True
+
+# vim: ft=yaml sw=2 ts=2 sts=2 tw=125
diff --git a/.travis.yml b/.travis.yml
new file mode 100644
index 0000000..7a77247
--- /dev/null
+++ b/.travis.yml
@@ -0,0 +1,39 @@
+sudo: required
+services:
+ - docker
+
+install:
+ - pip install PyYAML
+ - pip install virtualenv
+ - |
+ test -e Gemfile || cat <<EOF > Gemfile
+ source 'https://rubygems.org'
+ gem 'rake'
+ gem 'test-kitchen'
+ gem 'kitchen-docker'
+ gem 'kitchen-inspec'
+ gem 'inspec'
+ gem 'kitchen-salt', :git => 'https://github.com/salt-formulas/kitchen-salt.git'
+ - bundle install
+
+env:
+ - PLATFORM=trevorj/salty-whales:trusty
+ - PLATFORM=trevorj/salty-whales:xenial
+
+before_script:
+ - set -o pipefail
+ - make test | tail
+
+script:
+ - test ! -e .kitchen.yml || bundle exec kitchen test -t tests/integration
+
+notifications:
+ webhooks:
+ urls:
+ - https://webhooks.gitter.im/e/6123573504759330786b
+ on_success: change # options: [always|never|change] default: always
+ on_failure: never # options: [always|never|change] default: always
+ on_start: never # options: [always|never|change] default: always
+ on_cancel: never # options: [always|never|change] default: always
+ on_error: never # options: [always|never|change] default: always
+ email: false
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
new file mode 100644
index 0000000..3aec82f
--- /dev/null
+++ b/CHANGELOG.rst
@@ -0,0 +1,6 @@
+barbican formula
+=====================================
+
+2017.6 (2017-08-01)
+
+- Initial formula setup
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..7862bbb
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,13 @@
+Copyright (c) 2017 Mirantis Inc.
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
\ No newline at end of file
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..1043fbe
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,118 @@
+DESTDIR=/
+SALTENVDIR=/usr/share/salt-formulas/env
+RECLASSDIR=/usr/share/salt-formulas/reclass
+FORMULANAME=$(shell grep name: metadata.yml|head -1|cut -d : -f 2|grep -Eo '[a-z0-9\-\_]*')
+VERSION=$(shell grep version: metadata.yml|head -1|cut -d : -f 2|grep -Eo '[a-z0-9\.\-\_]*')
+VERSION_MAJOR := $(shell echo $(VERSION)|cut -d . -f 1-2)
+VERSION_MINOR := $(shell echo $(VERSION)|cut -d . -f 3)
+
+NEW_MAJOR_VERSION ?= $(shell date +%Y.%m|sed 's,\.0,\.,g')
+NEW_MINOR_VERSION ?= $(shell /bin/bash -c 'echo $$[ $(VERSION_MINOR) + 1 ]')
+
+MAKE_PID := $(shell echo $$PPID)
+JOB_FLAG := $(filter -j%, $(subst -j ,-j,$(shell ps T | grep "^\s*$(MAKE_PID).*$(MAKE)")))
+
+ifneq ($(subst -j,,$(JOB_FLAG)),)
+JOBS := $(subst -j,,$(JOB_FLAG))
+else
+JOBS := 1
+endif
+
+KITCHEN_LOCAL_YAML?=.kitchen.yml
+KITCHEN_OPTS?="--concurrency=$(JOBS)"
+KITCHEN_OPTS_CREATE?=""
+KITCHEN_OPTS_CONVERGE?=""
+KITCHEN_OPTS_VERIFY?=""
+KITCHEN_OPTS_TEST?=""
+
+all:
+ @echo "make install - Install into DESTDIR"
+ @echo "make test - Run tests"
+ @echo "make kitchen - Run Kitchen CI tests (create, converge, verify)"
+ @echo "make clean - Cleanup after tests run"
+ @echo "make release-major - Generate new major release"
+ @echo "make release-minor - Generate new minor release"
+ @echo "make changelog - Show changes since last release"
+
+install:
+ # Formula
+ [ -d $(DESTDIR)/$(SALTENVDIR) ] || mkdir -p $(DESTDIR)/$(SALTENVDIR)
+ cp -a $(FORMULANAME) $(DESTDIR)/$(SALTENVDIR)/
+ [ ! -d _modules ] || cp -a _modules $(DESTDIR)/$(SALTENVDIR)/
+ [ ! -d _states ] || cp -a _states $(DESTDIR)/$(SALTENVDIR)/ || true
+ [ ! -d _grains ] || cp -a _grains $(DESTDIR)/$(SALTENVDIR)/ || true
+ # Metadata
+ [ -d $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME) ] || mkdir -p $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME)
+ cp -a metadata/service/* $(DESTDIR)/$(RECLASSDIR)/service/$(FORMULANAME)
+
+test:
+ [ ! -d tests ] || (cd tests; ./run_tests.sh)
+
+release-major: check-changes
+ @echo "Current version is $(VERSION), new version is $(NEW_MAJOR_VERSION)"
+ @[ $(VERSION_MAJOR) != $(NEW_MAJOR_VERSION) ] || (echo "Major version $(NEW_MAJOR_VERSION) already released, nothing to do. Do you want release-minor?" && exit 1)
+ echo "$(NEW_MAJOR_VERSION)" > VERSION
+ sed -i 's,version: .*,version: "$(NEW_MAJOR_VERSION)",g' metadata.yml
+ [ ! -f debian/changelog ] || dch -v $(NEW_MAJOR_VERSION) -m --force-distribution -D `dpkg-parsechangelog -S Distribution` "New version"
+ make genchangelog-$(NEW_MAJOR_VERSION)
+ (git add -u; git commit -m "Version $(NEW_MAJOR_VERSION)")
+ git tag -s -m $(NEW_MAJOR_VERSION) $(NEW_MAJOR_VERSION)
+
+release-minor: check-changes
+ @echo "Current version is $(VERSION), new version is $(VERSION_MAJOR).$(NEW_MINOR_VERSION)"
+ echo "$(VERSION_MAJOR).$(NEW_MINOR_VERSION)" > VERSION
+ sed -i 's,version: .*,version: "$(VERSION_MAJOR).$(NEW_MINOR_VERSION)",g' metadata.yml
+ [ ! -f debian/changelog ] || dch -v $(VERSION_MAJOR).$(NEW_MINOR_VERSION) -m --force-distribution -D `dpkg-parsechangelog -S Distribution` "New version"
+ make genchangelog-$(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+ (git add -u; git commit -m "Version $(VERSION_MAJOR).$(NEW_MINOR_VERSION)")
+ git tag -s -m $(NEW_MAJOR_VERSION) $(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+
+check-changes:
+ @git log --pretty=oneline --decorate $(VERSION)..HEAD | grep -Eqc '.*' || (echo "No new changes since version $(VERSION)"; exit 1)
+
+changelog:
+ git log --pretty=short --invert-grep --grep="Merge pull request" --decorate $(VERSION)..HEAD
+
+genchangelog: genchangelog-$(VERSION_MAJOR).$(NEW_MINOR_VERSION)
+
+genchangelog-%:
+ $(eval NEW_VERSION := $(patsubst genchangelog-%,%,$@))
+ (echo "=========\nChangelog\n=========\n"; \
+ (echo $(NEW_VERSION);git tag) | sort -r | grep -E '^[0-9\.]+' | while read i; do \
+ cur=$$i; \
+ test $$i = $(NEW_VERSION) && i=HEAD; \
+ prev=`(echo $(NEW_VERSION);git tag)|sort|grep -E '^[0-9\.]+'|grep -B1 "$$cur\$$"|head -1`; \
+ echo "Version $$cur\n=============================\n"; \
+ git log --pretty=short --invert-grep --grep="Merge pull request" --decorate $$prev..$$i; \
+ echo; \
+ done) > CHANGELOG.rst
+
+kitchen-check:
+ @[ -e $(KITCHEN_LOCAL_YAML) ] || (echo "Kitchen tests not available, there's no $(KITCHEN_LOCAL_YAML)." && exit 1)
+
+kitchen: kitchen-check kitchen-create kitchen-converge kitchen-verify kitchen-list
+
+kitchen-create: kitchen-check
+ kitchen create ${KITCHEN_OPTS} ${KITCHEN_OPTS_CREATE}
+ [ "$(shell echo $(KITCHEN_LOCAL_YAML)|grep -Eo docker)" = "docker" ] || sleep 120
+
+kitchen-converge: kitchen-check
+ kitchen converge ${KITCHEN_OPTS} ${KITCHEN_OPTS_CONVERGE} &&\
+ kitchen converge ${KITCHEN_OPTS} ${KITCHEN_OPTS_CONVERGE}
+
+kitchen-verify: kitchen-check
+ [ ! -d tests/integration ] || kitchen verify -t tests/integration ${KITCHEN_OPTS} ${KITCHEN_OPTS_VERIFY}
+ [ -d tests/integration ] || kitchen verify ${KITCHEN_OPTS} ${KITCHEN_OPTS_VERIFY}
+
+kitchen-test: kitchen-check
+ [ ! -d tests/integration ] || kitchen test -t tests/integration ${KITCHEN_OPTS} ${KITCHEN_OPTS_TEST}
+ [ -d tests/integration ] || kitchen test ${KITCHEN_OPTS} ${KITCHEN_OPTS_TEST}
+
+kitchen-list: kitchen-check
+ kitchen list
+
+clean:
+ [ ! -x "$(shell which kitchen)" ] || kitchen destroy
+ [ ! -d .kitchen ] || rm -rf .kitchen
+ [ ! -d tests/build ] || rm -rf tests/build
+ [ ! -d build ] || rm -rf build
diff --git a/README.rst b/README.rst
new file mode 100644
index 0000000..af029bc
--- /dev/null
+++ b/README.rst
@@ -0,0 +1,57 @@
+
+==================================
+barbican formula
+==================================
+
+Barbican is a REST API designed for the secure storage, provisioning and
+management of secrets such as passwords, encryption keys and X.509 Certificates.
+It is aimed at being useful for all environments, including large ephemeral
+Clouds.
+
+Sample pillars
+==============
+
+Single barbican service
+
+.. code-block:: yaml
+
+ barbican:
+ server:
+ enabled: true
+ version: ocata
+
+Documentation and Bugs
+======================
+
+To learn how to install and update salt-formulas, consult the documentation
+available online at:
+
+ http://salt-formulas.readthedocs.io/
+
+In the unfortunate event that bugs are discovered, they should be reported to
+the appropriate issue tracker. Use GitHub issue tracker for specific salt
+formula:
+
+ https://github.com/salt-formulas/salt-formula-barbican/issues
+
+For feature requests, bug reports or blueprints affecting entire ecosystem,
+use Launchpad salt-formulas project:
+
+ https://launchpad.net/salt-formulas
+
+Developers wishing to work on the salt-formulas projects should always base
+their work on master branch and submit pull request against specific formula.
+
+You should also subscribe to mailing list (salt-formulas@freelists.org):
+
+ https://www.freelists.org/list/salt-formulas
+
+Any questions or feedback is always welcome so feel free to join our IRC
+channel:
+
+ #salt-formulas @ irc.freenode.net
+
+Read more
+=========
+
+* https://docs.openstack.org/barbican/latest/
diff --git a/VERSION b/VERSION
new file mode 100644
index 0000000..565d2be
--- /dev/null
+++ b/VERSION
@@ -0,0 +1 @@
+2017.6
diff --git a/barbican/files/barbican.conf b/barbican/files/barbican.conf
new file mode 100644
index 0000000..44e3449
--- /dev/null
+++ b/barbican/files/barbican.conf
@@ -0,0 +1 @@
+# Service config file
\ No newline at end of file
diff --git a/barbican/init.sls b/barbican/init.sls
new file mode 100644
index 0000000..469db73
--- /dev/null
+++ b/barbican/init.sls
@@ -0,0 +1,6 @@
+{%- if pillar.barbican is defined %}
+include:
+{%- if pillar.barbican.server is defined %}
+- barbican.server
+{%- endif %}
+{%- endif %}
diff --git a/barbican/map.jinja b/barbican/map.jinja
new file mode 100644
index 0000000..fdffae3
--- /dev/null
+++ b/barbican/map.jinja
@@ -0,0 +1,10 @@
+
+{%- load_yaml as base_defaults %}
+
+Debian:
+ pkgs:
+ - barbican
+
+{%- endload %}
+
+{%- set server = salt['grains.filter_by'](base_defaults, merge=salt['pillar.get']('barbican:server')) %}
diff --git a/barbican/meta/sensu.yml b/barbican/meta/sensu.yml
new file mode 100644
index 0000000..5046e61
--- /dev/null
+++ b/barbican/meta/sensu.yml
@@ -0,0 +1,8 @@
+# Sample check
+check:
+ local_barbican_proc:
+ command: "PATH=$PATH:/usr/lib64/nagios/plugins:/usr/lib/nagios/plugins check_procs -C barbican -u barbican -c 1:1"
+ interval: 60
+ occurrences: 1
+ subscribers:
+ - local-barbican-server
diff --git a/barbican/meta/sphinx.yml b/barbican/meta/sphinx.yml
new file mode 100644
index 0000000..61cd3d1
--- /dev/null
+++ b/barbican/meta/sphinx.yml
@@ -0,0 +1,12 @@
+{%- from "barbican/map.jinja" import server with context %}
+# Fill in documentation details
+doc:
+ name: barbican
+ description: Some service info
+ role:
+ server:
+ name: server
+ param:
+ some_param:
+ name: "Some name"
+ value: "some value"
diff --git a/barbican/server.sls b/barbican/server.sls
new file mode 100644
index 0000000..9a375ce
--- /dev/null
+++ b/barbican/server.sls
@@ -0,0 +1,4 @@
+{%- from "barbican/map.jinja" import server with context %}
+{%- if server.enabled %}
+
+{%- endif %}
diff --git a/debian/changelog b/debian/changelog
new file mode 100644
index 0000000..97e7db1
--- /dev/null
+++ b/debian/changelog
@@ -0,0 +1,5 @@
+salt-formula-barbican (2017.6) xenial; urgency=medium
+
+ * Initial release
+
+ -- Petr Jediný petr.jediny@gmail.com Tue, 01 Aug 2017 02:16:20 BST
diff --git a/debian/compat b/debian/compat
new file mode 100644
index 0000000..ec63514
--- /dev/null
+++ b/debian/compat
@@ -0,0 +1 @@
+9
diff --git a/debian/control b/debian/control
new file mode 100644
index 0000000..eabab66
--- /dev/null
+++ b/debian/control
@@ -0,0 +1,15 @@
+Source: salt-formula-barbican
+Maintainer: Petr Jediný petr.jediny@gmail.com
+Section: admin
+Priority: optional
+Build-Depends: debhelper (>= 9), salt-master, python, python-yaml
+Standards-Version: 3.9.6
+Homepage: https://github.com/salt-formulas
+Vcs-Browser: https://github.com/salt-formulas/salt-formula-barbican
+Vcs-Git: https://github.com/salt-formulas/salt-formula-barbican.git
+
+Package: salt-formula-barbican
+Architecture: all
+Depends: ${misc:Depends}, salt-master, reclass
+Description: barbican salt formula
+ Install and configure barbican system.
diff --git a/debian/copyright b/debian/copyright
new file mode 100644
index 0000000..7cc4b7c
--- /dev/null
+++ b/debian/copyright
@@ -0,0 +1,15 @@
+Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
+Upstream-Name: salt-formula-barbican
+Upstream-Contact: salt-formulas@freelists.org
+Source: https://github.com/salt-formulas/salt-formula-barbican
+
+Files: *
+Copyright: 2017 Mirantis Inc.
+License: Apache-2.0
+ Copyright (C) 2017 Mirantis Inc.
+ .
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ .
+ On a Debian system you can find a copy of this license in
+ /usr/share/common-licenses/Apache-2.0.
diff --git a/debian/docs b/debian/docs
new file mode 100644
index 0000000..d585829
--- /dev/null
+++ b/debian/docs
@@ -0,0 +1,3 @@
+README.rst
+CHANGELOG.rst
+VERSION
diff --git a/debian/rules b/debian/rules
new file mode 100755
index 0000000..abde6ef
--- /dev/null
+++ b/debian/rules
@@ -0,0 +1,5 @@
+#!/usr/bin/make -f
+
+%:
+ dh $@
+
diff --git a/debian/source/format b/debian/source/format
new file mode 100644
index 0000000..89ae9db
--- /dev/null
+++ b/debian/source/format
@@ -0,0 +1 @@
+3.0 (native)
diff --git a/doc/source/conf.py b/doc/source/conf.py
new file mode 100644
index 0000000..53c355a
--- /dev/null
+++ b/doc/source/conf.py
@@ -0,0 +1,73 @@
+# -*- coding: utf-8 -*-
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import os
+import sys
+
+sys.path.insert(0, os.path.abspath('../..'))
+# -- General configuration ----------------------------------------------------
+
+# Add any Sphinx extension module names here, as strings. They can be
+# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
+extensions = [
+ 'sphinx.ext.autodoc',
+]
+
+# autodoc generation is a bit aggressive and a nuisance when doing heavy
+# text edit cycles.
+# execute "export SPHINX_DEBUG=1" in your terminal to disable
+
+# The suffix of source filenames.
+source_suffix = '.rst'
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u'salt-formula-barbican'
+copyright = u'2016, Mirantis Inc.'
+
+# If true, '()' will be appended to :func: etc. cross-reference text.
+add_function_parentheses = True
+
+# If true, the current module name will be prepended to all description
+# unit titles (such as .. function::).
+add_module_names = True
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# -- Options for HTML output --------------------------------------------------
+
+# The theme to use for HTML and HTML Help pages. Major themes that come with
+# Sphinx are currently 'default' and 'sphinxdoc'.
+# html_theme_path = ["."]
+# html_theme = '_theme'
+# html_static_path = ['static']
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = '%sdoc' % project
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title, author, documentclass
+# [howto/manual]).
+latex_documents = [
+ ('index',
+ '%s.tex' % project,
+ u'%s Documentation' % project,
+ u'OpenStack Foundation', 'manual'),
+]
+
+# Example configuration for intersphinx: refer to the Python standard library.
+# intersphinx_mapping = {'http://docs.python.org/': None}
diff --git a/doc/source/index.rst b/doc/source/index.rst
new file mode 100644
index 0000000..a6210d3
--- /dev/null
+++ b/doc/source/index.rst
@@ -0,0 +1 @@
+.. include:: ../../README.rst
diff --git a/metadata.yml b/metadata.yml
new file mode 100644
index 0000000..7c8d474
--- /dev/null
+++ b/metadata.yml
@@ -0,0 +1,3 @@
+name: "barbican"
+version: "2017.6"
+source: "https://github.com/salt-formulas/salt-formula-barbican"
diff --git a/metadata/service/server/cluster.yml b/metadata/service/server/cluster.yml
new file mode 100644
index 0000000..ca23e30
--- /dev/null
+++ b/metadata/service/server/cluster.yml
@@ -0,0 +1,10 @@
+applications:
+- barbican
+classes:
+- service.barbican.support
+parameters:
+ barbican:
+ server:
+ enabled: true
+ bind:
+ address: 0.0.0.0
diff --git a/metadata/service/server/single.yml b/metadata/service/server/single.yml
new file mode 100644
index 0000000..ca23e30
--- /dev/null
+++ b/metadata/service/server/single.yml
@@ -0,0 +1,10 @@
+applications:
+- barbican
+classes:
+- service.barbican.support
+parameters:
+ barbican:
+ server:
+ enabled: true
+ bind:
+ address: 0.0.0.0
diff --git a/metadata/service/support.yml b/metadata/service/support.yml
new file mode 100644
index 0000000..ea53a7f
--- /dev/null
+++ b/metadata/service/support.yml
@@ -0,0 +1,11 @@
+parameters:
+ barbican:
+ _support:
+ collectd:
+ enabled: false
+ heka:
+ enabled: false
+ sensu:
+ enabled: false
+ sphinx:
+ enabled: true
diff --git a/tests/pillar/compute_cluster.sls b/tests/pillar/compute_cluster.sls
new file mode 100644
index 0000000..6f03b6e
--- /dev/null
+++ b/tests/pillar/compute_cluster.sls
@@ -0,0 +1,49 @@
+nova:
+ compute:
+ version: liberty
+ enabled: true
+ virtualization: kvm
+ heal_instance_info_cache_interval: 60
+ vncproxy_url: openstack:6080
+ bind:
+ vnc_address: 127.0.0.1
+ vnc_port: 6080
+ vnc_name: 0.0.0.0
+ database:
+ engine: mysql
+ host: 127.0.0.1
+ port: 3306
+ name: nova
+ user: nova
+ password: password
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ port: 35357
+ user: nova
+ password: password
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ image:
+ engine: glance
+ host: 127.0.0.1
+ port: 9292
+ network:
+ engine: neutron
+ host: 127.0.0.1
+ port: 9696
+ cache:
+ engine: memcached
+ members:
+ - host: 127.0.0.1
+ port: 11211
+ - host: 127.0.1.1
+ port: 11211
+ - host: 127.0.2.1
+ port: 11211
diff --git a/tests/pillar/compute_single.sls b/tests/pillar/compute_single.sls
new file mode 100644
index 0000000..036a140
--- /dev/null
+++ b/tests/pillar/compute_single.sls
@@ -0,0 +1,45 @@
+nova:
+ compute:
+ version: liberty
+ enabled: true
+ virtualization: kvm
+ heal_instance_info_cache_interval: 60
+ vncproxy_url: openstack:6080
+ bind:
+ vnc_address: 127.0.0.1
+ vnc_port: 6080
+ vnc_name: 0.0.0.0
+ database:
+ engine: mysql
+ host: 127.0.0.1
+ port: 3306
+ name: nova
+ user: nova
+ password: password
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ port: 35357
+ user: nova
+ password: password
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ image:
+ engine: glance
+ host: 127.0.0.1
+ port: 9292
+ network:
+ engine: neutron
+ host: 127.0.0.1
+ port: 9696
+ cache:
+ engine: memcached
+ members:
+ - host: 127.0.0.1
+ port: 11211
diff --git a/tests/pillar/control_cluster.sls b/tests/pillar/control_cluster.sls
new file mode 100644
index 0000000..158f565
--- /dev/null
+++ b/tests/pillar/control_cluster.sls
@@ -0,0 +1,48 @@
+nova:
+ controller:
+ enabled: true
+ networking: default
+ version: liberty
+ vncproxy_url: 127.0.0.1
+ security_group: false
+ dhcp_domain: novalocal
+ scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter"
+ cpu_allocation_ratio: 16.0
+ ram_allocation_ratio: 1.5
+ bind:
+ private_address: 127.0.0.1
+ public_address: 127.0.0.1
+ public_name: 127.0.0.1
+ novncproxy_port: 6080
+ database:
+ engine: mysql
+ host: 127.0.0.1
+ port: 3306
+ name: nova
+ user: nova
+ password: password
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ port: 35357
+ user: nova
+ password: password
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ ha_queues: true
+ glance:
+ host:
+ port: 9292
+ network:
+ engine: neutron
+ host: 127.0.0.1
+ port: 9696
+ mtu: 1500
+ metadata:
+ password: metadata
diff --git a/tests/pillar/control_single.sls b/tests/pillar/control_single.sls
new file mode 100644
index 0000000..68c77b2
--- /dev/null
+++ b/tests/pillar/control_single.sls
@@ -0,0 +1,52 @@
+nova:
+ controller:
+ enabled: true
+ networking: contrail
+ version: liberty
+ security_group: false
+ vncproxy_url: 127.0.0.1
+ dhcp_domain: novalocal
+ scheduler_default_filters: "DifferentHostFilter,RetryFilter,AvailabilityZoneFilter,RamFilter,CoreFilter,DiskFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter"
+ cpu_allocation_ratio: 16.0
+ ram_allocation_ratio: 1.5
+ bind:
+ private_address: 127.0.0.1
+ public_address: 127.0.0.1
+ public_name: 127.0.0.1
+ novncproxy_port: 6080
+ database:
+ engine: mysql
+ host: localhost
+ port: 3306
+ name: nova
+ user: nova
+ password: password
+ identity:
+ engine: keystone
+ host: 127.0.0.1
+ port: 35357
+ user: nova
+ password: password
+ tenant: service
+ message_queue:
+ engine: rabbitmq
+ host: 127.0.0.1
+ port: 5672
+ user: openstack
+ password: password
+ virtual_host: '/openstack'
+ glance:
+ host: 127.0.0.1
+ port: 9292
+ network:
+ engine: neutron
+ host: 127.0.0.1
+ port: 9696
+ mtu: 1500
+ metadata:
+ password: password
+ cache:
+ engine: memcached
+ members:
+ - host: 127.0.0.1
+ port: 11211
diff --git a/tests/pillar/single.yml b/tests/pillar/single.yml
new file mode 100644
index 0000000..76fe8c1
--- /dev/null
+++ b/tests/pillar/single.yml
@@ -0,0 +1,5 @@
+barbican:
+ server:
+ enabled: true
+ bind:
+ address: 0.0.0.0
diff --git a/tests/run_tests.sh b/tests/run_tests.sh
new file mode 100755
index 0000000..29fb975
--- /dev/null
+++ b/tests/run_tests.sh
@@ -0,0 +1,200 @@
+#!/usr/bin/env bash
+
+set -e
+[ -n "$DEBUG" ] && set -x
+
+CURDIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
+METADATA=${CURDIR}/../metadata.yml
+FORMULA_NAME=$(cat $METADATA | python -c "import sys,yaml; print yaml.load(sys.stdin)['name']")
+FORMULA_META_DIR=${CURDIR}/../${FORMULA_NAME}/meta
+
+## Overrideable parameters
+PILLARDIR=${PILLARDIR:-${CURDIR}/pillar}
+BUILDDIR=${BUILDDIR:-${CURDIR}/build}
+VENV_DIR=${VENV_DIR:-${BUILDDIR}/virtualenv}
+MOCK_BIN_DIR=${MOCK_BIN_DIR:-${CURDIR}/mock_bin}
+DEPSDIR=${BUILDDIR}/deps
+
+SALT_FILE_DIR=${SALT_FILE_DIR:-${BUILDDIR}/file_root}
+SALT_PILLAR_DIR=${SALT_PILLAR_DIR:-${BUILDDIR}/pillar_root}
+SALT_CONFIG_DIR=${SALT_CONFIG_DIR:-${BUILDDIR}/salt}
+SALT_CACHE_DIR=${SALT_CACHE_DIR:-${SALT_CONFIG_DIR}/cache}
+
+SALT_OPTS="${SALT_OPTS} --retcode-passthrough --local -c ${SALT_CONFIG_DIR} --log-file=/dev/null"
+
+if [ "x${SALT_VERSION}" != "x" ]; then
+ PIP_SALT_VERSION="==${SALT_VERSION}"
+fi
+
+## Functions
+log_info() {
+ echo "[INFO] $*"
+}
+
+log_err() {
+ echo "[ERROR] $*" >&2
+}
+
+setup_virtualenv() {
+ log_info "Setting up Python virtualenv"
+ virtualenv $VENV_DIR
+ source ${VENV_DIR}/bin/activate
+ pip install salt${PIP_SALT_VERSION}
+}
+
+setup_mock_bin() {
+ # If some state requires a binary, a lightweight replacement for
+ # such binary can be put into MOCK_BIN_DIR for test purposes
+ if [ -d "${MOCK_BIN_DIR}" ]; then
+ PATH="${MOCK_BIN_DIR}:$PATH"
+ export PATH
+ fi
+}
+
+setup_pillar() {
+ [ ! -d ${SALT_PILLAR_DIR} ] && mkdir -p ${SALT_PILLAR_DIR}
+ echo "base:" > ${SALT_PILLAR_DIR}/top.sls
+ for pillar in ${PILLARDIR}/*; do
+ grep ${FORMULA_NAME}: ${pillar} &>/dev/null || continue
+ state_name=$(basename ${pillar%.sls})
+ echo -e " ${state_name}:\n - ${state_name}" >> ${SALT_PILLAR_DIR}/top.sls
+ done
+}
+
+setup_salt() {
+ [ ! -d ${SALT_FILE_DIR} ] && mkdir -p ${SALT_FILE_DIR}
+ [ ! -d ${SALT_CONFIG_DIR} ] && mkdir -p ${SALT_CONFIG_DIR}
+ [ ! -d ${SALT_CACHE_DIR} ] && mkdir -p ${SALT_CACHE_DIR}
+
+ echo "base:" > ${SALT_FILE_DIR}/top.sls
+ for pillar in ${PILLARDIR}/*.sls; do
+ grep ${FORMULA_NAME}: ${pillar} &>/dev/null || continue
+ state_name=$(basename ${pillar%.sls})
+ echo -e " ${state_name}:\n - ${FORMULA_NAME}" >> ${SALT_FILE_DIR}/top.sls
+ done
+
+ cat << EOF > ${SALT_CONFIG_DIR}/minion
+file_client: local
+cachedir: ${SALT_CACHE_DIR}
+verify_env: False
+minion_id_caching: False
+
+file_roots:
+ base:
+ - ${SALT_FILE_DIR}
+ - ${CURDIR}/..
+ - /usr/share/salt-formulas/env
+
+pillar_roots:
+ base:
+ - ${SALT_PILLAR_DIR}
+ - ${PILLARDIR}
+EOF
+}
+
+fetch_dependency() {
+ dep_name="$(echo $1|cut -d : -f 1)"
+ dep_source="$(echo $1|cut -d : -f 2-)"
+ dep_root="${DEPSDIR}/$(basename $dep_source .git)"
+ dep_metadata="${dep_root}/metadata.yml"
+
+ [ -d /usr/share/salt-formulas/env/${dep_name} ] && log_info "Dependency $dep_name already present in system-wide salt env" && return 0
+ [ -d $dep_root ] && log_info "Dependency $dep_name already fetched" && return 0
+
+ log_info "Fetching dependency $dep_name"
+ [ ! -d ${DEPSDIR} ] && mkdir -p ${DEPSDIR}
+ git clone $dep_source ${DEPSDIR}/$(basename $dep_source .git)
+ ln -s ${dep_root}/${dep_name} ${SALT_FILE_DIR}/${dep_name}
+
+ METADATA="${dep_metadata}" install_dependencies
+}
+
+install_dependencies() {
+ grep -E "^dependencies:" ${METADATA} >/dev/null || return 0
+ (python - | while read dep; do fetch_dependency "$dep"; done) << EOF
+import sys,yaml
+for dep in yaml.load(open('${METADATA}', 'ro'))['dependencies']:
+ print '%s:%s' % (dep["name"], dep["source"])
+EOF
+}
+
+clean() {
+ log_info "Cleaning up ${BUILDDIR}"
+ [ -d ${BUILDDIR} ] && rm -rf ${BUILDDIR} || exit 0
+}
+
+salt_run() {
+ [ -e ${VEN_DIR}/bin/activate ] && source ${VENV_DIR}/bin/activate
+ salt-call ${SALT_OPTS} $*
+}
+
+prepare() {
+ [ -d ${BUILDDIR} ] && mkdir -p ${BUILDDIR}
+
+ which salt-call || setup_virtualenv
+ setup_mock_bin
+ setup_pillar
+ setup_salt
+ install_dependencies
+}
+
+run() {
+ for pillar in ${PILLARDIR}/*.sls; do
+ grep ${FORMULA_NAME}: ${pillar} &>/dev/null || continue
+ state_name=$(basename ${pillar%.sls})
+ salt_run grains.set 'noservices' False force=True
+
+ echo "Checking state ${FORMULA_NAME}.${state_name} ..."
+ salt_run --id=${state_name} state.show_sls ${FORMULA_NAME} || (log_err "Execution of ${FORMULA_NAME}.${state_name} failed"; exit 1)
+
+ # Check that all files in 'meta' folder can be rendered using any valid pillar
+ for meta in `find ${FORMULA_META_DIR} -type f`; do
+ meta_name=$(basename ${meta})
+ echo "Checking meta ${meta_name} ..."
+ salt_run --out=quiet --id=${state_name} cp.get_template ${meta} ${SALT_CACHE_DIR}/${meta_name} \
+ || (log_err "Failed to render meta ${meta} using pillar ${FORMULA_NAME}.${state_name}"; exit 1)
+ cat ${SALT_CACHE_DIR}/${meta_name}
+ done
+ done
+}
+
+real_run() {
+ for pillar in ${PILLARDIR}/*.sls; do
+ state_name=$(basename ${pillar%.sls})
+ salt_run --id=${state_name} state.sls ${FORMULA_NAME} || (log_err "Execution of ${FORMULA_NAME}.${state_name} failed"; exit 1)
+ done
+}
+
+_atexit() {
+ RETVAL=$?
+ trap true INT TERM EXIT
+
+ if [ $RETVAL -ne 0 ]; then
+ log_err "Execution failed"
+ else
+ log_info "Execution successful"
+ fi
+ return $RETVAL
+}
+
+## Main
+trap _atexit INT TERM EXIT
+
+case $1 in
+ clean)
+ clean
+ ;;
+ prepare)
+ prepare
+ ;;
+ run)
+ run
+ ;;
+ real-run)
+ real_run
+ ;;
+ *)
+ prepare
+ run
+ ;;
+esac