A configuration management service with support for secrets.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Zuul 64975c820a Merge "doc(typo): Correct spelling" 10 months ago
alembic [396582] Add alembic support to Deckhand 1 year ago
charts/deckhand Add test pods labels. 11 months ago
deckhand Merge "Remove deprecated substitution_sources kwarg" 10 months ago
doc Merge "doc(typo): Correct spelling" 10 months ago
etc/deckhand Add missing Keystone options to registration of config 1 year ago
images/deckhand Allow Deckhand image to be built behind proxy 1 year ago
releasenotes style(pep8): remove identation ignores 1 year ago
tools Move to stestr for functional/integration tests 11 months ago
.coveragerc Add Deckhand coverage job 1 year ago
.dockerignore Collect profile data on DH requests 1 year ago
.gitignore Add integration tests job to .zuul.yaml 11 months ago
.gitreview Update .gitreview for openstack infra 1 year ago
.stestr.conf Switch to stestr 1 year ago
.zuul.yaml trivial: Use airship-deckhand-single-node for nodeset in zuul.yaml 11 months ago
HACKING.rst Add sphinx job for auto-generating docs 1 year ago
LICENSE Update Apache LICENSE 1 year ago
Makefile Unifying proxy variables for docker build 1 year ago
README.rst Rename some instances of ucp to airship 11 months ago
REVIEWING.rst docs: Add developer overview documentation 1 year ago
alembic.ini [396582] Add alembic support to Deckhand 1 year ago
entrypoint.sh [fix] Drop deckhand.conf from default DECKHAND_CONF_DIR path 1 year ago
requirements.txt Add cryptography to Deckhand 10 months ago
setup.cfg Update releasenotes/docs tox jobs 1 year ago
setup.py Oslo config integration (#1) 2 years ago
test-requirements.txt Update Deckhand test-/requirements.txt 1 year ago
tox.ini Merge "Move to stestr for functional/integration tests" 10 months ago

README.rst

Deckhand

Doc Status

Deckhand is a storage service for YAML-based configuration documents, which are managed through version control and automatically validated. Deckhand provides users with a variety of different document types that describe complex configurations using the features listed below.

Find more documentation for Deckhand on Read the Docs.

Core Responsibilities

  • layering - helps reduce duplication in configuration by applying the notion of inheritance to documents
  • substitution - provides separation between secret data and other configuration data for security purposes and reduces data duplication by allowing common data to be defined once and substituted elsewhere dynamically
  • revision history - maintains well-defined collections of documents within immutable revisions that are meant to operate together, while providing the ability to rollback to previous revisions
  • validation - allows services to implement and register different kinds of validations and report errors
  • secret management - leverages existing OpenStack APIs -- namely Barbican -- to reliably and securely store sensitive data

Getting Started

For more detailed installation and setup information, please refer to the Getting Started guide.

Testing

Automated Testing

To run unit tests using sqlite, execute:

$ tox -epy27
$ tox -epy35

against a py27- or py35-backed environment, respectively. To run individual unit tests, run:

$ tox -e py27 -- deckhand.tests.unit.db.test_revisions

for example.

To run functional tests:

$ tox -e functional

You can also run a subset of tests via a regex:

$ tox -e functional -- gabbi.suitemaker.test_gabbi_document-crud-success-multi-bucket

Integration Points

Deckhand has the following integration points:

Note

Currently, other database back-ends are not supported.

Though, being a low-level service, has many other UCP services that integrate with it, including:

  • Drydock is orchestrated by Shipyard to perform bare metal node provisioning.
  • Promenade is indirectly orchestrated by Shipyard to configure and join Kubernetes nodes.
  • Armada is orchestrated by Shipyard to deploy and test Kubernetes workloads.

Further Reading

Airship.