airship/pegleg
Code Issues Proposed changes
770cf4256e
pegleg/doc/source/getting_started.rst
Felipe Monteiro 2a8d2638b3 pki: Port Promenade's PKI catalog into Pegleg 
This patch set implements the PKICatalog [0] requirements
as well as PeglegManagedDocument [1] generation requirements
outlined in the spec [2].

Included in this patch set:

* New CLI entry point called "pegleg site secrets generate-pki"
* PeglegManagedDocument generation logic in
  engine.cache.managed_document
* Refactored PKICatalog logic in engine.cache.pki_catalog derived
  from the Promenade PKI implementation [3], responsible for
  generating certificates, CAs, and keypairs
* Refactored PKIGenerator logic in engine.cache.pki_generator
  derived from Promenade Generator implementation [4],
  responsible for reading in pegleg/PKICatalog/v1 documents (as
  well as promenade/PKICatalog/v1 documents for backwards
  compatibility) and generating required secrets and storing
  them into the paths specified under [0]
* Unit tests for all of the above [5]
* Example pki-catalog.yaml document under pegleg/site_yamls
* Validation schema for pki-catalog.yaml (TODO: implement
  validation logic here: [6])
* Updates to CLI documentation and inclusion of PKICatalog
  and PeglegManagedDocument documentation
* Documentation updates with PKI information [7]

TODO (in follow-up patch sets):

* Expand on overview documentation to include new Pegleg
  responsibilities
* Allow the original repository (not the copied one) to
  be the destination where the secrets are written to
* Finish up cert expiry/revocation logic

[0] https://airship-specs.readthedocs.io/en/latest/specs/approved/pegleg-secrets.html#document-generation
[1] https://airship-specs.readthedocs.io/en/latest/specs/approved/pegleg-secrets.html#peglegmanageddocument
[2] https://airship-specs.readthedocs.io/en/latest/specs/approved/pegleg-secrets.html
[3] https://github.com/openstack/airship-promenade/blob/master/promenade/pki.py
[4] https://github.com/openstack/airship-promenade/blob/master/promenade/generator.py
[5] https://review.openstack.org/#/c/611739/
[6] https://review.openstack.org/#/c/608159/
[7] https://review.openstack.org/#/c/611738/

Change-Id: I3010d04cac6d22c656d144f0dafeaa5e19a13068
2019-01-15 13:29:21 -06:00

57 lines
2.0 KiB
ReStructuredText
Raw Blame History

..
Copyright 2018 AT&T Intellectual Property.
All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
===============
Getting Started
===============
What is Pegleg?
---------------
Pegleg is a document aggregator that aggregates all the documents in a
repository and packs them into a single YAML file. This allows for operators to
structure their site definitions in a maintainable directory layout, while
providing them with the automation and tooling needed to aggregate, lint, and
render those documents for deployment.
For more information on the documents that Pegleg works on see
`Document Fundamentals`_.
Basic Usage
-----------
Before using Pegleg, you must:
1. Clone the Pegleg repository:
.. code-block:: console
git clone https://git.airshipit.org/airship-pegleg
2. Install `Docker CE`_, as Pegleg relies on it for CLI execution.
3. Clone the repos containing your `site definition libraries`_ into the
local filesystem where Pegleg is running, as Pegleg can only work with files
available in the local directory.
You will then be able to use all of Pegleg's features through the CLI. See CLI_ for more
information.
.. _Document Fundamentals: https://airship-pegleg.readthedocs.io/en/latest/authoring_strategy.html
.. _Docker CE: https://docs.docker.com/install/
.. _site definition libraries: https://airship-pegleg.readthedocs.io/en/latest/artifacts.html#definition-library-layout
.. _CLI: https://airship-pegleg.readthedocs.io/en/latest/cli.html
View Git Blame Copy Permalink