openstack
/
app-catalog
Code Issues Proposed changes
RETIRED, Application catalog for OpenStack
433 Commits 2 Branches 0 Tags 3.9 MiB
Go to file
Luong Anh Tuan cf81bd39a6 Replace yaml.load() with yaml.safe_load() 
Avoid dangerous file parsing and object serialization libraries.
yaml.load is the obvious function to use but it is dangerous[1]
Because yaml.load return Python object may be dangerous if you
receive a YAML document from an untrusted source such as the
Internet. The function yaml.safe_load limits this ability to
simple Python objects like integers or lists.

In addition, Bandit flags yaml.load() as security risk so replace
all occurrences with yaml.safe_load(). Thus I replace yaml.load()
with yaml.safe_load()

[1]https://security.openstack.org/guidelines/dg_avoid-dangerous-input-parsing-libraries.html

Change-Id: Ife71148013d5f94ec5ae62633ff9a41f419bd3b7
Closes-Bug: #1634265
 		2017-01-18 11:47:26 +07:00
deployment Replace yaml.load() with yaml.safe_load() 2017-01-18 11:47:26 +07:00
doc/source Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
openstack_catalog Replace yaml.load() with yaml.safe_load() 2017-01-18 11:47:26 +07:00
tools Replace yaml.load() with yaml.safe_load() 2017-01-18 11:47:26 +07:00
.coveragerc Change ignore-errors to ignore_errors 2015-09-21 14:24:40 +00:00
.eslintrc Lint js and css files 2015-07-29 13:56:21 +03:00
.gitignore Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
.gitreview Update .gitreview for project rename 2015-09-11 20:57:45 +00:00
.mailmap Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
.testr.conf Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
CONTRIBUTING.rst Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
HACKING.rst Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
LICENSE Add link and info for app-catalog-ui horizon plugin 2015-10-20 12:31:19 -07:00
MANIFEST.in Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
README.rst Revert "Show team and repo badges on README" 2016-12-11 17:46:46 +00:00
babel.cfg Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
bindep.txt Move other-requirements.txt to bindep.txt 2016-08-12 20:52:29 +02:00
manage.py Python Server 2015-11-19 14:13:06 -08:00
package.json Update repo references 2015-09-11 17:23:10 -07:00
requirements.txt Fix Django version in requirements.txt 2016-02-16 09:56:31 +01:00
run_tests.sh Python Server 2015-11-19 14:13:06 -08:00
setup.cfg py33 is no longer supported by Infra's CI 2016-09-21 09:03:41 +05:30
setup.py Initial Cookiecutter Commit. 2015-04-01 13:06:34 +03:00
test-requirements.txt Remove discover from test-requirements 2016-07-22 06:51:51 +00:00
tox.ini Now there are no E123/E125 warnings 2016-12-15 00:27:14 +08:00

README.rst

OpenStack Community App Catalog

Application Catalog for OpenStack

The OpenStack Community App Catalog will help you make applications available on your OpenStack cloud by providing a community driven catalog containing Glance images, Heat templates and Murano applications.

Overview

By providing a public location where OpenStack users can publish and consume artifacts to share and add additional capabilities, all OpenStack clouds become more valuable. For example vendors can publish Glance images for launching new VMs, Heat templates for creating new stacks, or Murano app packages for installing complete applications. When many OpenStack community members are publishing artifacts that users can easily download and install into their clouds this will multiply the value of their OpenStack cloud. Easy access to images, templates and apps will solve the "what now" question some user consider after successfully deploying an OpenStack environment.

Getting started with the Community App Catalog

See the wiki page to see how to get started using or contributing to the App Catalog. Visit https://wiki.openstack.org/wiki/App-Catalog for more details.

Project Info