5ef6c3e2e4
Added code to devstack libraries to allow KMIP secret store to be enabled. This edits barbican.conf to enable the KMIP secret store. The Barbican PyKMIP client can be configured to connect to an existing KMIP device or use PyKMIP's server. If the client configuration is all that is needed then enable the 'barbican-pykmip' service in the devstack configuration and set the appropriate key, certificate, and CA path variables. This will allow the Barbican KMIP secret store to connect to an existing KMIP server. If a KMIP server is requested then also enable the 'pykmip-server' service in the devstack configuration. This will install, configure, and start the KMIP server. This option requires the 'barbican-pykmip' service be configured as well. Added passenv command to tox to allow the KMIP_PLUGIN_ENABLED environment variable to be passed to the underlying command. Without this the environment variable will not be seen by the tox command. Change-Id: Ib804fa97545f14ed866bfd73bb251e85923a2e4e Depends-On: Ifda13a84607bb199b794dc24f5dbba0ee8108dbf
55 lines
1.6 KiB
Bash
55 lines
1.6 KiB
Bash
# check for service enabled
|
|
if is_service_enabled barbican; then
|
|
if [[ "$1" == "source" || "`type -t install_barbican`" != 'function' ]]; then
|
|
# Initial source
|
|
source $BARBICAN_DIR/devstack/lib/barbican
|
|
fi
|
|
|
|
if [[ "$1" == "stack" && "$2" == "install" ]]; then
|
|
echo_summary "Installing Barbican"
|
|
install_barbican
|
|
install_barbicanclient
|
|
if is_service_enabled barbican-pykmip; then
|
|
echo_summary "Installing PyKMIP"
|
|
install_pykmip
|
|
fi
|
|
if is_service_enabled barbican-dogtag; then
|
|
echo_summary "Installing Dogtag"
|
|
install_dogtag_components
|
|
fi
|
|
elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
|
|
echo_summary "Configuring Barbican"
|
|
configure_barbican
|
|
if is_service_enabled barbican-pykmip; then
|
|
echo_summary "Configuring KMIP plugin"
|
|
configure_pykmip
|
|
fi
|
|
if is_service_enabled barbican-dogtag; then
|
|
echo_summary "Configuring Dogtag plugin"
|
|
configure_dogtag_plugin
|
|
fi
|
|
configure_barbicanclient
|
|
|
|
if is_service_enabled key; then
|
|
create_barbican_accounts
|
|
fi
|
|
elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
|
|
echo_summary "Initializing Barbican"
|
|
init_barbican
|
|
start_barbican
|
|
if is_service_enabled pykmip-server; then
|
|
echo_summary "Starting PyKMIP server"
|
|
start_pykmip
|
|
fi
|
|
fi
|
|
|
|
if [[ "$1" == "unstack" ]]; then
|
|
stop_barbican
|
|
fi
|
|
|
|
if [[ "$1" == "clean" ]]; then
|
|
cleanup_barbican
|
|
fi
|
|
fi
|
|
|