Paul Bourke 9248605e67 Add decryptData yaql function to murano engine
Adds a new yaql function 'decryptData' which pairs with 'encryptData' on
the dashboard side.

Requires a valid secret storage backend (e.g. Barbican) to be configured
via Castellan in murano.conf, e.g.

    [key_manager]
    auth_type = keystone_password
    auth_url = <auth_url>
    username = <username>
    password = <password>
    project_id = <project_id>
    user_domain_name = <user_domain_name>

Murano will still work fine without this config but the encrypt/decrypt
functions will be unavailable.

Partially-Implements blueprint: allow-encrypting-of-muranopl-properties
Depends-On: I1be3a1e11e3f4c2170062927ad359bf679eb25d9
Change-Id: I09416b6d35ed2dafa823eca98262a4e23081e6eb
2017-07-21 13:32:13 +01:00

113 lines
3.4 KiB
INI

# Copyright (c) 2013 Mirantis, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
[metadata]
name = murano
summary = Murano API
description-file =
README.rst
license = Apache License, Version 2.0
author = OpenStack
author-email = openstack-dev@lists.openstack.org
home-page = http://www.openstack.org/software/releases/mitaka/components/murano
classifier =
Development Status :: 5 - Production/Stable
Environment :: OpenStack
Intended Audience :: Developers
Intended Audience :: Information Technology
License :: OSI Approved :: Apache Software License
Operating System :: OS Independent
Programming Language :: Python
Programming Language :: Python :: 2
Programming Language :: Python :: 2.7
Programming Language :: Python :: 3
Programming Language :: Python :: 3.5
[files]
packages =
murano
murano_tempest_tests
[global]
setup-hooks =
pbr.hooks.setup_hook
[entry_points]
console_scripts =
murano-api = murano.cmd.api:main
murano-engine = murano.cmd.engine:main
murano-manage = murano.cmd.manage:main
murano-db-manage = murano.cmd.db_manage:main
murano-cfapi-db-manage = murano.cmd.cfapi_db_manage:main
murano-test-runner = murano.cmd.test_runner:main
murano-cfapi = murano.cmd.cfapi:main
wsgi_scripts =
murano-wsgi-api = murano.httpd.murano_api:init_application
oslo.config.opts =
murano = murano.opts:list_opts
keystone_authtoken = keystonemiddleware.opts:list_auth_token_opts
murano.cfapi = murano.opts:list_cfapi_opts
castellan.config = castellan.options:list_opts
oslo.config.opts.defaults =
murano = murano.common.config:set_middleware_defaults
oslo.policy.policies =
# With the move of default policy in code list_rules returns a list of
# the default defined polices.
murano = murano.common.policies:list_rules
tempest.test_plugins =
murano_tests = murano_tempest_tests.plugin:MuranoTempestPlugin
murano_policy_modify_actions =
remove-object = murano.policy.modify.actions.default_actions:RemoveObjectAction
add-object = murano.policy.modify.actions.default_actions:AddObjectAction
set-property = murano.policy.modify.actions.default_actions:SetPropertyAction
remove-relation = murano.policy.modify.actions.default_actions:RemoveRelationAction
add-relation = murano.policy.modify.actions.default_actions:AddRelationAction
[build_sphinx]
all_files = 1
build-dir = doc/build
source-dir = doc/source
warning-is-error = 1
[egg_info]
tag_build =
tag_date = 0
tag_svn_revision = 0
[compile_catalog]
directory = murano/locale
domain = murano
[update_catalog]
domain = murano
output_dir = murano/locale
input_file = murano/locale/murano.pot
[extract_messages]
keywords = _ gettext ngettext l_ lazy_gettext
mapping_file = babel.cfg
output_file = murano/locale/murano.pot
[pbr]
# Treat sphinx warnings as errors during the docs build; this helps us keep
# the documentation clean.
warnerrors = true