zuul/zuul

Go to file

James E. Blair 8c47d9ce4e Add api-root tenant config object

In order to allow for authenticated read-only access to zuul-web,
we need to be able to control the authz of the API root.  Currently,
we can only specify auth info for tenants.  But if we want to control
access to the tenant list itself, we need to be able to specify auth
rules.

To that end, add a new "api-root" tenant configuration object which,
like tenants themselves, will allow attaching authz rules to it.

We don't have any admin-level API endpoints at the root, so this change
does not add "admin-rules" to the api-root object, but if we do develop
those in the future, it could be added.

A later change will add "access-rules" to the api-root in order to
allow configuration of authenticated read-only access.

This change does add an "authentication-realm" to the api-root object
since that already exists for tenants and it will make sense to have
that in the future as well.  Currently the /info endpoint uses the
system default authentication realm, but this will override it if
set.

In general, the approach here is that the "api-root" object should
mirror the "tenant" object for all attributes that make sense.

Change-Id: I4efc6fbd64f266e7a10e101db3350837adce371f

2022-10-25 20:19:39 -07:00

doc

Add api-root tenant config object

2022-10-25 20:19:39 -07:00

etc

Remove "sql connection" backwards compatability for database

2022-01-25 16:07:08 -08:00

playbooks

Merge "Add tracing tutorial"

2022-09-27 20:34:51 +00:00

releasenotes/notes

Merge "Rename admin-rule to authorization-rule"

2022-10-25 23:31:48 +00:00

tests

Add api-root tenant config object

2022-10-25 20:19:39 -07:00

tools

Only run yarn build when necessary in tools/pip.sh

2022-10-07 13:29:25 -07:00

web

Hide components in whitelabel tenants

2022-10-25 20:19:38 -07:00

zuul

Add api-root tenant config object

2022-10-25 20:19:39 -07:00

.coveragerc

Revert "Revert "Switch to stestr""

2018-05-17 08:33:40 -07:00

.dockerignore

Add web/node_modules to dockerignore

2019-01-27 11:23:45 +01:00

.gitignore

Use ZooKeeper TLS in tests

2021-03-08 06:49:57 -08:00

.gitreview

OpenDev Migration Patch

2019-04-19 19:25:28 +00:00

.mailmap

Fix pep8 E127 violations

2012-09-26 14:23:10 +00:00

.stestr.conf

Revert "Revert "Switch to stestr""

2018-05-17 08:33:40 -07:00

.zuul.yaml

Remove Ansible 5

2022-10-11 17:03:57 -07:00

bindep.txt

Bump up to python3.10

2022-07-01 15:59:48 -07:00

COPYING

Update README and add GPL license

2018-03-19 09:25:52 -07:00

Dockerfile

Revert "Use debian bookworm version of libc-bin"

2022-09-13 19:40:59 +00:00

LICENSE

Initial commit.

2012-05-29 14:49:32 -07:00

MANIFEST.in

Optimize canMerge using graphql

2020-02-28 09:43:56 +01:00

README.rst

Support nodes setting 'auto' python-path

2019-09-19 10:28:53 +10:00

reno.yaml

Add reno configuration settings

2020-07-22 08:45:46 -07:00

requirements.txt

Fix test_ensure_cloned and JWT tests

2022-10-20 16:01:08 -07:00

setup.cfg

setup: Replace dash-separated config

2022-08-19 11:25:30 +00:00

setup.py

Partial sync with OpenStack requirements.

2013-09-25 15:30:37 -07:00

test-requirements.txt

github: more complete mocking for app setup

2021-09-23 19:53:48 +10:00

TESTING.rst

Update unit test container setup and instructions

2022-08-05 21:00:02 +00:00

tox.ini

Update unit test container setup and instructions

2022-08-05 21:00:02 +00:00

README.rst

Zuul

Zuul is a project gating system.

The latest documentation for Zuul v3 is published at: https://zuul-ci.org/docs/zuul/

If you are looking for the Edge routing service named Zuul that is related to Netflix, it can be found here: https://github.com/Netflix/zuul

If you are looking for the Javascript testing tool named Zuul, it can be found here: https://github.com/defunctzombie/zuul

Getting Help

There are two Zuul-related mailing lists:

zuul-announce: A low-traffic announcement-only list to which every Zuul operator or power-user should subscribe.
zuul-discuss: General discussion about Zuul, including questions about how to use it, and future development.

You will also find Zuul developers in the #zuul channel on Freenode IRC.

Contributing

To browse the latest code, see: https://opendev.org/zuul/zuul To clone the latest code, use git clone https://opendev.org/zuul/zuul

Bugs are handled at: https://storyboard.openstack.org/#!/project/zuul/zuul

Suspected security vulnerabilities are most appreciated if first reported privately following any of the supported mechanisms described at https://zuul-ci.org/docs/zuul/user/vulnerabilities.html

Code reviews are handled by gerrit at https://review.opendev.org

After creating a Gerrit account, use git review to submit patches. Example:

# Do your commits
$ git review
# Enter your username if prompted

Join #zuul on Freenode to discuss development or usage.

License

Zuul is free software. Most of Zuul is licensed under the Apache License, version 2.0. Some parts of Zuul are licensed under the General Public License, version 3.0. Please see the license headers at the tops of individual source files.

Python Version Support

Zuul requires Python 3. It does not support Python 2.

Since Zuul uses Ansible to drive CI jobs, Zuul can run tests anywhere Ansible can, including Python 2 environments.

Languages

Python 88.3%

JavaScript 9.5%

C# 1.1%

CSS 0.4%

PowerShell 0.3%

Other 0.3%