header d ----------
- Your favorite text editor
- Python 3 (3.5 is the latest)
def _require_single_keyword_arg(self, **kwargs): | |
provided_params = [name for name, value in kwargs.iteritems() if value] | |
if not provided_params: raise VE('Something must be passed in') | |
if len(provided_params) != 1: | |
msg = _('Only a single keyword arg allowed: received %s') % ', '.join(provided_params) | |
raise exception.ValidationError(msg) |
import collections | |
import re | |
import routes | |
from keystone import assignment | |
from keystone import auth | |
from keystone import catalog | |
from keystone.common import controller | |
from keystone import credential |
- time
2015-05-18 11:15:00-07:00
- location
Room 211,
Who can do what? In OpenStack, it is the Policy engine that controls these decisions. A secure deployment means moving beyond the default policy provided with the base distribution. But how do you write policy rules that reflect your security decisions? This presentation, Adam Young, a core Keystone developer from the Red Hat Identity Management team, explain the access control policy mechanism fr...
Enabling Real-world Interoperable Hybrid Cloud Use Cases Using OpenStack's Federated Identity Capabilities
[dashboard] | |
title = Things I Need To DO! | |
description = A dashboard to help me focus my review efforts | |
foreach = is:watched is:open limit:10 NOT label:Workflow-1 | |
[section "Needs a review"] | |
query = NOT label:Code-Review<=-1,self NOT label:Code-Review>=1,self NOT owner:self | |
[section "Needs me to do something"] | |
query = owner:self (label:Workflow<=-1 OR label:Verified-1 OR label:Code-Review<=-1) |
;$TTL 86400 | |
$TTL 10 | |
;@ IN SOA example-cloud.local. root.localhost. ( | |
; 1 ; Serial | |
; 604800 ; Refresh | |
; 86400 ; Retry | |
; 2419200 ; Expire | |
; 86400 ) ; Negative Cache TTL | |
@ IN SOA RegionOne.example-cloud.local. root.localhost. ( | |
1 ; Serial |
What? | |
----- | |
Functional tests are black box tests that we can use to specify what makes Keystone. | |
1. Base tests that all Keystone implementations must pass | |
2. Optional tests specific to a setup (Federation) | |
3. They are not run using the Keystone client | |
4. They can be pointed to any cloud that you wish to test (shouldn't be a production cloud) |
This is a crazy rought draft. More like a semi-organized brainstorm.
To provide a stable API for building drivers. This gives third-party driver writers time (a full cycle) to update their drivers to fulfill new API expectations.
In Keystone we deliver our drivers in the same package as the managers. This makes it much easier for us to deal with changing APIs than for third-party developers.
#!/usr/bin/env python3 | |
import collections | |
import datetime | |
import json | |
MIN_INC = 5 | |
EVENT_CONTINUED = object() | |
EMPTY = object() |