Skip to content

Instantly share code, notes, and snippets.

View dstanek's full-sized avatar

David Stanek dstanek

67 followers · 41 following
View GitHub Profile
@dstanek
dstanek / gist:e25c3b2f36500aa8f133
Last active August 29, 2015 14:07

Header a

header c

header d ----------

@dstanek
dstanek / codemash-python-koans.rst
Last active January 6, 2016 21:15
Codemash 2016: Python Koans
@dstanek
dstanek / gist:63b5d217828a9a765a52
Created January 12, 2015 19:24
def _require_single_keyword_arg(self, **kwargs):
provided_params = [name for name, value in kwargs.iteritems() if value]
if not provided_params: raise VE('Something must be passed in')
if len(provided_params) != 1:
msg = _('Only a single keyword arg allowed: received %s') % ', '.join(provided_params)
raise exception.ValidationError(msg)
@dstanek
dstanek / gist:b6a5ae8daff0e6f9263d
Created March 23, 2015 22:18
import collections
import re
import routes
from keystone import assignment
from keystone import auth
from keystone import catalog
from keystone.common import controller
from keystone import credential
@dstanek
dstanek / key-liberty-summit-summary.rst
Last active August 29, 2015 14:20

Dynamic Policy for Access Control

time

2015-05-18 11:15:00-07:00

location

Room 211,

Who can do what? In OpenStack, it is the Policy engine that controls these decisions. A secure deployment means moving beyond the default policy provided with the base distribution. But how do you write policy rules that reflect your security decisions? This presentation, Adam Young, a core Keystone developer from the Red Hat Identity Management team, explain the access control policy mechanism fr...

Enabling Real-world Interoperable Hybrid Cloud Use Cases Using OpenStack's Federated Identity Capabilities

@dstanek
dstanek / dstanek.dash
Created September 4, 2015 14:00
[dashboard]
title = Things I Need To DO!
description = A dashboard to help me focus my review efforts
foreach = is:watched is:open limit:10 NOT label:Workflow-1
[section "Needs a review"]
query = NOT label:Code-Review<=-1,self NOT label:Code-Review>=1,self NOT owner:self
[section "Needs me to do something"]
query = owner:self (label:Workflow<=-1 OR label:Verified-1 OR label:Code-Review<=-1)
@dstanek
dstanek / db.RegionOne.example-cloud.local
Last active October 9, 2015 17:38
;$TTL 86400
$TTL 10
;@ IN SOA example-cloud.local. root.localhost. (
; 1 ; Serial
; 604800 ; Refresh
; 86400 ; Retry
; 2419200 ; Expire
; 86400 ) ; Negative Cache TTL
@ IN SOA RegionOne.example-cloud.local. root.localhost. (
1 ; Serial
@dstanek
dstanek / functional_tests.txt
Created October 30, 2015 02:16
What?
-----
Functional tests are black box tests that we can use to specify what makes Keystone.
1. Base tests that all Keystone implementations must pass
2. Optional tests specific to a setup (Federation)
3. They are not run using the Keystone client
4. They can be pointed to any cloud that you wish to test (shouldn't be a production cloud)
@dstanek
dstanek / versioned_drivers.asciidoc
Last active November 24, 2015 17:56

Supplementary Documentation for Keystone Versioned Drivers

This is a crazy rought draft. More like a semi-organized brainstorm.

Goal for Versioned Drivers

To provide a stable API for building drivers. This gives third-party driver writers time (a full cycle) to update their drivers to fulfill new API expectations.

In Keystone we deliver our drivers in the same package as the managers. This makes it much easier for us to deal with changing APIs than for third-party developers.

@dstanek
dstanek / create-sched.py
Last active April 18, 2016 14:35
Code to take the OpenStack schedule that was downloaded from https://www.openstack.org/api/v1/summits/6/schedule and turn it into something almost usable.
#!/usr/bin/env python3
import collections
import datetime
import json
MIN_INC = 5
EVENT_CONTINUED = object()
EMPTY = object()