{"id":15704062,"url":"https://github.com/dolph/keystone-deploy","last_synced_at":"2025-05-12T16:33:49.783Z","repository":{"id":14507441,"uuid":"17220919","full_name":"dolph/keystone-deploy","owner":"dolph","description":"Deploy OpenStack Keystone from source.","archived":false,"fork":false,"pushed_at":"2016-01-21T19:21:27.000Z","size":229,"stargazers_count":6,"open_issues_count":5,"forks_count":3,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-04-01T00:38:42.411Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dolph.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-02-26T18:41:33.000Z","updated_at":"2019-05-20T09:46:06.000Z","dependencies_parsed_at":"2022-08-27T09:40:43.639Z","dependency_job_id":null,"html_url":"https://github.com/dolph/keystone-deploy","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolph%2Fkeystone-deploy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolph%2Fkeystone-deploy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolph%2Fkeystone-deploy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dolph%2Fkeystone-deploy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dolph","download_url":"https://codeload.github.com/dolph/keystone-deploy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253777383,"owners_count":21962678,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-03T20:10:11.208Z","updated_at":"2025-05-12T16:33:49.728Z","avatar_url":"https://github.com/dolph.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Deploy keystone from source\n\nThis illustrates a deployment of [OpenStack\nkeystone](http://keystone.openstack.org/) from\n[source](https://github.com/openstack/keystone), primarily geared towards\ndocumenting and testing various configurations.\n\n## Usage\n\nThis repository is designed to deploy keystone to an arbitrary host using\nansible. You'll at least need `sudo` access on that host, if not `root`. This\nrepository is tested with Travis CI, so Ubuntu 12.04 is recommended.\n\nStart by installing the project's dependencies:\n\n    pip install -r requirements.txt\n\nCopy the sample Ansible inventory file to create a custom inventory, where you\ncan specify your host and any custom variables:\n\n    cp sample_inventory inventory\n\nNext, install ansible dependencies:\n\n    ansible-galaxy install --roles-path=playbooks/roles/ --role-file=ansible-requirements.txt\n\nAnd then you can deploy keystone:\n\n    ansible-playbook -i inventory deploy.yaml\n\nNote that you might need to specify how ansible should authenticate with the\nhost, and how to obtain root permissions. See `ansible-playbook --help` for\nthe available options.\n\n## How it works\n\nThe ansible playbooks deploy both `keystone` and a tiny service protected by\n`keystonemiddleware.auth_token` called `echo`. The test suite exercises the\ndeployment by retrieving tokens from keystone using `keystoneclient`, and\nmaking authenticated API requests to `echo`. `auth_token` intercepts those\nrequests and validates the authentication and authorization context asserted by\nkeystone. To live up to it's name, `echo` then echoes the user's auth context\nback to the test suite in the HTTP response, where it is validated against the\nexpected auth context.\n\n![Sequence diagram](http://www.websequencediagrams.com/cgi-bin/cdraw?lz=Q2xpZW50LT4ra2V5c3RvbmU6IEF1dGhlbnRpY2F0ZQoADwgtLT4tACYGOiBUb2tlbgoAMQlhdXRoX3Rva2VuOiBBUEkgcmVxdWVzdCArIAAQBQoAFgoAWg1WYWxpZGF0ZQAfBwBdDABFDXV0aCBjb250ZXh0AD0OZWNobyBzZXJ2aWNlAGoQYQAqDAAdDACBPAwAgScGc3BvbnNlCg\u0026s=napkin)\n\n## Testing\n\nThis repository is divided into several feature branches, wherein each feature\nbranch demonstrates and tests a deployment variation. The `master` branch\nrepresents a vanilla deployment. All feature branches should be regularly\nrebased onto the master branch.\n\n| Branch        | Status                                                                                                                                        | Description                                              |\n|---------------|-----------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------|\n| master        | [![Build Status](https://travis-ci.org/dolph/keystone-deploy.svg?branch=master)](https://travis-ci.org/dolph/keystone-deploy/branches)        | Uses Apache httpd, with a MySQL backend and UUID tokens. |\n| eventlet      | [![Build Status](https://travis-ci.org/dolph/keystone-deploy.svg?branch=eventlet)](https://travis-ci.org/dolph/keystone-deploy/branches)      | Uses eventlet instead of Apache httpd.                   |\n| fernet-tokens | [![Build Status](https://travis-ci.org/dolph/keystone-deploy.svg?branch=fernet-tokens)](https://travis-ci.org/dolph/keystone-deploy/branches) | Uses Fernet tokens instead of UUID tokens.               |\n| pki-tokens    | [![Build Status](https://travis-ci.org/dolph/keystone-deploy.svg?branch=pki-tokens)](https://travis-ci.org/dolph/keystone-deploy/branches)    | Uses PKI tokens instead of UUID tokens.                  |\n| pkiz-tokens   | [![Build Status](https://travis-ci.org/dolph/keystone-deploy.svg?branch=pkiz-tokens)](https://travis-ci.org/dolph/keystone-deploy/branches)   | Uses PKIZ tokens instead of PKI tokens.                  |\n| v3-only       | [![Build Status](https://travis-ci.org/dolph/keystone-deploy.svg?branch=v3-only)](https://travis-ci.org/dolph/keystone-deploy/branches)       | Does not deploy Identity API v2 at all.                  |\n\nTo exercise a deployment, run:\n\n    HOST=keystone.example.com python -m unittest discover\n\n## Documentation\n\nThe primary goal of this repository is to provide working, tested configuration\ndocumentation, which happens to be in the form of ansible plays.\n\nTo see documentation on how to switch from UUID-tokens to fernet-tokens, for\nexample, use `git diff`:\n\n    git diff master fernet-tokens\n\nTo switch from PKI tokens to PKIZ tokens:\n\n    git diff pki-tokens pkiz-tokens\n\nTo disable the Identity API v2 in favor of running v3 only:\n\n    git diff master v3-only\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdolph%2Fkeystone-deploy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdolph%2Fkeystone-deploy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdolph%2Fkeystone-deploy/lists"}