summaryrefslogtreecommitdiffstats
path: root/docs/development/opnfvsecguide/contribution.rst
blob: 683aa2d14941ea1e18a0425b3340e80c75df2589 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45

How to Contribute
-----------------

Anyone is welcome to make additions, raise bugs, and fix issues within this Documentation.
To do so, you will however need to first get an enviroment set up.

Development Environment
#######################

All project data such as formatting guidelines, and upstream mapping is documented via sphinx
which uses reStructuredText

It is recommended that you use a python virtualenv to keep things clean and contained.

VirtualEnv
**********

Use of a virtual environment is recommended, as not only is it a quick easy form of
getting the needed modules in place, it isolates the module versions to a project.

From within your inspector directory, set up a new virtualenv::

    virtualenv venv

Activate the new virtual environment::

    source venv/bin/activate

Install requirements::

    pip install -r requirements.txt

Sphinx Basics
*************

To get started with sphinx, visit the main tutorial which will provide a primer `http://sphinx-doc.org/tutorial.html`

Hack your changes into opnfv-security-guide/source

To compile changes:

    make html

From here you can run a basic python web server or just navigate to the
file:///<repo>/opnfv-security-guide/build/html/index.html in your browser
n class="l l-Scalar l-Scalar-Plain">SSLKey: description: > The content of the SSL Key in PEM format. type: string hidden: true # Can be overridden by parameter_defaults if the user wants to try deploying # this in a distro that doesn't support this path. DeployedSSLCertificatePath: default: '/etc/pki/tls/private/overcloud_endpoint.pem' description: > The filepath of the certificate as it will be stored in the controller. type: string # Passed in by the controller NodeIndex: default: 0 type: number server: description: ID of the controller node to apply this config to type: string resources: ControllerTLSConfig: type: OS::Heat::SoftwareConfig properties: group: script inputs: - name: cert_path - name: cert_chain_content outputs: - name: chain_md5sum - name: cert_modulus - name: key_modulus config: | #!/bin/sh cat > ${cert_path} << EOF ${cert_chain_content} EOF chmod 0440 ${cert_path} chown root:haproxy ${cert_path} md5sum ${cert_path} > ${heat_outputs_path}.chain_md5sum openssl x509 -noout -modulus -in ${cert_path} \ | openssl md5 | cut -c 10- \ > ${heat_outputs_path}.cert_modulus openssl rsa -noout -modulus -in ${cert_path} \ | openssl md5 | cut -c 10- \ > ${heat_outputs_path}.key_modulus # We need to reload haproxy in case the certificate changed because # puppet doesn't know the contents of the cert file. haproxy_status=$(systemctl is-active haproxy) if [ "$haproxy_status" = "active" ]; then systemctl reload haproxy fi ControllerTLSDeployment: type: OS::Heat::SoftwareDeployment properties: name: ControllerTLSDeployment config: {get_resource: ControllerTLSConfig} server: {get_param: server} input_values: cert_path: {get_param: DeployedSSLCertificatePath} cert_chain_content: list_join: - '' - - {get_param: SSLCertificate} - {get_param: SSLIntermediateCertificate} - {get_param: SSLKey} outputs: deploy_stdout: description: Deployment reference value: {get_attr: [ControllerTLSDeployment, chain_md5sum]} deployed_ssl_certificate_path: description: The location that the TLS certificate was deployed to. value: {get_param: DeployedSSLCertificatePath} key_modulus_md5: description: MD5 checksum of the Key SSL Modulus value: {get_attr: [ControllerTLSDeployment, key_modulus]} cert_modulus_md5: description: MD5 checksum of the Certificate SSL Modulus value: {get_attr: [ControllerTLSDeployment, cert_modulus]}