[PATCH] PKI Deployment Framework

Monday, 23 April 2012

Please review and provide an ACK for the attached patch.

This patch attempts to continue implementation of the PKI Deployment 
Framework based upon the revised filesystem layout documented here:

  *
http://pki.fedoraproject.org/wiki/PKI_Instance_Deployment#CA_.2F_KRA_.2F_...

The following patch adds/corrects functionality of the existing PKI 
Deployment Framework including (but not limited to):

  * Completed the following six 'scriptlets':
    Dogtag 10: Python 'initialization.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/147)
    Dogtag 10: Python 'instance_layout.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/75)
    Dogtag 10: Python 'webserver_layout.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/140)
    Dogtag 10: Python 'subsystem_layout.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/141)
    Dogtag 10: Python 'war_explosion.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/76)
    Dogtag 10: Python 'finalization.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/148)
  * Created numerous PKI deployment helper utilities.
  * Augmented logging to provide indentation.
  * Generated logic for installation 'manifest'.
  * Tested logic using '--dry_run' option and '-p' prefix options.
  * Per initial review, removed numerous "constants" and consolidated
    logic into "master" dictionary.
  * Corrected the following ticket:
    Dogtag 10: Fix 'build_dogtag_pki' script to account for 'pki-deploy'
RPM
            (https://fedorahosted.org/pki/ticket/138)
            Resolves Bugzilla Bug #810047 - build_dogtag_pki fails with
    requirements for pki-deploy
            (https://bugzilla.redhat.com/show_bug.cgi?id=810047)
  * Created the following three 'scriptlets' as 'NOT YET IMPLEMENTED'
    place-holders:
    Dogtag 10: Python 'security_databases.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/136)
    Dogtag 10: Python 'slot_assignment.py' Installation Scriptlet
            (https://fedorahosted.org/pki/ticket/146)
    Dogtag 10: Python 'configuration.py' Configuration Scriptlet
            (https://fedorahosted.org/pki/ticket/137)

After being installed, this code can be tested by running the following 
command-line examples (as 'root' or 'sudo'):

  * mkdir /tmp/pki
  * sudo pkispawn -s CA -p /tmp/pki -v --dry_run
  * sudo pkispawn -s CA -p /tmp/pki -v
  * sudo pkispawn -s CA -p /tmp/pki -u -v --dry_run
  * sudo pkispawn -s CA -p /tmp/pki -u -v
  * sudo pkidestroy -s CA -p /tmp/pki -v --dry_run
  * sudo pkidestroy -s CA -p /tmp/pki -v

This code ONLY affects the un-released 'pki-deploy' package, so check-in 
of these changes should not harm the existing source in any way.

NOTE:  After receiving an ACK for these changes, I will update my 
horribly out-of-date working repo located at:

  * http://fedorapeople.org/gitweb/mharmsen/public_git/pki.git

Thanks in advance,
-- Matt

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008