)]}' { "log": [ { "commit": "1987fcc8a31478911d6c815eb0a94afcf9fa5788", "tree": "1d2e1354eb3dca6e6e98cf560b4a391ab4d2033d", "parents": [ "dae868fcb0c2a940e7add2d2f1e9ac7fd50feda1" ], "author": { "name": "Rob Crittenden", "email": "rcritten@redhat.com", "time": "Wed Jun 10 11:00:59 2015 -0400" }, "committer": { "name": "Rob Crittenden", "email": "rcritten@redhat.com", "time": "Tue Jun 16 17:57:09 2015 -0400" }, "message": "Replace pip-installed requests CA bundle with link\n\nIf the version of python-requests required is higher than\nthat provided by the operating system, pip will install\nit from upstream.\n\nThe upstream version provides its own CA certificate bundle\nbased on the Mozilla bundle, and defaults to that in case\na CA certificate file is not specified for a request.\n\nThe distribution-specific packages point to the system-wide\nCA bundle that can be managed by tools such as\nupdate-ca-trust (Fedora/RHEL) and update-ca-certificates\n(Debian/Ubuntu).\n\nWhen installing in SSL/TLS mode, either with SSL\u003dTrue or by\nadding tls-proxy to ENABLED_SERVICES, if a non-systemwide\nCA bundle is used, then the CA generated by devstack will\nnot be used causing the installation to fail.\n\nReplace the upstream-provided bundle with a link to the\nsystem bundle when possible.\n\nChange-Id: I651aec93398d583dcdc8323503792df7ca05a7e7\nCloses-Bug: #1459789\n" }, { "commit": "dc97cb71e85fc807d2cce6f054c785922d322eb9", "tree": "86affcfbc7054c209c2ab0a4c3f7955d5e1bf16f", "parents": [ "9720239618189c13734aa32aabee9252707f2db9" ], "author": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Sat Mar 28 08:20:50 2015 -0500" }, "committer": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Sat Mar 28 14:35:12 2015 -0500" }, "message": "Mostly docs cleanups\n\nFix documentation build errors and RST formatting\n\nChange-Id: Id93153400c5b069dd9d772381558c7085f64c207\n" }, { "commit": "e263c82e48a431e502bd6baceb6dfcfdc1750cbb", "tree": "5ca592e668dedb4debc6c7170f3abf37cc4bc0c6", "parents": [ "2f8e08b5728f4272b415b1c0aab8ff62eae29b06" ], "author": { "name": "Sean Dague", "email": "sean@dague.net", "time": "Fri Dec 05 14:25:28 2014 -0500" }, "committer": { "name": "Sean Dague", "email": "sean@dague.net", "time": "Wed Dec 10 11:28:05 2014 -0500" }, "message": "add shebang lines to all lib files\n\nWith gerrit 2.8, and the new change screen, this will trigger syntax\nhighlighting in gerrit. Thus making reviewing code a lot nicer.\n\nChange-Id: Id238748417ffab53e02d59413dba66f61e724383\n" }, { "commit": "e5dbec252aac0ca665696a5b69267f13882478c2", "tree": "7a7fc675e9c6ef6cd725b7136ab68836d438ef7c", "parents": [ "f33e76bf9bd9a3bc39e8b3b99257a4ae98a10d25", "3324f19f5aeb3c8933447752dbc2c1b8c7f9b2de" ], "author": { "name": "Jenkins", "email": "jenkins@review.openstack.org", "time": "Wed Oct 08 22:14:51 2014 +0000" }, "committer": { "name": "Gerrit Code Review", "email": "review@openstack.org", "time": "Wed Oct 08 22:14:51 2014 +0000" }, "message": "Merge \"Fix docs build errors\"" }, { "commit": "3324f19f5aeb3c8933447752dbc2c1b8c7f9b2de", "tree": "84248dfdde0ce32a415c565db32dcb04776ea51e", "parents": [ "7672ad1dbc00ec5ff80f3aa670404e413e86e506" ], "author": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Thu Sep 18 09:26:39 2014 -0500" }, "committer": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Thu Oct 02 15:30:50 2014 -0500" }, "message": "Fix docs build errors\n\nFix shocco errors during docs generation\n\nCloses-Bug: 1362691\nChange-Id: I2b7fb008c89f0b4e7280b2d0a054320765e83e47\n" }, { "commit": "18d4778cf7bffa60eb2e996a13c129c64f83575f", "tree": "d6d934b05026d32d6942b34a5e3a359202b3996c", "parents": [ "d60c10d6dbe44445aaab9e3fcc0127e39e989f40" ], "author": { "name": "Rob Crittenden", "email": "rcritten@redhat.com", "time": "Wed Mar 19 17:47:42 2014 -0400" }, "committer": { "name": "Rob Crittenden", "email": "rcritten@redhat.com", "time": "Wed Sep 24 18:36:37 2014 -0400" }, "message": "Configure endpoints to use SSL natively or via proxy\n\nConfigure nova, cinder, glance, swift and neutron to use SSL\non the endpoints using either SSL natively or via a TLS proxy\nusing stud.\n\nTo enable SSL via proxy, in local.conf add\n\nENABLED_SERVICES+\u003d,tls-proxy\n\nThis will create a new test root CA, a subordinate CA and an SSL\nserver cert. It uses the value of hostname -f for the certificate\nsubject. The CA certicates are also added to the system CA bundle.\n\nTo enable SSL natively, in local.conf add:\n\nUSE_SSL\u003dTrue\n\nNative SSL by default will also use the devstack-generate root and\nsubordinate CA.\n\nYou can override this on a per-service basis by setting\n\n\u003cSERVICE\u003e_SSL_CERT\u003d/path/to/cert\n\u003cSERVICE\u003e_SSL_KEY\u003d/path/to/key\n\u003cSERVICE\u003e_SSL_PATH\u003d/path/to/ca\n\nYou should also set SERVICE_HOST to the FQDN of the host. This\nvalue defaults to the host IP address.\n\nChange-Id: I36fe56c063ca921131ad98439bd452cb135916ac\nCloses-Bug: 1328226\n" }, { "commit": "73ad94c9b4bc7d0bfa137cfddb9eb93d453d208e", "tree": "de987ac4950c0b985839e08032575348974d5bb2", "parents": [ "40564a2b3508f1653f5665f7b726f6d2e93f2668", "2f69c6b85387f85db63e0a087c8b3fac992bd04d" ], "author": { "name": "Jenkins", "email": "jenkins@review.openstack.org", "time": "Mon Aug 25 14:42:35 2014 +0000" }, "committer": { "name": "Gerrit Code Review", "email": "review@openstack.org", "time": "Mon Aug 25 14:42:35 2014 +0000" }, "message": "Merge \"Don\u0027t try to regenerate existing ssl certificates\"" }, { "commit": "b1e3d0f222da5e3edd68dd92020962beb1155e1e", "tree": "e44c9c6e84e8baf3459040264e85e889f3afcdf5", "parents": [ "b939caea45e2b43f36a831837821ad466451f7ed" ], "author": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Fri Jul 25 14:57:54 2014 -0500" }, "committer": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Tue Aug 19 19:14:04 2014 -0500" }, "message": "Clean up local variable usage - Remainder\n\nMinor cleanups in a couple ofplaces:\n* Config funtions\n* Stackforge\n* TLS\n\nCombined a couple of smaller changesets that are loosly related\n\nChange-Id: Ifa16f2e4c0eca0ef3401c0dfdc4f3d91809021a5\n" }, { "commit": "f0bd8dbe37bd855669ad4cddff0a49bccfd9b64e", "tree": "8c98548c656f2b72e592cad070a3a30d05842dde", "parents": [ "27eefd87298645b30972a0c0b5a32c3a699521b8" ], "author": { "name": "Sean Dague", "email": "sean@dague.net", "time": "Wed Jul 23 15:14:07 2014 -0400" }, "committer": { "name": "Sean Dague", "email": "sean@dague.net", "time": "Wed Jul 23 15:14:07 2014 -0400" }, "message": "stop leaking service as a global var\n\nthe tls code was leaking out $service as a global variable, which\nwas causing all manner of confusing errors in grenade trying to\nuse that variable name. All lower case vars should be localize.\n\nChange-Id: I74fa597f20ee7c714cab83490b42d874ea93db02\n" }, { "commit": "bd5dae0618ed697504a25a692a02e8372fc3d66c", "tree": "6f2e0544e611a610a0ddb2c46b28f78ab2427f2b", "parents": [ "e33379658ffc97ffa82117e5dc35f6eb01bde951" ], "author": { "name": "Stanislaw Pitucha", "email": "stanislaw.pitucha@hp.com", "time": "Wed Jun 25 15:29:43 2014 +0100" }, "committer": { "name": "Stanislaw Pitucha", "email": "stanislaw.pitucha@hp.com", "time": "Mon Jun 30 10:52:25 2014 +0100" }, "message": "Do a proper tls/ca cleanup in unstack\n\nCertificates and the index were left in the data directory after\nrunning unstack. That would break devstack on the next run.\n\npartial blueprint devstack-https\nChange-Id: I6eb552a76fb29addf4d02254c027e473d6805df1\n" }, { "commit": "2e0f0544ec0af0af31d923c2fc3e3fd08e60129b", "tree": "2f7aaffe84d4474f96e9678bff529dd0363135a8", "parents": [ "bfa5817c5085d84b2d6b821f000c8f028c61f565" ], "author": { "name": "Stanislaw Pitucha", "email": "stanislaw.pitucha@hp.com", "time": "Fri Jun 27 16:05:53 2014 +0100" }, "committer": { "name": "Stanislaw Pitucha", "email": "stanislaw.pitucha@hp.com", "time": "Fri Jun 27 16:10:55 2014 +0100" }, "message": "Comment fix - correct function names\n\nChange-Id: Idecc6cd9bc255ab20d3bc8f4b3a3e7f248b585f0\n" }, { "commit": "2f69c6b85387f85db63e0a087c8b3fac992bd04d", "tree": "8ba778d0ba2b981eb31870d814d188f49750f1f0", "parents": [ "c6dc3deb2571f08b224c9a11eac975da2ef59f5a" ], "author": { "name": "Stanislaw Pitucha", "email": "stanislaw.pitucha@hp.com", "time": "Wed Jun 25 15:07:48 2014 +0100" }, "committer": { "name": "Stanislaw Pitucha", "email": "stanislaw.pitucha@hp.com", "time": "Wed Jun 25 15:07:48 2014 +0100" }, "message": "Don\u0027t try to regenerate existing ssl certificates\n\nRerunning stack.sh after some failure unrelated to ssl setup will fail\ndue to certificates already existing in the CA index. Don\u0027t regenerate\nthem instead. This is a workaround making devstack development easier\nrather than something typical user would run into.\n\nChange-Id: Icfd4cb5132c8c9297eb73159e592b7006295184f\n" }, { "commit": "66115e532350840272293ead8d211f26af5c8c23", "tree": "681f8f06b1ff59fa97dee2a1472dc7ab712132e4", "parents": [ "116023f8e4a6857321a0ea245e91695e203541b0" ], "author": { "name": "Solly Ross", "email": "sross@redhat.com", "time": "Tue Mar 18 15:12:05 2014 -0400" }, "committer": { "name": "Solly Ross", "email": "sross@redhat.com", "time": "Mon Mar 24 14:05:08 2014 -0400" }, "message": "Fix broken if statement in lib/tls on ZSH\n\nWhen using ZSH, the line `if [[ (!$cert \u0026\u0026 !$key \u0026\u0026 $ca) ]]` fails\ndue to a syntax error. Instead of checking the variables as a boolean,\nwe can simply check if they have a non-zero length. This works in ZSH.\n\nChange-Id: I171ed10a8c0af354e82bd6119508a0c44b6bcd9c\n" }, { "commit": "aee18c749b0e3a1a3a6907a33db76ae83b8d41d9", "tree": "01a8ab5abb9867986f3e848918abd9e749b691cd", "parents": [ "0ed4af02da0bd4a0f757dd8c2156913e6c7a724c" ], "author": { "name": "Ian Wienand", "email": "iwienand@redhat.com", "time": "Fri Feb 21 15:35:08 2014 +1100" }, "committer": { "name": "Ian Wienand", "email": "iwienand@redhat.com", "time": "Fri Feb 28 07:59:03 2014 +1100" }, "message": "Enforce function declaration format in bash8\n\nCheck that function calls look like ^function foo {$ in bash8, and fix\nall existing failures of that check. Add a note to HACKING.rst\n\nChange-Id: Ic19eecb39e0b20273d1bcd551a42fe400d54e938\n" }, { "commit": "bd24a8d0f884d27f47834c917c047b54271c1179", "tree": "a2fc27d5b90c224c65283dc6bb87cb563d8c4eca", "parents": [ "99da4af55ef0c451983bcc5d7f97e1e22da168ea" ], "author": { "name": "Jamie Lennox", "email": "jamielennox@redhat.com", "time": "Fri Sep 20 16:26:42 2013 +1000" }, "committer": { "name": "Gerrit Code Review", "email": "review@openstack.org", "time": "Mon Nov 25 22:27:51 2013 +0000" }, "message": "Allow deploying keystone with SSL certificates\n\nAllow providing certificates through environment variables to be used\nfor keystone, and provide the basis for doing this for other services.\nIt cannot be used in conjunction with tls-proxy as the service provides\nit\u0027s own encrypted endpoint.\n\nImpletmenting: blueprint devstack-https\nChange-Id: I8cf4c9c8c8a6911ae56ebcd14600a9d24cca99a0\n" }, { "commit": "6a5aa7c6a20435bbd276a0f1823396b52a8f0daf", "tree": "d5137f132a359469f1225d61850466feb4658297", "parents": [ "cb961597cc30f9d8ece17529f09a8291454827e3" ], "author": { "name": "Adam Spiers", "email": "aspiers@suse.com", "time": "Thu Oct 24 11:27:02 2013 +0100" }, "committer": { "name": "Adam Spiers", "email": "aspiers@suse.com", "time": "Thu Oct 24 17:38:19 2013 +0100" }, "message": "Fix some Markdown formatting issues\n\nAddress miscellaneous issues with Markdown formatting in comments which\nare consumed by shocco when generating the online documentation.\n\nChange-Id: I953075cdbddbf1f119c6c7e35f039e2e54b79078\n" }, { "commit": "cc6b4435458b5db6aed17631e4789c43d21ee8e5", "tree": "a8460f062f571849a7a9a547c85771d625828b34", "parents": [ "2e75ff1a41e741ee77926a1262e1e9410701b4e1" ], "author": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Mon Apr 08 15:38:03 2013 -0500" }, "committer": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Tue Apr 09 14:05:32 2013 -0500" }, "message": "Formatting cleanups, doc updates and whatnot\n\nChange-Id: Ica8298353be22f947c8e8a03d8dc29ded9cb26dd\n" }, { "commit": "584d90ec56e18cbb9c0f15fe6af35504c02ea4bd", "tree": "6d2027aed2ab0e2e44be06ce906c7083493aab3d", "parents": [ "a173376ea1b838d420384c2946b7e66859b6335b" ], "author": { "name": "Sean Dague", "email": "sdague@linux.vnet.ibm.com", "time": "Fri Mar 29 14:34:53 2013 -0400" }, "committer": { "name": "Sean Dague", "email": "sdague@linux.vnet.ibm.com", "time": "Fri Mar 29 14:36:49 2013 -0400" }, "message": "add emacs shell-script tagging\n\nfor files that don\u0027t start with a #! or end in .sh, the added tags\nare nice for emacs users to automatically switch to the right mode.\n\nChange-Id: If4b93e106191bc744ccad8420cef20e751cdf902\n" }, { "commit": "ca8021712325dd4d4ac7185a287cb81cb10fd23d", "tree": "94e4be60c4e0c814a4276bada65846f5e1db0baa", "parents": [ "db89a8189e9425720ba64afb0bffe2bc357831a1" ], "author": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Wed Jan 09 19:08:02 2013 -0600" }, "committer": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Thu Jan 10 01:56:23 2013 -0600" }, "message": "Add tools/make_cert.sh\n\nThis allows use of either the DevStack CA or creating another CA\nindependent of stack.sh.\n\nChange-Id: I055679b5fd06e830c8e6d7d7331c52dd8782d0b6\n" }, { "commit": "c83a7e125fc1fea0370fffed37435097346befa6", "tree": "e60b26a6a27d9a940105754677da18743367999c", "parents": [ "00626a3186650fb111d9af5e2d69311aa5b3d3c2" ], "author": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Thu Nov 29 11:47:58 2012 -0600" }, "committer": { "name": "Dean Troyer", "email": "dtroyer@gmail.com", "time": "Tue Dec 11 17:08:54 2012 -0600" }, "message": "Add TLS support for keystone via proxy\n\n* Adds lib/tls to create test CA/certs\n* Start proxy if \u0027tls-proxy\u0027 is enabled\n* Configure keystone service catalog for TLS\n* Tear down proxy in unstack.sh\n* Set auth protocol and ca-cert chain in openrc\n* Add DATA_DIR to stackrc\n\nThis is the first in a series of patches to enable TLS support\nfor the service API endpoints.\n\nChange-Id: Ia1c91dc8f1aaf94fbec9dc71da322559a83d14b6\n" } ] }