summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
authorKiran Kamineni <kiran.k.kamineni@intel.com>2018-05-22 17:38:16 -0700
committerGirish Havaldar <hg0071052@techmahindra.com>2018-05-23 06:30:48 +0000
commit78d594b5a54dd45aebe3ac05a256ce43ca4213b7 (patch)
tree78fe13a2547763a2bf7465b7150e3a4d246d310e /docs
parentcd6ef3a93d3dae845ba0333de9caa52c99923e9b (diff)
Add release notes and fix docs
Add release notes for SMS Fix other docs issues in SMS Issue-ID: AAF-185 Change-Id: Ib3860018229b61942ab8a48cfdafe0b3f21ceed1 Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
Diffstat (limited to 'docs')
-rw-r--r--docs/api.rst8
-rw-r--r--docs/api_swagger.json317
-rw-r--r--docs/apiswagger.rst745
-rw-r--r--docs/architecture.rst27
-rw-r--r--docs/index.rst38
-rw-r--r--docs/installation.rst32
-rw-r--r--docs/release_notes.rst27
-rw-r--r--docs/usage.rst75
8 files changed, 457 insertions, 812 deletions
diff --git a/docs/api.rst b/docs/api.rst
new file mode 100644
index 0000000..f2afed7
--- /dev/null
+++ b/docs/api.rst
@@ -0,0 +1,8 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2018 Intel Corporation, Inc
+
+Secret Management Service API
+=============================
+
+.. swaggerv2doc:: api_swagger.json
diff --git a/docs/api_swagger.json b/docs/api_swagger.json
new file mode 100644
index 0000000..6d06878
--- /dev/null
+++ b/docs/api_swagger.json
@@ -0,0 +1,317 @@
+{
+ "swagger": "2.0",
+ "info": {
+ "description": "This is a service that provides secret management facilities",
+ "version": "1.0.0",
+ "title": "Secret Management Service",
+ "contact": {
+ "email": "kiran.k.kamineni@intel.com"
+ },
+ "license": {
+ "name": "Apache 2.0",
+ "url": "http://www.apache.org/licenses/LICENSE-2.0.html"
+ }
+ },
+ "host": "aaf.onap.org:10443",
+ "basePath": "/v1/sms/",
+ "tags": [
+ {
+ "name": "domain",
+ "description": "Operations related to Secret Domains"
+ },
+ {
+ "name": "secret",
+ "description": "Operations related to Secrets"
+ }
+ ],
+ "schemes": [
+ "https"
+ ],
+ "paths": {
+ "/domain": {
+ "post": {
+ "tags": [
+ "domain"
+ ],
+ "summary": "Add a new domain",
+ "description": "",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "parameters": [
+ {
+ "in": "body",
+ "name": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/Domain"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Successful Creation",
+ "schema": {
+ "$ref": "#/definitions/Domain"
+ }
+ },
+ "400": {
+ "description": "Invalid input"
+ },
+ "500": {
+ "description": "Internal Server Error"
+ }
+ }
+ }
+ },
+ "/domain/{domainName}": {
+ "delete": {
+ "tags": [
+ "domain"
+ ],
+ "description": "Deletes a domain with provided name",
+ "summary": "Deletes a domain by name",
+ "produces": [
+ "application/json"
+ ],
+ "parameters": [
+ {
+ "name": "domainName",
+ "in": "path",
+ "description": "Name of the domain",
+ "required": true,
+ "type": "string"
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Successful Deletion"
+ },
+ "404": {
+ "description": "Invalid Path or Path not found"
+ }
+ }
+ }
+ },
+ "/domain/{domainName}/secret": {
+ "post": {
+ "tags": [
+ "secret"
+ ],
+ "summary": "Add a new secret",
+ "description": "",
+ "consumes": [
+ "application/json"
+ ],
+ "produces": [
+ "application/json"
+ ],
+ "parameters": [
+ {
+ "name": "domainName",
+ "in": "path",
+ "description": "Name of the domain",
+ "required": true,
+ "type": "string"
+ },
+ {
+ "name": "body",
+ "in": "body",
+ "required": true,
+ "schema": {
+ "$ref": "#/definitions/Secret"
+ }
+ }
+ ],
+ "responses": {
+ "201": {
+ "description": "Successful Creation"
+ },
+ "404": {
+ "description": "Invalid Path or Path not found"
+ }
+ }
+ },
+ "get": {
+ "tags": [
+ "secret"
+ ],
+ "description": "Gets all secret names in this domain",
+ "summary": "List secret Names in this domain",
+ "produces": [
+ "application/json"
+ ],
+ "parameters": [
+ {
+ "name": "domainName",
+ "in": "path",
+ "description": "Name of the domain in which to look at",
+ "required": true,
+ "type": "string"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "Successful operation",
+ "schema": {
+ "type": "object",
+ "properties": {
+ "secretnames": {
+ "type": "array",
+ "items": {
+ "type": "string"
+ },
+ "description": "Array of strings referencing the secret names"
+ }
+ },
+ "example": {
+ "secretnames": [
+ "secretname1",
+ "secretname2",
+ "secretname3"
+ ]
+ }
+ }
+ },
+ "404": {
+ "description": "Invalid Path or Path not found"
+ }
+ }
+ }
+ },
+ "/domain/{domainName}/secret/{secretName}": {
+ "get": {
+ "tags": [
+ "secret"
+ ],
+ "summary": "Find Secret by Name",
+ "description": "Returns a single secret",
+ "produces": [
+ "application/json"
+ ],
+ "parameters": [
+ {
+ "name": "domainName",
+ "in": "path",
+ "description": "Name of the domain in which to look at",
+ "required": true,
+ "type": "string"
+ },
+ {
+ "name": "secretName",
+ "in": "path",
+ "description": "Name of the secret which is needed",
+ "required": true,
+ "type": "string"
+ }
+ ],
+ "responses": {
+ "200": {
+ "description": "successful operation",
+ "schema": {
+ "$ref": "#/definitions/Secret"
+ }
+ },
+ "404": {
+ "description": "Invalid Path or Path not found"
+ }
+ }
+ },
+ "delete": {
+ "tags": [
+ "secret"
+ ],
+ "summary": "Deletes a Secret",
+ "description": "",
+ "produces": [
+ "application/json"
+ ],
+ "parameters": [
+ {
+ "name": "secretName",
+ "in": "path",
+ "description": "Name of Secret to Delete",
+ "required": true,
+ "type": "string"
+ },
+ {
+ "name": "domainName",
+ "in": "path",
+ "required": true,
+ "description": "Path to the SecretDomain which contains the Secret",
+ "type": "string"
+ }
+ ],
+ "responses": {
+ "204": {
+ "description": "Successful Deletion"
+ },
+ "404": {
+ "description": "Invalid Path or Path not found"
+ }
+ }
+ }
+ }
+ },
+ "securityDefinitions": {
+ "token": {
+ "type": "apiKey",
+ "name": "token",
+ "in": "header"
+ }
+ },
+ "definitions": {
+ "Credential": {
+ "type": "object",
+ "properties": {
+ "username": {
+ "type": "string"
+ },
+ "password": {
+ "type": "string"
+ }
+ }
+ },
+ "Domain": {
+ "type": "object",
+ "properties": {
+ "uuid": {
+ "type": "string",
+ "description": "Optional value provided by user. If user does not provide, server will auto generate"
+ },
+ "name": {
+ "type": "string",
+ "description": "Name of the secret domain under which all secrets will be stored"
+ }
+ }
+ },
+ "Secret": {
+ "type": "object",
+ "properties": {
+ "name": {
+ "type": "string",
+ "description": "Name of the secret"
+ },
+ "values": {
+ "description": "Map of key value pairs that constitute the secret",
+ "type": "object",
+ "additionalProperties": {
+ "type": "object"
+ },
+ "example": {
+ "name": "john",
+ "Age": 40,
+ "admin": true
+ }
+ }
+ }
+ }
+ },
+ "externalDocs": {
+ "description": "Find out more about Swagger",
+ "url": "http://swagger.io"
+ }
+} \ No newline at end of file
diff --git a/docs/apiswagger.rst b/docs/apiswagger.rst
deleted file mode 100644
index e35c6e8..0000000
--- a/docs/apiswagger.rst
+++ /dev/null
@@ -1,745 +0,0 @@
-SMS 1.0.0 API
-===============================
-
-.. toctree::
- :maxdepth: 3
-
-
-Description
-~~~~~~~~~~~
-
-This is a service that provides secret management facilities
-
-
-
-Contact Information
-~~~~~~~~~~~~~~~~~~~
-
-
-
-kiran.k.kamineni@intel.com
-
-
-
-
-
-License
-~~~~~~~
-
-
-`Apache 2.0 <http://www.apache.org/licenses/LICENSE-2.0.html>`_
-
-
-
-
-Base URL
-~~~~~~~~
-
-https://aaf.onap.org:10443/v1/sms/
-
-Security
-~~~~~~~~
-
-
-.. _securities_token:
-
-token (API Key)
----------------
-
-
-
-**Name:** token
-
-**Located in:** header
-
-
-
-
-DOMAIN
-~~~~~~
-
-
-Operations related to Secret Domains
-
-
-
-
-
-DELETE ``/domain/{domainName}``
--------------------------------
-
-
-Summary
-+++++++
-
-Deletes a domain by name
-
-Description
-+++++++++++
-
-.. raw:: html
-
- Deletes a domain with provided name
-
-Parameters
-++++++++++
-
-.. csv-table::
- :delim: |
- :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 15, 10, 10, 10, 20, 30
-
- domainName | path | Yes | string | | | Name of the domain
-
-
-Request
-+++++++
-
-
-Responses
-+++++++++
-
-**204**
-^^^^^^^
-
-Successful Deletion
-
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-
-POST ``/domain``
-----------------
-
-
-Summary
-+++++++
-
-Add a new domain
-
-
-
-Request
-+++++++
-
-
-
-.. _d_c7bdcff9aff0692da98e588abdbc895b:
-
-Body
-^^^^
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- name | No | string | | | Name of the secret domain under which all secrets will be stored
- uuid | No | string | | | Optional value provided by user. If user does not provide, server will auto generate
-
-.. code-block:: javascript
-
- {
- "name": "somestring",
- "uuid": "somestring"
- }
-
-Responses
-+++++++++
-
-**201**
-^^^^^^^
-
-Successful Creation
-
-
-Type: :ref:`Domain <d_c7bdcff9aff0692da98e588abdbc895b>`
-
-**Example:**
-
-.. code-block:: javascript
-
- {
- "name": "somestring",
- "uuid": "somestring"
- }
-
-**400**
-^^^^^^^
-
-Invalid input
-
-
-**500**
-^^^^^^^
-
-Internal Server Error
-
-
-
-
-
-LOGIN
-~~~~~
-
-
-Operations related to username password based authentication
-
-
-
-
-
-POST ``/login``
----------------
-
-
-Summary
-+++++++
-
-Login with username and password
-
-Description
-+++++++++++
-
-.. raw:: html
-
- Operations related to logging in via username and Password
-
-
-Request
-+++++++
-
-
-
-.. _d_8e36d758bad367e4538a291a5dd5355f:
-
-Body
-^^^^
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- password | No | string | | |
- username | No | string | | |
-
-.. code-block:: javascript
-
- {
- "password": "somestring",
- "username": "somestring"
- }
-
-Responses
-+++++++++
-
-**200**
-^^^^^^^
-
-Successful Login returns a token
-
-
-.. _i_bbceffdf8441c1c476ca77c42ad12f85:
-
-**Response Schema:**
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- token | No | string | | |
- ttl | No | integer | | | ttl of returned token in seconds
-
-
-**Example:**
-
-.. code-block:: javascript
-
- {
- "token": "somestring",
- "ttl": 1
- }
-
-**404**
-^^^^^^^
-
-Invalid Username or Password
-
-
-
-
-
-SECRET
-~~~~~~
-
-
-Operations related to Secrets
-
-
-
-
-
-DELETE ``/domain/{domainName}/secret/{secretName}``
----------------------------------------------------
-
-
-Summary
-+++++++
-
-Deletes a Secret
-
-
-Parameters
-++++++++++
-
-.. csv-table::
- :delim: |
- :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 15, 10, 10, 10, 20, 30
-
- secretName | path | Yes | string | | | Name of Secret to Delete
- domainName | path | Yes | string | | | Path to the SecretDomain which contains the Secret
-
-
-Request
-+++++++
-
-
-Responses
-+++++++++
-
-**204**
-^^^^^^^
-
-Successful Deletion
-
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-
-GET ``/domain/{domainName}/secret``
------------------------------------
-
-
-Summary
-+++++++
-
-List secret Names in this domain
-
-Description
-+++++++++++
-
-.. raw:: html
-
- Gets all secret names in this domain
-
-Parameters
-++++++++++
-
-.. csv-table::
- :delim: |
- :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 15, 10, 10, 10, 20, 30
-
- domainName | path | Yes | string | | | Name of the domain in which to look at
-
-
-Request
-+++++++
-
-
-Responses
-+++++++++
-
-**200**
-^^^^^^^
-
-Successful operation
-
-
-.. _i_1dcddfd6f11cba3fb2516d3a61cd1b77:
-
-**Response Schema:**
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- secretnames | No | array of string | | | Array of strings referencing the secret names
-
-
-**Example:**
-
-.. code-block:: javascript
-
- {
- "secretnames": [
- "secretname1",
- "secretname2",
- "secretname3"
- ]
- }
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-
-GET ``/domain/{domainName}/secret/{secretName}``
-------------------------------------------------
-
-
-Summary
-+++++++
-
-Find Secret by Name
-
-Description
-+++++++++++
-
-.. raw:: html
-
- Returns a single secret
-
-Parameters
-++++++++++
-
-.. csv-table::
- :delim: |
- :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 15, 10, 10, 10, 20, 30
-
- domainName | path | Yes | string | | | Name of the domain in which to look at
- secretName | path | Yes | string | | | Name of the secret which is needed
-
-
-Request
-+++++++
-
-
-Responses
-+++++++++
-
-**200**
-^^^^^^^
-
-successful operation
-
-
-Type: :ref:`Secret <d_5e5fddd9ede6eb091e8496a9c55b84c3>`
-
-**Example:**
-
-.. code-block:: javascript
-
- {
- "name": "somestring",
- "values": {
- "Age": 40,
- "admin": true,
- "name": "john"
- }
- }
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-
-POST ``/domain/{domainName}/secret``
-------------------------------------
-
-
-Summary
-+++++++
-
-Add a new secret
-
-
-Parameters
-++++++++++
-
-.. csv-table::
- :delim: |
- :header: "Name", "Located in", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 15, 10, 10, 10, 20, 30
-
- domainName | path | Yes | string | | | Name of the domain
-
-
-Request
-+++++++
-
-
-
-.. _d_5e5fddd9ede6eb091e8496a9c55b84c3:
-
-Body
-^^^^
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- name | No | string | | | Name of the secret
- values | No | :ref:`values <i_a9213c9639162b77082e257e19cca0d0>` | | | Map of key value pairs that constitute the secret
-
-.. _i_a9213c9639162b77082e257e19cca0d0:
-
-**Values schema:**
-
-
-Map of key value pairs that constitute the secret
-
-Map of {"key":":ref:`values-mapped <m_4d863967ef9a9d9efdadd1b250c76bd6>`"}
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
-
-
-.. code-block:: javascript
-
- {
- "name": "somestring",
- "values": {
- "Age": 40,
- "admin": true,
- "name": "john"
- }
- }
-
-Responses
-+++++++++
-
-**201**
-^^^^^^^
-
-Successful Creation
-
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-SYSTEM
-~~~~~~
-
-
-Operations related to quorum client which are not useful to clients
-
-
-
-
-
-GET ``/status``
----------------
-
-
-Summary
-+++++++
-
-Get backend status
-
-Description
-+++++++++++
-
-.. raw:: html
-
- Gets current backend status. This API is used only by quorum clients
-
-
-Request
-+++++++
-
-
-Responses
-+++++++++
-
-**200**
-^^^^^^^
-
-Successful operation
-
-
-.. _i_ac1bc8e82eadbd8c03f852e15be4d03b:
-
-**Response Schema:**
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- sealstatus | No | string | | | seal status of backend
-
-
-**Example:**
-
-.. code-block:: javascript
-
- {
- "sealstatus": "somestring"
- }
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-
-POST ``/unseal``
-----------------
-
-
-Summary
-+++++++
-
-Unseal backend
-
-Description
-+++++++++++
-
-.. raw:: html
-
- Sends unseal shard to unseal if backend is sealed
-
-
-Request
-+++++++
-
-
-
-.. _i_9d32e021ba68855cbb6e633520b7cd2d:
-
-Body
-^^^^
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- unsealshard | No | string | | | Unseal shard that will be used along with other shards to unseal backend
-
-.. code-block:: javascript
-
- {
- "unsealshard": "somestring"
- }
-
-Responses
-+++++++++
-
-**201**
-^^^^^^^
-
-Submitted unseal key
-
-
-**404**
-^^^^^^^
-
-Invalid Path or Path not found
-
-
-
-
-
-Data Structures
-~~~~~~~~~~~~~~~
-
-.. _d_8e36d758bad367e4538a291a5dd5355f:
-
-Credential Model Structure
---------------------------
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- password | No | string | | |
- username | No | string | | |
-
-.. _d_c7bdcff9aff0692da98e588abdbc895b:
-
-Domain Model Structure
-----------------------
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- name | No | string | | | Name of the secret domain under which all secrets will be stored
- uuid | No | string | | | Optional value provided by user. If user does not provide, server will auto generate
-
-.. _d_5e5fddd9ede6eb091e8496a9c55b84c3:
-
-Secret Model Structure
-----------------------
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
- name | No | string | | | Name of the secret
- values | No | :ref:`values <i_a9213c9639162b77082e257e19cca0d0>` | | | Map of key value pairs that constitute the secret
-
-.. _i_a9213c9639162b77082e257e19cca0d0:
-
-**Values schema:**
-
-
-Map of key value pairs that constitute the secret
-
-Map of {"key":":ref:`values-mapped <m_4d863967ef9a9d9efdadd1b250c76bd6>`"}
-
-.. csv-table::
- :delim: |
- :header: "Name", "Required", "Type", "Format", "Properties", "Description"
- :widths: 20, 10, 15, 15, 30, 25
-
-
-
diff --git a/docs/architecture.rst b/docs/architecture.rst
new file mode 100644
index 0000000..3055ae3
--- /dev/null
+++ b/docs/architecture.rst
@@ -0,0 +1,27 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright 2018 Intel Corporation, Inc
+
+Architecture
+============
+
+This project aims at the Storage of sensitive information such as passwords, username, and tokens.
+
+**Current state and gaps**
+
+Many services in ONAP use password based authentication. Eg: Database servers, publish/subscribe brokers etc.
+Passwords are stored in plain text files in many services.
+With multiple instances of these services, the attack surface area becomes very big.
+Hence there is a need to ensure that attack surface related to password exposure is reduced.
+
+**Requirement:**
+
+Need for Secure Secret Management.
+Services are expected to get the secret only on needed basis using secret reference and remove the secrets once they are used up.
+
+**Secret Service High Level Flow Diagram**
+
+.. image:: sms_high_level.png
+ :width: 900px
+ :height: 400px
+ :alt: SMS Flow Diagram
diff --git a/docs/index.rst b/docs/index.rst
index 5f17a04..b971e9c 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -2,36 +2,20 @@
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2018 Intel Corporation, Inc
-SMS-Secret Management Service
-==================================
+Secret Management Service (SMS)
+===============================
-.. toctree::
- :maxdepth: 1
-
- installation
- usage
- apiswagger
+.. include:: architecture.rst
+.. include:: installation.rst
+.. include:: usage.rst
-
-Introduction
+Offered APIs
------------
+The full API documentation is here:
-This project aims at the Storage of sensitive information such as passwords.
-
-**Current state and gaps**
-
-Many services in ONAP use password based authentication. Eg: Database servers, publish/subscribe brokers etc.
-Passwords are stored in plain text files in many services.
-With multiple instances of these services, the attach surface area becomes very big.
-Hence there is a need to ensure that attack surface related to password exposure is reduced.
-
-**Requirement:**
-
-Need for secure secret management. Services are expected to get the secret only on needed basis using secret reference and remove the secrets once they are used up.
+.. toctree::
+ :maxdepth: 1
-**Secret Service High Level Flow Diagram**
+ api
-.. image:: sms_high_level.png
- :width: 4555550px
- :height: 300px
- :alt: SMS Flow Diagram
+.. include:: release_notes.rst \ No newline at end of file
diff --git a/docs/installation.rst b/docs/installation.rst
index b22d133..87507c0 100644
--- a/docs/installation.rst
+++ b/docs/installation.rst
@@ -5,29 +5,19 @@
Installation
============
-The Secret Managment Project is a subproject of AAF and will deployed via Helm on Kubernetes
-under the OOM Project
+**Kubernetes**
+
+The Secret Managment Service project is a sub-project of AAF and will be deployed via Helm on Kubernetes
+under the OOM Project umbrella. It will be automatically installed when the AAF chart is installed.
+
+**Standalone Install on Bare-Metal or VM**
+
+A script for doing a standalone install is provided in the repository
+Run it as below:
.. code-block:: console
- # Set Datastore as Consul
- DATASTORE="consul"
- # Set IP address of where Consul is running
- DATASTORE_IP="localhost"
- # Set mountpath inside the container where persistent data is stored.
- MOUNTPATH="/dkv_mount_path/configs/"
- # Place all Config data which needs to be loaded in default directory.
- DEFAULT_CONFIGS=$(pwd)/mountpath/default
- # Create the directories.
- mkdir -p mountpath/default
- # Login to Nexus.
- docker login -u docker -p docker nexus3.onap.org:10001
- # Pull distributed-kv-store image.
- docker pull nexus3.onap.org:10001/onap/music/distributed-kv-store
- # Run the distributed-kv-store image.
- docker run -e DATASTORE=$DATASTORE -e DATASTORE_IP=$DATASTORE_IP -e MOUNTPATH=$MOUNTPATH -d \
- --name dkv \
- -v $DEFAULT_CONFIGS:/dkv_mount_path/configs/default \
- -p 8200:8200 -p 8080:8080 nexus3.onap.org:10001/onap/music/distributed-kv-store
+ cd sms-service/bin/deploy
+ sms.sh start
.. end
diff --git a/docs/release_notes.rst b/docs/release_notes.rst
new file mode 100644
index 0000000..9da9d93
--- /dev/null
+++ b/docs/release_notes.rst
@@ -0,0 +1,27 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+.. Copyright (c) 2018 Intel Corp, Inc.
+
+Release Notes
+=============
+
+Version: 2.0.0
+--------------
+
+:Release Date: 2018-06-25
+
+**New Features**
+
+The Beijing Release is the first release of the Secret Management Service
+
+**Bug Fixes**
+
+ - The full list of implemented user stories, epics and bugs is available on `Beijing Release <https://jira.onap.org/projects/AAF/versions/10370>`
+
+**Upgrade Notes**
+
+ Not applicable as this is a first release
+
+===========
+
+End of Release Notes
diff --git a/docs/usage.rst b/docs/usage.rst
index b35e9b5..ee46458 100644
--- a/docs/usage.rst
+++ b/docs/usage.rst
@@ -2,22 +2,34 @@
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2018 Intel Corporation, Inc
-Typical Usage Scenario
-======================
+Usage Scenario
+==============
+
+**Create a Domain**
+
+This is the root where you will store your secrets.
.. code-block:: guess
- ## Create a Domain
- ## This is where all your secrets will be stored
- curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
+ curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
-X POST \
-d '{
"name": "mysecretdomain"
}'
- https://sms:10443/v1/sms/domain
+ https://aaf-sms.onap:10443/v1/sms/domain
- ## Add a new Secret
- curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
+.. end
+
+---------------
+
+**Add a new Secret**
+
+Store a new secret in your created Domain.
+Secrets have a name and a map containing key value pairs.
+
+.. code-block:: guess
+
+ curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
-X POST \
-d '{
"name": "mysecret",
@@ -27,28 +39,53 @@ Typical Usage Scenario
"password": "mypassword"
}
}'
- https://sms:10443/v1/sms/domain/<domaincurltestdomain/secret
+ https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret
+
+.. end
+
+---------------
+**List all Secret Names in a Domain**
+
+.. code-block:: guess
- ## List all Secrets under a Domain
curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
-X GET \
- https://sms:10443/v1/sms/domain/curltestdomain/secret
+ https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret
+
+.. end
+
+---------------
+
+**Get a previously stored Secret from Domain**
+
+.. code-block:: guess
- ## Get a Secret in a Domain
curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
-X GET \
- https://sms:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1
+ https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret/<PREVIOUSLY CREATED SECRET NAME>
+
+.. end
+
+---------------
+
+**Delete a Secret in specified Domain**
+
+.. code-block:: guess
- ## Delete a Secret in specified Domain
curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
-X DELETE \
- https://sms:10443/v1/sms/domain/curltestdomain/secret/curltestsecret1
+ https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>/secret/<PREVIOUSLY CREATED SECRET NAME>
+
+.. end
+
+---------------
+
+**Delete a Domain**
+
+.. code-block:: guess
- ## Delete a Domain
- ## This will delete all the secrets in that Domain
curl -H "Accept: application/json" --cacert ca.pem --cert client.cert --key client.key
-X DELETE \
- https://sms:10443/v1/sms/domain/curltestdomain
-
+ https://aaf-sms.onap:10443/v1/sms/domain/<PREVIOUSLY CREATED DOMAIN NAME>
.. end