CHANGES
=======

18.0.0
------

* Update devstack plugin for Secure RBAC
* Drop all remaining logics for certificate resources
* Prohibit certificate order resource
* Fix releasenotes build of yoga moved to unmaintained
* Bump hacking
* Simplify .coveragerc
* Update python classifier in setup.cfg
* Get rid of unused periodic\_task
* Remove unused wsgi/ssl options from oslo.service
* pkcs11: Remove deprecated token\_label option
* Replace deprecated pyOpenSSL API
* Use consistent [database] options
* Fix zuul config warning
* Add python 3.10 to setup.cfg metadata
* Deprecate Symantec certificate plugin
* Remove unnecessary comment lines from setup.cfg
* Revert "Temporarily make sqlalchemy master job no-voting"
* Temporarily make sqlalchemy master job no-voting
* Fix python shebang
* Update master for stable/2023.2
* Fix expired links
* Enable Secure RBAC by default

17.0.0
------

* Imported Translations from Zanata
* Fix missing oslo.versionedobjects library option
* Imported Translations from Zanata
* Imported Translations from Zanata
* db: Replace use of backref
* Add job to test with SQLAlchemy master (2.x)
* db: Update 'select()' calls
* db: Replace use of reverse cascades
* tests: Enable SQLAlchemy 2.0 deprecation warnings
* Resolve misc deprecation warnings
* tests: Enable warnings
* tests: Disable policy deprecation warnings
* tox: Remove basepython
* Enable SRBAC test
* Update secret:delete policy to allow admin to delete secret
* Remove System scope from policy
* Bump Hashicorp Vault version to 1.13.2
* Add tempest to devstack how-to
* Make FIPS job non-voting
* Migrate back to Launchpad
* Imported Translations from Zanata
* Logrotate all log files
* Fix functional tests
* Remove TripleO job
* Release notes for secret consumers, microversions and CVE fix
* Vault: enable RSA from ordered container functional test
* Update master for stable/2023.1
* Imported Translations from Zanata

16.0.0
------

* Fix typo
* Use new get\_rpc\_client API from oslo.messaging
* Add content\_types to the response dict
* Fix tox4 error
* Secret consumers documentation
* Add support for Vault Namespaces
* Microversions documentation
* Fix typo in check\_str for system\_admin policy rule
* Remove six
* Fix unit test error after cryptography update
* Imported Translations from Zanata
* Fix Story 2010258 (CVE-2022-3100)
* Change the unique properties of secret consumers
* Add audit middleware options to barbican.conf
* Switch to 2023.1 Python3 unit tests and generic template name
* Remove unnecessary hacking checks
* Update master for stable/zed
* tox: Minor tweaks
* Update devstack plugin installation doc
* Fix Barbican gate
* Imported Translations from Zanata
* Imported Translations from Zanata

15.0.0.0rc1
-----------

* Fix wrong assert statements
* Fix remaining Secure RBAC policies
* Fix Secure RBAC policies for Containers API
* Fix Secure RBAC policies for Consumers
* Fix Secure RBAC policies for secret\_metadata
* Fix Secure RBAC policies for Orders
* Fix Secure RBAC policies for Secret ACLs
* Fix deprecation cycle for Secret policies
* Fix Secure RBAC policies for Secrets
* zuul: fix the grenade job to actually test barbican
* devstack: make create\_barbican\_accounts idempotent
* Mock logging during unit tests
* Fix versions for new microversion
* Imported Translations from Zanata
* zuul: Declare queue at top level
* Revert "Temporarily disable voting for FIPS job"
* Drop python3.6/3.7 support in testing runtime
* Allow users with "creator" role to edit ACLs
* Remove undercloud job
* Include options for Vault secret store
* Remove unnecessary unicode prefixes
* Remove the invalid quotes
* Temporarily disable voting for FIPS job
* Imported Translations from Zanata
* Implement microversions, bring back secret consumers API
* Replace TripleO CentOS 8 jobs with CentOS 9 jobs
* Add missing oslo.service options to barbican.conf
* Include healthcheck middleware options
* Add Python3 zed unit tests
* Update master for stable/yoga

14.0.0
------

* Fix container consumers rbac policy
* Allow secret delete by users with "creator" role
* Updating python testing classifier as per Yoga testing runtime
* Imported Translations from Zanata
* Fix policy for Orders
* Move DogTag functional tests to experimental
* [doc] Fix typos
* Fix consumer name length validator
* Fix policy for adding a secret to a container
* Fix secret metadata access rules (pt 2)
* Fix secret metadata access rules
* Fix POST /v1/secret/{secret-id}/metadata response
* Fix naming in secret meta tests
* Imported Translations from Zanata
* Ignore network errors during C\_Finalize
* Add Python3 yoga unit tests
* Update master for stable/xena

13.0.0
------

* Fix Castellan Secret Store inconsistent encoding
* Run TripleO jobs on CentOS8 instead of CentOS7
* Return 403 instead of 500 when policy check fails
* Replace oslo\_utils.fnmatch with fnmatch
* Fix alembic migrations
* Fix unit tests and migration to unblock gate
* Add FIPS gate job
* Changed minversion in tox to 3.18.0
* docs: Update Freenode to OFTC
* Raise maximum allowed secret size
* Imported Translations from Zanata
* setup.cfg: Replace dashes with underscores
* Fix Vault functional test
* Add secure-rbac gate
* Fix RBAC and ACL access for managing secret containers
* Fix transport key policies
* Add Python3 xena unit tests
* Update master for stable/wallaby
* Add ACL default to allow project read
* Monkey patch original current\_thread \_active

12.0.0.0rc1
-----------

* Fix RBAC for transportkeys resource
* Implement secure RBAC for quota API
* Implement secure RBAC for secretstore API
* Optimize conditional statements
* Implement secure RBAC for ACLs API
* Implement secure RBAC for transport key API
* Implement secure RBAC for secretmeta API
* Implement secure RBAC for orders API
* Implement secure RBAC for consumers API
* Implement secure RBAC for containers API
* Implement secure RBAC for secrets API
* Allow multiple token labels for PKCS#11 driver
* Fix PKCS#11 reinitialization after failure
* Use system locks in pkcs11 library
* [goal] Deprecate the JSON formatted policy file
* Switch to collections.abc.MutableMapping
* Imported Translations from Zanata
* Imported Translations from Zanata
* [doc] Fix hmac/mkek generation commands
* remove unicode from code
* Imported Translations from Zanata
* Update doc8 version
* Update requirements for secure RBAC work
* Imported Translations from Zanata
* [doc] Adjust documentation for Thales Luna
* Imported Translations from Zanata
* Fix hacking min version to 3.0.1
* Use barbican.conf in barbican-manage
* Imported Translations from Zanata
* Use serial number or label for PKCS#11 tokens
* Python 3.9: use base64.{decode,encode}bytes
* corrects typo in cp command
* Update hacking for Python3
* Bump py37 to py38 in tox.ini
* [doc] Add documentation for Vault plugin
* Delete deprecated url of readme.rst ask.openstack.org is read-only and cannot raise a new question
* Fix admin can not delete other user's secrets
* Imported Translations from Zanata
* Remove six.add\_metaclass
* Add Python3 wallaby unit tests
* Update master for stable/victoria

11.0.0
------

* Fix debug log string
* Set db\_auto\_create default to False
* Rebase alembic migrations
* Remove six.PY3
* Keep barbican functional jobs on Bionic
* Log beginning of request processing to INFO
* migrate tox based testing to ubuntu focal
* Fix dogtag functional job
* Fix kmip&dogtag level problem in the document hierarchy
* zuul: switch to the new tempest native jobs
* devstack: Honor SERVICE\_PROTOCOL for endpoints
* Stop setting USE\_PYTHON3 for jobs
* Drop configure\_keystone\_authtoken\_middleware function
* Switch from unittest2 compat methods to Python 3.x methods
* Imported Translations from Zanata
* Ussuri contrib docs community goal
* Fix PDF build
* Fixes index.rst titles and add mascot
* Imported Translations from Zanata
* Stop to use the \_\_future\_\_ module
* docs: Minor tweaks to DevStack guide
* Cap jsonschema 3.2.0 as the minimal version
* Switch to newer openstackdocstheme and reno versions
* delete invalid url in README.rst
* Add a /healthcheck URL
* Add Python3 victoria unit tests
* Remove install\_cmd,lower-constraints
* Fix py38 failures
* Imported Translations from Zanata
* Fix config option type
* Cleanup py27 support
* Add undercloud-containers to gate
* Update README
* Use unittest.mock instead of third party mock
* Add barbican-spec link to readme.rst
* Update master for stable/ussuri
* Use Zuulv3 devstack jobs

10.0.0
------

* Revert Secret Consumers API change
* Set correct names for Thales and NetHSM
* [ussuri][goal] Drop python 2.7 support and testing
* Imported Translations from Zanata
* Improve devstack script for vault plugin
* Gate on octavia-v2-dsvm-tls-barbican
* Gate on py3
* Dejokerizes 404 logs
* Support list containers by type
* Fix the barbicanclient installation not from source
* Switch to Ussuri jobs
* Debug-log tracebacks in \_import\_kra\_transport\_cert\_to\_nss\_db
* docs: Fix typo: barican
* Update master for stable/train
* Don't use branch matching
* Update the constraints url
* [train][goal] Define new barbican-simple-crypto-devstack-tempest-ipv6-only job
* Modify the url of upper\_constraints\_file
* Support listener pooling in keystone listener
* Adding the unit-tests of OVO for Barbican [2]
* Add Secret Consumer Controllers and their tests
* PDF Documentation Build tox target
* Add SecretConsumerValidator and its tests
* Add SecretConsumerMetadatum object
* Add SecretConsumerRepo repository and its tests
* Update dev environment instructions for F30
* Add SecretConsumerMetadatum model and its tests

9.0.0
-----

* Start using the f29 nodeset
* Ensure doc/source/\_static to fix docs gate
* Fix py3 compatibility issue in PKCS#11 plugin
* Imported Translations from Zanata
* Update Castellan minimum version
* Make broken job barbican-kmip-devstack-functional experimental
* Add Python 3 Train unit tests
* Rename README.md to README.rst
* Update api-ref location
* Fix barbican B105 issues
* Fix the bug of pep8 and building api-guide
* Replace git.openstack.org URLs with opendev.org URLs
* Update Back End Documentation
* Gate jobs are voting
* Block bandit 1.6.0
* Delete api-ref
* Update to opendev
* OpenDev Migration Patch
* Dropping the py35 testing
* Imported Translations from Zanata
* Code updated with recent PKCS11 API new args added accordingly to generically support all mechanisms and types
* Replace openstack.org git:// URLs with https://
* Update master for stable/stein
* Added section for Utimaco HSM in documentation

8.0.0
-----

* Made HMAC Key Wrap mechanism configurable
* Update json module to jsonutils
* Remove unused code
* Fixes for rewrap
* Set Tempest's service\_availability setting for Barbican
* Add venv support to the devstack plugin
* Enable KV mountpoint configuration for Vault
* Enable AppRole authentication support for Vault
* Use the Octavia Barbican integration check gate
* add python 3.7 unit test job
* Run functional tests serially
* Fix multiple backend test
* Fix secret-stores functional tests
* Remove hardcoded 'localhost' references
* Documented ATOS and Thales config for PKCS#11 plugin
* Address race condition in KEKDatum
* Remove tripleo newton and ocata jobs
* functionaltests: Add response headers to logging info
* PY3: Ensure normalize\_before\_encryption encodes b64payload
* Add barbican-status upgrade check command framework
* Fix Safenet HSM regression in PKCS#11
* Workaround for failing gates
* Imported Translations from Zanata
* Replace tripleo-scenario002-multinode with scenario002-standalone
* Change openstack-dev to openstack-discuss
* Update Octavia co-gate for python3 first
* Imported Translations from Zanata
* Fix Chinese quotes
* Remove unused validator related to CA IDs
* Clean up some config docs formatting
* Imported Translations from Zanata
* Add 'barbican-manage hsm check\_[mkek|hmac]
* Imported Translations from Zanata
* Add python 3.6 unit test job
* Use authorize instead of enforce for policy
* Imported Translations from Zanata
* Fix tox -e releasenotes
* Fix duplicate paths in secret hrefs
* Use context instead of manually setting the credentials for policy
* Port RuleDefaults to DocumentedRuleDefaults
* tox: Stop building \*all\* docs in 'docs'
* Increment versioning with pbr instruction
* Imported Translations from Zanata
* Update .zuul.yaml: Make barbican-vault-devstack-functional voting
* Don't quote {posargs} in tox.ini
* Imported Translations from Zanata
* Fix tempest\_roles for devstack plugin
* Imported Translations from Zanata
* Imported Translations from Zanata
* Fixed incorrect release note
* Import octavia-v2-dsvm-py35-scenario
* add python 3.6 unit test job
* switch documentation job to new PTI
* import zuul job settings from project-config
* Fix CKM\_AES\_GCM encryption
* Remove non-voting job from gate queue
* Imported Translations from Zanata
* Revise diretory server install commands
* Add missing mechanism for GENERIC\_SECRETS
* Remove -u root as mysql is executed with root user
* Use absolute path for vault root token file in devstack
* Update reno for stable/rocky

7.0.0
-----

* Imported Translations from Zanata
* Refactor PKCS#11 to allow configurable mechanisms
* Imported Translations from Zanata
* Switch to fedora-latest for testing
* Adding support for 512-Bit-Secret-Creation when using xts-mode
* Add doc8 to pep8 check for project
* Skip some tests for vault plugin
* Fix getting secret for vault plugin

7.0.0.0b3
---------

* Fix response status for invalid routes
* Update http to https and fix link in doc reference
* Enable vault devstack functional test by default
* Remove unused policy enforcer attributes
* Make barbican-kmip-devstack-functional job non-voting
* Switch to stestr
* Initial the unit-tests of OVO for Barbican
* Implement the "check\_exc" parameter for OVO
* Implement OVO for Barbican [5]
* Ensure orders policy-in-code matches controller
* Update pypi url to new url
* Implement OVO for Barbican [4]
* Implement OVO for Barbican [3]
* As of April 28th 2018, Barbican has been migrated to storyboard. The documentation should be adjusted
* Update the periodic\_task link for retry\_scheduler
* Update two Barbican services to Docs
* Activate html\_static\_path config option
* add release notes to README.rst
* fix tox python3 overrides
* Follow the new PTI for document build

7.0.0.0b2
---------

* Implement OVO for Barbican [2]
* Remove unused policy rules
* Implement OVO for Barbican [1]
* Initial OVO for Barbican
* Remove CA API policy file
* Imported Translations from Zanata
* Fix broken gate due to breaking dependency changes
* Commit DB changes on API startup
* TrivialFix: Update block code to be more beautiful
* Update the version of Ubuntu
* Add devstack gate for vault
* Remove pycrypto dependency
* Fix docs build in tox.ini
* Castellan based secret store
* update some documents about the keystone "API v2.0"
* Update http links for doc migration
* Imported Translations from Zanata
* Stop using legacy-fedora-27
* Remove pycrypto from dogtag plugin
* Enforce usage of oslo.context's project\_id

7.0.0.0b1
---------

* Imported Translations from Zanata
* fix lower constraints
* Configure control\_exchange to match keystone
* Initialize db for Barbican Keystone listener
* Update auth\_uri option to www\_authenticate\_uri
* Add os-testr as test dependency
* Apply pep8 check to app.wsgi
* Remove unused broker configuration in devstack
* Take context from environment instead of parsing headers
* Imported Translations from Zanata
* Enable mutable config in Barbican
* Do not copy policy.json when installing barbican
* Remove use of unsupported TEMPEST\_SERVICES variable
* Imported Translations from Zanata
* Updated from global requirements
* Add retries for Dogtag plugin
* add lower-constraints job
* Update to fedora-27 for testing
* Indicating the location tests directory in oslo\_debug\_helper
* Change restart the services command
* Fix incomplete barbican configuration path in doc
* Updated from global requirements
* Update reno for stable/queens
* Updating time for functional tests
* Update to use new stevedore backend option
* Set debug mode according to ENABLE\_DEBUG\_LOG\_LEVEL
* Make grenade-devstack-barbican job voting
* Fix the grenade-devstack-barbican gate
* Imported Translations from Zanata

6.0.0
-----

* Handle URL reconstruction in PEP333 compatible fashion
* Imported Translations from Zanata
* Use default policy in code
* Update doc to match our in-repo configuration file
* Add sample config and policy to documentation
* Correct link address in doc
* Fix coverage job
* [DOC] Install client package before verification
* Make grenade-devstack-barbican job nonvoting
* Adding #nosec for pycrypto use
* Modify simple\_crypto init message
* Remove Simple Crypto plugin production warning
* Zuul: Remove project name
* Add secret store sync functionality to barbican-manage
* Update virtual\_environment for genconfig and genpolicy
* Updated from global requirements
* Authorites spelling error

6.0.0.0b3
---------

* Update link address
* Updated from global requirements
* Update the link in database\_migrations.rst
* Ensure only api app initializes secret store
* Remove Certificate Orders and CAs from API
* Updated from global requirements

6.0.0.0b2
---------

* Remove redundancy code
* Fix Dogtag mode on key generation
* Add defaults for Dogtag backend plugin
* zuul: run tripleo-scenario002 job
* Remove setting of version/release from releasenotes
* Updated from global requirements
* Imported Translations from Zanata
* Use assertRegex instead of assertRegexpMatches
* Updated from global requirements
* Use assertRegex instead of assertRegexpMatches
* Zuul: add file extension to playbook path
* Migrate to Zuul v3
* writing convention: do not use “-y” for package install
* Imported Translations from Zanata
* Database session need to rollback after duplication
* Updated from global requirements
* Imported Translations from Zanata
* Fix Race Condition in get\_or\_create\_project()

6.0.0.0b1
---------

* Imported Translations from Zanata
* Update the documentation link for doc migration
* Cleanup test-requirements
* Updated from global requirements
* Dynamically determine SSL version in unit tests
* Delete python bytecode including pyo
* Use Castellan's backend option instead of api\_class
* Add default configuration files to data\_files
* Updated from global requirements
* Updated from global requirements
* Add flag to allow devstack to run on f26 in gate
* Updated from global requirements
* Use PortOpt for KMIP port
* Add extra time in functional test that fails intermittently
* Updated from global requirements
* Use PortOpt for port options
* Pick up general URI when constructing barbican endpoint
* Put base policy rules at first
* Fix some reST field lists in docstrings
* Revert "Revert "Use devstack functions for deploying barbican-svc""
* [TrivialFix] Change container\_id to right value
* Remove unused policy check
* Fix to use "." to source script files
* Replace http with https for doc links
* [Trivialfix]Fix typos
* writing convention: do not use “-y” for package install
* Updated from global requirements
* Ensure module is initialized before being used
* Put "rm" command to whitelist\_externals to avoid warning
* Imported Translations from Zanata
* Update reno for stable/pike

5.0.0
-----

* Revert "Use devstack functions for deploying barbican-svc"
* allow redirects in .htaccess files on the static web servers
* Removed unnecessary setUp() calls in tests
* Use devstack functions for deploying barbican-svc
* Remove install-guide env which is no longer effective
* Updated from global requirements
* Stop using deprecated 'message' attribute in Exception

5.0.0.0b3
---------

* Updated from global requirements
* Update internal doc reference according to doc migration result
* Add PBR wsgi\_scripts entrypoint for barbican api
* Set entry point for dogtag config correctly
* Stop excluding functionaltests directory in pep8 check
* Use openstackdocstheme 1.11 everywhere
* move documentation into the new standard layout
* Using openstack command
* Update installation guide
* Updated from global requirements
* Replaces uuid.uuid4 with uuidutils.generate\_uuid()
* Fix html\_last\_updated\_fmt for Python3
* Updated from global requirements

5.0.0.0b2
---------

* Fix grenade test related to encrypt volume/image
* Remove translation logging prefixes from i18n
* Fix pep8 gate failure because of missing dependency
* Fix html\_last\_updated\_fmt for Python3
* Use get\_rpc\_transport instead of get\_transport
* Updated from global requirements
* Fix some syntaxes in the upgrade guide
* Remove translation of log messages
* Unification content of the index.rst file
* Update installation guide
* Add guideline to upgrade for Operators
* Trivial fix typos
* Remove usage of parameter enforce\_type
* Creating redundancy files when running tox
* Updated from global requirements
* Updated from global requirements
* DevStack plugin set tempest options in test-config section
* Updated from global requirements
* Remove setting DEVSTACK\_LOCAL\_CONFIG in test\_hook.sh
* Updated from global requirements
* Maintain policy in code
* Updated from global requirements
* Updated from global requirements
* Remove python-requests and let it be installed via rpm
* Add date filter functional tests
* Clean up a stray secret in the functional tests
* Remove Certificate Orders and CAs from Documentation
* Making iv generation configurable for pkcs11 plugin
* Fix barbican devstack plugin for devstack systemd
* Sub pycrypto with cryptography in simple\_crypto
* Updated from global requirements
* Replace pycrypto with cryptography in translations
* Add 'rm -f .testrepository/times.dbm' command in testenv
* Set access\_policy for messaging's dispatcher
* Use oslo.db create\_engine instead of SQLAlchemy
* Fixes for Running Functional Tests with Python 3.5
* Add missing dogtag configurations from devstack plugin script
* Change parent class for ListingSecretsTestCase
* Replace pycrypto with cryptography in test\_rsa
* Sub pycrypto with cryptography test\_cert\_resources
* Replace pycrypto with cryptography in snakeoil
* Update SUSE distro information in install guide
* Fix gate devstack
* Fix test cases expect Ubuntu specific assertion messages
* Updated from global requirements
* Update .gitignore to ignore barbican.conf

5.0.0.0b1
---------

* Updated from global requirements
* Updated from global requirements
* Add sem-ver flag so pbr generates correct version
* Use oslo-config-generator to generate barbican.conf.sample
* Updates to Devstack Variables
* Fix install guide docs for SUSE
* Fix bug in barbican-plugin-grenade
* Updated from global requirements
* Remove log translation related check
* Updated from global requirements
* Pass cli options to commands
* Update Barbican Conf for Retry in Devstack Plugin
* Fix the creation of endpoints in keystone\_data.sh
* Remove unused exceptions
* Trivial link fix in Secret Metadata API User Guide
* Compare functional test results as dict, not string
* Barbican grenade plugin
* Fix TypeError with Python 3.5
* Fix some reST field lists in docstrings
* Add missing validation to consumer controller
* Updated from global requirements
* Fix KMIP gate
* Move dogtag plugin config options to extra file
* Updated from global requirements
* Update link reference
* Updated from global requirements
* Correct the doc link
* Debug with barbican-api
* Changed the python3.4 to python3.5
* Handle SQL Integrity Error More Generically
* Updated from global requirements
* Fix the typo
* [Fix gate]Update test requirement
* Trivial Fix: Replace http with https
* Removed application/pkix media type
* Failed to set up a dev env on ubuntu
* Remove barbican-tempest-plugin install from devstack plugin
* Update local.conf.example
* Fix kmip plugin
* Initial commit for Barbican api-ref
* Updated from global requirements
* Fix coverage gate
* Read version info from package
* Updated readme
* Change tempest find\_test\_caller import
* Remove unused logging import
* Updated from global requirements
* Updated from global requirements
* Remove support for py34
* Use https instead of http for git.openstack.org
* Update reno for stable/ocata

4.0.0
-----

* Add CryptoPluginUnsupportedOperation
* Deprecate Dogtag subca tests
* Fix error message formatting for Dogtag plugin exceptions
* Update previous and next Consumer URLS in filtering
* Fix Consumer API Reference Docs
* Move dogtag plugin dependencies to one yum call
* Add Dogtag plugin dependencies to bindep.txt
* Split serial and parallel functional test runs
* Make error message clear when no supported secret store found
* Revert "Add ID property to all entities"
* Add Unit Tests for Consumers API Controller
* Add .ropeproject to .gitignore
* Add ID property to all entities
* Clean imports in code

4.0.0.0b3
---------

* Updated from global requirements
* Fix typos
* using utcnow instead of now in barbican unit tests
* Fix error in api-guide
* Correct configuration of db connection
* Replace str(uuid.uuid4()) with utils.generate\_uuid()
* Remove pycadf useless requirement
* Removes unnecessary utf-8 encoding
* DOC Remove a couple of repeated words
* [devstack] enable logging to stderr
* Updated from global requirements
* Configure authtoken middleware in barbican.conf
* Add build dir to flake8 exclude list
* Correct the file path for deploying Barbican API under mod\_wsgi
* Update the KMIPSecretStore tests to not test PyKMIP internals

4.0.0.0b2
---------

* Updated from global requirements
* Updated from global requirements
* Introduce hacking check to Barbican
* Enable installation of barbican\_tempest\_plugin
* Show team and repo badges on README
* Make rabbitmq configuration much simpler
* [Devstack] Fix devstack plugin compatibility
* Add Apache 2.0 license header to the alembic\_migrations/script.py.mako
* Pass secret\_type to repository query
* Fix hacking check error
* Files with no code must be left completely empty
* Fix crypto plugin documentation
* Using assertIsNotNone() instead of assertNotEqual(None)
* Fix typo in file name
* Add bindep environment to tox
* Remove unused pylintrc
* Updated from global requirements
* Updated from global requirements
* cors: update default configuration
* Deprecate Cetificate Resources
* Remove translations for debug level log
* Updated from global requirements
* Fix some minor error
* Add "keystone\_authtoken" section in barbican.conf
* Fix warning when running tox -e docs
* Fix bindep so that translated jobs work
* Updated from global requirements
* Replaced assertion with more specific
* Enable translations
* Remove redundant 'the' in doc
* Updated from global requirements
* Fix incorrect endpoint in install-guide
* Enforce application/json content type on quota set
* Imported Translations from Zanata
* Use http\_proxy\_to\_wsgi middleware
* Updated from global requirements
* Fix coverage test failure
* Add dogtag-pki and python-nss as extra requirement
* Update .coveragerc after the removal of respective directory
* Updated from global requirements
* Fix error in installation guide of Ubuntu
* Rename crypto.py to base.py
* Improve devstack configuration
* Don't include openstack/common in flake8 exclude list
* Fix postgres error during container list
* Add summary to metadata in setup.cfg file
* Enable release notes translation
* Updated from global requirements
* Updated from global requirements
* Fix order of arguments in assertEqual
* Fix typo
* Updated from global requirements
* Checking barbican resource id in URI is a valid uuid
* Use Domains with Keystone v3 in functional tests
* Fix routing for adding a secret to a container
* Updated from global requirements
* TrivialFix: Remove default=None when set value in Config
* Fix typos in alembic.ini & kmip\_secret\_store.py
* Fix some typos in simple\_crypto.py
* Trivial fix in secretstore module
* Imported Translations from Zanata
* Fixes error when deleting consumers
* Update reno for stable/newton
* delete python bytecode including pyo before every test run

3.0.0
-----

* Adding reno release notes for multiple backend feature
* Adding functional tests for multiple backend changes (Part 5)
* Adding rest API for secret-stores resource (Part 4)
* Central logic to sync secret store data with conf data (Part 3)
* Changes for multiple backend conf and friendly plugin names (Part 2)
* Don't inspect oslo.context
* typo fix
* Active a unit test in comon/test\_validators
* standardize release note page ordering
* Adding multiple backend db model and repository support (Part 1)
* Adding API docs for multiple backend support changes
* Imported Translations from Zanata
* Remove consumer check for project\_id to match containers
* Assigning unwrapped kek handle to new variable to avoid overwrite

3.0.0.0b3
---------

* Add Barbican Verification to Install Guide
* Fix typo in barbican/tests/keys.py
* Updated from global requirements
* TrivialFix: Remove cfg import unused
* TrivialFix: Remove logging import unused
* Use more specific asserts in tests
* Some minor code optimization in post\_test\_hook.sh
* Fix some typos in database\_migrations.rst
* Remove white space between print and ()
* Support upper-constratints.txt in tox environments
* Add install guide
* Fix test suite cleanup
* Clean imports in code
* Make 'url' references uppercase for consistency
* Fix some typos
* Change LOG.warn to LOG.warning
* Use international logging message
* Remove "KEYSTONE\_" URI settings for devsatck
* changed typo from similiar to similar
* Adds true functional tests for db\_manage script
* Updated from global requirements
* Imported Translations from Zanata
* Add Python 3.5 classifier and venv
* Generate IV on HSM device for encrypt operations
* Add documentation for date-filters
* Add seed random feature to seed HSM RNG
* Fix the typo
* Fix jenkins failing on coverage report
* modify the home-page info with the developer documentation
* modify the home-page info with the developer documentation
* User with creator role can delete his/her own secret and container
* Fixed typo in ACL section of API Guide
* Remove white space between print and ()
* Default to Keystone authentication
* Marking database connection config property as secret
* Fix the typo in the files
* Implement Date Filters for Secrets
* dogtag: Only call initialize() if crypto is not None
* delete unused LOG
* Updated from global requirements
* Imported Translations from Zanata

3.0.0.0b2
---------

* Move rabbit configurations to oslo\_messaging\_rabbit section
* Insecure default PROTOCOL\_TLSv1 version in KMIP plugin
* Correct reraising of exception
* Barbican tests fail because of incomplete test dependencies
* pkcs11-key-generation: convert mkek length to int
* Add support for modifying Generic Containers
* Updated from global requirements
* Remove unnecessary executable permissions
* Updated from global requirements
* Port last test (test\_secrets) to Python 3
* Port test\_quotas to Python 3
* Port 3 more unit tests to Python 3
* Setup memory DB in test\_cmd
* Change SecretAcceptNotSupportedException from exception.BarbicanException to exception.BarbicanHTTPException
* Correct a typo in apiary.apib
* Don't supply auth\_token information by default in paste
* Fixed typo in crypto plugin docs
* Remove unused oslo.concurrency requirement
* Updated from global requirements
* Do not count expired secrets toward quota
* Updated from global requirements
* Add retry for recoverable PKCS11 errors
* Port API test\_resources to Python 3
* Port test\_validators to Python 3
* Port snakeoil\_ca to Python 3
* Updated from global requirements
* Python 3: replace the whitelist with a blacklist
* Port translations to Python 3
* Fix doc warnings
* Use keystone auth plugin
* Fixed test suite cleanup
* Updated from global requirements
* Updated from global requirements
* Return 4xx error for invalid KMIP key spec
* Fix keystone\_listener.py
* Fix creation of notification server
* Added KMIP Secret Store to Devstack
* Checking for input secret\_ref to start with input request hostname
* Updated from global requirements
* Cleanup py34 tox tests
* [Trivial] Remove executable privilege of doc/source/conf.py
* Replace tempest-lib with tempest.lib
* Code cleanup
* Issue warning for deployers trying to use simple\_crypto
* Python 3: fix barbican.tests.plugin.test\_store\_crypto
* Python3: fix barbican.tests.plugin.test\_kmip
* Python3: add tests that are already working
* Python3: fix barbican.tests.plugin.crypto.test\_crypto
* Python 3: use a string rather than bytes for "kek"
* Python3: fix barbican.tests.api.controllers.test\_cas
* Python3: HTTPServerError no longer has a "message" argument in its constructo
* Python3: base64.b64encode expects bytes
* Python3: exceptions no longer have a 'message' attribute
* Updated from global requirements
* Imported Translations from Zanata
* use thread safe fnmatch
* migrate keystone\_data to openstackclient
* Use set Literals for better performance
* Updated from global requirements
* Fix circular dependency  of certificate\_manager module
* Adding support for barbican host href to be derived from wsgi request
* Barbican server logs Secret Payload contents
* Fix skip message for dogtag plugins
* Handling json-home header for /v1 call
* Add skips for KMIP functional tests
* Updated from global requirements
* Allow plugins to retrieve secrets
* Barbican server discloses password and X-auth
* Updated from global requirements
* Add code coverage results for functional tests
* Fix URL length for alembic migrations
* Updated from global requirements
* Return 404 when a secret does not have a payload

2.0.0
-----

* Change Table name to correct name
* Update project quota paging tests to run with existing project quotas
* Uses alembic migration when deploying devstack
* Fix typos in Barbican files
* Remove outdated line in KMIP docstring
* Change Table name to correct name
* Removes redundants
* Add a configurable setting in barbican-functional.conf for SSL
* Update reno for stable/mitaka
* Update .gitreview for stable/mitaka

2.0.0.0rc1
----------

* Add release notes for metadata api
* Fix publishing of api-guide
* Add a configurable setting in barbican-functional.conf for timeouts
* Ensure that smoke tests cleanup their containers
* Add cleanup capability for secrets and containers
* Add PKCS#11 upgrade release note
* Cleanup containers after functional tests run
* Add barbican-manage release notes
* Updated from global requirements
* Return 404 Not Found when UUID is invalid
* Publishing API Guide to OpenStack site
* Fix correct foreign key constraints
* Moved CORS middleware configuration into set\_defaults
* Changes max string length for URL to 255
* Correct cert event plugin name in config
* Fix 500 server error invalid transport key during secret creation
* Throw 405 when specified method not allowed in Secret Metadatum
* Improve error code for invalid secret creation with KMIP
* Add missing unit test for clean\_command and fix error handling
* Remove use of old bandit.yaml
* Update Python classifier for 3.4
* Nit: occurrences of barbican in small letter
* Fix index for API secrets user-guide
* Make clean up of soft deletions configurable

2.0.0.0b3
---------

* Change the type of 'bit\_length' from string to integer
* User Metadata API and tests
* Introducing barbican-manage utility command
* Introduce User-Meta table, model, and repo
* Fixing project title
* User Metadata Documentation
* Simple soft deletion clean up for barbican-db-manage
* Use assertEqual/Greater/LessEqual/IsNone
* Fix typo in word "initialization"
* Simplify the development environment setup
* Updated from global requirements
* Removing orphan and deprecated doc page: api.rst
* Make bandit voting as part of pep8
* Fix roles attribute for barbican request context
* Avoid using \`len(x)\` to check if x is empty
* Fix typos in repositories.py
* Fix gate that broke due to recent devstack renames
* Fix http 500 when getting secret payload with no Acccept header
* Updated from global requirements
* Delete deprecated barbican-all script
* Update and reorganize the doc landing page
* Updated from global requirements
* Fixing pkcs11\_kek\_rewrap script
* Document public secret type
* Cleanup barbican-api-paste pipeline
* Document Symmetric Secret Type
* Updated from global requirements
* Remove deprecated option 'DEFAULT/verbose'
* Update .gitignore for pyenv
* Remove erroneous installing of python-nss
* Use local images instead of references
* Add Name restrictions in ContainerValidator
* 's' to uppercase in "Openstack"
* Updating the project name to barbican
* Typo change Barbican to barbican Closes-Bug: 1542508
* Updated from global requirements
* Fixed invalid conf file name
* Fix spell typo
* Add missing database constraints and defaults
* Create Orders Documentation
* Use host href for version discovery
* Remove padding from legacy stored secrets
* Added CORS support to Barbican
* Updated from global requirements
* Updates python3.4 dependencies in docs
* Trivial Fix: Replace exit() with sys.exit()
* Casts algorithm to lower case in KMIP plugin
* Add missing parameter to the PKCS11 object
* Add secret=True so passwords do not get logged
* Updated from global requirements
* Adding auditing support for API request using audit middleware
* Using dict.items() is better than six.iteritems(dict)

2.0.0.0b2
---------

* Adding check on Offset
* Fix buffer size for decrypt operations
* Correct a typo
* Imported Translations from Zanata
* Updated from global requirements
* Adding support for configuring number of async worker processes
* Reworded sentence fragment in the README
* Replace None comparisons in SQLAlchemy code
* Remove pep8 error in symantec plugin
* Fix containers api doc typo
* Replaced outdated Barbican devstack link
* Add wsgi script to deploy Barbican behind Apache
* Fix argument reversal error in pkek cache
* Reimplement p11\_crypto and pkcs11 modules
* Remove openstack-common.conf
* Updated from global requirements
* Add lock for crypto plugin manager instantiation
* Warning about tox not working in Vagrant setup
* Updated from global requirements
* Update ContainerValidator to Check for Name Max Length
* test: make enforce\_type=True in CONF.set\_override
* Use assertTrue/False instead of assertEqual(T/F)
* Addressing error by clearing sqlalchemy session leak
* Updated from global requirements
* Trival: Remove unused logging import
* Python 3 deprecated the logger.warn method in favor of warning
* Change assertTrue(isinstance()) by optimal assert
* Updated from global requirements
* Adding cffi to requirements
* Updated from global requirements
* Removes MANIFEST.in as it is not needed explicitely by PBR
* Fix parameter's type error in test case
* Updated from global requirements
* Updated from global requirements
* Added ACL tests
* Fix db error when running python34 Unit tests
* Remove low-level PyKMIP test asserts
* Correct docs for barbican project structure
* Remove obsolete shell command files
* Remove version from setup.cfg

2.0.0.0b1
---------

* Authorized API Requests
* Assigning oslo config CONF once to parsed barbican CONF instance
* Added container consumer end to end flow testcase
* Add reno for release notes management
* Make API Document Code-Blocks Consistent
* Updated from global requirements
* Allow length to be passed in MKEK Creation
* Updated from global requirements
* Add information on running individual Tests
* Updated from global requirements
* Fix troubleshooting.rst broken link
* Remove useless requirements
* Remove kombu useless requirement
* Updated from global requirements
* Enable pkcs11-key-generation command
* Updated from global requirements
* Remove unused scrub variables in barbican.conf
* remove default=None for config options
* Move Key gen script to cmd folder
* Fix Database Migrations Documentation
* fix typo
* Make variable defined before refer
* Removing no longer used class TestCryptoPlugin implementation from test code, to avoid confusing
* Change unit tests in test\_utils.py and test\_contaiers.py to use CONF.set\_override
* Correct the returned message when bit\_length is absent
* Allow null content type for orders
* Allow null values for secret names
* Added secret flag to oslo config params
* Update Devstack deployment and docs
* Add more unit tests in test\_validators.py for schema validation
* Add some unit tests regarding validation of secrets
* Updated from global requirements
* Imported Translations from Zanata
* Replace assertFalse(a in b) with assertNotIn(a, b)
* Remove old gate code
* Updated from global requirements
* Adds documentation for consumer resource
* Fix spelling of HATEOAS
* Updated from global requirements
* Fix Intermittant Unit Test Failure in Repositories
* Replace assertEqual(False, result) with assertFalse(result)
* Change assertEqual(None, result) to assertIsNone(result)
* Updated from global requirements
* Replace assertTrue(a in b) with assertIn(a, b)
* Updated from global requirements
* Updated from global requirements
* Add more information to debug log message for consumer delete
* Updated from global requirements
* Fix Intermittant Unit Test Failure
* Remove duplicate words in documentation
* Add RBAC docs for Cloud Administrator Guide
* Updated from global requirements

1.0.0
-----

* Fix db\_manage to initialize mysql from base
* Enforce project ownership of subCAs
* Check a CA's status as project and preferred CA before deleting
* Add subca functionality to the dogtag plugin
* Update .gitreview to match stable/liberty
* Exit with error code when db\_manage.py fails
* Updated from global requirements
* py3: Enable more tests to Python 3.4
* Enforce project ownership of subCAs
* Check a CA's status as project and preferred CA before deleting
* Python 3 Refactoring: Replace six.iteritems() with the preferred items()
* Make tests.api.controllers.test\_containers py3 compatible
* Add subca functionality to the dogtag plugin
* Making barbican endpoint selection values to be configurable attributes
* Fix order of arguments in assertEqual
* Fix order of arguments in assertEqual
* Fix order of arguments in assertEqual
* Exit with error code when db\_manage.py fails
* Fix order of arguments in assertEqual
* Fix order of arguments in assertEqual
* Fix db\_manage to initialize mysql from base
* Use environmental variables for NewRelic
* Fix comment and remove unneeded code

1.0.0.0rc1
----------

* Use subCA when specified to sign CSRs
* Catch exceptions raised by bad certificate plugin info
* Add missing changes for Alembic time-zero
* Add reference guide documenting Certificate Authorities API
* Fix Snakeoil to return expiration timestamp in string format
* Ensure Alembic version modules bootstrap new db
* Cleanup of Translations
* Open Mitaka development
* Add database commit for database writes when async operations are possible
* Change definition of Certificate Authority Model for no soft deletes
* Add check to validators that SubCA's project id matches order's project id
* CAs should return the external project ID
* Remove ERROR\_ON\_CLONE references
* Remove quotes from subshell call in bash script
* Document dependencies installation for Fedora
* Remove oslo-incubator documentation that's no longer valid
* Add support in snakeoil plugin for intermediates
* Change behavior of GET cas/preferred
* Changes to Preferred CA Features
* Add default quota limit config to functional tests
* Combine exit codes of the two functional test runs
* Adding Functional Tests and Supporting Fixes for Global Preferred CAs
* Add missing X-xxxx HTTP headers to the unauth context
* Change roles to rules in policy.json file
* Initialize Database Before Running Quota Enforcer Unit Tests
* Fix ca related controllers
* Rename Quick Start Guide
* Imported Translations from Zanata
* Clean up CAs Policy Rules
* Updated from global requirements
* Remove .pyc files before performing functional tests
* Cleanup Secrets created after Order functional tests
* Updates quota values to be read from conf file
* Finish Initialization of CA Table when Barbican Starts
* Add function to catch unknown attributes in URI
* Handle case of no logging environment variables
* Add barbicanclient clone back (was overzealous in pruning)
* Add functional test for project CA
* Remove content related to transport keys and quotas
* Add filter to secret list for acl secrets
* Use testr for running functional tests and documentation
* Add DELETE functionality for subCAs
* Remove bad clones (new devstack method doesn't need this)
* Set host\_href parameter in devstack
* Update Bandit Tox Environment
* Fix Tempest Installation
* Add Project Quota Support for Sub CAs
* Remove Vestigial Transport Key Quota Code
* Added functional tests for creating CAs
* Add subca functionality to snakeoil plugin
* Use barbican.conf instead of barbican-api.conf
* API documentation for CAs interface
* Add validators for new CA creations
* Make tests in barbican.tests.model py3 compatible
* Make alembic used in barbican similar to other openstack projects
* Support for creation of subordinate CAs
* Force Identity API v3 for endpoint create in devstack
* PyKMIP 0.4.0 test requirement
* Fix devstack gate (and new gate\_hook.sh)
* Completes localization of the api directory structure

1.0.0.0b3
---------

* Add Project Quota Information to the Barbican Quick Start Guide
* Stanardized Functional Tests
* Removes pyenv from barbican.sh
* Update API Reference Docs with Project Quota Information
* Add Functional Tests for Quota Enforcement
* Implement Enforce Method for QuotaEnforcer
* Change test\_containers unit test to work around webtest issue
* Add Request ID to worker-side logs in barbican
* Replace dict.iteritems() with dict.items()
* Updated from global requirements
* Use the new Devstack external plugin method
* Add get\_count() method to project resource repositories
* Ensure Project and ProjectQuotas Tables are in sync
* Allow debug flag in Barbican tox and debugging documentation
* Removing unused dependency: discover
* Fixed Testing Attributes Bug
* Updated from global requirements
* Migrate to using gate\_hook.sh pre-devstack-update
* Cleanup database after functional test runs
* Updated from global requirements
* Updated from global requirements
* Add Quota Enforcement API
* Integrated with PyKMIP Pie API
* Use config rather than hardcoded admin id from Quotas test
* Make tests in test\_acls.py and test\_cas.py py3 compatible
* Implement Models and Repositories for Resource Quotas
* Updated from global requirements
* Replace itertools.ifilter with six.moves.filter for py3 compatibility
* Introduce the key-manager:service-admin role
* Updated from global requirements
* Make tests in barbican.tests.api.middleware py3 compatible
* Use "key-manager" instead of "keymanagement"
* Ensure a http 405 is returned on container(s) PUT
* Updated from global requirements
* Drop downgrade field in alembic script.py.mako and version
* Made Functional Test Key 256 Bits
* Make tests in barbican.tests.tasks py3 compatible
* Make tests in test\_hrefs, test\_quota py3 compatible
* Remove obsolete term "incubated" from docs
* Remove rpmbuild directory
* Introduce the concept of plugin status
* Replace python-ldap with ldap3 library
* Catch any exception from base64.b64decode during validation
* Updated from global requirements
* Skip Bandit Checks on Functional Test Code
* Removing Cloudkeep from comments
* Updated from global requirements
* Imported Translations from Transifex
* Replace dict.iteritems() with six.iteritems(dict) for py3 support
* Replace urllib with six.moves.urllib for py3 support
* Add py34 support in tox
* Add invalid property info to validation error message
* Imported Translations from Transifex
* Updated from global requirements
* Revert backwards incompatible paste change
* Flatten exceptions used in policy tests
* Fix colorized logging in Devstack

1.0.0.0b2
---------

* Imported Translations from Transifex
* Updated from global requirements
* Configure dogtag installation's domain name
* Unauthed tests for Secret & Container ACLs
* Remove docbook documentation
* Updated from global requirements
* Add RBAC Functional Test for ACL Opeations
* Updated from global requirements
* Add Private Key to the resulting container if stored-key order
* Added opaque data support to KMIP secret store
* Updated from global requirements
* Implement Configuration, Controllers, and Validators for Resource Quotas
* Fix unit test errors caused by new mock version
* Add retry server and functional tests to DevStack
* Fix policy.json certificate\_authority inconsistency
* Imported Translations from Transifex
* Adding script for rewrapping p11 KEKs
* Remove invalid skipping of tests
* Completed localization tagging for plugin directory
* Fix JSON structure example for stored-key orders
* Fix config file name to barbican.conf
* Drop file extensions for /usr/bin/\*
* Add Functional Tests for ACLs Using Multiple Users
* Updated from global requirements
* Fix gate-barbican-docs after change to infra
* Update unwrap key to accept specific variables
* Add troubleshooting for \_bsdbb import error
* Fix for admin and creator user access for secret/container read calls
* Update queries to use proper offset and limit

1.0.0.0b1
---------

* Remove left over reference to admin endpoint
* Remove ProjectSecret table-related code
* Make db-manage script use same config file as barbican
* Replace oslo incubator code with oslo\_service
* Updated from global requirements
* Fill project\_id in secrets where needed
* Added unit test around bug related to who can modify ACL
* Updated from global requirements
* Refactor Barbican model registration
* Added Certificate API Docs and Quick Start Guides
* Display all versions info in versions controller
* Changed Test Key Size to 2048
* Update version for Liberty

1.0.0a0
-------

* Replace oslo incubator code with i18n
* Replace oslo incubator code with oslo\_utils
* Added passphrase support to KMIP secret store
* Added certificate support to KMIP secret store
* Add project\_id to Secret model
* Updated from global requirements
* Replace oslo incubator jsonutils with oslo\_serialization
* Updated from global requirements
* Fixed Inconsistent Request Id in Log Messages
* Sync with latest oslo-incubator
* Changes to fix dogtag nss db handling
* service\_enabled instead of environment variable for dogtag
* Updated from global requirements
* Change naming convention for Barbican config files
* Remove duplicate 'have' in doc/source/api/reference/acls.rst
* Fix NewRelic error reporting
* Updated from global requirements
* Add RBAC tests for orders
* Fix http 500 when no accept header passed to secret GET /payload
* Added pkcs1\_only Configuration to KMIP
* Documentation for PKCS11 Key Generation script
* Updated from global requirements
* Complete RBAC tests for containers
* Renaming ACL creator-only to project-access flag
* Adding a new script  to generate mkek and hmac
* Updated from global requirements
* Centralize Barbican API Config
* Complete RBAC tests for secrets
* Removed per ACL operations and added support for PUT method
* Adding documentation for ACLs operations
* Fix cert tasks not being scheduled for retry
* Imported Translations from Transifex
* Drop incubating theme from docs
* Add more users/roles to secret/container RBAC tests
* Fix Dogtag setup script
* Remove unused incubated cryptoutils
* Split out generate mkek and hmac from get command
* Updating setup docs to use Python 2.7.9
* Switch from MySQL-python to PyMySQL
* Move policy options to the oslo\_policy group in the config
* Splitting out PKCS11 plugin
* Fix the sql\_pool\_logging config attribute
* Fixing unauthenticated middleware role bug
* Updated from global requirements
* Adding config option for specifying HSM slot
* Base64 encode the cert returned from the Dogtag plugin
* Imported Translations from Transifex
* Port the Architecture, Dataflow, and Project Strucure docs
* Add Multi-user support for Functional Tests
* Fix snakeoil\_ca plugin
* Updated from global requirements
* Removed extraneous config.py
* Remove deprecated references to admin endpoint
* Updated from global requirements
* Add Barbican configs for SQLAlchemy pool settings
* Imported Translations from Transifex
* Updated from global requirements
* Adding a info log for each processed request
* Migrate to oslo\_context
* Adding more logging around containers & consumers
* Updated from global requirements

2015.1.0
--------

* Fixed Bug for KMIP Secret Storage
* Fixed Bug for KMIP Secret Storage
* Drop use of 'oslo' namespace package

2015.1.0rc2
-----------

* Fix for missing id check in ACL count query
* Improved error code handling for pkcs11 errors
* Remove Future Parameters (write, list, delete) from ACL Validation Schema
* Adding ACL check when new stored key order is submitted
* Fix for missing id check in ACL count query
* Removing signing\_dir directive from config
* Fix failure with get on dict that was None
* Fix call to load\_privatekey() when passphrase is None
* Fix call to load\_privatekey() when passphrase is None
* Updated from global requirements
* Removing signing\_dir directive from config
* Updated from global requirements
* Fix failure with get on dict that was None
* Security tests for Secret resources
* Updated from global requirements
* Update .gitreview to match stable/kilo
* Refactor RSA Functional Smoke Tests

2015.1.0rc1
-----------

* Refactor and Fix Translation Code for PER and DER Formats
* Add order\_retry\_tasks migration per latest model
* Readability-related changes to secret store functions
* Adding MySQL fixes to migrations
* Refactor dogtag gate scripts
* Fix Dogtag plugin to make latest functional tests pass
* Fix KMIP Secret Store input/output
* Potential resource exhaustion when registering consumers to containers
* Fix handling of payload\_content\_encoding for orders
* Add utility functions to convert between and PEM and DER
* Fix base64 decoding of payloads in one-step POST
* Fix errors in functional tests
* Fix generating a CSR with an encrypted private key
* Enable alternate error message for OpenSSL 1.0.2
* Imported Translations from Transifex
* Fix expectations of order certificate test cases
* Sign CSRs issued in SnakeOilCA tests
* Imported Translations from Transifex
* Add new smoke tests for RSA type containers and secrets
* Expose root cause plugin exceptions
* Create Barbican python scripts for development
* Open Liberty development
* Delete openstack.common.context
* Changes to get remaining cert functional tests working
* Switch to oslo\_policy
* Add Bandit security static analysis checking via tox
* Security tests for Order resources
* Return container not found before ACL checks
* Remove str() casting for the client\_message variable
* Imported Translations from Transifex
* Imported Translations from Transifex
* Fixing python 3 imcompatiblity in common.utils
* Updating hacking version for py3pep8 tox job
* Adding simple log.info's to the SecretController
* Security tests for Consumer resources
* Imported Translations from Transifex
* Implement validators and tests for stored key certificate orders
* Adding policy layer changes for ACL support (Part 5)
* Adding Container ACL controller layer changes (Part 4)
* Adding Secret ACL controller layer changes (Part 3)
* Adding ACL db repository changes (Part 2)
* Adding ACL db model changes (Part 1)
* Updating Orders functional tests to new naming convention
* Adding docs to index and minor fixes
* Imported Translations from Transifex
* Restore worker tasks processing catching exceptions
* Adding GET and DELETE for containers quickstart guide
* Fix error in setting and updating ca and preferred ca tables
* Create snakeoil certificate plugin
* Imported Translations from Transifex
* Introducing container types and examples to quickstart guide
* Initial connect up retry task submit and re-enqueue
* Write task retry info to database from server.py
* Creating initial commit for containers quickstart guide
* Removing a forgotten TODO
* Adding reference doc page for containers
* Allow business logic and plugins to retry tasks
* Turning on info logging level by default
* Fix string formatting for a secret store exception message
* Add ability to run secrets tests in parallel
* Security tests for Container resources
* Completing secret reference documentation
* Add utf-8 decoding for Content-Type
* Imported Translations from Transifex
* Adding more detail to the secrets quickstart guide
* Switching how we handle sessions in p11\_crypto
* Changes to get Dogtag related functional tests working
* Fix some ca\_id related bugs, add more functional test code
* Fix CA related exceptions, and unskip relevant tests
* Removing unused TimeKeeper class
* Splitting out remaining order tests from test\_resources
* Fix pep8 gate errors
* Adding more content to the api reference for secrets
* Fix flake8 issue
* Updated from global requirements
* Removing the debian folder
* Add functional tests for certificate orders
* Fix common misspellings
* Imported Translations from Transifex
* Updated from global requirements
* Add retry periodic task and worker-client logic
* Add sub-status logic to worker/task processing
* BarbicanHTTPException can take arguments for client\_message
* Starting to rework docs around the secret resource
* Fix string substitution in exception messages missing the s

2015.1.0b3
----------

* Fix string substitution in exception messages missing the s
* Change certificate unit tests to use strong algorithms
* Make the default devstack config use the right password
* Add asymmetric key support to KMIP plugin
* Fixing errors and warnings on the sphinx docs
* Removed get\_secret\_type
* Moving containers tests to separate module
* Add code to populate CA tables and select plugin based on ca\_id
* Remove unused etc/dev\_tempest.conf file
* Refactor secrets functional tests for readability
* Test functionality of generated asymmetric keys
* Update README file
* Imported Translations from Transifex
* Implement validate\_pkcs10\_data
* Deprecate old secret decrypt path both in code and docs
* Use unique refs for RSA container example
* Added new repository classes and controller classes for CAs
* Standardized Secret Encoding
* Updating secret store plugin to support PyKMIP 0.3.0
* Making sure we allow all content-types for delete calls
* Third round of refactoring secrets tests
* Porting more tests to test\_secrets
* add another missing status code check in functional tests
* Fix functionaltest keystone URL fetch bug for v2
* Add missing alembic migration script for CA tables
* Upping process-timeout and fixing posargs in tox.ini
* Starting to split out orders from test\_resources.py
* check some responses in functional tests before using the resp
* Fix create orders functional tests for asynchronous order processing
* Making the tox -e functional tests run faster
* Cleanup and renaming within secrets smoke tests
* Remove extra v1 from override uri
* Split out and refactored more secret tests
* hide the eggs
* Replacing functional test authentication hookup
* Fix for order obj expiration issue with SQLAlchemy
* Starting refactor of test\_resources
* Fixing test dependence on execution order
* Enforce X-Project-Id coming from the request headers
* Ensure that external secret refs cannot be added to containers
* Ported API documentation to the repo
* Updated from global requirements
* Creating indexes for foreign keys
* Fixing race-condition for order processing in workers
* Enable secret decrypt through 'payload' resource
* Imported Translations from Transifex
* Let functional tests run with older tempest
* Fixed Binary Encoding to Secret Stores
* Updated from global requirements
* Use oslo\_log in db-manage script
* Get rid of Repositories class
* Use urljoin instead of os.path.join
* Fix functional tests to use new auth provider interface
* Validate character set used for payload when encoding is base64
* Adding NewRelic monitoring to worker tasks
* Fix bug in tests assuming order is active
* Update devstack to run tests both sequentially and in parallel
* Remove version from endpoints in catalog
* get\_or\_create\_project now calls repo factory
* Clean up test inheritance
* Containers and Consumers controllers use repo factories
* Refactor Secrets resource to use repository factories
* Refactor Orders resource to use repository factories
* Modified plugin contract to include barbican-meta-dto
* Making RootController load child controller at runtime
* Split override-url in functional test config file
* Imported Translations from Transifex
* Cleaning up application initialization
* Using a central secret store manager to remove lock
* Attempting to clean up some of the db session code
* Fixing logging import for barbican-worker.py
* Fixing unable to retrieve req id bug
* Use dictionary comprehensions and literals
* Add missing localisation markers
* Imported Translations from Transifex
* Remove pysqlite requirement
* Add Barbican order metadata table and repository
* Add support for dogtag in devstack testing
* Updated from global requirements
* Port to graduated oslo.log package
* Sync with latest oslo-incubator
* Fix security bug with host HTTP header field
* Add container consumer repository factory
* Removing uuid verification mock
* Add clarification regarding \_lookup in secrets and orders
* Enforce secret and order IDs are valid UUIDs
* Port the Database Migrations doc
* Add validation for profile for Orders API
* Adding ldap dependencies to documentation
* Added mixin class to allow soft deletes
* Added secret\_type to Secret model
* Imported Translations from Transifex
* Add missing repository factory functions
* Updating copyright on barbican/api files
* Updated copyright dates for functional tests/models
* Add subject\_dn validator
* Changing basic copyright for a section of functional tests
* Refactor \_lookup for orders controller
* Imported Translations from Transifex
* Configure colored logging in devstack
* Refactor \_lookup for secrets
* Remove useless requirements wsgiref
* Add code to generate a CSR in the stored key case
* fix a use after free bug in the pkcs11 plugin
* Fix "invalid credentials" error running functional tests
* Fix symmetric/asymmetric key order meta validation
* Replaced calls to iteritems with calls to six.iteritems
* Imported Translations from Transifex
* Cleaning up code duplication in hrefs.py
* Cleaning up method identation in transportkeys.py
* Cleaning up literal dict in validators.py
* Refactor exception handling in the app side
* Run functional tests against any barbican server

2015.1.0b2
----------

* Imported Translations from Transifex
* Add the ability to use either identity v2 or v3 API
* Drop old namespace for some oslo libraries
* Updated from global requirements
* Change exception when store plugin is misconfigured
* Trivial refactors to secret controller
* Imported Translations from Transifex
* Completely refactor PKCS11 plugin
* Delete comments that are no longer valid
* Renamed outputted keys from base model
* Fix downgrade for revision 254495565185
* Fix error in "tenants to projects" migration script
* Remove unnecessary checks from migration commands
* Added new model classes for CAs
* Add 'current' option to the migration script
* Add 'history' option to the migration script
* Handle SystemExit properly in migration script
* Add support for simple cmc requests to Dogtag plugin
* Updated from global requirements
* Switch Python's json to the OpenStack's json wrapper
* Updated from global requirements
* Remove commented test cases
* Inherit tests instead of explictly calling them
* Updated from global requirements
* Resolve intermittent HTTP 404 in devstack gate
* Include logging for barbican functional tests
* Fix content type validation if missing payload
* Drop Python 2.6 support
* Refactor order validation
* Updated from global requirements
* Add data model entities for OrderRetryTask
* Fix 500 error when PUTing an order
* Adding exceptions on bad key file permissions
* Checking the certificate file has reasonable permissions
* Return the actual name value for entities
* Fix UnicodeDecodeError's in the functional tests
* Updated from global requirements
* Adding client certificates to connection credentials
* Fix usage of keystone v3
* Only de-serialize objects when possible
* Enable functional tests to take a regex from tox
* Configure keystomemiddleware using identity\_uri
* Make default action return 405 in the controllers
* Updated from global requirements
* Moving exception logging in the base behaviors
* Adding error handling to help debug devstack issue
* Replace and remove native asserts
* Add I18n-related unit tests (Part 3)
* Plugin contract changes for the certificate-order-api
* Add validation for certificate-order-api
* Enable passing test regex to testr from tox
* Remove invalid TODOs related to bug 1331815
* Replace instances of keystone\_id from the code
* Change keystone\_id for external\_id in model
* Fixes crypto enabled plugins configuration

2015.1.0b1
----------

* Fix content\_type loading to be consistent
* Updated from global requirements
* Delete secret from plugin only if there's metadata
* Setting the max secret bit\_length size to be 32767
* Add I18n-related unit tests (Part 2)
* Use keystone v3 credentials for functional tests
* Support containers without a name
* Removing conditional logic around KMIP tests
* Actually run type order creation test
* Notify user if no database is specified
* Add I18n-related unit tests (Part 1)
* Changing ModelBase.save to correct updated time
* Replace 'tenants' for 'projects' in documentation
* Replace model related instances of tenant
* Make flake8 ignore \*.egg
* Imported Translations from Transifex
* Dont set debug and verbose as our example
* Updated from global requirements
* Update log messages to oslo.i18n
* Workflow documentation is now in infra-manual
* Updated from global requirements
* Remove py26 from tox.ini
* Container deletion will now clean up Consumers
* Add functional tests for order
* Added smoke tests for consumers
* Updated from global requirements
* Add PyKMIP to requirements
* Updated from global requirements
* Moved secret functional tests to data driven tests
* Updated from global requirements
* Use canonical name for coverage job
* Updated from global requirements
* Updated from global requirements
* Added test to check that an expired secret cannot be retrieved
* Fix communication of secret\_type info
* Use "key-manager" for service type
* Fixing remaining hacking violations
* Added smoke tests for containers
* Excluding alembic migrations from coverage
* Cleaning up a couple nits in the Symantec plugin
* The last round of secrets functional tests
* Remove redundant else, none returned by default
* First set of functional tests for orders
* Adding basic functional tests for containers
* Added smoke tests for orders
* Replace trivial instances of tenant for project
* Updated from global requirements
* Port the Dependency Adding/Updating docs to Sphinx
* Added second round of secrets functional tests
* Port the troubleshooting documentation into Sphinx
* Added first round of functional tests for secrets
* Added support classes for secret functional tests
* Adding simple getting involved doc
* Adding docs around running tests and devstack
* Taking a first stab at putting together setup docs
* Attempting to fix the devstack gate job
* add new diffcover target for a future non-voting gate job
* Smoke tests for secrets in Barbican Functional Tests
* sync global requirements now that pecan 0.8 is out
* Add certificate plugin page
* Add secret store plugin page
* Updated version tests to include auth and unauth flavors
* Add plugin sub-folder and augment crypto plugin doc
* Move functionaltests into smoke or functional subdirectories
* Bumping default ssl\_version to TLSv1, in light of POODLE
* Removing new\_name argument from test\_wrapper
* Add missing \n at the end of file
* Remove extraneous vim editor configuration comments
* Delete usage-indications from the model docstrings
* Adding keystone notification listener support

2014.2
------

* Update to the latest global requirements versions
* Imported Translations from Transifex
* Adding tox job for local functional test dev
* Adding a sample tempest config
* Open Kilo development
* Sync SQLAlchemy lifecycle to request cycle
* Cleaning up secret functional tests
* Code clean-up due to type order enhancement
* Use canonical cover name for coverage
* Adding parameterized decorators for unit tests
* Fix error in two-step secret PUT with base64
* Use OpenStack Incubated branding for docs
* Allowing all content-types for secret delete
* Adding size limits for create secret json fields
* Refactor secret functional tests using models and behaviors
* Add asymmtric order validator
* Changes to get certificate issuance flow working
* Deduplicate HACKING.rst with docs.openstack.org/developer/hacking/
* Add asymmetric key generation in dogtag plugin
* Pin Pecan to 0.6.0 to fix binary secret decrypts
* Test the secret model using an in memory database
* Adds to KMIP secret store test coverage
* Switch barbican.sh to use testr
* Typos 'asychronous' and 'formated'
* removed tenant id from code samples
* Bringing translation.py coverage up to 100%
* Remove restrictive hard-coded orders validation
* removed whitespace from pom.xml
* Update Getting Started Guide to include tech review feedback
* Adding sub-status and message to orders
* Imported Translations from Transifex
* Remove config parameter from secret\_store.py interface
* Modifying testr conf to suppress output
* Fixing the PYTHONHASHSEED bug with our unittests
* Updated dev guide to include feedback from previous tech review
* removed image files as they referred to internal architecure
* Switch to running tests in parallel with testr
* Install tempest instead of just adding it to PYTHONPATH
* PKCS11 refactor to use a master KEK and per project KEK
* Adding support for allowing binary data as-is as part of PUT
* Adding missing unit test on queue server tasks
* Imported Translations from Transifex
* Making a few MORE modules hacking 0.9.2 compliant
* Adding initial update logic for orders
* Move to oslotest

2014.2.b3
---------

* Add initial files for certificate event handling
* Reorganize code to use store crypto plug-in
* Remove some inline if/else statements
* Replace explicit assertion for function
* Make a whole host of modules hacking 0.9.2 compliant
* Updating API unit and functional tests to new hacking standards
* Imported Translations from Transifex
* Making a few modules hacking 0.9.2 compliant
* Additional work on certificate processing
* Updated Create Secret request and response
* Updated Get Secrets request and response
* Initial connect orders resource to certificate processing
* Updated Get Orders request and response
* Add a py3pep8 tox job. This will verify py3 compliant syntax
* Imported Translations from Transifex
* Fix Container list to properly format secret\_refs
* fix for bug #1359197
* fix all the log statments to use %s fomatting
* Add order plugin metadata entity and logic
* Add certificate\_manager functionality to dogtag plugin
* Allow devstack to do git clone of barbican
* Remove second setUp() call in tests
* change CryptoPluginManager to be instantiated in the module scope
* Imported Translations from Transifex
* Edited docs to improve context
* Minor cleanup and moving around code for clarity
* Add more type in order post
* Update versionbuild script to handle setup.cfg version
* Replacing backslashes
* Adds KMIPSecretStore and unit tests
* Install of a Barbican RPM fails due to missing keystonemiddleware
* Imported Translations from Transifex
* Removing symantec as a default plugin
* Updating symantec plugin docstrings
* First attempt at adding the symantecssl library
* Revert remove version from setup.cfg
* Install sqlite-devel package on fedora
* Refactor secret\_store for consistency
* remove project-id from resource URIs
* Replace hard-coded setup version setting
* Fixed misspelling in error message
* Make transport\_key an optional arg in SecretDTO
* Add Certificate Interface & Symantec Plugin
* Clean old comments (already implemented)
* Add support to Barbican for consumer registration
* Force uWSGI to set "Connection: close" header
* Adds store\_secret\_supports to secret\_store
* Remove remaining skipTest
* Add code to retrieve secrets metadata and data with transport key
* autodoc import error for plugin.rst
* Replace skipTest in favor of decorator
* Eager load KEKDatum record when EncryptedDatum is retrieved
* Code to pass through transport\_key\_id when storing secret
* Correct container create response code to be 201
* Adding doc sections to tox.ini
* code to retrieve transport key on metadata request
* Set python hash seed to 0 in tox.ini
* Imported Translations from Transifex
* Add tempest tests to run in devstack gate
* Use auth\_token from keystonemiddleware
* Cleaning up index.rst file
* Don't log message for keystone ID query when supressing exceptions

2014.2.b2
---------

* Added duplicate secret\_id validation in a container request
* Fix accepting longer PKI keystone auth requests to Barbican
* Imported Translations from Transifex
* Bug fix 1336995 DateTime type only accepts Python
* removing dead code from common.resources
* Remove dead code from config
* Replace should\_fail for should\_raise in tests
* Fix 500 error for secret PUT
* Fix Dogtag plugin and tests to match current secret\_store API
* Implement content-type HTTP header enforcement
* Change function and import names for readability
* Correctly ordering requirements.txt
* Move crypto package contents to the new plugin structure
* Refactor json validator
* Correct default bit\_length to match schema constraint
* Replaced some UTF-8 characters with ASCII characters
* Update from global requirements
* Update devstack endpoint creation to include v1
* Increase test coverage to 100% in validators.py
* Increased test coverage for app and updated .gitignore
* Removing an unnecessary catch
* Excluding the docs target folder from flake8
* Pin barbican above the most recent version of pecan
* Disable empty or null names for crypto plugins
* editing for gramatical and english errors
* Ensure that secrets within orders have expiration date isoformatted
* Add dogtag plugin to new plugin structure
* Increased common/utils.py test coverage to 100%
* Refactor secret validation for redability
* Adding test cases for more coverage
* Refactor allow\_all\_content\_types for readability
* Don't package dependencies available in RDO
* Use oslo-config and oslo-messaging from RDO
* Restructure project to accommodate plugin types
* Pass tests in newer versions of pecan
* Addes intermediates to certificate container
* Add \*\*kwargs to on\_<verb> controllers
* fix for - JSONErrorHook is not setting content type to JSON
* Fix for Unicode-objects must be encoded before decryption exception
* remove default=None for config options
* Ensure that datetimes are isoformatted
* Add certificate to the container type option
* Fixed several typos
* replace iterator.next() with next(iterator)
* fix to include data migration script
* Adding 3 new columns Type, Meta and container\_id to Orders
* Add SecretStore interface
* Fix data migration script error
* Adding SecretStoreMetadatum to the list of MODELS
* Crypto dev plugin now uses per-tenant KEKs
* Prepare barbican for localization
* Replace nonexistent function in test
* Usage of \_\_metaclass\_\_ not necesary with six.add\_metaclass
* Enable tox to upgrade packages if needed
* Add a local.conf for easier DevStack spinning up
* Adding docbook-based docs
* enable all hacking checks
* Update the links to python-barbicanclient
* Prefer os.urandom to PyCrypto's PRNG
* Beginning transition from pycrypto to cryptography
* More Hacking Violation Fixes
* Update to oslo-incubator (caed79d)
* Additional Hacking violation corrections
* enable hacking check H234
* unpin iso8601 dependency
* Fixed some Hacking violations
* major hacking fixes
* Fixing A Few Hacking Violations
* Add TransportKey as a resource
* Update Plugin Development documentation
* Changing from stackforge to openstack project
* Change name of SecretMetadatum table to SecretStoreMetadatum
* Update .gitreview file for new repo name
* Fix flake8 errors in migration version file
* Lock Pecan version to 0.5.0 for now, https://review.openstack.org/89849
* Fix dogtag unit tests
* Remove extra parameter for generate\_symmetric & generate\_asymmetric in test plugin
* Fixed http 500 due to mismatch between ResponseDTO and tuple from plugin encrypt
* Fixed a typo in a comment
* Pass secret metadata to crypto extension manager for plugin search
* Remove redundant code on offset, limit parameters
* Implement the REST API with pecan
* Increase DevStack uWSGI buffer for Tempest support (Keystone Headers)
* change assertEquals to assertEqual
* Adds SecretMetadatum table
* Extend crypto plugin to support more key types
* Metaclass Python 3.x Compatibility
* Ensure uWSGI process in DevStack is actually killed
* Fix a bug with handling of binary data
* Add configuration items to limit secret and request sizes
* Add Sphinx developer documentation skeleton
* Add Dogtag crypto plugin
* correcting spelling error in README file

2014.1
------

* Support for debug mode start in barbican
* Update crypto plugin interface to support Dogtag
* Clean up Verifications resource
* Revive Alembic-based database migration logic
* Remove v1 from the falcon app route
* Housekeeping, re-alphabetize requirements
* Make max api request size configurable
* Barbican should not do rbac on version api call
* Include discover in test-requirements
* Switch to testtools and make barbican compatible with Python2.6
* Fix string format used to report content validation errors
* Correct RBAC response codes
* Create secret - case insensitive Content-Type check

2014.1.b3
---------

* adding placeholder for endpoints
* Barbican uWSGI stats server listen on localhost
* Minor changes to make the bash8 check happy
* Adding more msgs, checking admin/non-admin endpoints
* Modify python-dateutil RPM build process
* Fixing bug 1287993 - logging issue
* Correcting bash script pre-test-hook
* Remove oslo.uuidutils
* Locking the version of iso8601
* Adjust contrib location, minor adjustments
* Adjust location of the functionaltests folder to root of project
* use of more readable policy language in policy file
* Adding DevStack Support
* Adds container endpoints to Barbican API
* Tell install to create files as 644 instead of 755
* Removes dead and unneeded code
* Add script to ensure semantic versions work with continuous build
* Specified content type is dropped on single step create secret
* add fpm packaging to satisfy oslo.messaging dependency for pyYaml
* Add queue configuration changes to support HA Rabbit queues
* Initial checkin of doc source
* fix for - create a secret - doesn't trim content type
* Support building wheels (PEP-427)
* exclude abstractmethod from coverage
* fix for testr
* Switch to testr
* Set rpm %\_topdir macro during build
* Removed dead code and updated tests to cover 100% for crypto
* Remove custom install\_command for argparse
* Enable tag-based full version reporting via pbr

2014.1.b2
---------

* Add RPM package dependencies needed for Barbican nodes post oslo.msg/pbr
* Alphabetizing requirements as per OpenStack best practices
* Switching to use VIRTUAL\_ENV env variable
* Fixing issue around error messages not being populated
* Update crypto unit test coverage
* Add RPM package dependencies needed for Barbican API/Worker nodes
* Removed scripts that are not being used
* Remove PostgreSQL dependencies from Barbican
* removing run\_tests.sh
* Updating copyright year
* Adding invalid\_property attr to support test code
* Sync the kombu and amqp versions
* Remove lingering celery dependencies out of RPM dependencies
* Enabled branch coverage for barbican.  Took out inclusive coverage
* Fix file copy bug with the barbican installer
* Removing bin/versionrelease
* Updating RPM build version
* Attempting to fix the tox environments
* Fix RBAC unit test failure due to uninitialized mock
* Sync with global requirements
* Fixed to un-quote the name parameter that gets used when querying for secrets
* Removes unneeded details from the error message
* Migrate to pbr
* Replace Celery with Oslo messaging for asynchronous queuing
* Expand secrets list API to allow for filters on name, mode, algorithm, and bit length
* host\_href should include scheme
* Fixed response object in the Verifications GET list resource method
* Add .mailmap file
* Add verification REST service to Barbican
* Line wrap README, revise IRC channel to #openstack-barbican
* Fix automatic signing
* Sign RPM builds
* Update Launchpad URL
* add link to bug tracker
* Removed README.rst in favor of README.md
* Remove Celery and Kombu version pinning
* Gracefully handle request for binary data as plain
* Update the keystone configuration script for Barbican per Johns Hopkins team
* Add a better installer for local Barbican application instances
* Fix spelling error, and add uWSGI stats server support
* Pin billiard version to 2.7.3.34
* Fix for bug/1238895: normalize plain text mime types
* Change the queue 'broker' config to allow a list of brokers
* Add back a explicit barbican-worker.py install line
* Remove unneeded Barbican worker script from generated RPM
* Add files to create worker RPM and get api/db/queue/worker nodes deployed
* Modify version template for the final OpenStack Havana release
* Fix KEK generation in the P11 Plugin + fix unit tests
* Change from using 'cypher\_type' to 'mode' in API and code base
* Remove duplicate TenantSecret on secret PUT call
* Remove base64 encoding feature from decrypted secrets GET API
* Refine the Secret metadata response by \*not\* returning the 'content-encodings'
* Add the error reason to the Order entity if async processing fails
* Refactor plugin API methods
* Update 404 message
* Freeze amqp version for rpm packaging
* Update dependency packaging
* moar dependencies thanks to oslo
* Add missing content type and encoding business logic after MIME-type revamp
* Remove uwsgi requirement
* Added total number of secrets/orders available to response
* Add new dependencies to rpm
* adds lazy app loading to the uwsgi inis
* Add role based access control (RBAC) to Barbican
* Handle missing cyper\_type and algorithm fields
* Remove padding code and tests in the p11 plugin
* Fix order creation bug involving content types
* Add mock testing for the p11\_crypto plugin
* Fix rpm build
* P11CryptoPlugin is now functional
* Update P11 plugin to function &  match new plugin contract
* First attempt to integrate Paul's HSM plugin into Barbican
* p11 plugin work
* Added hacking target to tox
* Change the location of the New Relic config file
* Mime Type Revamp
* Add New Relic application monitoring
* Fix PyCrypto rpm package name built by fpm
* Package PyCrypto 2.6 into an rpm using fpm
* Stop barbican-api during rpm removal
* Fixing NoneType issue with limit and offset
* Restrict use of 'plain\_text' to 'text/plain' MIME
* Package dependencies in RPMs using fpm
* Automate rpm build
* Clean list paging offset and limit values properly
* Fix rpm dependencies
* Validate MIME type and cypher type during order creation
* Added logic to skip migrations for sqlite databases, as sqlite does not support altering schema data
* Added barbican-api rpm packaging
* Adding files to support database migration via alembic
* Adjust debian upstart script to allow for updating running app when updating package version
* Added missing -1 in debian changelog file
* Revamped version release script to use time stamps;
* Clean up debian packaging.  Install dependencies from distro repos
* Add .gitreviw file; Fixed pyflakes violations; Fixed pep7 violations; Fixed tox.ini config;
* Prepare for next release

0.1.65
------

* Release for v0.1.65
* Fixed script rename in setup.py
* Restore comments about policy in barbican run script
* Renamed barbican-api script to barbican-all
* Use upstart instead of init scripts for uwsgi emperor
* Added admin api as a separate falcon app
* Removed unused uwsgi.ini file
* Prepare for next release

0.1.64
------

* Release for v0.1.64
* Updated the perf URI;
* Prepare for next release

0.1.63
------

* Release for v0.1.63
* Changing the performance URI;
* Prepare for next release

0.1.62
------

* Release for v0.1.62
* Adding blitz.io API contract;
* Modified readme to refer to the wiki home page;
* Clean up unit test suite; Remove print statements;
* Prepare for next release

0.1.61
------

* Release for v0.1.61
* Require latest SQLAlchemy (8.1)
* Prepare for next release

0.1.60
------

* Release for v0.1.60
* Prepare for next release

0.1.59
------

* Release for v0.1.59
* support faux key creation in crypto plugins + tests
* PEP8 clean up;
* #131 Fix defect involving expiration dates with time zones; Add graceful handling of 500 errors in REST resources;
* Prepare for next release

0.1.58
------

* Release for v0.1.58
* Prepare for next release
* Release for v0.1.57

0.1.57
------

* Updating API Doc and Technology links
* Prepare for next release
* Release for v0.1.56

0.1.56
------

* Address Douglass review items; Officially deleting api validators.py;
* Put text/plain in front of octet-stream in secret mime-type enum, as is more common type probably;
* Added enum validation of mime-types
* Finished order validation; Fixed secret from order bug; Added logic to display secret UUID for name if not specified;
* Added orders validation; Fixed bug in the max size of plain text secrets;
* Prepare for next release
* Release for v0.1.55

0.1.55
------

* Added more testing around nulls/empties in JSON input;
* Prepare for next release
* Fixed parser failure output back to REST client
* Release for v0.1.54

0.1.54
------

* FIxed PEP8 violations; Added jsonschema to installer dependencies;
* Added validation logic for new secrets;
* put back the copyright range to that of the original copied file .. instead of the incremented 2013
* do not need wsgi, using Middleware class from barbican.api.middleware.\_\_init\_\_.py
* using Middleware from api.middleware.\_\_init\_\_, just what we need. Added debug middleware to the \_\_init\_\_ file. Also extended copyright range from 2011-2012
* Prepare for next release
* Release for v0.1.53

0.1.53
------

* Adding err.log to git ignore list; Remove spurious log;
* Fixed mismatch between tenantsecret table's FKs and the ids of the models;
* Add tox to test requires;
* Add tox to test requires; Better handle mal-formed JSON errors;
* creating a request context after token authorization that contains user particulars such as tenant-id, user-id etc
* support for keystone context in request
* fixes the problem of 'Command tools/with\_venv.sh pip install --upgrade pip failed.' In the process adopted install\_venv\_common.py. Note setup.sh is currently commented out
* Prepare for next release
* Release for v0.1.52

0.1.52
------

* Added more debug logging in the paging repo methods, to troubleshoot defect;
* Oops, put back the 'see glance setup.py' for later version flow incorporation ala OpenStack lines
* Grab kek from config file for simple plugin
* need to make executable to not get permissions error when no virtual environment exists
* Prepare for next release
* Release for v0.1.51

0.1.51
------

* removed references to glance and substituted with barbican
* Prepare for next release
* Release for v0.1.50

0.1.50
------

* Adjusted limits logic; Added logging around limits to troubleshoot bug;
* Prepare for next release
* Release for v0.1.49

0.1.49
------

* Added missing is-deleted filter on order query; Changed secret POST response code to 201;
* Prepare for next release
* Release for v0.1.48

0.1.48
------

* Restore docstring param accidently removed;
* Addressed Douglas issues with imports; Fixed PEP8 violations
* Bug fix for order/tenant creation;
* Merged in Douglas' changes;
* Added better error feedback to clients; Added missing unit tests;
* Remove EncryptedDatum from plugin
* Added missing tenant-filtering logic/SQL; Added improved error reporting to clients;
* Only use byte type in plugin
* Added tenant-id filter to db queries of secrets;
* Secret can have more than one encrypted datum
* Save encryption details to kek\_metadata, not datum.mime\_type
* Prepare for next release
* Release for v0.1.47
* Added aes-128-cbc encryption in plugin using pycrypto

0.1.47
------

* Added size limits to the secret data; Fixed the next nav link to hide if no more data to display;
* Added methods to the crypto plugin manager to handle key gen and is-supports API flows; Added more code to deal with corner cases in API flow;
* Added soft-delete orders/secrets support; Updated unit tests;
* Fixed PEP8 violations; Tweaked fake encrypt/decrypt to show original passed in data;
* Prepare for next release
* Release for v0.1.46

0.1.46
------

* Don't inject conf into extension manager
* Added support for retrieving secret info stored in datum records, more work to follow
* Prepare for next release
* Release for v0.1.45

0.1.45
------

* Prepare for next release
* Release for v0.1.44

0.1.44
------

* Prepare for next release
* Release for v0.1.43
* Use oslo.config to load crypto plugins

0.1.43
------

* Prepare for next release
* Fixed the one-step POST call flow, verified with text/plain mime type; Modified exception handling to provide better feedback to client on errors;
* Release for v0.1.42

0.1.42
------

* Comment out identity policy setup in bin that is clobbering auto deployment process
* Added warning about is-null test
* Fix SQL bug in model code;
* Prepare for next release
* Release for v0.1.41
* Fixed some PEP8 violations;
* Merged Douglas' changes; Updated debian installer to install stevedore package;
* Added support for restricting GETs of expired secrets; Set default page size to 10 records;
* Prepare for next release
* Release for v0.1.40

0.1.40
------

* Prepare for next release
* Release for v0.1.39

0.1.39
------

* pep8 fixes
* Fixed tox tests broken by upstream commits
* Add support/tests for paged orders list via GETs;
* Fixed unit tests to mock policy enforcer;
* Fixed order test
* Finished secrets GET unit tests;
* Removed barbican.crypto.fields module.  Use plugin system instead
* Added decrypt via plugin
* Added paging logic, preliminary unit tests
* manual test aid
* merged with latest secrets resources, and load-balance related changes
* keystone middleware integration
* integrating keystone policy infrastructure
* Add paged list of secrets via secrets GET;
* Added crypto plugin encryption to Secrets post
* Prepare for next release
* Release for v0.1.38

0.1.38
------

* Converted ids to HATEOS-style refs per API docs; Added true host name for this href via conf file;
* Transferring blueprint from apiary.io
* Added missing secret fields; Changed order request to have an embedded secret dict that mirrors the secret request type;
* Prepare for next release
* Release for v0.1.37
* Prepare for next release
* Release for v0.1.37

0.1.37
------

* Fix secret post error
* Prepare for next release
* Release for v0.1.36

0.1.36
------

* Prepare for next release
* Add unit testing; Add text/plain mime handling;
* Release for v0.1.35
* Add PUT secret logic; add generate key (simple only); Add more unit tests; Still need to add missing secret paramters
* Added content-types output for secret GET
* changed port to 9311 instead of 8080
* Prepare for next release
* Release for v0.1.34
* Added creation of secret from order processing
* changed port to 9311, avoiding 9292 (taken by glance) and 8080 (taken by S3)
* Prepare for next release
* Release for v0.1.33

0.1.33
------

* Prepare for next release
* Release for v0.1.32
* Resolve diff in versions
* Prepare for next release
* Release for v0.1.30
* Revamped Secret and Order stuff per discussion, just baseline functionality, not complete
* Modified files per revamped secrets/orders API
* require python-keystoneclient to support keystone authentication
* Prepare for next release
* Release for v0.1.31

0.1.31
------

* Remove duplicate debian source folder
* Ignore IntelliJ module files
* Prepare for next release
* Release for v0.1.30

0.1.30
------

* Prepare for next release
* Release for v0.1.29
* Added v1 prefix to URI routes
* Prepare for next release
* Release for v0.1.28
* Changed working and links for new info
* Changed the mailing list in the README to the openstack-dev one; Added info about the Freenode IRC for barbican as well
* Prepare for next release
* Release for v0.1.27
* Add links from main git page to wiki pages
* Prepare for next release
* Release for v0.1.26
* Added unit test for the sample middleware component; Tweaks to the Barbican worker node boot script;
* Prepare for next release
* Release for v0.1.25
* Added unit test for tasks; Replaced TBDs with more IDE-friendly TODOs
* Prepare for next release
* Release for v0.1.24
* Add final config file changes for queuing/Celery
* Prepare for next release
* Release for v0.1.23
* Prepare for next release
* Release for v0.1.22
* Added files needed to run Celery- and RabbitMQ-based workers
* Revamped to look more like the Celery tasking approach
* Prepare for next release
* Release for v0.1.21
* Prepare for next release
* Release for v0.1.20
* Prepare for next release
* Release for v0.1.19
* Prepare for next release
* Release for v0.1.18
* Modified the test/default/standalone db connection to use a sqlite file in a folder writable by the barbican user
* Prepare for next release
* Release for v0.1.17
* Added missing pip dependencies for debian package
* Prepare for next release
* Release for v0.1.16
* Prepare for next release
* Release for v0.1.15
* Modify boot script to put copy of conf file into home dir for local-only deployments
* Address issue with oslo config rejecting cli options for logging
* Fixed mismatch between wiki and api script file venv setting
* Moved config files back to etc/barbican
* Added missing requires
* Added middleware sample; Modified boot script accordingly;
* Utilizing openstack jsonutils, per Chad feedback
* Fixed mismatch in bin script with wiki docs
* Fixed bug in local launch of barbican via bin script
* PEP8 cleanup
* Added secret entity type; Updated the banner of source files to match Rackspace open source
* Fixed/added unit tests...more to come
* Added initial worker and queue modules, more work to go..
* Added CSR and SSL Certificate resource and models...still need to plumb components
* Added tenent resource test;
* Cleaned up repo/model/config files to be more like Glance;
* Add initial revamped data related files
* Add paste config file
* Prepare for next release
* Release for v0.1.14
* Add oslo/openstack files; Modified barbican-api script and config to support local spinup of uwsgi API server
* Prepare for next release
* Release for v0.1.13
* Fixed PEP8 violations
* Prepare for next release
* Release for v0.1.12
* adding images for the wiki page
* Prepare for next release
* Release for v0.1.11
* Prepare for next release
* Release for v0.1.10
* Add change to test Jenkins for sprint review
* Prepare for next release
* Release for v0.1.9
* Test config to trigger Jenkins
* Prepare for next release
* Release for v0.1.8
* Prepare for next release
* Release for v0.1.7
* Test change to repo
* Prepare for next release
* Release for v0.1.6
* Prepare for next release
* Release for v0.1.5
* Prepare for next release
* Release for v0.1.4
* Prepare for next release
* Release for v0.1.3
* Prepare for next release
* Release for v0.1.2
* Added pythonpath to where config.py is located
* Added missing version utility modules
* Bump to the next version
* Fixed syntax error in script
* Added bin folder, to contain start scripts for the Barbican services
* Adjust the inital version to 0.1.1
* Moving POC code
* Update README.md
* Update README.md
* Update LICENSE
* Basic Readme
* Adding PANIC log type
* removing tag code
* workaround for bad header parsing
* Wrap policies in plural container
* Update README.md
* Added missing dependency
* PEP8 Fixes
* \Merge branch 'tenantAPI' of github.com:cloudkeep/barbican
* fix a bug for mutiple page agent pairing
* a bug fix for updating pairings
* Added Agent API and Agent WebUI
* Use Markup for escape
* Update Web UI for event display
* Updated tenant API and API testing
* add tenant api
* add test script for API
* added sample files to give coverage tool something to chew on
* added missing args from tox config
* Removed conflicting argument for nosetests
* added missing nosetests parameters in setup.cfg
* added missing package py files
* added pip and test requirements
* Add test and config files to test Jenkins
* adding tox.ini file
* API Support For Policies
* Added Pairing Call
* API Example
* WIP: First API Call
* Added basic policies
* Added Key model
* Added Tenant model
* Authenciation & Admin
* Improved style for Users
* Added Twitter Bootstrap for style
* SQLAlchemy Part 2
* Adding SQLAlchemy persistence
* Simple formatting fixes
* API Blueprint
* Flask Structure
* Update README.md
* Initial commit
