launchpad-reviewers team mailing list archive

Thread
Date

[Merge] ~cjwatson/launchpad:doc-services-signing into launchpad:master

To: mp+452548@xxxxxxxxxxxxxxxxxx
From: Colin Watson <mp+452548@xxxxxxxxxxxxxxxxxx>
Date: Mon, 02 Oct 2023 12:19:21 -0000
Reply-to: mp+452548@xxxxxxxxxxxxxxxxxx
Sender: noreply@xxxxxxxxxxxxx

Colin Watson has proposed merging ~cjwatson/launchpad:doc-services-signing into launchpad:master.

Commit message:
doc: Add high-level signing service documentation

Requested reviews:
  Launchpad code reviewers (launchpad-reviewers)

For more details, see:
https://code.launchpad.net/~cjwatson/launchpad/+git/launchpad/+merge/452548
-- 
Your team Launchpad code reviewers is requested to review the proposed merge of ~cjwatson/launchpad:doc-services-signing into launchpad:master.

diff --git a/doc/reference/index.rst b/doc/reference/index.rst
index a8615c5..0fd2897 100644
--- a/doc/reference/index.rst
+++ b/doc/reference/index.rst
@@ -9,6 +9,14 @@ Reference
    python
    tests
 
+Services
+--------
+
+.. toctree::
+   :maxdepth: 1
+
+   services/signing
+
 Possibly out-of-date
 --------------------
 
diff --git a/doc/reference/services/signing.rst b/doc/reference/services/signing.rst
new file mode 100644
index 0000000..5af3366
--- /dev/null
+++ b/doc/reference/services/signing.rst
@@ -0,0 +1,66 @@
+Signing service
+===============
+
+Short description
+-----------------
+A service for storing keys and signing messages.
+
+Detailed description
+--------------------
+The signing service provides Launchpad with a way to sign important objects
+such as boot loaders, kernel images, kernel modules, or archive metadata,
+while isolating private keys so that other components of Launchpad cannot
+read them directly.
+
+It exposes authenticated and encrypted HTTP interfaces for generating keys,
+injecting keys that were generated elsewhere, and signing data.
+
+It is used both by Launchpad itself and by some other services within
+Canonical, such as the Snap Models Service.
+
+Documentation
+-------------
+https://lp-signing.readthedocs.io/
+
+Git repository
+--------------
+https://git.launchpad.net/lp-signing
+
+Bug tracker
+-----------
+https://bugs.launchpad.net/lp-signing
+
+Deployment
+----------
+* `lp-signing charm <https://charmhub.io/lp-signing>`_
+* `Mojo spec <https://git.launchpad.net/launchpad-mojo-specs/tree/lp-signing/>`_
+* `Deploying lp-signing <https://lp-signing.readthedocs.io/en/latest/how-to/deployment.html>`_
+
+Related specifications
+----------------------
+`Launchpad signing service <https://docs.google.com/document/d/1kCUUVFb1m0-Uo81tHFyYJCxysquMbKgJDMOSF63NWFc>`_
+
+Log files
+---------
+See https://wiki.canonical.com/Launchpad/FreshLogs.
+
+Production
+~~~~~~~~~~
+
+* ``rless il3-signing1.lp.internal::lp-signing-gunicorn-logs/gunicorn.log``
+* ``rless il3-signing2.lp.internal::lp-signing-gunicorn-logs/gunicorn.log``
+
+Staging
+~~~~~~~
+
+* ``rless 10.132.60.12::lp-signing-gunicorn-logs/gunicorn.log``
+* ``rless 10.132.60.220::lp-signing-gunicorn-logs/gunicorn.log``
+
+Common support cases
+--------------------
+..
+  XXX: https://warthogs.atlassian.net/browse/LP-1323: add documentation for enrolling a new client
+
+More information
+----------------
+`Launchpad services diagram <https://viewer.diagrams.net/?tags=%7B%7D&highlight=0000ff&edit=_blank&layers=1&nav=1&page-id=14glVH8XSJX-2FxTRWny#G1j-yk3c4mzYfMC79Y-uo9__u93pLWkiMi>`_