Bug#875603: ITP: python-hvac -- Python 2/3 client for HashiCorp Vault
On 2018-07-20 08:36:27, Gregor Riepl wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Gregor Riepl <onitake@gmail.com>
>
> * Package name : python-hvac
> Version : 0.6.2
> Upstream Author : Ian Unruh
> * URL : https://github.com/ianunruh/hvac
> * License : Apache-2.0
> Programming Lang: Python
> Description : Python 2/3 client for HashiCorp Vault
>
> HashiCorp Vault API client for Python 2/3.
>
> This package is useful for Ansible, as it allows accessing Vault credentials
> directly from Playbooks.
>
> I intend to maintain this package together with the DPMT.
> The Debian repository is here:
> https://salsa.debian.org/python-team/modules/hvac
>
> Please review and upload to Debian if the package fits the necessary criteria.
Hi,
Here's a review.
* the debian/changelog has a typo in your email address, introduced in
your latest commit. be more dilligent and review diffs before
pushing! :) i have fixed it and pushed.
* it is customary (but not mandatory) to use the same license as
upstream for the debian/* files. You use a BSD-3 license while
upstream uses Apache-2... that seems like a gratitious change. not a
blocker.
* nice note about vault in the README.Debian. care to link against
other WNPP bug reports there (opening them as needed)?
* I haven't audited the upstream source, I assume you have taken at
least a cursory look to make sure it's not total junk.
* lintian warns us about this:
W: python-hvac: new-package-should-not-package-python2-module python-hvac
W: python-hvac: multi-arch-same-package-calls-pycompile postinst:6
W: python3-hvac: multi-arch-same-package-calls-pycompile postinst:6
The latter should probably be fixed.
Otherwise things look good! I can sponsor this when you're ready - just
change the changelog to update the release and we're good to go.
Cheers,
A.
--
Secrecy is the keystone to all tyranny. Not force, but secrecy and
censorship.
- Robert A. Heinlein
Reply to: