Merge remote-tracking branch 'origin/master' into zope4

273c326c · Aurel · 2d162e57 · e5ffb69b · 273c326c · 273c326c
Commit 273c326c authored Nov 12, 2020 by Aurel
129 changed files
--- a/README.update-hash.rst
+++ b/README.update-hash.rst
+update-hash
+===========
+``update-hash`` is a tool to assist software release developers in the management of ``buildout.hash.cfg`` files.
+A lot of recipes which uses hashing for referenced files. Updating the hash results in part uninstallation and installation, which is desired behaviour, as the file might have to be redownloaded. By using ``update-hash`` with ``buildout.hash.cfg`` the developer does not have to do the calculations and updates manually, just calling the tool is enough.
+Generally each Buildout profile which references some file shall use this approach to improve development process and minimise risk of using incorrect data from such entires.
+Working with ``buildout.hash.cfg``
+----------------------------------
+``buildout.hash.cfg`` files are buildout-style simplified configparser files to have a easy way to update MD5 hashes of provided files for download. They look like::
+  [section]
+  md5sum = <hash>
+  filename = <relative-path>
+Where ``<hash>`` is an automatically calculated checksum of ``<relative-path>``.
+Then ``buildout.hash.cfg`` can be included in software profile by ``extends`` of ``[buildout]`` section, and the section's ``md5sum`` and ``filename`` can be used.
+Special cases of ``filename`` key
+---------------------------------
+In case if section recipe has special unwanted behaviour for ``filename`` field the ``_update_hash_filename_`` key can be used like::
+  [section]
+  md5sum = <hash>
+  _update_hash_filename_ = <relative-path>
+Working with ``update-hash``
+----------------------------
+In order to update the ``buildout.hash.cfg`` one just need to call ``update-hash`` while being in the directory containing the file.
--- a/component/apache/buildout.cfg
+++ b/component/apache/buildout.cfg
@@ -39,9 +39,9 @@ configure-options =
 [apache]
 recipe = slapos.recipe.cmmi
 shared = true
-version = 2.4.43
+version = 2.4.46
 url = https://archive.apache.org/dist/httpd/httpd-${:version}.tar.bz2
-md5sum = 791c986b1e70fe61eb44060aacc89a64
+md5sum = 7d661ea5e736dac5e2761d9f49fe8361
 configure-options = --disable-static
                    --enable-authn-alias
                    --enable-bucketeer

--- a/component/golang/buildout.cfg
+++ b/component/golang/buildout.cfg
@@ -32,37 +32,10 @@ environment-extra =
 make-targets= cd src && ./make.bash && cp -alf .. ${:location}
-[golang19]
-<= golang-common
-url = https://dl.google.com/go/go1.9.7.src.tar.gz
-md5sum = 3c2cf876ed6612a022574a565206c6ea
-# go1.9 needs go1.4 to bootstrap
-environment-extra =
-  GOROOT_BOOTSTRAP=${golang14:location}
-[golang1.10]
-<= golang-common
-url = https://dl.google.com/go/go1.10.3.src.tar.gz
-md5sum = d15dfb264105c5e84fbe33f4a4aa5021
-# go1.10 needs go1.4 to bootstrap
-environment-extra =
-  GOROOT_BOOTSTRAP=${golang14:location}
-[golang1.11]
-<= golang-common
-url = https://dl.google.com/go/go1.11.4.src.tar.gz
-md5sum = a77697673215be465d1b583680ef2318
-# go1.11 needs go1.4 to bootstrap
-environment-extra =
-  GOROOT_BOOTSTRAP=${golang14:location}
 [golang1.12]
 <= golang-common
-url = https://dl.google.com/go/go1.12.9.src.tar.gz
+url = https://golang.org/dl/go1.12.17.src.tar.gz
-md5sum = 6132109d4050da349eadc9f7b0304ef4
+md5sum = 6b607fc795391dc609ffd79ebf41f080
 # go1.12 needs go1.4 to bootstrap
 environment-extra =
@@ -70,8 +43,8 @@ environment-extra =
 [golang1.13]
 <= golang-common
-url = https://dl.google.com/go/go1.13.9.src.tar.gz
+url = https://golang.org/dl/go1.13.15.src.tar.gz
-md5sum = 4ad8b04f962be93a32f3021e6f35b3b9
+md5sum = 4f4af14d88352a62761a9dcedf863ac0
 # go1.13 needs go1.4 to bootstrap
 environment-extra =
@@ -79,8 +52,8 @@ environment-extra =
 [golang1.14]
 <= golang-common
-url = https://dl.google.com/go/go1.14.3.src.tar.gz
+url = https://golang.org/dl/go1.14.9.src.tar.gz
-md5sum = 6b1fb42d219e2ea8925002013c76d4c7
+md5sum = 6f6dd1377421d27ca4bb607283b31738
 # go1.14 needs go1.4 to bootstrap
 environment-extra =
@@ -118,7 +91,7 @@ bin	= ${:directory}/bin
 depends = ${gowork.goinstall:recipe}
 # go version used for the workspace (possible to override in applications)
-golang  = ${golang1.10:location}
+golang  = ${golang1.14:location}
 # no special build flags by default
 buildflags =
@@ -138,7 +111,7 @@ recipe	= slapos.recipe.template
 url     = ${:_profile_base_location_}/goenv.sh.in
 output	= ${gowork:directory}/env.sh
 depends = ${gowork.mkdir:recipe}
-md5sum	= 6bcf96cf18ea68ce6e378ed8d49346a3
+md5sum	= f89553711ea95ad1f6727b76747a62bf
 [gowork.mkdir]
 # NOTE do not use slapos.cookbook:mkdirectory here - if anything in software (not instance)

--- a/component/golang/goenv.sh.in
+++ b/component/golang/goenv.sh.in
@@ -12,6 +12,8 @@ export PKG_CONFIG_PATH=$(echo -n "${gowork:cpkgpath}" |tr '\n' ':'):$PKG_CONFIG_
 export GOPATH=$X:$GOPATH
 export PATH=$X/bin:$PATH
 export PS1="(`basename $X`) $PS1"
+export GOCACHE=$X/cache
+export GOENV=$X/goenv
 # strip trailing : from $GOPATH, $PKG_CONFIG_PATH
 GOPATH=$${GOPATH%:}

--- a/component/haproxy/buildout.cfg
+++ b/component/haproxy/buildout.cfg
@@ -13,8 +13,8 @@ parts = haproxy
 [haproxy]
 recipe = slapos.recipe.cmmi
 shared = true
-url = http://www.haproxy.org/download/2.0/src/haproxy-2.0.15.tar.gz
+url = http://www.haproxy.org/download/2.0/src/haproxy-2.0.17.tar.gz
-md5sum = 59f892991476f08e2d16ac460c502f61
+md5sum = 786a967c73cc1455c938d42fbe333bfe
 configure-command = true
 # for Linux kernel 2.6.28 and above, we use "linux-glibc" as the TARGET,
 # otherwise use "generic".

--- a/component/helloweb/buildout.cfg
+++ b/component/helloweb/buildout.cfg
@@ -25,7 +25,7 @@ parts =
 install =
    lab.nexedi.com/nexedi/helloweb/go/...
-golang  = ${golang1.12:location}
+golang  = ${golang1.14:location}
 # -*- go -*-
 [helloweb-go]

--- a/component/nginx/buildout.cfg
+++ b/component/nginx/buildout.cfg
@@ -13,8 +13,8 @@ parts = nginx-output
 [nginx-common]
 recipe = slapos.recipe.cmmi
 shared = false
-url = https://nginx.org/download/nginx-1.17.6.tar.gz
+url = https://nginx.org/download/nginx-1.19.2.tar.gz
-md5sum = 55022aa5715386c994f6773478822853
+md5sum = 3dc55f6451ed6f819f1c796f4e5e9617
 [nginx]
 <= nginx-common
@@ -26,8 +26,8 @@ configure-options=
  --with-http_realip_module
  --with-mail
  --with-mail_ssl_module
-  --with-ld-opt="-L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib"
+  --with-ld-opt="-L ${openssl:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib"
-  --with-cc-opt="-I ${openssl-1.0:location}/include -I ${pcre:location}/include -I ${zlib:location}/include"
+  --with-cc-opt="-I ${openssl:location}/include -I ${pcre:location}/include -I ${zlib:location}/include"
 [nginx-dav-ext-module]
 recipe = slapos.recipe.build:download-unpacked
@@ -46,8 +46,8 @@ configure-options =
  --with-mail
  --with-mail_ssl_module
  --error-log-path=var/log/nginx.error.log
-  --with-ld-opt=" -L ${libexpat:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib"
+  --with-ld-opt=" -L ${libexpat:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib -L ${zlib:location}/lib -Wl,-rpath=${libexpat:location}/lib -Wl,-rpath=${openssl:location}/lib -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib"
-  --with-cc-opt="-I ${libexpat:location}/include -I ${openssl-1.0:location}/include -I ${pcre:location}/include -I ${zlib:location}/include"
+  --with-cc-opt="-I ${libexpat:location}/include -I ${openssl:location}/include -I ${pcre:location}/include -I ${zlib:location}/include"
  --with-http_dav_module 
  --add-module='${nginx-dav-ext-module:location}'
@@ -73,8 +73,8 @@ strip-top-level-dir = true
 configure-options=
  --with-ipv6
  --with-http_ssl_module
-  --with-ld-opt="-L ${zlib:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib  -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib"
+  --with-ld-opt="-L ${zlib:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib  -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib"
-  --with-cc-opt="-I ${pcre:location}/include -I ${openssl-1.0:location}/include -I ${zlib:location}/include"
+  --with-cc-opt="-I ${pcre:location}/include -I ${openssl:location}/include -I ${zlib:location}/include"
  --add-module=${hexaglobe-nginx-module:location}/sub_module
 # --add-module=${hexaglobe-nginx-module:location}/nginx-upstream-fair
@@ -91,8 +91,8 @@ configure-options=
  --with-http_ssl_module
  --with-http_v2_module
  --with-http_gzip_static_module
-  --with-ld-opt="-L ${zlib:location}/lib -L ${openssl-1.0:location}/lib -L ${pcre:location}/lib  -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl-1.0:location}/lib"
+  --with-ld-opt="-L ${zlib:location}/lib -L ${openssl:location}/lib -L ${pcre:location}/lib  -Wl,-rpath=${pcre:location}/lib -Wl,-rpath=${zlib:location}/lib -Wl,-rpath=${openssl:location}/lib"
-  --with-cc-opt="-I ${pcre:location}/include -I ${openssl-1.0:location}/include -I ${zlib:location}/include -Wno-error"
+  --with-cc-opt="-I ${pcre:location}/include -I ${openssl:location}/include -I ${zlib:location}/include -Wno-error"
  --add-module=${nginx-push-stream-module:location}
 [nginx-push-stream-output]

--- a/component/nodejs/buildout.cfg
+++ b/component/nodejs/buildout.cfg
@@ -14,6 +14,12 @@ parts =
 [nodejs]
 <= nodejs-8.9.4
+[nodejs-12.18.3]
+<= nodejs-base
+openssl_location = ${openssl:location}
+version = v12.18.3
+md5sum = 28bf6a4d98b238403fa58a0805f4a979
 [nodejs-10.19.0]
 <= nodejs-base
 openssl_location = ${openssl:location}

--- a/component/openblas/buildout.cfg
+++ b/component/openblas/buildout.cfg
@@ -15,23 +15,21 @@ patch-options = -p0
 patches =
  ${:_profile_base_location_}/disable_openmp_if_single_core.patch#ee553ccaf9dd4bc37374588e49956f62
-build-common-options = BINARY="$(uname -m | grep -q x86_64 && echo 64 || echo 32)" NO_STATIC=1 USE_OPENMP=1 USE_THREAD=1
+build-common-options = NO_STATIC=1 USE_OPENMP=1 USE_THREAD=1 DYNAMIC_ARCH=1
-# You can specify more options with openblas:build-ext-options parameter.
+# We build for multiple targets with runtime detection of the target CPU but
+# you can specify more options with openblas:build-ext-options parameter.
 # Example :
-# * to build generic binary that supports multiple architecture in one binary
+# * to specify the oldest model you expect to encounter
-#   DYNAMIC_ARCH=1
+#   (see https://github.com/xianyi/OpenBLAS/blob/v0.2.18/TargetList.txt )
-# * to specify target explicitly
-#   (see https://github.com/xianyi/OpenBLAS/blob/v0.2.15/TargetList.txt )
 #   TARGET=HASWELL
 build-ext-options =
 # Fortran is required for LAPACK, which is required for matplotlib.
 pre-configure = type gfortran
-# First try with auto-detected target and if it fails try TARGET=GENERIC.
 configure-command =
-  make ${:build-common-options} ${:build-ext-options} || (make -j1 clean && make ${:build-common-options} TARGET=GENERIC)
+  make ${:build-common-options} ${:build-ext-options}
 make-options =
  dummy
 make-targets =

--- a/component/pypy/buildout.cfg
+++ b/component/pypy/buildout.cfg
@@ -23,7 +23,7 @@ make-targets = python setup.py install --install-lib @@LOCATION@@
 [pypy2]
 recipe = slapos.recipe.cmmi
 shared = true
-url = https://bitbucket.org/pypy/pypy/downloads/pypy2.7-v7.3.1-src.tar.bz2
+url = https://downloads.python.org/pypy/pypy2.7-v7.3.1-src.tar.bz2
 md5sum = 7608bd58940ffc5403632c2c786d83bb
 configure-command =
  sed -i '/"_tkinter":/s/^/#/' lib_pypy/tools/build_cffi_imports.py

--- a/component/rust/buildout.cfg
+++ b/component/rust/buildout.cfg
+[buildout]
+parts =
+  rustc
+extends =
+    ../cmake/buildout.cfg
+    ../curl/buildout.cfg
+    ../git/buildout.cfg
+    ../openssl/buildout.cfg
+    ../pkgconfig/buildout.cfg
+[rustc]
+recipe = slapos.recipe.cmmi
+shared = true
+url = https://static.rust-lang.org/dist/rustc-1.45.2-src.tar.gz
+md5sum = 1c67d7c3f211e49e12e7c20abab08e70
+# --sysconfdir is a workaround for https://github.com/rust-lang/rust/issues/63915
+configure-options = --enable-extended --sysconfdir=@@LOCATION@@/etc/
+environment = 
+    PATH=${cmake:location}/bin/:${curl:location}/bin/:${git:location}/bin/:${pkgconfig:location}/bin/:%(PATH)s
+    PKG_CONFIG_PATH=${openssl:location}/lib/pkgconfig:
--- a/component/hookbox/buildout.cfg
+++ b/component/hookbox/buildout.cfg
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,43 +10,11 @@
        "any-observable": "^0.3.0"
      }
    },
-    "ansi-colors": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-1.1.0.tgz",
-      "integrity": "sha512-SFKX67auSNoVR38N3L+nvsPjOE0bybKTYbkf5tRvushrAPQ9V75huw0ZxBkKVeRU9kqH3d6HA4xTckbwZ4ixmA==",
-      "requires": {
-        "ansi-wrap": "^0.1.0"
-      }
-    },
-    "ansi-cyan": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/ansi-cyan/-/ansi-cyan-0.1.1.tgz",
-      "integrity": "sha1-U4rlKK+JgvKK4w2G8vF0VtJgmHM=",
-      "requires": {
-        "ansi-wrap": "0.1.0"
-      }
-    },
    "ansi-escapes": {
      "version": "1.4.0",
      "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-1.4.0.tgz",
      "integrity": "sha1-06ioOzGapneTZisT52HHkRQiMG4="
    },
-    "ansi-gray": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/ansi-gray/-/ansi-gray-0.1.1.tgz",
-      "integrity": "sha1-KWLPVOyXksSFEKPetSRDaGHvclE=",
-      "requires": {
-        "ansi-wrap": "0.1.0"
-      }
-    },
-    "ansi-red": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/ansi-red/-/ansi-red-0.1.1.tgz",
-      "integrity": "sha1-jGOPnRCAgAo1PJwoyKgcpHBdlGw=",
-      "requires": {
-        "ansi-wrap": "0.1.0"
-      }
-    },
    "ansi-regex": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz",
@@ -60,24 +28,11 @@
        "color-convert": "^1.9.0"
      }
    },
-    "ansi-wrap": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/ansi-wrap/-/ansi-wrap-0.1.0.tgz",
-      "integrity": "sha1-qCJQ3bABXponyoLoLqYDu/pF768="
-    },
    "any-observable": {
      "version": "0.3.0",
      "resolved": "https://registry.npmjs.org/any-observable/-/any-observable-0.3.0.tgz",
      "integrity": "sha512-/FQM1EDkTsf63Ub2C6O7GuYFDsSXUwsaZDurV0np41ocwq0jthUAYCmhBX9f+KwlaCgIuWyr/4WlUQUBfKfZog=="
    },
-    "append-buffer": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/append-buffer/-/append-buffer-1.0.2.tgz",
-      "integrity": "sha1-2CIM9GYIFSXv6lBhTz3mUU36WPE=",
-      "requires": {
-        "buffer-equal": "^1.0.0"
-      }
-    },
    "argparse": {
      "version": "1.0.10",
      "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz",
@@ -101,39 +56,11 @@
      "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-3.1.0.tgz",
      "integrity": "sha1-45sJrqne+Gao8gbiiK9jkZuuOcQ="
    },
-    "array-differ": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/array-differ/-/array-differ-1.0.0.tgz",
-      "integrity": "sha1-7/UuN1gknTO+QCuLuOVkuytdQDE="
-    },
-    "array-slice": {
-      "version": "0.2.3",
-      "resolved": "https://registry.npmjs.org/array-slice/-/array-slice-0.2.3.tgz",
-      "integrity": "sha1-3Tz7gO15c6dRF82sabC5nshhhvU="
-    },
-    "array-union": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/array-union/-/array-union-1.0.2.tgz",
-      "integrity": "sha1-mjRBDk9OPaI96jdb5b5w8kd47Dk=",
-      "requires": {
-        "array-uniq": "^1.0.1"
-      }
-    },
-    "array-uniq": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz",
-      "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY="
-    },
    "array-unique": {
      "version": "0.3.2",
      "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.3.2.tgz",
      "integrity": "sha1-qJS3XUvE9s1nnvMkSp/Y9Gri1Cg="
    },
-    "arrify": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/arrify/-/arrify-1.0.1.tgz",
-      "integrity": "sha1-iYUI2iIm84DfkEcoRWhJwVAaSw0="
-    },
    "assign-symbols": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/assign-symbols/-/assign-symbols-1.0.0.tgz",
@@ -144,27 +71,6 @@
      "resolved": "https://registry.npmjs.org/atob/-/atob-2.1.2.tgz",
      "integrity": "sha512-Wm6ukoaOGJi/73p/cl2GvLjTI5JM1k/O14isD73YML8StrH/7/lRFgmg8nICZgD3bZZvjwCGxtMOD3wWNAu8cg=="
    },
-    "axios": {
-      "version": "0.18.1",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-0.18.1.tgz",
-      "integrity": "sha512-0BfJq4NSfQXd+SkFdrvFbG7addhYSBA2mQwISr46pD6E5iqkWg02RAs8vyTT/j0RTnoYmeXauBuSv1qKwR179g==",
-      "requires": {
-        "follow-redirects": "1.5.10",
-        "is-buffer": "^2.0.2"
-      },
-      "dependencies": {
-        "is-buffer": {
-          "version": "2.0.4",
-          "resolved": "https://registry.npmjs.org/is-buffer/-/is-buffer-2.0.4.tgz",
-          "integrity": "sha512-Kq1rokWXOPXWuaMAqZiJW4XxsmD9zGx9q4aePabbn3qCRGedtH7Cm+zV8WETitMfu1wdh+Rvd6w5egwSngUX2A=="
-        }
-      }
-    },
-    "balanced-match": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz",
-      "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
-    },
    "base": {
      "version": "0.11.2",
      "resolved": "https://registry.npmjs.org/base/-/base-0.11.2.tgz",
@@ -215,20 +121,6 @@
        }
      }
    },
-    "bignumber.js": {
-      "version": "2.4.0",
-      "resolved": "https://registry.npmjs.org/bignumber.js/-/bignumber.js-2.4.0.tgz",
-      "integrity": "sha1-g4qZLan51zfg9LLbC+YrsJ3Qxeg="
-    },
-    "brace-expansion": {
-      "version": "1.1.11",
-      "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz",
-      "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
-      "requires": {
-        "balanced-match": "^1.0.0",
-        "concat-map": "0.0.1"
-      }
-    },
    "braces": {
      "version": "2.3.2",
      "resolved": "https://registry.npmjs.org/braces/-/braces-2.3.2.tgz",
@@ -256,43 +148,6 @@
        }
      }
    },
-    "buffer-equal": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/buffer-equal/-/buffer-equal-1.0.0.tgz",
-      "integrity": "sha1-WWFrSYME1Var1GaWayLu2j7KX74="
-    },
-    "buffer-equals": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/buffer-equals/-/buffer-equals-1.0.4.tgz",
-      "integrity": "sha1-A1O1T9B/2VZBcGca5vZrnPENJ/U="
-    },
-    "buffered-spawn": {
-      "version": "3.3.2",
-      "resolved": "https://registry.npmjs.org/buffered-spawn/-/buffered-spawn-3.3.2.tgz",
-      "integrity": "sha1-l7mEbE5EaqIzILSpTFIJ7dMtrLs=",
-      "requires": {
-        "cross-spawn": "^4.0.0"
-      },
-      "dependencies": {
-        "cross-spawn": {
-          "version": "4.0.2",
-          "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-4.0.2.tgz",
-          "integrity": "sha1-e5JHYhwjrf3ThWAEqCPL45dCTUE=",
-          "requires": {
-            "lru-cache": "^4.0.1",
-            "which": "^1.2.9"
-          }
-        }
-      }
-    },
-    "bufferstreams": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/bufferstreams/-/bufferstreams-2.0.1.tgz",
-      "integrity": "sha512-ZswyIoBfFb3cVDsnZLLj2IDJ/0ppYdil/v2EGlZXvoefO689FokEmFEldhN5dV7R2QBxFneqTJOMIpfqhj+n0g==",
-      "requires": {
-        "readable-stream": "^2.3.6"
-      }
-    },
    "builtin-modules": {
      "version": "1.1.1",
      "resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz",
@@ -314,11 +169,6 @@
        "unset-value": "^1.0.0"
      }
    },
-    "camelcase": {
-      "version": "5.3.1",
-      "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-5.3.1.tgz",
-      "integrity": "sha512-L28STB170nwWS63UjtlEOE3dldQApaJXZkOI1uMFfzf3rRuPegHaHesyee+YxQ+W6SvRDQV6UrdOdRiR153wJg=="
-    },
    "chalk": {
      "version": "2.4.1",
      "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.1.tgz",
@@ -329,14 +179,6 @@
        "supports-color": "^5.3.0"
      }
    },
-    "checkstyle-formatter": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/checkstyle-formatter/-/checkstyle-formatter-1.1.0.tgz",
-      "integrity": "sha1-HEki26xy1nJCz7hedwaRfVWHtRI=",
-      "requires": {
-        "xml-escape": "^1.0.0"
-      }
-    },
    "ci-info": {
      "version": "1.6.0",
      "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-1.6.0.tgz",
@@ -380,65 +222,6 @@
        "string-width": "^1.0.1"
      }
    },
-    "cliui": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/cliui/-/cliui-4.1.0.tgz",
-      "integrity": "sha512-4FG+RSG9DL7uEwRUZXZn3SS34DiDPfzP0VOiEwtUWlE+AR2EIg+hSyvrIgUUfhdgR/UkAeW2QHgeP+hWrXs7jQ==",
-      "requires": {
-        "string-width": "^2.1.1",
-        "strip-ansi": "^4.0.0",
-        "wrap-ansi": "^2.0.0"
-      },
-      "dependencies": {
-        "is-fullwidth-code-point": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz",
-          "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8="
-        },
-        "string-width": {
-          "version": "2.1.1",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz",
-          "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==",
-          "requires": {
-            "is-fullwidth-code-point": "^2.0.0",
-            "strip-ansi": "^4.0.0"
-          }
-        },
-        "strip-ansi": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz",
-          "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=",
-          "requires": {
-            "ansi-regex": "^3.0.0"
-          }
-        }
-      }
-    },
-    "clone": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/clone/-/clone-2.1.2.tgz",
-      "integrity": "sha1-G39Ln1kfHo+DZwQBYANFoCiHQ18="
-    },
-    "clone-buffer": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/clone-buffer/-/clone-buffer-1.0.0.tgz",
-      "integrity": "sha1-4+JbIHrE5wGvch4staFnksrD3Fg="
-    },
-    "clone-stats": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/clone-stats/-/clone-stats-1.0.0.tgz",
-      "integrity": "sha1-s3gt/4u1R04Yuba/D9/ngvh3doA="
-    },
-    "cloneable-readable": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/cloneable-readable/-/cloneable-readable-1.1.3.tgz",
-      "integrity": "sha512-2EF8zTQOxYq70Y4XKtorQupqF0m49MBz2/yf5Bj+MHjvpG3Hy7sImifnqD6UA+TKYxeSV+u6qqQPawN5UvnpKQ==",
-      "requires": {
-        "inherits": "^2.0.1",
-        "process-nextick-args": "^2.0.0",
-        "readable-stream": "^2.3.5"
-      }
-    },
    "code-point-at": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz",
@@ -466,11 +249,6 @@
      "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz",
      "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU="
    },
-    "color-support": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/color-support/-/color-support-1.1.3.tgz",
-      "integrity": "sha512-qiBjkpbMLO/HL68y+lh4q0/O1MZFj2RX6X/KmMa3+gJD3z+WwI1ZzDHysvqHGS3mP6mznPckpXmw1nI9cJjyRg=="
-    },
    "commander": {
      "version": "2.19.0",
      "resolved": "https://registry.npmjs.org/commander/-/commander-2.19.0.tgz",
@@ -481,29 +259,11 @@
      "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.2.1.tgz",
      "integrity": "sha1-E3kY1teCg/ffemt8WmPhQOaUJeY="
    },
-    "concat-map": {
-      "version": "0.0.1",
-      "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz",
-      "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s="
-    },
-    "convert-source-map": {
-      "version": "1.7.0",
-      "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.7.0.tgz",
-      "integrity": "sha512-4FJkXzKXEDB1snCFZlLP4gpC3JILicCpGbzG9f9G7tGqGCzETQ2hWPrcinA9oU4wtf2biUaEH5065UnMeR33oA==",
-      "requires": {
-        "safe-buffer": "~5.1.1"
-      }
-    },
    "copy-descriptor": {
      "version": "0.1.1",
      "resolved": "https://registry.npmjs.org/copy-descriptor/-/copy-descriptor-0.1.1.tgz",
      "integrity": "sha1-Z29us8OZl8LuGsOpJP1hJHSPV40="
    },
-    "core-util-is": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz",
-      "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac="
-    },
    "cosmiconfig": {
      "version": "5.0.6",
      "resolved": "https://registry.npmjs.org/cosmiconfig/-/cosmiconfig-5.0.6.tgz",
@@ -529,11 +289,6 @@
      "resolved": "https://registry.npmjs.org/date-fns/-/date-fns-1.29.0.tgz",
      "integrity": "sha512-lbTXWZ6M20cWH8N9S6afb0SBm6tMk+uUg6z3MqHPKE9atmsY3kJkTm8vKe93izJ2B2+q5MV990sM2CHgtAZaOw=="
    },
-    "date-format": {
-      "version": "0.0.2",
-      "resolved": "https://registry.npmjs.org/date-format/-/date-format-0.0.2.tgz",
-      "integrity": "sha1-+v1Ej3IRXvHitzkVWukvK+bCjdE="
-    },
    "debug": {
      "version": "3.2.6",
      "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz",
@@ -542,11 +297,6 @@
        "ms": "^2.1.1"
      }
    },
-    "decamelize": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz",
-      "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA="
-    },
    "decode-uri-component": {
      "version": "0.2.0",
      "resolved": "https://registry.npmjs.org/decode-uri-component/-/decode-uri-component-0.2.0.tgz",
@@ -557,14 +307,6 @@
      "resolved": "https://registry.npmjs.org/dedent/-/dedent-0.7.0.tgz",
      "integrity": "sha1-JJXduvbrh0q7Dhvp3yLS5aVEMmw="
    },
-    "define-properties": {
-      "version": "1.1.3",
-      "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.1.3.tgz",
-      "integrity": "sha512-3MqfYKj2lLzdMSf8ZIZE/V+Zuy+BgD6f164e8K2w7dgnpKArBDerGYpM46IYYcjnkdPNMjPk9A6VFB8+3SKlXQ==",
-      "requires": {
-        "object-keys": "^1.0.12"
-      }
-    },
    "define-property": {
      "version": "2.0.2",
      "resolved": "https://registry.npmjs.org/define-property/-/define-property-2.0.2.tgz",
@@ -602,89 +344,11 @@
        }
      }
    },
-    "duplexify": {
-      "version": "3.7.1",
-      "resolved": "https://registry.npmjs.org/duplexify/-/duplexify-3.7.1.tgz",
-      "integrity": "sha512-07z8uv2wMyS51kKhD1KsdXJg5WQ6t93RneqRxUHnskXVtlYYkLqM0gqStQZ3pj073g687jPCHrqNfCzawLYh5g==",
-      "requires": {
-        "end-of-stream": "^1.0.0",
-        "inherits": "^2.0.1",
-        "readable-stream": "^2.0.0",
-        "stream-shift": "^1.0.0"
-      }
-    },
-    "eclint": {
-      "version": "2.8.1",
-      "resolved": "https://registry.npmjs.org/eclint/-/eclint-2.8.1.tgz",
-      "integrity": "sha512-0u1UubFXSOgZgXNhuPeliYyTFmjWStVph8JR6uD6NDuxl3xI5VSCsA1KX6/BSYtM9v4wQMifGoNFfN5VlRn4LQ==",
-      "requires": {
-        "editorconfig": "^0.15.2",
-        "file-type": "^10.1.0",
-        "gulp-exclude-gitignore": "^1.2.0",
-        "gulp-filter": "^5.1.0",
-        "gulp-reporter": "^2.9.0",
-        "gulp-tap": "^1.0.1",
-        "linez": "^4.1.4",
-        "lodash": "^4.17.11",
-        "minimatch": "^3.0.4",
-        "os-locale": "^3.0.1",
-        "plugin-error": "^1.0.1",
-        "through2": "^2.0.3",
-        "vinyl": "^2.2.0",
-        "vinyl-fs": "^3.0.3",
-        "yargs": "^12.0.2"
-      }
-    },
-    "editorconfig": {
-      "version": "0.15.3",
-      "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-0.15.3.tgz",
-      "integrity": "sha512-M9wIMFx96vq0R4F+gRpY3o2exzb8hEj/n9S8unZtHSvYjibBp/iMufSzvmOcV/laG0ZtuTVGtiJggPOSW2r93g==",
-      "requires": {
-        "commander": "^2.19.0",
-        "lru-cache": "^4.1.5",
-        "semver": "^5.6.0",
-        "sigmund": "^1.0.1"
-      },
-      "dependencies": {
-        "lru-cache": {
-          "version": "4.1.5",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.5.tgz",
-          "integrity": "sha512-sWZlbEP2OsHNkXrMl5GYk/jKk70MBng6UU4YI/qGDYbgf6YbP4EvmqISbXCoJiRKs+1bSpFHVgQxvJ17F2li5g==",
-          "requires": {
-            "pseudomap": "^1.0.2",
-            "yallist": "^2.1.2"
-          }
-        }
-      }
-    },
    "elegant-spinner": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/elegant-spinner/-/elegant-spinner-1.0.1.tgz",
      "integrity": "sha1-2wQ1IcldfjA/2PNFvtwzSc+wcp4="
    },
-    "emoji-regex": {
-      "version": "7.0.3",
-      "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz",
-      "integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA=="
-    },
-    "emphasize": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/emphasize/-/emphasize-2.1.0.tgz",
-      "integrity": "sha512-wRlO0Qulw2jieQynsS3STzTabIhHCyjTjZraSkchOiT8rdvWZlahJAJ69HRxwGkv2NThmci2MSnDfJ60jB39tw==",
-      "requires": {
-        "chalk": "^2.4.0",
-        "highlight.js": "~9.12.0",
-        "lowlight": "~1.9.0"
-      }
-    },
-    "end-of-stream": {
-      "version": "1.4.4",
-      "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz",
-      "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==",
-      "requires": {
-        "once": "^1.4.0"
-      }
-    },
    "error-ex": {
      "version": "1.3.2",
      "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz",
@@ -767,11 +431,6 @@
        }
      }
    },
-    "extend": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
-      "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g=="
-    },
    "extend-shallow": {
      "version": "3.0.2",
      "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-3.0.2.tgz",
@@ -850,25 +509,6 @@
        }
      }
    },
-    "fancy-log": {
-      "version": "1.3.3",
-      "resolved": "https://registry.npmjs.org/fancy-log/-/fancy-log-1.3.3.tgz",
-      "integrity": "sha512-k9oEhlyc0FrVh25qYuSELjr8oxsCoc4/LEZfg2iJJrfEk/tZL9bCoJE47gqAvI2m/AUjluCS4+3I0eTx8n3AEw==",
-      "requires": {
-        "ansi-gray": "^0.1.1",
-        "color-support": "^1.1.3",
-        "parse-node-version": "^1.0.0",
-        "time-stamp": "^1.0.0"
-      }
-    },
-    "fault": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/fault/-/fault-1.0.4.tgz",
-      "integrity": "sha512-CJ0HCB5tL5fYTEA7ToAq5+kTwd++Borf1/bifxd9iT70QcXr4MRrO3Llf8Ifs70q+SJcGHFtnIE/Nw6giCtECA==",
-      "requires": {
-        "format": "^0.2.0"
-      }
-    },
    "figures": {
      "version": "1.7.0",
      "resolved": "https://registry.npmjs.org/figures/-/figures-1.7.0.tgz",
@@ -878,11 +518,6 @@
        "object-assign": "^4.1.0"
      }
    },
-    "file-type": {
-      "version": "10.11.0",
-      "resolved": "https://registry.npmjs.org/file-type/-/file-type-10.11.0.tgz",
-      "integrity": "sha512-uzk64HRpUZyTGZtVuvrjP0FYxzQrBf4rojot6J65YMEbwBLB0CWm0CLojVpwpmFmxcE/lkvYICgfcGozbBq6rw=="
-    },
    "fill-range": {
      "version": "4.0.0",
      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-4.0.0.tgz",
@@ -917,48 +552,11 @@
        "locate-path": "^3.0.0"
      }
    },
-    "flush-write-stream": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/flush-write-stream/-/flush-write-stream-1.1.1.tgz",
-      "integrity": "sha512-3Z4XhFZ3992uIq0XOqb9AreonueSYphE6oYbpt5+3u06JWklbsPkNv3ZKkP9Bz/r+1MWCaMoSQ28P85+1Yc77w==",
-      "requires": {
-        "inherits": "^2.0.3",
-        "readable-stream": "^2.3.6"
-      }
-    },
-    "follow-redirects": {
-      "version": "1.5.10",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
-      "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
-      "requires": {
-        "debug": "=3.1.0"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
-          "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "ms": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
-          "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
-        }
-      }
-    },
    "for-in": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz",
      "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA="
    },
-    "format": {
-      "version": "0.2.2",
-      "resolved": "https://registry.npmjs.org/format/-/format-0.2.2.tgz",
-      "integrity": "sha1-1hcBB+nv3E7TDJ3DkBbflCtctYs="
-    },
    "fragment-cache": {
      "version": "0.2.1",
      "resolved": "https://registry.npmjs.org/fragment-cache/-/fragment-cache-0.2.1.tgz",
@@ -967,40 +565,6 @@
        "map-cache": "^0.2.2"
      }
    },
-    "fs-extra": {
-      "version": "7.0.1",
-      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-7.0.1.tgz",
-      "integrity": "sha512-YJDaCJZEnBmcbw13fvdAM9AwNOJwOzrE4pqMqBq5nFiEqXUqHwlK4B+3pUw6JNvfSPtX05xFHtYy/1ni01eGCw==",
-      "requires": {
-        "graceful-fs": "^4.1.2",
-        "jsonfile": "^4.0.0",
-        "universalify": "^0.1.0"
-      }
-    },
-    "fs-mkdirp-stream": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/fs-mkdirp-stream/-/fs-mkdirp-stream-1.0.0.tgz",
-      "integrity": "sha1-C3gV/DIBxqaeFNuYzgmMFpNSWes=",
-      "requires": {
-        "graceful-fs": "^4.1.11",
-        "through2": "^2.0.3"
-      }
-    },
-    "fs.realpath": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
-      "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8="
-    },
-    "function-bind": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.1.tgz",
-      "integrity": "sha512-yIovAzMX49sF8Yl58fSCWJ5svSLuaibPxXQJFLmBObTuCr0Mf1KiPopGM9NiFjiYBCbfaa2Fh6breQ6ANVTI0A=="
-    },
-    "get-caller-file": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.3.tgz",
-      "integrity": "sha512-3t6rVToeoZfYSGd8YoLFR2DJkiQrIiUrGcjvFX2mDw3bn6k2OtwHN0TNCLbBO+w8qTvimhDkv+LSscbJY1vE6w=="
-    },
    "get-own-enumerable-property-symbols": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/get-own-enumerable-property-symbols/-/get-own-enumerable-property-symbols-3.0.0.tgz",
@@ -1021,259 +585,6 @@
      "resolved": "https://registry.npmjs.org/get-value/-/get-value-2.0.6.tgz",
      "integrity": "sha1-3BXKHGcjh8p2vTesCjlbogQqLCg="
    },
-    "glob": {
-      "version": "7.1.6",
-      "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz",
-      "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==",
-      "requires": {
-        "fs.realpath": "^1.0.0",
-        "inflight": "^1.0.4",
-        "inherits": "2",
-        "minimatch": "^3.0.4",
-        "once": "^1.3.0",
-        "path-is-absolute": "^1.0.0"
-      }
-    },
-    "glob-parent": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-3.1.0.tgz",
-      "integrity": "sha1-nmr2KZ2NO9K9QEMIMr0RPfkGxa4=",
-      "requires": {
-        "is-glob": "^3.1.0",
-        "path-dirname": "^1.0.0"
-      },
-      "dependencies": {
-        "is-glob": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-3.1.0.tgz",
-          "integrity": "sha1-e6WuJCF4BKxwcHuWkiVnSGzD6Eo=",
-          "requires": {
-            "is-extglob": "^2.1.0"
-          }
-        }
-      }
-    },
-    "glob-stream": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/glob-stream/-/glob-stream-6.1.0.tgz",
-      "integrity": "sha1-cEXJlBOz65SIjYOrRtC0BMx73eQ=",
-      "requires": {
-        "extend": "^3.0.0",
-        "glob": "^7.1.1",
-        "glob-parent": "^3.1.0",
-        "is-negated-glob": "^1.0.0",
-        "ordered-read-streams": "^1.0.0",
-        "pumpify": "^1.3.5",
-        "readable-stream": "^2.1.5",
-        "remove-trailing-separator": "^1.0.1",
-        "to-absolute-glob": "^2.0.0",
-        "unique-stream": "^2.0.2"
-      }
-    },
-    "graceful-fs": {
-      "version": "4.2.4",
-      "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.4.tgz",
-      "integrity": "sha512-WjKPNJF79dtJAVniUlGGWHYGz2jWxT6VhN/4m1NdkbZ2nOsEF+cI1Edgql5zCRhs/VsQYRvrXctxktVXZUkixw=="
-    },
-    "gulp-exclude-gitignore": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/gulp-exclude-gitignore/-/gulp-exclude-gitignore-1.2.0.tgz",
-      "integrity": "sha512-J3LCmz9C1UU1pxf5Npx6SNc5o9YQptyc9IHaqLiBlihZmg44jaaTplWUZ0JPQkMdOTae0YgEDvT9TKlUWDSMUA==",
-      "requires": {
-        "gulp-ignore": "^2.0.2"
-      }
-    },
-    "gulp-filter": {
-      "version": "5.1.0",
-      "resolved": "https://registry.npmjs.org/gulp-filter/-/gulp-filter-5.1.0.tgz",
-      "integrity": "sha1-oF4Rr/sHz33PQafeHLe2OsN4PnM=",
-      "requires": {
-        "multimatch": "^2.0.0",
-        "plugin-error": "^0.1.2",
-        "streamfilter": "^1.0.5"
-      },
-      "dependencies": {
-        "arr-diff": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-1.1.0.tgz",
-          "integrity": "sha1-aHwydYFjWI/vfeezb6vklesaOZo=",
-          "requires": {
-            "arr-flatten": "^1.0.1",
-            "array-slice": "^0.2.3"
-          }
-        },
-        "arr-union": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-2.1.0.tgz",
-          "integrity": "sha1-IPnqtexw9cfSFbEHexw5Fh0pLH0="
-        },
-        "extend-shallow": {
-          "version": "1.1.4",
-          "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-1.1.4.tgz",
-          "integrity": "sha1-Gda/lN/AnXa6cR85uHLSH/TdkHE=",
-          "requires": {
-            "kind-of": "^1.1.0"
-          }
-        },
-        "kind-of": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-1.1.0.tgz",
-          "integrity": "sha1-FAo9LUGjbS78+pN3tiwk+ElaXEQ="
-        },
-        "plugin-error": {
-          "version": "0.1.2",
-          "resolved": "https://registry.npmjs.org/plugin-error/-/plugin-error-0.1.2.tgz",
-          "integrity": "sha1-O5uzM1zPAPQl4HQ34ZJ2ln2kes4=",
-          "requires": {
-            "ansi-cyan": "^0.1.1",
-            "ansi-red": "^0.1.1",
-            "arr-diff": "^1.0.1",
-            "arr-union": "^2.0.1",
-            "extend-shallow": "^1.1.2"
-          }
-        }
-      }
-    },
-    "gulp-ignore": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/gulp-ignore/-/gulp-ignore-2.0.2.tgz",
-      "integrity": "sha1-XC6ioKRALgq0orzRLv2SlTRNePI=",
-      "requires": {
-        "gulp-match": "^1.0.3",
-        "through2": "^2.0.1"
-      }
-    },
-    "gulp-match": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/gulp-match/-/gulp-match-1.1.0.tgz",
-      "integrity": "sha512-DlyVxa1Gj24DitY2OjEsS+X6tDpretuxD6wTfhXE/Rw2hweqc1f6D/XtsJmoiCwLWfXgR87W9ozEityPCVzGtQ==",
-      "requires": {
-        "minimatch": "^3.0.3"
-      }
-    },
-    "gulp-reporter": {
-      "version": "2.10.0",
-      "resolved": "https://registry.npmjs.org/gulp-reporter/-/gulp-reporter-2.10.0.tgz",
-      "integrity": "sha512-HeruxN7TL/enOB+pJfFmeekVsXsZzQvVGpL7vOLdUe7y7VdqHUvMQRRW5qMIvVSKqRs3EtQiR/kURu3WWfXq6w==",
-      "requires": {
-        "ansi-escapes": "^3.1.0",
-        "axios": "^0.18.0",
-        "buffered-spawn": "^3.3.2",
-        "bufferstreams": "^2.0.1",
-        "chalk": "^2.4.1",
-        "checkstyle-formatter": "^1.1.0",
-        "ci-info": "^2.0.0",
-        "cli-truncate": "^1.1.0",
-        "emphasize": "^2.0.0",
-        "fancy-log": "^1.3.3",
-        "fs-extra": "^7.0.1",
-        "in-gfw": "^1.2.0",
-        "is-windows": "^1.0.2",
-        "js-yaml": "^3.12.0",
-        "junit-report-builder": "^1.3.1",
-        "lodash.get": "^4.4.2",
-        "os-locale": "^3.0.1",
-        "plugin-error": "^1.0.1",
-        "string-width": "^3.0.0",
-        "term-size": "^1.2.0",
-        "through2": "^3.0.0",
-        "to-time": "^1.0.2"
-      },
-      "dependencies": {
-        "ansi-escapes": {
-          "version": "3.2.0",
-          "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-3.2.0.tgz",
-          "integrity": "sha512-cBhpre4ma+U0T1oM5fXg7Dy1Jw7zzwv7lt/GoCpr+hDQJoYnKVPLL4dCvSEFMmQurOQvSrwT7SL/DAlhBI97RQ=="
-        },
-        "ci-info": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/ci-info/-/ci-info-2.0.0.tgz",
-          "integrity": "sha512-5tK7EtrZ0N+OLFMthtqOj4fI2Jeb88C4CAZPu25LDVUgXJ0A3Js4PMGqrn0JU1W0Mh1/Z8wZzYPxqUrXeBboCQ=="
-        },
-        "cli-truncate": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/cli-truncate/-/cli-truncate-1.1.0.tgz",
-          "integrity": "sha512-bAtZo0u82gCfaAGfSNxUdTI9mNyza7D8w4CVCcaOsy7sgwDzvx6ekr6cuWJqY3UGzgnQ1+4wgENup5eIhgxEYA==",
-          "requires": {
-            "slice-ansi": "^1.0.0",
-            "string-width": "^2.0.0"
-          },
-          "dependencies": {
-            "string-width": {
-              "version": "2.1.1",
-              "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz",
-              "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==",
-              "requires": {
-                "is-fullwidth-code-point": "^2.0.0",
-                "strip-ansi": "^4.0.0"
-              }
-            }
-          }
-        },
-        "is-fullwidth-code-point": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz",
-          "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8="
-        },
-        "slice-ansi": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/slice-ansi/-/slice-ansi-1.0.0.tgz",
-          "integrity": "sha512-POqxBK6Lb3q6s047D/XsDVNPnF9Dl8JSaqe9h9lURl0OdNqy/ujDrOiIHtsqXMGbWWTIomRzAMaTyawAU//Reg==",
-          "requires": {
-            "is-fullwidth-code-point": "^2.0.0"
-          }
-        },
-        "string-width": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz",
-          "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==",
-          "requires": {
-            "emoji-regex": "^7.0.1",
-            "is-fullwidth-code-point": "^2.0.0",
-            "strip-ansi": "^5.1.0"
-          },
-          "dependencies": {
-            "ansi-regex": {
-              "version": "4.1.0",
-              "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz",
-              "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg=="
-            },
-            "strip-ansi": {
-              "version": "5.2.0",
-              "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz",
-              "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==",
-              "requires": {
-                "ansi-regex": "^4.1.0"
-              }
-            }
-          }
-        },
-        "strip-ansi": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz",
-          "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=",
-          "requires": {
-            "ansi-regex": "^3.0.0"
-          }
-        },
-        "through2": {
-          "version": "3.0.1",
-          "resolved": "https://registry.npmjs.org/through2/-/through2-3.0.1.tgz",
-          "integrity": "sha512-M96dvTalPT3YbYLaKaCuwu+j06D/8Jfib0o/PxbVt6Amhv3dUAtW6rTV1jPgJSBG83I/e04Y6xkVdVhSRhi0ww==",
-          "requires": {
-            "readable-stream": "2 || 3"
-          }
-        }
-      }
-    },
-    "gulp-tap": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/gulp-tap/-/gulp-tap-1.0.1.tgz",
-      "integrity": "sha1-5nESThJZtM6iGe0cqXt/WFwzRpA=",
-      "requires": {
-        "through2": "^2.0.3"
-      }
-    },
    "has-ansi": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz",
@@ -1294,11 +605,6 @@
      "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
      "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0="
    },
-    "has-symbols": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.1.tgz",
-      "integrity": "sha512-PLcsoqu++dmEIZB+6totNFKq/7Do+Z0u4oT0zKOJNl3lYK6vGwwu2hjHs+68OEZbTjiUE9bgOABXbP/GvrS0Kg=="
-    },
    "has-value": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/has-value/-/has-value-1.0.0.tgz",
@@ -1328,11 +634,6 @@
        }
      }
    },
-    "highlight.js": {
-      "version": "9.12.0",
-      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.12.0.tgz",
-      "integrity": "sha1-5tnb5Xy+/mB1HwKvM2GVhwyQwB4="
-    },
    "hosted-git-info": {
      "version": "2.7.1",
      "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.7.1.tgz",
@@ -1355,57 +656,11 @@
        "slash": "^2.0.0"
      }
    },
-    "iconv-lite": {
-      "version": "0.4.24",
-      "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz",
-      "integrity": "sha512-v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA==",
-      "requires": {
-        "safer-buffer": ">= 2.1.2 < 3"
-      }
-    },
-    "in-gfw": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/in-gfw/-/in-gfw-1.2.0.tgz",
-      "integrity": "sha512-LgSoQXzuSS/x/nh0eIggq7PsI7gs/sQdXNEolRmHaFUj6YMFmPO1kxQ7XpcT3nPpC3DMwYiJmgnluqJmFXYiMg==",
-      "requires": {
-        "glob": "^7.1.2",
-        "is-wsl": "^1.1.0",
-        "mem": "^3.0.1"
-      }
-    },
    "indent-string": {
      "version": "3.2.0",
      "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz",
      "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok="
    },
-    "inflight": {
-      "version": "1.0.6",
-      "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz",
-      "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=",
-      "requires": {
-        "once": "^1.3.0",
-        "wrappy": "1"
-      }
-    },
-    "inherits": {
-      "version": "2.0.4",
-      "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz",
-      "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ=="
-    },
-    "invert-kv": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/invert-kv/-/invert-kv-2.0.0.tgz",
-      "integrity": "sha512-wPVv/y/QQ/Uiirj/vh3oP+1Ww+AWehmi1g5fFWGPF6IpCBCDVrhgHRMvrLfdYcwDh3QJbGXDW4JAuzxElLSqKA=="
-    },
-    "is-absolute": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-absolute/-/is-absolute-1.0.0.tgz",
-      "integrity": "sha512-dOWoqflvcydARa360Gvv18DZ/gRuHKi2NU/wU5X1ZFzdYfH29nkiNZsF3mp4OJ3H4yo9Mx8A/uAGNzpzPN3yBA==",
-      "requires": {
-        "is-relative": "^1.0.0",
-        "is-windows": "^1.0.1"
-      }
-    },
    "is-accessor-descriptor": {
      "version": "0.1.6",
      "resolved": "https://registry.npmjs.org/is-accessor-descriptor/-/is-accessor-descriptor-0.1.6.tgz",
@@ -1516,11 +771,6 @@
        "is-extglob": "^2.1.1"
      }
    },
-    "is-negated-glob": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-negated-glob/-/is-negated-glob-1.0.0.tgz",
-      "integrity": "sha1-aRC8pdqMleeEtXUbl2z1oQ/uNtI="
-    },
    "is-number": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/is-number/-/is-number-3.0.0.tgz",
@@ -1570,47 +820,16 @@
      "resolved": "https://registry.npmjs.org/is-regexp/-/is-regexp-1.0.0.tgz",
      "integrity": "sha1-/S2INUXEa6xaYz57mgnof6LLUGk="
    },
-    "is-relative": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-relative/-/is-relative-1.0.0.tgz",
-      "integrity": "sha512-Kw/ReK0iqwKeu0MITLFuj0jbPAmEiOsIwyIXvvbfa6QfmN9pkD1M+8pdk7Rl/dTKbH34/XBFMbgD4iMJhLQbGA==",
-      "requires": {
-        "is-unc-path": "^1.0.0"
-      }
-    },
    "is-stream": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz",
      "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ="
    },
-    "is-unc-path": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-unc-path/-/is-unc-path-1.0.0.tgz",
-      "integrity": "sha512-mrGpVd0fs7WWLfVsStvgF6iEJnbjDFZh9/emhRDcGWTduTfNHd9CHeUwH3gYIjdbwo4On6hunkztwOaAw0yllQ==",
-      "requires": {
-        "unc-path-regex": "^0.1.2"
-      }
-    },
-    "is-utf8": {
-      "version": "0.2.1",
-      "resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz",
-      "integrity": "sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI="
-    },
-    "is-valid-glob": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-valid-glob/-/is-valid-glob-1.0.0.tgz",
-      "integrity": "sha1-Kb8+/3Ab4tTTFdusw5vDn+j2Aao="
-    },
    "is-windows": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/is-windows/-/is-windows-1.0.2.tgz",
      "integrity": "sha512-eXK1UInq2bPmjyX6e3VHIzMLobc4J94i4AWn+Hpq3OU5KkrRC96OAcR3PRJ/pGu6m8TRnBHP9dkXQVsT/COVIA=="
    },
-    "is-wsl": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/is-wsl/-/is-wsl-1.1.0.tgz",
-      "integrity": "sha1-HxbkqiKwTRM2tmGIpmrzxgDDpm0="
-    },
    "isarray": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
@@ -1656,80 +875,16 @@
      "resolved": "https://registry.npmjs.org/json-parse-better-errors/-/json-parse-better-errors-1.0.2.tgz",
      "integrity": "sha512-mrqyZKfX5EhL7hvqcV6WG1yYjnjeuYDzDhhcAAUrq8Po85NBQBJP+ZDUT75qZQ98IkUoBqdkExkukOU7Ts2wrw=="
    },
-    "json-stable-stringify-without-jsonify": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/json-stable-stringify-without-jsonify/-/json-stable-stringify-without-jsonify-1.0.1.tgz",
-      "integrity": "sha1-nbe1lJatPzz+8wp1FC0tkwrXJlE="
-    },
-    "jsonfile": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
-      "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=",
-      "requires": {
-        "graceful-fs": "^4.1.6"
-      }
-    },
-    "junit-report-builder": {
-      "version": "1.3.3",
-      "resolved": "https://registry.npmjs.org/junit-report-builder/-/junit-report-builder-1.3.3.tgz",
-      "integrity": "sha512-75bwaXjP/3ogyzOSkkcshXGG7z74edkJjgTZlJGAyzxlOHaguexM3VLG6JyD9ZBF8mlpgsUPB1sIWU4LISgeJw==",
-      "requires": {
-        "date-format": "0.0.2",
-        "lodash": "^4.17.15",
-        "mkdirp": "^0.5.0",
-        "xmlbuilder": "^10.0.0"
-      },
-      "dependencies": {
-        "lodash": {
-          "version": "4.17.15",
-          "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.15.tgz",
-          "integrity": "sha512-8xOcRHvCjnocdS5cpwXQXVzmmh5e5+saE2QGoeQmbKmRS6J3VQppPOIt0MnmE+4xlZoumy0GPG0D0MVIQbNA1A=="
-        }
-      }
-    },
    "kind-of": {
      "version": "6.0.2",
      "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.2.tgz",
      "integrity": "sha512-s5kLOcnH0XqDO+FvuaLX8DDjZ18CGFk7VygH40QoKPUQhW4e2rvM0rwUq0t8IQDOwYSeLK01U90OjzBTme2QqA=="
    },
-    "lazystream": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/lazystream/-/lazystream-1.0.0.tgz",
-      "integrity": "sha1-9plf4PggOS9hOWvolGJAe7dxaOQ=",
-      "requires": {
-        "readable-stream": "^2.0.5"
-      }
-    },
-    "lcid": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/lcid/-/lcid-2.0.0.tgz",
-      "integrity": "sha512-avPEb8P8EGnwXKClwsNUgryVjllcRqtMYa49NTsbQagYuT1DcXnl1915oxWjoyGrXR6zH/Y0Zc96xWsPcoDKeA==",
-      "requires": {
-        "invert-kv": "^2.0.0"
-      }
-    },
-    "lead": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/lead/-/lead-1.0.0.tgz",
-      "integrity": "sha1-bxT5mje+Op3XhPVJVpDlkDRm7kI=",
-      "requires": {
-        "flush-write-stream": "^1.0.2"
-      }
-    },
    "leven": {
      "version": "2.1.0",
      "resolved": "https://registry.npmjs.org/leven/-/leven-2.1.0.tgz",
      "integrity": "sha1-wuep93IJTe6dNCAq6KzORoeHVYA="
    },
-    "linez": {
-      "version": "4.1.4",
-      "resolved": "https://registry.npmjs.org/linez/-/linez-4.1.4.tgz",
-      "integrity": "sha1-Tx2xaWXDoZ45SikxMCPMnLKfAqc=",
-      "requires": {
-        "buffer-equals": "^1.0.4",
-        "iconv-lite": "^0.4.15"
-      }
-    },
    "lint-staged": {
      "version": "7.3.0",
      "resolved": "https://registry.npmjs.org/lint-staged/-/lint-staged-7.3.0.tgz",
@@ -1876,11 +1031,6 @@
      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
      "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
    },
-    "lodash.get": {
-      "version": "4.4.2",
-      "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz",
-      "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk="
-    },
    "log-symbols": {
      "version": "2.2.0",
      "resolved": "https://registry.npmjs.org/log-symbols/-/log-symbols-2.2.0.tgz",
@@ -1898,15 +1048,6 @@
        "cli-cursor": "^1.0.2"
      }
    },
-    "lowlight": {
-      "version": "1.9.2",
-      "resolved": "https://registry.npmjs.org/lowlight/-/lowlight-1.9.2.tgz",
-      "integrity": "sha512-Ek18ElVCf/wF/jEm1b92gTnigh94CtBNWiZ2ad+vTgW7cTmQxUY3I98BjHK68gZAJEWmybGBZgx9qv3QxLQB/Q==",
-      "requires": {
-        "fault": "^1.0.2",
-        "highlight.js": "~9.12.0"
-      }
-    },
    "lru-cache": {
      "version": "4.1.3",
      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.3.tgz",
@@ -1916,14 +1057,6 @@
        "yallist": "^2.1.2"
      }
    },
-    "map-age-cleaner": {
-      "version": "0.1.3",
-      "resolved": "https://registry.npmjs.org/map-age-cleaner/-/map-age-cleaner-0.1.3.tgz",
-      "integrity": "sha512-bJzx6nMoP6PDLPBFmg7+xRKeFZvFboMrGlxmNj9ClvX53KrmvM5bXFXEWjbz4cz1AFn+jWJ9z/DJSz7hrs0w3w==",
-      "requires": {
-        "p-defer": "^1.0.0"
-      }
-    },
    "map-cache": {
      "version": "0.2.2",
      "resolved": "https://registry.npmjs.org/map-cache/-/map-cache-0.2.2.tgz",
@@ -1937,15 +1070,6 @@
        "object-visit": "^1.0.0"
      }
    },
-    "mem": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/mem/-/mem-3.0.1.tgz",
-      "integrity": "sha512-QKs47bslvOE0NbXOqG6lMxn6Bk0Iuw0vfrIeLykmQle2LkCw1p48dZDdzE+D88b/xqRJcZGcMNeDvSVma+NuIQ==",
-      "requires": {
-        "mimic-fn": "^1.0.0",
-        "p-is-promise": "^1.1.0"
-      }
-    },
    "micromatch": {
      "version": "3.1.10",
      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-3.1.10.tgz",
@@ -1966,24 +1090,6 @@
        "to-regex": "^3.0.2"
      }
    },
-    "mimic-fn": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-1.2.0.tgz",
-      "integrity": "sha512-jf84uxzwiuiIVKiOLpfYk7N46TSy8ubTonmneY9vrpHNAnp0QBt2BxWV9dO3/j+BoVAb+a5G6YDPW3M5HOdMWQ=="
-    },
-    "minimatch": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz",
-      "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
-      "requires": {
-        "brace-expansion": "^1.1.7"
-      }
-    },
-    "minimist": {
-      "version": "1.2.5",
-      "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.2.5.tgz",
-      "integrity": "sha512-FM9nNUYrRBAELZQT3xeZQ7fmMOBg6nWNmJKTcgsJeaLstP/UODVpGsr5OhXhhXg6f+qtJ8uiZ+PUxkDWcgIXLw=="
-    },
    "mixin-deep": {
      "version": "1.3.1",
      "resolved": "https://registry.npmjs.org/mixin-deep/-/mixin-deep-1.3.1.tgz",
@@ -2003,30 +1109,11 @@
        }
      }
    },
-    "mkdirp": {
-      "version": "0.5.5",
-      "resolved": "https://registry.npmjs.org/mkdirp/-/mkdirp-0.5.5.tgz",
-      "integrity": "sha512-NKmAlESf6jMGym1++R0Ra7wvhV+wFW63FaSOFPwRahvea0gMUcGUhVeAg/0BC0wiv9ih5NYPB1Wn1UEI1/L+xQ==",
-      "requires": {
-        "minimist": "^1.2.5"
-      }
-    },
    "ms": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz",
      "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg=="
    },
-    "multimatch": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/multimatch/-/multimatch-2.1.0.tgz",
-      "integrity": "sha1-nHkGoi+0wCkZ4vX3UWG0zb1LKis=",
-      "requires": {
-        "array-differ": "^1.0.0",
-        "array-union": "^1.0.1",
-        "arrify": "^1.0.0",
-        "minimatch": "^3.0.0"
-      }
-    },
    "nanomatch": {
      "version": "1.2.13",
      "resolved": "https://registry.npmjs.org/nanomatch/-/nanomatch-1.2.13.tgz",
@@ -2045,11 +1132,6 @@
        "to-regex": "^3.0.1"
      }
    },
-    "nice-try": {
-      "version": "1.0.5",
-      "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz",
-      "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ=="
-    },
    "normalize-package-data": {
      "version": "2.4.0",
      "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz",
@@ -2061,22 +1143,6 @@
        "validate-npm-package-license": "^3.0.1"
      }
    },
-    "normalize-path": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-2.1.1.tgz",
-      "integrity": "sha1-GrKLVW4Zg2Oowab35vogE3/mrtk=",
-      "requires": {
-        "remove-trailing-separator": "^1.0.1"
-      }
-    },
-    "now-and-later": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/now-and-later/-/now-and-later-2.0.1.tgz",
-      "integrity": "sha512-KGvQ0cB70AQfg107Xvs/Fbu+dGmZoTRJp2TaPwcwQm3/7PteUyN2BCgk8KBMPGBUXZdVwyWS8fDCGFygBm19UQ==",
-      "requires": {
-        "once": "^1.3.2"
-      }
-    },
    "npm-path": {
      "version": "2.0.4",
      "resolved": "https://registry.npmjs.org/npm-path/-/npm-path-2.0.4.tgz",
@@ -2141,11 +1207,6 @@
        }
      }
    },
-    "object-keys": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz",
-      "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA=="
-    },
    "object-visit": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/object-visit/-/object-visit-1.0.1.tgz",
@@ -2154,17 +1215,6 @@
        "isobject": "^3.0.0"
      }
    },
-    "object.assign": {
-      "version": "4.1.0",
-      "resolved": "https://registry.npmjs.org/object.assign/-/object.assign-4.1.0.tgz",
-      "integrity": "sha512-exHJeq6kBKj58mqGyTQ9DFvrZC/eR6OwxzoM9YRoGBqrXYonaFyGiFMuc9VZrXf7DarreEwMpurG3dd+CNyW5w==",
-      "requires": {
-        "define-properties": "^1.1.2",
-        "function-bind": "^1.1.1",
-        "has-symbols": "^1.0.0",
-        "object-keys": "^1.0.11"
-      }
-    },
    "object.pick": {
      "version": "1.3.0",
      "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz",
@@ -2173,108 +1223,16 @@
        "isobject": "^3.0.1"
      }
    },
-    "once": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
-      "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
-      "requires": {
-        "wrappy": "1"
-      }
-    },
    "onetime": {
      "version": "1.1.0",
      "resolved": "http://registry.npmjs.org/onetime/-/onetime-1.1.0.tgz",
      "integrity": "sha1-ofeDj4MUxRbwXs78vEzP4EtO14k="
    },
-    "ordered-read-streams": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/ordered-read-streams/-/ordered-read-streams-1.0.1.tgz",
-      "integrity": "sha1-d8DLN8QVJdZBZtmQ/61+xqDhNj4=",
-      "requires": {
-        "readable-stream": "^2.0.1"
-      }
-    },
-    "os-locale": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/os-locale/-/os-locale-3.1.0.tgz",
-      "integrity": "sha512-Z8l3R4wYWM40/52Z+S265okfFj8Kt2cC2MKY+xNi3kFs+XGI7WXu/I309QQQYbRW4ijiZ+yxs9pqEhJh0DqW3Q==",
-      "requires": {
-        "execa": "^1.0.0",
-        "lcid": "^2.0.0",
-        "mem": "^4.0.0"
-      },
-      "dependencies": {
-        "cross-spawn": {
-          "version": "6.0.5",
-          "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz",
-          "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==",
-          "requires": {
-            "nice-try": "^1.0.4",
-            "path-key": "^2.0.1",
-            "semver": "^5.5.0",
-            "shebang-command": "^1.2.0",
-            "which": "^1.2.9"
-          }
-        },
-        "execa": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz",
-          "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==",
-          "requires": {
-            "cross-spawn": "^6.0.0",
-            "get-stream": "^4.0.0",
-            "is-stream": "^1.1.0",
-            "npm-run-path": "^2.0.0",
-            "p-finally": "^1.0.0",
-            "signal-exit": "^3.0.0",
-            "strip-eof": "^1.0.0"
-          }
-        },
-        "get-stream": {
-          "version": "4.1.0",
-          "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz",
-          "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==",
-          "requires": {
-            "pump": "^3.0.0"
-          }
-        },
-        "mem": {
-          "version": "4.3.0",
-          "resolved": "https://registry.npmjs.org/mem/-/mem-4.3.0.tgz",
-          "integrity": "sha512-qX2bG48pTqYRVmDB37rn/6PT7LcR8T7oAX3bf99u1Tt1nzxYfxkgqDwUwolPlXweM0XzBOBFzSx4kfp7KP1s/w==",
-          "requires": {
-            "map-age-cleaner": "^0.1.1",
-            "mimic-fn": "^2.0.0",
-            "p-is-promise": "^2.0.0"
-          }
-        },
-        "mimic-fn": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/mimic-fn/-/mimic-fn-2.1.0.tgz",
-          "integrity": "sha512-OqbOk5oEQeAZ8WXWydlu9HJjz9WVdEIvamMCcXmuqUYjTknH/sqsWvhQ3vgwKFRR1HpjvNBKQ37nbJgYzGqGcg=="
-        },
-        "p-is-promise": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-2.1.0.tgz",
-          "integrity": "sha512-Y3W0wlRPK8ZMRbNq97l4M5otioeA5lm1z7bkNkxCka8HSPjR0xRWmpCmc9utiaLP9Jb1eD8BgeIxTW4AIF45Pg=="
-        }
-      }
-    },
-    "p-defer": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/p-defer/-/p-defer-1.0.0.tgz",
-      "integrity": "sha1-n26xgvbJqozXQwBKfU+WsZaw+ww="
-    },
    "p-finally": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz",
      "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4="
    },
-    "p-is-promise": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/p-is-promise/-/p-is-promise-1.1.0.tgz",
-      "integrity": "sha1-nJRWmJ6fZYgBewQ01WCXZ1w9oF4="
-    },
    "p-limit": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-2.0.0.tgz",
@@ -2310,31 +1268,16 @@
        "json-parse-better-errors": "^1.0.1"
      }
    },
-    "parse-node-version": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/parse-node-version/-/parse-node-version-1.0.1.tgz",
-      "integrity": "sha512-3YHlOa/JgH6Mnpr05jP9eDG254US9ek25LyIxZlDItp2iJtwyaXQb57lBYLdT3MowkUFYEV2XXNAYIPlESvJlA=="
-    },
    "pascalcase": {
      "version": "0.1.1",
      "resolved": "https://registry.npmjs.org/pascalcase/-/pascalcase-0.1.1.tgz",
      "integrity": "sha1-s2PlXoAGym/iF4TS2yK9FdeRfxQ="
    },
-    "path-dirname": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/path-dirname/-/path-dirname-1.0.2.tgz",
-      "integrity": "sha1-zDPSTVJeCZpTiMAzbG4yuRYGCeA="
-    },
    "path-exists": {
      "version": "3.0.0",
      "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-3.0.0.tgz",
      "integrity": "sha1-zg6+ql94yxiSXqfYENe1mwEP1RU="
    },
-    "path-is-absolute": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
-      "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18="
-    },
    "path-is-inside": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/path-is-inside/-/path-is-inside-1.0.2.tgz",
@@ -2366,17 +1309,6 @@
        "semver-compare": "^1.0.0"
      }
    },
-    "plugin-error": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/plugin-error/-/plugin-error-1.0.1.tgz",
-      "integrity": "sha512-L1zP0dk7vGweZME2i+EeakvUNqSrdiI3F91TwEoYiGrAfUXmVv6fJIq4g82PAXxNsWOp0J7ZqQy/3Szz0ajTxA==",
-      "requires": {
-        "ansi-colors": "^1.0.1",
-        "arr-diff": "^4.0.0",
-        "arr-union": "^3.1.0",
-        "extend-shallow": "^3.0.2"
-      }
-    },
    "posix-character-classes": {
      "version": "0.1.1",
      "resolved": "https://registry.npmjs.org/posix-character-classes/-/posix-character-classes-0.1.1.tgz",
@@ -2391,46 +1323,11 @@
        "ansi-styles": "^3.2.0"
      }
    },
-    "process-nextick-args": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz",
-      "integrity": "sha512-3ouUOpQhtgrbOa17J7+uxOTpITYWaGP7/AhoR3+A+/1e9skrzelGi/dXzEYyvbxubEF6Wn2ypscTKiKJFFn1ag=="
-    },
    "pseudomap": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz",
      "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM="
    },
-    "pump": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz",
-      "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==",
-      "requires": {
-        "end-of-stream": "^1.1.0",
-        "once": "^1.3.1"
-      }
-    },
-    "pumpify": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/pumpify/-/pumpify-1.5.1.tgz",
-      "integrity": "sha512-oClZI37HvuUJJxSKKrC17bZ9Cu0ZYhEAGPsPUy9KlMUmv9dKX2o77RUmq7f3XjIxbwyGwYzbzQ1L2Ks8sIradQ==",
-      "requires": {
-        "duplexify": "^3.6.0",
-        "inherits": "^2.0.3",
-        "pump": "^2.0.0"
-      },
-      "dependencies": {
-        "pump": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/pump/-/pump-2.0.1.tgz",
-          "integrity": "sha512-ruPMNRkN3MHP1cWJc9OWr+T/xDP0jhXYCLfJcBuX54hhfIBnaQmAUMfDcG4DM5UMWByBbJY69QSphm3jtDKIkA==",
-          "requires": {
-            "end-of-stream": "^1.1.0",
-            "once": "^1.3.1"
-          }
-        }
-      }
-    },
    "read-pkg": {
      "version": "4.0.1",
      "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-4.0.1.tgz",
@@ -2441,20 +1338,6 @@
        "pify": "^3.0.0"
      }
    },
-    "readable-stream": {
-      "version": "2.3.7",
-      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.7.tgz",
-      "integrity": "sha512-Ebho8K4jIbHAxnuxi7o42OrZgF/ZTNcsZj6nRKyUmkhLFq8CHItp/fy6hQZuZmP/n3yZ9VBUbp4zz/mX8hmYPw==",
-      "requires": {
-        "core-util-is": "~1.0.0",
-        "inherits": "~2.0.3",
-        "isarray": "~1.0.0",
-        "process-nextick-args": "~2.0.0",
-        "safe-buffer": "~5.1.1",
-        "string_decoder": "~1.1.1",
-        "util-deprecate": "~1.0.1"
-      }
-    },
    "regex-not": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz",
@@ -2464,30 +1347,6 @@
        "safe-regex": "^1.1.0"
      }
    },
-    "remove-bom-buffer": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/remove-bom-buffer/-/remove-bom-buffer-3.0.0.tgz",
-      "integrity": "sha512-8v2rWhaakv18qcvNeli2mZ/TMTL2nEyAKRvzo1WtnZBl15SHyEhrCu2/xKlJyUFKHiHgfXIyuY6g2dObJJycXQ==",
-      "requires": {
-        "is-buffer": "^1.1.5",
-        "is-utf8": "^0.2.1"
-      }
-    },
-    "remove-bom-stream": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/remove-bom-stream/-/remove-bom-stream-1.2.0.tgz",
-      "integrity": "sha1-BfGlk/FuQuH7kOv1nejlaVJflSM=",
-      "requires": {
-        "remove-bom-buffer": "^3.0.0",
-        "safe-buffer": "^5.1.0",
-        "through2": "^2.0.3"
-      }
-    },
-    "remove-trailing-separator": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/remove-trailing-separator/-/remove-trailing-separator-1.1.0.tgz",
-      "integrity": "sha1-wkvOKig62tW8P1jg1IJJuSN52O8="
-    },
    "repeat-element": {
      "version": "1.1.3",
      "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.3.tgz",
@@ -2498,29 +1357,6 @@
      "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz",
      "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc="
    },
-    "replace-ext": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/replace-ext/-/replace-ext-1.0.1.tgz",
-      "integrity": "sha512-yD5BHCe7quCgBph4rMQ+0KkIRKwWCrHDOX1p1Gp6HwjPM5kVoCdKGNhN7ydqqsX6lJEnQDKZ/tFMiEdQ1dvPEw=="
-    },
-    "require-directory": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
-      "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I="
-    },
-    "require-main-filename": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz",
-      "integrity": "sha1-l/cXtp1IeE9fUmpsWqj/3aBVpNE="
-    },
-    "resolve-options": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/resolve-options/-/resolve-options-1.1.0.tgz",
-      "integrity": "sha1-MrueOcBtZzONyTeMDW1gdFZq0TE=",
-      "requires": {
-        "value-or-function": "^3.0.0"
-      }
-    },
    "resolve-url": {
      "version": "0.2.1",
      "resolved": "https://registry.npmjs.org/resolve-url/-/resolve-url-0.2.1.tgz",
@@ -2553,11 +1389,6 @@
        "tslib": "^1.9.0"
      }
    },
-    "safe-buffer": {
-      "version": "5.1.2",
-      "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
-      "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
-    },
    "safe-regex": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/safe-regex/-/safe-regex-1.1.0.tgz",
@@ -2566,11 +1397,6 @@
        "ret": "~0.1.10"
      }
    },
-    "safer-buffer": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/safer-buffer/-/safer-buffer-2.1.2.tgz",
-      "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
-    },
    "semver": {
      "version": "5.6.0",
      "resolved": "https://registry.npmjs.org/semver/-/semver-5.6.0.tgz",
@@ -2581,11 +1407,6 @@
      "resolved": "https://registry.npmjs.org/semver-compare/-/semver-compare-1.0.0.tgz",
      "integrity": "sha1-De4hahyUGrN+nvsXiPavxf9VN/w="
    },
-    "set-blocking": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/set-blocking/-/set-blocking-2.0.0.tgz",
-      "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc="
-    },
    "set-value": {
      "version": "2.0.0",
      "resolved": "https://registry.npmjs.org/set-value/-/set-value-2.0.0.tgz",
@@ -2620,11 +1441,6 @@
      "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz",
      "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM="
    },
-    "sigmund": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/sigmund/-/sigmund-1.0.1.tgz",
-      "integrity": "sha1-P/IfGYytIXX587eBhT/ZTQ0ZtZA="
-    },
    "signal-exit": {
      "version": "3.0.2",
      "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz",
@@ -2837,19 +1653,6 @@
        }
      }
    },
-    "stream-shift": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/stream-shift/-/stream-shift-1.0.1.tgz",
-      "integrity": "sha512-AiisoFqQ0vbGcZgQPY1cdP2I76glaVA/RauYR4G4thNFgkTqr90yXTo4LYX60Jl+sIlPNHHdGSwo01AvbKUSVQ=="
-    },
-    "streamfilter": {
-      "version": "1.0.7",
-      "resolved": "https://registry.npmjs.org/streamfilter/-/streamfilter-1.0.7.tgz",
-      "integrity": "sha512-Gk6KZM+yNA1JpW0KzlZIhjo3EaBJDkYfXtYSbOwNIQ7Zd6006E6+sCFlW1NDvFG/vnXhKmw6TJJgiEQg/8lXfQ==",
-      "requires": {
-        "readable-stream": "^2.0.2"
-      }
-    },
    "string-argv": {
      "version": "0.0.2",
      "resolved": "https://registry.npmjs.org/string-argv/-/string-argv-0.0.2.tgz",
@@ -2865,14 +1668,6 @@
        "strip-ansi": "^3.0.0"
      }
    },
-    "string_decoder": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
-      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
-      "requires": {
-        "safe-buffer": "~5.1.0"
-      }
-    },
    "stringify-object": {
      "version": "3.3.0",
      "resolved": "https://registry.npmjs.org/stringify-object/-/stringify-object-3.3.0.tgz",
@@ -2916,62 +1711,6 @@
      "resolved": "https://registry.npmjs.org/symbol-observable/-/symbol-observable-1.2.0.tgz",
      "integrity": "sha512-e900nM8RRtGhlV36KGEU9k65K3mPb1WV70OdjfxlG2EAuM1noi/E/BaW/uMhL7bPEssK8QV57vN3esixjUvcXQ=="
    },
-    "term-size": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/term-size/-/term-size-1.2.0.tgz",
-      "integrity": "sha1-RYuDiH8oj8Vtb/+/rSYuJmOO+mk=",
-      "requires": {
-        "execa": "^0.7.0"
-      },
-      "dependencies": {
-        "execa": {
-          "version": "0.7.0",
-          "resolved": "https://registry.npmjs.org/execa/-/execa-0.7.0.tgz",
-          "integrity": "sha1-lEvs00zEHuMqY6n68nrVpl/Fl3c=",
-          "requires": {
-            "cross-spawn": "^5.0.1",
-            "get-stream": "^3.0.0",
-            "is-stream": "^1.1.0",
-            "npm-run-path": "^2.0.0",
-            "p-finally": "^1.0.0",
-            "signal-exit": "^3.0.0",
-            "strip-eof": "^1.0.0"
-          }
-        }
-      }
-    },
-    "through2": {
-      "version": "2.0.5",
-      "resolved": "https://registry.npmjs.org/through2/-/through2-2.0.5.tgz",
-      "integrity": "sha512-/mrRod8xqpA+IHSLyGCQ2s8SPHiCDEeQJSep1jqLYeEUClOFG2Qsh+4FU6G9VeqpZnGW/Su8LQGc4YKni5rYSQ==",
-      "requires": {
-        "readable-stream": "~2.3.6",
-        "xtend": "~4.0.1"
-      }
-    },
-    "through2-filter": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/through2-filter/-/through2-filter-3.0.0.tgz",
-      "integrity": "sha512-jaRjI2WxN3W1V8/FMZ9HKIBXixtiqs3SQSX4/YGIiP3gL6djW48VoZq9tDqeCWs3MT8YY5wb/zli8VW8snY1CA==",
-      "requires": {
-        "through2": "~2.0.0",
-        "xtend": "~4.0.0"
-      }
-    },
-    "time-stamp": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/time-stamp/-/time-stamp-1.1.0.tgz",
-      "integrity": "sha1-dkpaEa9QVhkhsTPztE5hhofg9cM="
-    },
-    "to-absolute-glob": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/to-absolute-glob/-/to-absolute-glob-2.0.2.tgz",
-      "integrity": "sha1-GGX0PZ50sIItufFFt4z/fQ98hJs=",
-      "requires": {
-        "is-absolute": "^1.0.0",
-        "is-negated-glob": "^1.0.0"
-      }
-    },
    "to-object-path": {
      "version": "0.3.0",
      "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz",
@@ -3010,32 +1749,11 @@
        "repeat-string": "^1.6.1"
      }
    },
-    "to-through": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/to-through/-/to-through-2.0.0.tgz",
-      "integrity": "sha1-/JKtq6ByZHvAtn1rA2ZKoZUJOvY=",
-      "requires": {
-        "through2": "^2.0.3"
-      }
-    },
-    "to-time": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/to-time/-/to-time-1.0.2.tgz",
-      "integrity": "sha1-T4FFoH2F9jVqYuHOoKep5mYXduM=",
-      "requires": {
-        "bignumber.js": "^2.4.0"
-      }
-    },
    "tslib": {
      "version": "1.9.3",
      "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.9.3.tgz",
      "integrity": "sha512-4krF8scpejhaOgqzBEcGM7yDIEfi0/8+8zDRZhNZZ2kjmHJ4hv3zCbQWxoJGz1iw5U0Jl0nma13xzHXcncMavQ=="
    },
-    "unc-path-regex": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/unc-path-regex/-/unc-path-regex-0.1.2.tgz",
-      "integrity": "sha1-5z3T17DXxe2G+6xrCufYxqadUPo="
-    },
    "union-value": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/union-value/-/union-value-1.0.0.tgz",
@@ -3068,20 +1786,6 @@
        }
      }
    },
-    "unique-stream": {
-      "version": "2.3.1",
-      "resolved": "https://registry.npmjs.org/unique-stream/-/unique-stream-2.3.1.tgz",
-      "integrity": "sha512-2nY4TnBE70yoxHkDli7DMazpWiP7xMdCYqU2nBRO0UB+ZpEkGsSija7MvmvnZFUeC+mrgiUfcHSr3LmRFIg4+A==",
-      "requires": {
-        "json-stable-stringify-without-jsonify": "^1.0.1",
-        "through2-filter": "^3.0.0"
-      }
-    },
-    "universalify": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
-      "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg=="
-    },
    "unset-value": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/unset-value/-/unset-value-1.0.0.tgz",
@@ -3128,11 +1832,6 @@
      "resolved": "https://registry.npmjs.org/use/-/use-3.1.1.tgz",
      "integrity": "sha512-cwESVXlO3url9YWlFW/TA9cshCEhtu7IKJ/p5soJ/gGpj7vbvFrAY/eIioQ6Dw23KjZhYgiIo8HOs1nQ2vr/oQ=="
    },
-    "util-deprecate": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
-      "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8="
-    },
    "validate-npm-package-license": {
      "version": "3.0.4",
      "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.4.tgz",
@@ -3142,62 +1841,6 @@
        "spdx-expression-parse": "^3.0.0"
      }
    },
-    "value-or-function": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/value-or-function/-/value-or-function-3.0.0.tgz",
-      "integrity": "sha1-HCQ6ULWVwb5Up1S/7OhWO5/42BM="
-    },
-    "vinyl": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/vinyl/-/vinyl-2.2.0.tgz",
-      "integrity": "sha512-MBH+yP0kC/GQ5GwBqrTPTzEfiiLjta7hTtvQtbxBgTeSXsmKQRQecjibMbxIXzVT3Y9KJK+drOz1/k+vsu8Nkg==",
-      "requires": {
-        "clone": "^2.1.1",
-        "clone-buffer": "^1.0.0",
-        "clone-stats": "^1.0.0",
-        "cloneable-readable": "^1.0.0",
-        "remove-trailing-separator": "^1.0.1",
-        "replace-ext": "^1.0.0"
-      }
-    },
-    "vinyl-fs": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/vinyl-fs/-/vinyl-fs-3.0.3.tgz",
-      "integrity": "sha512-vIu34EkyNyJxmP0jscNzWBSygh7VWhqun6RmqVfXePrOwi9lhvRs//dOaGOTRUQr4tx7/zd26Tk5WeSVZitgng==",
-      "requires": {
-        "fs-mkdirp-stream": "^1.0.0",
-        "glob-stream": "^6.1.0",
-        "graceful-fs": "^4.0.0",
-        "is-valid-glob": "^1.0.0",
-        "lazystream": "^1.0.0",
-        "lead": "^1.0.0",
-        "object.assign": "^4.0.4",
-        "pumpify": "^1.3.5",
-        "readable-stream": "^2.3.3",
-        "remove-bom-buffer": "^3.0.0",
-        "remove-bom-stream": "^1.2.0",
-        "resolve-options": "^1.1.0",
-        "through2": "^2.0.0",
-        "to-through": "^2.0.0",
-        "value-or-function": "^3.0.0",
-        "vinyl": "^2.0.0",
-        "vinyl-sourcemap": "^1.1.0"
-      }
-    },
-    "vinyl-sourcemap": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/vinyl-sourcemap/-/vinyl-sourcemap-1.1.0.tgz",
-      "integrity": "sha1-kqgAWTo4cDqM2xHYswCtS+Y7PhY=",
-      "requires": {
-        "append-buffer": "^1.0.2",
-        "convert-source-map": "^1.5.0",
-        "graceful-fs": "^4.1.6",
-        "normalize-path": "^2.1.1",
-        "now-and-later": "^2.0.0",
-        "remove-bom-buffer": "^3.0.0",
-        "vinyl": "^2.0.0"
-      }
-    },
    "which": {
      "version": "1.3.1",
      "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz",
@@ -3206,101 +1849,10 @@
        "isexe": "^2.0.0"
      }
    },
-    "which-module": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/which-module/-/which-module-2.0.0.tgz",
-      "integrity": "sha1-2e8H3Od7mQK4o6j6SzHD4/fm6Ho="
-    },
-    "wrap-ansi": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-2.1.0.tgz",
-      "integrity": "sha1-2Pw9KE3QV5T+hJc8rs3Rz4JP3YU=",
-      "requires": {
-        "string-width": "^1.0.1",
-        "strip-ansi": "^3.0.1"
-      }
-    },
-    "wrappy": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
-      "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
-    },
-    "xml-escape": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/xml-escape/-/xml-escape-1.1.0.tgz",
-      "integrity": "sha1-OQTBQ/qOs6ADDsZG0pAqLxtwbEQ="
-    },
-    "xmlbuilder": {
-      "version": "10.1.1",
-      "resolved": "https://registry.npmjs.org/xmlbuilder/-/xmlbuilder-10.1.1.tgz",
-      "integrity": "sha512-OyzrcFLL/nb6fMGHbiRDuPup9ljBycsdCypwuyg5AAHvyWzGfChJpCXMG88AGTIMFhGZ9RccFN1e6lhg3hkwKg=="
-    },
-    "xtend": {
-      "version": "4.0.2",
-      "resolved": "https://registry.npmjs.org/xtend/-/xtend-4.0.2.tgz",
-      "integrity": "sha512-LKYU1iAXJXUgAXn9URjiu+MWhyUXHsvfp7mcuYm9dSUKK0/CjtrUwFAxD82/mCWbtLsGjFIad0wIsod4zrTAEQ=="
-    },
-    "y18n": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz",
-      "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w=="
-    },
    "yallist": {
      "version": "2.1.2",
      "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz",
      "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI="
-    },
-    "yargs": {
-      "version": "12.0.5",
-      "resolved": "https://registry.npmjs.org/yargs/-/yargs-12.0.5.tgz",
-      "integrity": "sha512-Lhz8TLaYnxq/2ObqHDql8dX8CJi97oHxrjUcYtzKbbykPtVW9WB+poxI+NM2UIzsMgNCZTIf0AQwsjK5yMAqZw==",
-      "requires": {
-        "cliui": "^4.0.0",
-        "decamelize": "^1.2.0",
-        "find-up": "^3.0.0",
-        "get-caller-file": "^1.0.1",
-        "os-locale": "^3.0.0",
-        "require-directory": "^2.1.1",
-        "require-main-filename": "^1.0.1",
-        "set-blocking": "^2.0.0",
-        "string-width": "^2.0.0",
-        "which-module": "^2.0.0",
-        "y18n": "^3.2.1 || ^4.0.0",
-        "yargs-parser": "^11.1.1"
-      },
-      "dependencies": {
-        "is-fullwidth-code-point": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz",
-          "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8="
-        },
-        "string-width": {
-          "version": "2.1.1",
-          "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz",
-          "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==",
-          "requires": {
-            "is-fullwidth-code-point": "^2.0.0",
-            "strip-ansi": "^4.0.0"
-          }
-        },
-        "strip-ansi": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz",
-          "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=",
-          "requires": {
-            "ansi-regex": "^3.0.0"
-          }
-        }
-      }
-    },
-    "yargs-parser": {
-      "version": "11.1.1",
-      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-11.1.1.tgz",
-      "integrity": "sha512-C6kB/WJDiaxONLJQnF8ccx9SEeoTTLek8RVbaOIsrAUS8VrBEXfmeSnCZxygc+XC2sNMBIwOOnfcxiynjHsVSQ==",
-      "requires": {
-        "camelcase": "^5.0.0",
-        "decamelize": "^1.2.0"
-      }
    }
  }
 }
--- a/package.json
+++ b/package.json
 {
  "dependencies": {
-    "eclint": "^2.8.1",
    "husky": "^1.1.2",
    "lint-staged": "^7.3.0"
  },
  "lint-staged": {
-    "*": [
-      "eclint fix",
-      "git add"
-    ],
    "*.json": [
      "python2 ./format-json",
      "git add"
    ],
-    "{components,software,stack}/**": [
+    "{component,software,stack}/**": [
      "python -c 'import sys, os.path, subprocess; [subprocess.check_call((\"python2\", \"./update-hash\", buildout_hash)) for buildout_hash in { os.path.join(os.path.dirname(staged), \"buildout.hash.cfg\") for staged in sys.argv[1:]} if os.path.exists(buildout_hash)]'",
      "python -c 'import sys, os.path, subprocess; [subprocess.check_call((\"git\", \"add\", buildout_hash)) for buildout_hash in { os.path.join(os.path.dirname(staged), \"buildout.hash.cfg\") for staged in sys.argv[1:]} if os.path.exists(buildout_hash)]'"
    ]

--- a/software/caddy-frontend/CHANGES.caddy_frontend.rst
+++ b/software/caddy-frontend/CHANGES.caddy_frontend.rst
@@ -3,6 +3,11 @@ Changes
 Here are listed the most important changes, which might affect upgrades.
+1.0.160 (2020-08-25)
+--------------------
+ * haproxy updated from 2.0.15 to 2.0.17 in order to fix issue while accessing inaccessible backends
 1.0.159 (2020-07-30)
 --------------------

--- a/software/caddy-frontend/buildout.hash.cfg
+++ b/software/caddy-frontend/buildout.hash.cfg
@@ -14,7 +14,7 @@
 # not need these here).
 [template]
 filename = instance.cfg.in
-md5sum = dae3bf6daf851b5610a1a6bd83057b29
+md5sum = 30eb6db0d2df9ffb3a50fb64e73df5be
 [template-common]
 filename = instance-common.cfg.in
@@ -22,7 +22,7 @@ md5sum = 5784bea3bd608913769ff9a8afcccb68
 [template-apache-frontend]
 filename = instance-apache-frontend.cfg.in
-md5sum = 43b3763d4086283e9c7c886e3b89e54b
+md5sum = 1709085d62f46b22cbe9369fe324bb49
 [template-caddy-replicate]
 filename = instance-apache-replicate.cfg.in
@@ -30,7 +30,7 @@ md5sum = 19debfbc27c464f451b1eb5bb5ce3c84
 [template-slave-list]
 _update_hash_filename_ = templates/apache-custom-slave-list.cfg.in
-md5sum = 8f518a7b543126ce91fe218255fb201c
+md5sum = da4e3de1c1861459273c6e8d32ead21e
 [template-replicate-publish-slave-information]
 _update_hash_filename_ = templates/replicate-publish-slave-information.cfg.in
@@ -70,7 +70,7 @@ md5sum = 975177dedf677d24e14cede5d13187ce
 [template-trafficserver-records-config]
 _update_hash_filename_ = templates/trafficserver/records.config.jinja2
-md5sum = f3f31188de56bb35383335b3219537f4
+md5sum = 56c7e9f5cc92f8c519f48496010e2078
 [template-trafficserver-storage-config]
 _update_hash_filename_ = templates/trafficserver/storage.config.jinja2
@@ -106,7 +106,7 @@ md5sum = 8c150e1e6c993708d31936742f3a7302
 [caddyprofiledeps-setup]
 filename = setup.py
-md5sum = d9b6476bb0b36cf463fddb00d41dfbaa
+md5sum = 8e1c6c06c09beb921965b3ce98c67c9e
 [caddyprofiledeps-dummy]
 filename = caddyprofiledummy.py
@@ -119,3 +119,7 @@ md5sum = f77744e52f9d028c39f99cfbf31eadaf
 [template-backend-haproxy-rsyslogd-conf]
 _update_hash_filename_ = templates/backend-haproxy-rsyslogd.conf.in
 md5sum = be899b04e1aa652ed510f20d4ea523dd
+[template-slave-introspection-httpd-nginx]
+_update_hash_filename_ = templates/slave-introspection-httpd-nginx.conf.in
+md5sum = 3067e6ba6c6901821d57d2109517d39c
--- a/software/caddy-frontend/common.cfg
+++ b/software/caddy-frontend/common.cfg
@@ -12,6 +12,7 @@ extends =
  ../../component/xz-utils/buildout.cfg
  ../../component/rsyslogd/buildout.cfg
  ../../component/haproxy/buildout.cfg
+  ../../component/nginx/buildout.cfg
  ../../stack/caucase/buildout.cfg
 # Monitoring stack (keep on bottom)
@@ -94,6 +95,8 @@ logrotate_base_instance = ${template-logrotate-base:rendered}
 bin_directory = ${buildout:bin-directory}
 sixtunnel = ${6tunnel:location}
+nginx = ${nginx-output:nginx}
+nginx_mime = ${nginx-output:mime}
 caddy = ${caddy:output}
 caddy_location = ${caddy:location}
 haproxy_executable = ${haproxy:location}/sbin/haproxy
@@ -110,6 +113,7 @@ kedifa = ${:bin_directory}/kedifa
 kedifa-updater = ${:bin_directory}/kedifa-updater
 kedifa-csr = ${:bin_directory}/kedifa-csr
 xz_location = ${xz-utils:location}
+htpasswd = ${:bin_directory}/htpasswd
 monitor_template = ${monitor-template:output}
 template_backend_haproxy_configuration = ${template-backend-haproxy-configuration:target}
@@ -129,6 +133,7 @@ template_trafficserver_records_config = ${template-trafficserver-records-config:
 template_trafficserver_storage_config = ${template-trafficserver-storage-config:target}
 template_trafficserver_logging_config = ${template-trafficserver-logging-config:target}
 template_wrapper = ${template-wrapper:output}
+template_slave_introspection_httpd_nginx = ${template-slave-introspection-httpd-nginx:target}
 [template]
 recipe = slapos.recipe.template:jinja2
@@ -198,6 +203,9 @@ mode = 640
 [template-empty]
 <=download-template
+[template-slave-introspection-httpd-nginx]
+<=download-template
 [template-wrapper]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/templates/wrapper.in

--- a/software/caddy-frontend/instance-apache-frontend.cfg.in
+++ b/software/caddy-frontend/instance-apache-frontend.cfg.in
@@ -52,6 +52,15 @@ parts =
  promise-backend-haproxy-https
  promise-backend-haproxy-configuration
+  slave-introspection-frontend
+  slave-introspection-graceful
+  promise-slave-introspection-https
+  promise-slave-introspection-configuration
+  logrotate-entry-slave-introspection
+[caddyprofiledeps]
+recipe = caddyprofiledeps
 # Create all needed directories
 [directory]
 recipe = slapos.cookbook:mkdirectory
@@ -83,6 +92,9 @@ csr_id = ${:srv}/csr_id
 caddy-csr_id = ${:etc}/caddy-csr_id
 caddy-csr_id-log = ${:log}/httpd-csr_id
+# slave introspection
+slave-introspection-var = ${:var}/slave-introspection
 [switch-caddy-softwaretype]
 recipe = slapos.cookbook:softwaretype
 single-default = ${dynamic-custom-personal-template-slave-list:rendered}
@@ -95,6 +107,14 @@ ip-access-certificate = ${self-signed-ip-access:certificate}
 caddy-directory = {{ parameter_dict['caddy_location'] }}
 caddy-ipv6 = {{ instance_parameter['ipv6-random'] }}
 caddy-https-port = ${configuration:port}
+nginx = {{ parameter_dict['nginx'] }}
+nginx_mime = {{ parameter_dict['nginx_mime'] }}
+htpasswd = {{ parameter_dict['htpasswd'] }}
+slave-introspection-template = {{ parameter_dict['template_slave_introspection_httpd_nginx'] }}
+slave-introspection-configuration = ${directory:etc}/slave-introspection-httpd-nginx.conf
+slave-introspection-https-port = ${configuration:slave-introspection-https-port}
+slave-introspection-secure_access = ${slave-introspection-frontend:connection-secure_access}
+slave-introspection-domain = ${slave-introspection-frontend:connection-domain}
 [self-signed-ip-access]
 # Self Signed certificate for HTTPS IP accesses to the frontend
@@ -258,6 +278,7 @@ stop-on-error = True
 [dynamic-custom-personal-template-slave-list]
 < = jinja2-template-base
+depends = ${caddyprofiledeps:recipe}
 template = {{ parameter_dict['template_slave_list'] }}
 filename = custom-personal-instance-slave-list.cfg
 slave_instance_list = {{ dumps(instance_parameter['slave-instance-list']) }}
@@ -276,6 +297,7 @@ extra-context =
    key caddy_configuration_directory caddy-directory:slave-configuration
    key backend_client_caucase_url :backend-client-caucase-url
    import urlparse_module urlparse
+    import furl_module furl
    key caddy_executable :caddy_executable
    key http_port configuration:plain_http_port
    key https_port configuration:port
@@ -400,6 +422,11 @@ not-found-file = ${caddy-directory:document-root}/${not-found-html:filename}
 master-certificate = ${caddy-directory:master-autocert-dir}/master.pem
 # Communication with ATS
 cache-port = ${trafficserver-variable:input-port}
+# slave instrspection
+slave-introspection-access-log = ${directory:log}/slave-introspection-access.log
+slave-introspection-error-log = ${directory:log}/slave-introspection-error.log
+slave-introspection-pid-file = ${directory:run}/slave-introspection.pid
+slave-introspection-graceful-command = ${slave-introspection-validate:rendered} && kill -HUP $(cat ${:slave-introspection-pid-file})
 # BBB: SlapOS Master non-zero knowledge BEGIN
 [get-self-signed-fallback-access]
@@ -892,6 +919,91 @@ extra-context =
    key http_port configuration:plain_http_port
    key https_port configuration:port
+[slave-introspection-frontend]
+<= slap-connection
+recipe = slapos.cookbook:requestoptional
+name = Slave Introspection Frontend {{ instance_parameter['configuration.frontend-name'] }}
+software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
+slave = true
+config-url = https://[${slap-network-information:global-ipv6}]:{{ instance_parameter['configuration.slave-introspection-https-port'] }}/
+config-https-only = true
+return = domain secure_access
+[slave-introspection-configuration-state]
+<= jinja2-template-base
+template = {{ parameter_dict['template_configuration_state_script'] }}
+rendered = ${directory:bin}/${:_buildout_section_name_}
+mode = 0700
+path_list = ${frontend-configuration:slave-introspection-configuration} ${frontend-configuration:ip-access-certificate}
+sha256sum = {{ parameter_dict['sha256sum'] }}
+extra-context =
+    key path_list :path_list
+    key sha256sum :sha256sum
+    key signature_file :signature_file
+[slave-introspection-configuration-state-graceful]
+<= slave-introspection-configuration-state
+signature_file = ${directory:run}/slave_introspection_graceful_configuration_state_signature
+[slave-introspection-configuration-state-validate]
+<= slave-introspection-configuration-state
+signature_file = ${directory:run}/slave_introspection_validate_configuration_state_signature
+[slave-introspection-graceful]
+< = jinja2-template-base
+template = {{ parameter_dict['template_graceful_script'] }}
+rendered = ${directory:etc-run}/slave-introspection-safe-graceful
+mode = 0700
+extra-context =
+    key graceful_reload_command caddy-configuration:slave-introspection-graceful-command
+    key caddy_configuration_state slave-introspection-configuration-state-graceful:rendered
+[slave-introspection-validate]
+<= jinja2-template-base
+template = {{ parameter_dict['template_validate_script'] }}
+rendered = ${directory:bin}/slave-introspection-validate
+mode = 0700
+last_state_file = ${directory:run}/slave_introspection_configuration_last_state
+validate_command = {{ parameter_dict['nginx'] }} -c ${frontend-configuration:slave-introspection-configuration} -t
+extra-context =
+    key validate_command :validate_command
+    key configuration_state_command slave-introspection-configuration-state-validate:rendered
+    key last_state_file :last_state_file
+[promise-slave-introspection-configuration]
+<= monitor-promise-base
+module = validate_frontend_configuration
+name = slave-introspection-configuration.py
+config-verification-script = ${promise-slave-introspection-configuration-helper:rendered}
+[promise-slave-introspection-configuration-helper]
+< = jinja2-template-base
+template = {{ parameter_dict['template_empty'] }}
+rendered = ${directory:bin}/slave-introspection-read-last-configuration-state
+mode = 0700
+content =
+  #!/bin/sh
+  exit `cat ${slave-introspection-validate:last_state_file}`
+context =
+    key content :content
+[promise-slave-introspection-https]
+<= monitor-promise-base
+module = check_port_listening
+name = slave_introspection_https.py
+config-hostname = {{ instance_parameter['ipv6-random'] }}
+config-port = ${frontend-configuration:slave-introspection-https-port}
+[logrotate-entry-slave-introspection]
+<= logrotate-entry-base
+name = slave-introspection
+log = ${caddy-configuration:slave-introspection-access-log} ${caddy-configuration:slave-introspection-error-log}
+rotate-num = ${configuration:rotate-num}
+post = kill -USR1 $(cat ${caddy-configuration:slave-introspection-pid-file})
 [configuration]
 {%- for key, value in instance_parameter.iteritems() -%}
 {%-   if key.startswith('configuration.') %}

--- a/software/caddy-frontend/instance.cfg.in
+++ b/software/caddy-frontend/instance.cfg.in
@@ -41,6 +41,7 @@ template = {{ template_caddy_frontend }}
 filename = instance-caddy-frontend.cfg
 extensions = jinja2.ext.do
 extra-context =
+  import furl_module furl
  section parameter_dict dynamic-template-caddy-frontend-parameters
  raw software_type single-custom-personal
 caucase-jinja2-library = {{ caucase_jinja2_library }}
@@ -124,3 +125,4 @@ configuration.backend-haproxy-http-port = 21080
 configuration.backend-haproxy-https-port = 21443
 configuration.authenticate-to-backend = False
 configuration.rotate-num = 4000
+configuration.slave-introspection-https-port = 22443
--- a/software/caddy-frontend/setup.py
+++ b/software/caddy-frontend/setup.py
@@ -7,6 +7,8 @@ setup(
  name='caddyprofiledeps',
  install_requires=[
    'validators',
+    'furl',
+    'orderedmultidict',
  ],
  entry_points={
    'zc.buildout': [

--- a/software/caddy-frontend/software.cfg
+++ b/software/caddy-frontend/software.cfg
@@ -27,3 +27,5 @@ smmap = 0.9.0
 numpy = 1.16.4
 websockify = 0.8.0
+furl = 2.1.0
+orderedmultidict = 1.0.1
--- a/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
+++ b/software/caddy-frontend/templates/apache-custom-slave-list.cfg.in
@@ -36,6 +36,7 @@ context =
 # empty sections if no slaves are available
 [slave-log-directory-dict]
 [slave-password]
+[slave-htpasswd]
 {#- Loop thought slave list to set up slaves #}
 {%- set DEFAULT_PORT = {'http': 80, 'https': 443, '': None} %}
@@ -94,6 +95,7 @@ context =
 {%-   set slave_configuration_section_name = 'slave-instance-%s-configuration' % slave_reference %}
 {%-   set slave_logrotate_section = slave_reference + "-logs" %}
 {%-   set slave_password_section = slave_reference + "-password" %}
+{%-   set slave_htpasswd_section = slave_reference + "-htpasswd" %}
 {%-   set slave_ln_section = slave_reference + "-ln" %}
 {#-   extend parts #}
 {%-   do part_list.extend([slave_ln_section]) %}
@@ -118,7 +120,12 @@ context =
 {%-   do slave_instance.__setitem__('backend_log', slave_parameter_dict.get('backend_log')) %}
 {#-   Add slave log directory to the slave log access dict #}
 {%-   do slave_log_dict.__setitem__(slave_reference, slave_log_folder) %}
-{%-   set slave_log_access_url = 'https://' + slave_reference.lower() + ':${'+ slave_password_section +':passwd}@[' + frontend_configuration.get('caddy-ipv6') + ']:' + frontend_configuration.get('caddy-https-port') + '/' + slave_reference.lower() + '/' %}
+{%-   set furled = furl_module.furl(frontend_configuration['slave-introspection-secure_access']) %}
+{%-   do furled.set(username = slave_reference.lower()) %}
+{%-   do furled.set(password = '${'+ slave_password_section +':passwd}') %}
+{%-   do furled.set(path = slave_reference.lower() + '/') %}
+{#-   We unquote, as furl quotes automatically, but there is buildout value on purpose like ${...:...} in the passwod #}
+{%-   set slave_log_access_url = urlparse_module.unquote(furled.tostr()) %}
 {%-   do slave_publish_dict.__setitem__('log-access', slave_log_access_url) %}
 {%-   do slave_publish_dict.__setitem__('slave-reference', slave_reference) %}
 {%-   do slave_publish_dict.__setitem__('public-ipv4', public_ipv4) %}
@@ -139,6 +146,9 @@ context =
 [slave-password]
 {{ slave_reference }} = {{ '${' + slave_password_section + ':passwd}' }}
+[slave-htpasswd]
+{{ slave_reference }} = {{ '${' + slave_htpasswd_section + ':file}' }}
 {#-   Set slave logrotate entry #}
 [{{slave_logrotate_section}}]
 <= logrotate-entry-base
@@ -162,6 +172,13 @@ recipe = slapos.cookbook:generate.password
 storage-path = {{caddy_configuration_directory}}/.{{slave_reference}}.passwd
 bytes = 8
+[{{ slave_htpasswd_section }}]
+recipe = plone.recipe.command
+stop-on-error = True
+file = {{ caddy_configuration_directory }}/.{{ slave_reference }}.htpasswd
+command = {{ frontend_configuration['htpasswd'] }} -cb ${:file} {{ slave_reference.lower() }} {{ '${' + slave_password_section + ':passwd}' }}
+update-command = ${:command}
 {#-   ################################################## #}
 {#-   Set Slave Certificates if needed                   #}
 {#-   Set certificate key for custom configuration       #}
@@ -287,6 +304,7 @@ recipe = slapos.cookbook:mkdirectory
 {%- do part_list.append('slave-log-directories') %}
 {%- do part_list.append('caddy-log-access') %}
+{%- do part_list.append('slave-introspection') %}
 {#- ############################################## #}
 {#- ## Prepare virtualhost for slaves using cache  #}
 {#- Define IPv6 to IPV4 tunneling #}
@@ -331,6 +349,35 @@ extra-context =
    section slave_password slave-password
    section parameter_dict caddy-log-access-parameters
+[slave-introspection-parameters]
+local-ipv4 = {{ dumps(local_ipv4) }}
+global-ipv6 = {{ dumps(global_ipv6) }}
+https-port = {{ frontend_configuration['slave-introspection-https-port'] }}
+ip-access-certificate = {{ frontend_configuration.get('ip-access-certificate') }}
+nginx-mime = {{ frontend_configuration['nginx_mime'] }}
+access-log = {{ dumps(caddy_configuration['slave-introspection-access-log']) }}
+error-log = {{ dumps(caddy_configuration['slave-introspection-error-log']) }}
+var = {{ directory['slave-introspection-var'] }}
+pid = {{ caddy_configuration['slave-introspection-pid-file'] }}
+[slave-introspection-config]
+<= jinja2-template-base
+template = {{ frontend_configuration['slave-introspection-template'] }}
+rendered = {{ frontend_configuration['slave-introspection-configuration'] }}
+extra-context =
+    section slave_log_directory slave-log-directory-dict
+    section slave_htpasswd slave-htpasswd
+    section parameter_dict slave-introspection-parameters
+[slave-introspection]
+recipe = slapos.cookbook:wrapper
+command-line = {{ frontend_configuration['nginx'] }}
+  -c ${slave-introspection-config:rendered}
+wrapper-path = {{ directory['service'] }}/slave-instrospection-nginx
+hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
 {#- Publish information for the instance #}
 [publish-caddy-information]

--- a/software/caddy-frontend/templates/slave-introspection-httpd-nginx.conf.in
+++ b/software/caddy-frontend/templates/slave-introspection-httpd-nginx.conf.in
+# Access log configuration
+daemon off;
+pid {{ parameter_dict['pid'] }};
+error_log {{ parameter_dict['error-log'] }};
+events {
+}
+http {
+  include {{ parameter_dict['nginx-mime'] }};
+  server {
+    server_name_in_redirect off;
+    port_in_redirect off;
+    error_log {{ parameter_dict['error-log'] }};
+    access_log {{ parameter_dict['access-log'] }};
+    listen [{{ parameter_dict['global-ipv6'] }}]:{{ parameter_dict['https-port'] }} ssl;
+    listen {{ parameter_dict['local-ipv4'] }}:{{ parameter_dict['https-port'] }} ssl;
+    ssl_certificate {{ parameter_dict['ip-access-certificate'] }};
+    ssl_certificate_key {{ parameter_dict['ip-access-certificate'] }};
+    default_type application/octet-stream;
+    client_body_temp_path {{ parameter_dict['var'] }} 1 2;
+    proxy_temp_path {{ parameter_dict['var'] }} 1 2;
+    fastcgi_temp_path {{ parameter_dict['var'] }} 1 2;
+    uwsgi_temp_path {{ parameter_dict['var'] }} 1 2;
+    scgi_temp_path {{ parameter_dict['var'] }} 1 2;
+  {% for slave, directory in slave_log_directory.iteritems() %}
+    location /{{ slave }} {
+      alias {{ directory }};
+      autoindex on;
+      autoindex_format json;
+      sendfile on;
+      sendfile_max_chunk 1m;
+      auth_basic "Log Access {{ slave }}";
+      auth_basic_user_file "{{ slave_htpasswd[slave] | trim }}";
+    }
+  {% endfor %}
+  }
+}
--- a/software/caddy-frontend/templates/trafficserver/records.config.jinja2
+++ b/software/caddy-frontend/templates/trafficserver/records.config.jinja2
@@ -27,6 +27,7 @@ CONFIG proxy.config.http.cache.open_write_fail_action INT 2
 CONFIG proxy.config.body_factory.template_sets_dir STRING  {{ ats_configuration['templates-dir'] }}
 # Support stale-if-error by returning cached content on backend 5xx or unavailability
 CONFIG proxy.config.http.negative_revalidating_enabled INT 1
+CONFIG proxy.config.http.negative_revalidating_lifetime INT 86400
 ##############################################################################
 # Proxy users variables. Docs:
 #    https://docs.trafficserver.apache.org/records.config#proxy-user-variables

--- a/software/caddy-frontend/test/test.py
+++ b/software/caddy-frontend/test/test.py
@@ -66,6 +66,7 @@ from cryptography.x509.oid import NameOID
 from slapos.testing.testcase import makeModuleSetUpAndTestCaseClass
 from slapos.testing.utils import findFreeTCPPort
+from slapos.testing.utils import getPromisePluginParameterDict
 setUpModule, SlapOSInstanceTestCase = makeModuleSetUpAndTestCaseClass(
    os.path.abspath(
        os.path.join(os.path.dirname(__file__), '..', 'software.cfg')))
@@ -243,44 +244,6 @@ def isHTTP2(domain, ip):
  return 'Using HTTP2, server supports multi-use' in err
-def getPluginParameterDict(software_path, filepath):
-  """Load the slapos monitor plugin and returns the configuration used by this plugin.
-  This allow to check that monitoring plugin are using a proper config.
-  """
-  # This is implemented by creating a wrapper script that loads the plugin wrapper
-  # script and returns its `extra_config_dict`. This might have to be adjusted if
-  # internals of slapos promise plugins change.
-  bin_file = os.path.join(software_path, 'bin', 'test-plugin-promise')
-  monitor_python_with_eggs = os.path.join(software_path, 'bin', 'monitor-pythonwitheggs')
-  if not os.path.exists(monitor_python_with_eggs):
-    raise ValueError("Monitoring stack's python does not exist at %s" % monitor_python_with_eggs)
-  with open(bin_file, 'w') as f:
-    f.write("""#!%s
-import os
-import importlib
-import sys
-import json
-filepath = sys.argv[1]
-sys.path[0:0] = [os.path.dirname(filepath)]
-filename = os.path.basename(filepath)
-module = importlib.import_module(os.path.splitext(filename)[0])
-print json.dumps(module.extra_config_dict)
-    """ % monitor_python_with_eggs)
-  os.chmod(bin_file, 0o755)
-  result = subprocess_output([bin_file, filepath]).strip()
-  try:
-    return json.loads(result)
-  except ValueError, e:
-    raise ValueError("%s\nResult was: %s" % (e, result))
 class TestDataMixin(object):
  def getTrimmedProcessInfo(self):
    return '\n'.join(sorted([
@@ -711,6 +674,15 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
      result.status_code,
      'While accessing %r of %r the status code was %r' % (
        url, frontend, result.status_code))
+    # check that the result is correct JSON, which allows to access
+    # information about all logs
+    self.assertEqual(
+      'application/json',
+      result.headers['Content-Type']
+    )
+    self.assertEqual(
+      sorted([q['name'] for q in result.json()]),
+      ['access.log', 'backend.log', 'error.log'])
    self.assertEqual(
      httplib.OK,
      requests.get(url + 'access.log', verify=False).status_code
@@ -721,7 +693,8 @@ class HttpFrontendTestCase(SlapOSInstanceTestCase):
    )
    # assert only for few tests, as backend log is not available for many of
    # them, as it's created on the fly
-    for test_name in ['test_url', 'test_auth_to_backend', 'test_compressed_result']:
+    for test_name in [
+      'test_url', 'test_auth_to_backend', 'test_compressed_result']:
      if self.id().endswith(test_name):
        self.assertEqual(
          httplib.OK,
@@ -3569,7 +3542,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
        'check-_monitor-ipv6-test-ipv6-packet-list-test.py'))[0]
    # get promise module and check that parameters are ok
    self.assertEqual(
-      getPluginParameterDict(self.software_path, monitor_file),
+      getPromisePluginParameterDict(monitor_file),
      {
        'frequency': '720',
        'address': 'monitor-ipv6-test'
@@ -3606,7 +3579,7 @@ class TestSlave(SlaveHttpFrontendTestCase, TestDataMixin):
        'check-_monitor-ipv4-test-ipv4-packet-list-test.py'))[0]
    # get promise module and check that parameters are ok
    self.assertEqual(
-      getPluginParameterDict(self.software_path, monitor_file),
+      getPromisePluginParameterDict(monitor_file),
      {
        'frequency': '720',
        'ipv4': 'true',
@@ -4702,8 +4675,7 @@ class TestRe6stVerificationUrlDefaultSlave(SlaveHttpFrontendTestCase,
    re6st_connectivity_promise_file = re6st_connectivity_promise_list[0]
    self.assertEqual(
-      getPluginParameterDict(
+      getPromisePluginParameterDict(re6st_connectivity_promise_file),
-        self.software_path, re6st_connectivity_promise_file),
      {
        'url': 'http://[2001:67c:1254:4::1]/index.html',
      }
@@ -4757,8 +4729,7 @@ class TestRe6stVerificationUrlSlave(SlaveHttpFrontendTestCase,
    re6st_connectivity_promise_file = re6st_connectivity_promise_list[0]
    self.assertEqual(
-      getPluginParameterDict(
+      getPromisePluginParameterDict(re6st_connectivity_promise_file),
-        self.software_path, re6st_connectivity_promise_file),
      {
        'url': 'some-re6st-verification-url',
      }
@@ -6462,7 +6433,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
    # get promise module and check that parameters are ok
    self.assertEqual(
-      getPluginParameterDict(self.software_path, monitor_file),
+      getPromisePluginParameterDict(monitor_file),
      {
        'frequency': '720',
        'ipv4': 'true',
@@ -6506,7 +6477,7 @@ class TestSlaveRejectReportUnsafeDamaged(SlaveHttpFrontendTestCase):
        'check-_monitor-ipv6-test-unsafe-ipv6-packet-list-test.py'))[0]
    # get promise module and check that parameters are ok
    self.assertEqual(
-      getPluginParameterDict(self.software_path, monitor_file),
+      getPromisePluginParameterDict(monitor_file),
      {
        'frequency': '720',
        'address': '${section:option}\nafternewline ipv6'

--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_log-CADDY.txt
@@ -23,5 +23,7 @@ T-2/var/log/httpd/_enable-http2-true_backend_log
 T-2/var/log/httpd/_enable-http2-true_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlave.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
@@ -23,5 +23,7 @@ T-2/var/log/httpd/_enable-http2-true_backend_log
 T-2/var/log/httpd/_enable-http2-true_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultDefaultSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_log-CADDY.txt
@@ -23,5 +23,7 @@ T-2/var/log/httpd/_enable-http2-true_backend_log
 T-2/var/log/httpd/_enable-http2-true_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlave.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
@@ -23,5 +23,7 @@ T-2/var/log/httpd/_enable-http2-true_backend_log
 T-2/var/log/httpd/_enable-http2-true_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestEnableHttp2ByDefaultFalseSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_log-CADDY.txt
@@ -11,5 +11,7 @@ T-2/var/log/frontend-error.log
 T-2/var/log/httpd-csr_id/expose-csr_id.log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequest.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_log-CADDY.txt
@@ -11,5 +11,7 @@ T-2/var/log/frontend-error.log
 T-2/var/log/httpd-csr_id/expose-csr_id.log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestMasterRequestDomain.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_log-CADDY.txt
@@ -13,5 +13,7 @@ T-2/var/log/httpd/_default_access_log
 T-2/var/log/httpd/_default_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestRe6stVerificationUrlDefaultSlave.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_log-CADDY.txt
@@ -177,5 +177,7 @@ T-2/var/log/httpd/_url_https-url_backend_log
 T-2/var/log/httpd/_url_https-url_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_plugin-CADDY.txt
@@ -38,5 +38,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestSlave.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlave.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_log-CADDY.txt
@@ -17,5 +17,7 @@ T-2/var/log/httpd/_own_ciphers_backend_log
 T-2/var/log/httpd/_own_ciphers_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveCiphers.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_log-CADDY.txt
@@ -177,5 +177,7 @@ T-2/var/log/httpd/_url_https-url_backend_log
 T-2/var/log/httpd/_url_https-url_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_plugin-CADDY.txt
@@ -38,5 +38,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveGlobalDisableHttp2.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_log-CADDY.txt
@@ -47,5 +47,7 @@ T-2/var/log/httpd/_type-notebook-ssl_from_slave_kedifa_overrides_backend_log
 T-2/var/log/httpd/_type-notebook-ssl_from_slave_kedifa_overrides_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibility.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_log-CADDY.txt
@@ -14,5 +14,7 @@ T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_backend_l
 T-2/var/log/httpd/_ssl_from_master_kedifa_overrides_master_certificate_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityOverrideMaster.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_log-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_log-CADDY.txt
@@ -14,5 +14,7 @@ T-2/var/log/httpd/_ssl_from_master_backend_log
 T-2/var/log/httpd/_ssl_from_master_error_log
 T-2/var/log/monitor-httpd-access.log
 T-2/var/log/monitor-httpd-error.log
+T-2/var/log/slave-introspection-access.log
+T-2/var/log/slave-introspection-error.log
 T-2/var/log/trafficserver/manager.log
 T-2/var/log/trafficserver/traffic.out
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_plugin-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_plugin-CADDY.txt
@@ -36,5 +36,7 @@ T-2/etc/plugin/monitor-bootstrap-status.py
 T-2/etc/plugin/monitor-http-frontend.py
 T-2/etc/plugin/monitor-httpd-listening-on-tcp.py
 T-2/etc/plugin/re6st-connectivity.py
+T-2/etc/plugin/slave-introspection-configuration.py
+T-2/etc/plugin/slave_introspection_https.py
 T-2/etc/plugin/trafficserver-cache-availability.py
 T-2/etc/plugin/trafficserver-port-listening.py
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_run-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_file_list_run-CADDY.txt
@@ -9,3 +9,6 @@ T-2/var/run/bhlog.sck
 T-2/var/run/graceful_configuration_state_signature
 T-2/var/run/httpd.pid
 T-2/var/run/monitor-httpd.pid
+T-2/var/run/slave-introspection.pid
+T-2/var/run/slave_introspection_configuration_last_state
+T-2/var/run/slave_introspection_graceful_configuration_state_signature
--- a/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_supervisor_state-CADDY.txt
+++ b/software/caddy-frontend/test/test_data/test.TestSlaveSlapOSMasterCertificateCompatibilityUpdate.test_supervisor_state-CADDY.txt
@@ -33,5 +33,7 @@ T-2:kedifa-login-certificate-caucase-updater-on-watch RUNNING
 T-2:kedifa-updater-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-{hash-generic}-on-watch RUNNING
 T-2:monitor-httpd-graceful EXITED
+T-2:slave-instrospection-nginx-{hash-generic}-on-watch RUNNING
+T-2:slave-introspection-safe-graceful EXITED
 T-2:trafficserver-{hash-generic}-on-watch RUNNING
 T-2:trafficserver-reload EXITED
--- a/software/erp5/test/setup.py
+++ b/software/erp5/test/setup.py
@@ -48,6 +48,9 @@ setup(name=name,
        'psutil',
        'requests',
        'mysqlclient',
+        'backports.lzma',
+        'cryptography',
+        'pyOpenSSL',
        ],
      zip_safe=True,
      test_suite='test',

--- a/software/erp5/test/test/test_balancer.py
+++ b/software/erp5/test/test/test_balancer.py
@@ -148,7 +148,6 @@ class TestFrontendXForwardedFor(ERP5InstanceTestCase):
      stderr=subprocess.STDOUT,
    )
    result = caucase_process.communicate()
-    print(result)
    csr_id = result[0].split()[0]
    subprocess.check_call(

--- a/software/erp5/test/test/test_erp5.py
+++ b/software/erp5/test/test/test_erp5.py
@@ -50,20 +50,17 @@ class TestPublishedURLIsReachableMixin(object):
    # What happens is that instanciation just create the services, but does not
    # wait for ERP5 to be initialized. When this test run ERP5 instance is
    # instanciated, but zope is still busy creating the site and haproxy replies
-    # with 503 Service Unavailable, sometimes the first request is 404, so we
+    # with 503 Service Unavailable when zope is not started yet, with 404 when
-    # retry in a loop.
+    # erp5 site is not created, with 500 when mysql is not yet reachable, so we
-    # If we can move the "create site" in slapos node instance, then this retry loop
+    # retry in a loop until we get a succesful response.
-    # would not be necessary.
    for i in range(1, 60):
      r = requests.get(url, verify=False)  # XXX can we get CA from caucase already ?
-      if r.status_code in (requests.codes.service_unavailable,
+      if r.status_code != requests.codes.ok:
-                           requests.codes.not_found):
        delay = i * 2
        self.logger.warn("ERP5 was not available, sleeping for %ds and retrying", delay)
        time.sleep(delay)
        continue
-      if r.status_code != requests.codes.ok:
+      r.raise_for_status()
-        r.raise_for_status()
      break
    self.assertIn("ERP5", r.text)

--- a/software/erp5/test/test/test_mariadb.py
+++ b/software/erp5/test/test/test_mariadb.py
@@ -31,12 +31,19 @@ import json
 import glob
 from six.moves.urllib.parse import urlparse
 import socket
+import sys
 import time
 import contextlib
 import datetime
+import subprocess
+import gzip
+from backports import lzma
 import MySQLdb
+from slapos.testing.utils import CrontabMixin
+from slapos.testing.utils import getPromisePluginParameterDict
 from . import ERP5InstanceTestCase
 from . import setUpModule
 setUpModule  # pyflakes
@@ -56,8 +63,8 @@ class MariaDBTestCase(ERP5InstanceTestCase):
    return {
        'tcpv4-port': 3306,
        'max-connection-count': 5,
-        'max-slowqueries-threshold': 5,
+        'max-slowqueries-threshold': 1,
-        'slowest-query-threshold': 10,
+        'slowest-query-threshold': 0.1,
        # XXX what is this ? should probably not be needed here
        'name': cls.__name__,
        'monitor-passwd': 'secret',
@@ -86,6 +93,88 @@ class MariaDBTestCase(ERP5InstanceTestCase):
    )
+class TestCrontabs(MariaDBTestCase, CrontabMixin):
+  def test_full_backup(self):
+    self._executeCrontabAtDate('mariadb-backup', '2050-01-01')
+    with gzip.open(
+        os.path.join(
+            self.computer_partition_root_path,
+            'srv',
+            'backup',
+            'mariadb-full',
+            '20500101000000.sql.gz',
+        ),
+        'r') as dump:
+      self.assertIn('CREATE TABLE', dump.read())
+  def test_logrotate_and_slow_query_digest(self):
+    # slow query digest needs to run after logrotate, since it operates on the rotated
+    # file, so this tests both logrotate and slow query digest.
+    # run logrotate a first time so that it create state files
+    self._executeCrontabAtDate('logrotate', '2000-01-01')
+    # make two slow queries
+    cnx = self.getDatabaseConnection()
+    with contextlib.closing(cnx):
+      cnx.query("SELECT SLEEP(1.1)")
+      cnx.store_result()
+      cnx.query("SELECT SLEEP(1.2)")
+    # slow query crontab depends on crontab for log rotation
+    # to be executed first.
+    self._executeCrontabAtDate('logrotate', '2050-01-01')
+    # this logrotate leaves the log for the day as non compressed
+    rotated_log_file = os.path.join(
+        self.computer_partition_root_path,
+        'srv',
+        'backup',
+        'logrotate',
+        'mariadb_slowquery.log-20500101',
+    )
+    self.assertTrue(os.path.exists(rotated_log_file))
+    # then crontab to generate slow query report is executed
+    self._executeCrontabAtDate('generate-mariadb-slow-query-report', '2050-01-01')
+    # and it creates a report for the day
+    slow_query_report = os.path.join(
+        self.computer_partition_root_path,
+        'srv',
+        'monitor',
+        'private',
+        'slowquery_digest',
+        'slowquery_digest.txt-2050-01-01.xz',
+    )
+    with lzma.open(slow_query_report, 'r') as f:
+      # this is the hash for our "select sleep(n)" slow query
+      self.assertIn("ID 0xF9A57DD5A41825CA", f.read())
+    # on next day execution of logrotate, log files are compressed
+    self._executeCrontabAtDate('logrotate', '2050-01-02')
+    self.assertTrue(os.path.exists(rotated_log_file + '.xz'))
+    self.assertFalse(os.path.exists(rotated_log_file))
+    # there's a promise checking that the threshold is not exceeded
+    # and it reports a problem since we set a threshold of 1 slow query
+    check_slow_query_promise_plugin = getPromisePluginParameterDict(
+        os.path.join(
+            self.computer_partition_root_path,
+            'etc',
+            'plugin',
+            'check-slow-query-pt-digest-result.py',
+        ))
+    with self.assertRaises(subprocess.CalledProcessError) as error_context:
+      subprocess.check_output('faketime 2050-01-01 %s' % check_slow_query_promise_plugin['command'], shell=True)
+    self.assertEqual(
+        error_context.exception.output,
+"""\
+Threshold is lower than expected: 
+Expected total queries : 1.0 and current is: 2
+Expected slowest query : 0.1 and current is: 1
+""")
 class TestMariaDB(MariaDBTestCase):
  def test_utf8_collation(self):
    cnx = self.getDatabaseConnection()

--- a/software/erp5testnode/testsuite/dummy/software.cfg
+++ b/software/erp5testnode/testsuite/dummy/software.cfg
@@ -11,7 +11,7 @@ parts =
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance.cfg
 output = ${buildout:directory}/template.cfg
-md5sum = efd3b712a2294207f265a9c45648d5cf
+md5sum = 9fccb9600a085691ab0f9a20cd615c01
 mode = 0644
 [versions]

--- a/software/erp5testnode/testsuite/instance-resilient-test.cfg.jinja2
+++ b/software/erp5testnode/testsuite/instance-resilient-test.cfg.jinja2
@@ -56,8 +56,12 @@ config-cpu-usage-ratio = 1
 config-software-root = ${buildout:directory}/../../soft
 config-buildout-shared-folder = ${buildout:directory}/../../shared
 config-no-ipv4-frontend = true
-# XXX hardcoded
-#config-frontend-domain = google.com
+# Use same repository / branch for the software installed in slaprunner
+# than the tested slaprunner itself.
+config-slapos-repository = {{ slapos_repository_url }}
+config-slapos-reference = {{ slapos_repository_branch }}
 # XXX Hack to deploy Root Instance on the same computer as the type-test Instance
 sla-computer_guid = ${slap-connection:computer-id}
 return = backend-url

--- a/software/erp5testnode/testsuite/slaprunner.cfg
+++ b/software/erp5testnode/testsuite/slaprunner.cfg
@@ -7,7 +7,16 @@ parts += template-erp5testnode
 [template-resilient-test]
 filename = instance-resilient-test.cfg.jinja2 
-md5sum = cf34be404bdd93a72df9c593f8762cb2
+md5sum = be4adbc196f07f5e39ca78401dfa53ec
+# We have to use an extra level of indentation here because this is substituted
+# during software buildout to generate instance buildout, but the
+# slapos.recipe.template recipe doing the substitution does string replacements
+# without knowledge of the buildout syntax, so we want the second line to be
+# indented in the final generated instance buildout.
+extra-context =
+    raw slapos_repository_url ${slapos.cookbook-repository:repository}
+        raw slapos_repository_branch ${slapos.cookbook-repository:branch}
 [exporter-default-configuration]
 # Define shorter interaction to speed up tests

--- a/software/kvm/README.rst
+++ b/software/kvm/README.rst
@@ -18,9 +18,8 @@ KVM instance (1GB of RAM, 10GB of SSD, one core)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 Note that the KVM instance will try to request a frontend slave instance in order
-to be accessible from IPv4.
+to be accessible from IPv4::
-::
  myawesomekvm = request(
      software_release=kvm,
      partition_reference="My awesome KVM",
@@ -92,16 +91,15 @@ KVM instance parameters:
 - keyboard-layout-language (default: fr)
    Change keyboard layout language (Change to en-us if you face some bad bihaviors)
    Language list: ['ar', 'da', 'de', 'de-ch', 'en-gb', 'en-us', 'es', 'et', 'fi',
-      'fo', 'fr', 'fr-be', 'fr-ca', 'fr-ch', 'hr', 'hu', 'is', 'it', 'ja', 'lt',
+    'fo', 'fr', 'fr-be', 'fr-ca', 'fr-ch', 'hr', 'hu', 'is', 'it', 'ja', 'lt',
-      'lv', 'mk', 'nl', 'nl-be', 'no', 'pl', 'pt', 'pt-br', 'ru', 'sl', 'sv',
+    'lv', 'mk', 'nl', 'nl-be', 'no', 'pl', 'pt', 'pt-br', 'ru', 'sl', 'sv',
-      'th', 'tr']
+    'th', 'tr']
 Resilient KVM instance
-~~~~~~~~~~~~~~~~~~~~~
+~~~~~~~~~~~~~~~~~~~~~~
-Like KVM instance, but backed-up (with history) in two places.
+Like KVM instance, but backed-up (with history) in two places::
-::
  kvm = 'https://lab.nexedi.com/nexedi/slapos/raw/slapos-0.188/software/kvm/software.cfg'
  myresilientkvm = request(
      software_release=kvm,
@@ -119,3 +117,18 @@ files for more instance parameters (cpu-count, ram-size, disk-size, specific loc
 Then, if you want one of the two clones to takeover, you need to login into
 the hosting machine, go to the partition of the clone, and invoke bin/takeover.
+Technical notes
+---------------
+Updating boot-image-url-select
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ * download the new OS installation image
+ * calculate it's sha512sum and store as <SHA512>
+ * calculate it's md5sum and store as <MD5>
+ * upload it to shacache
+ * construct download url: ``https://shacache.nxdcdn.com/<SHA512>#<MD5>``
+ * update the ``boot-image-url-select`` in:
+    * ``instance-kvm-input-schema.json``
+    * ``instance-kvm-cluster-input-schema.json``
--- a/software/kvm/buildout.hash.cfg
+++ b/software/kvm/buildout.hash.cfg
@@ -19,11 +19,11 @@ md5sum = e6d5c7bb627b4f1d3e7c99721b7c58fe
 [template-kvm]
 filename = instance-kvm.cfg.jinja2
-md5sum = 50e78a2a34efe09afab161ae1c1efd46
+md5sum = 23493c541efef97ac5fe435114910b8e
 [template-kvm-cluster]
 filename = instance-kvm-cluster.cfg.jinja2.in
-md5sum = a4788112008cd0b38a57cd28f7252fbd
+md5sum = bdf8549a76ec61e125d51a05e611e004
 [template-kvm-resilient]
 filename = instance-kvm-resilient.cfg.jinja2
@@ -55,7 +55,7 @@ md5sum = b7e87479a289f472b634a046b44b5257
 [template-kvm-run]
 filename = template/template-kvm-run.in
-md5sum = dd1f581f34cf5a0b627576771347c710
+md5sum = 4a6f149177a453a13436f320f6841518
 [template-kvm-controller]
 filename = template/kvm-controller-run.in
@@ -87,4 +87,4 @@ md5sum = 7e4b54f8172c364bd12d28b07f8b1600
 [image-download-config-creator]
 _update_hash_filename_ = template/image-download-config-creator.py
-md5sum = 7f6cd75096695922fddbba1c9292cef5
+md5sum = 54261e418ab9860efe73efd514c4d47f
--- a/software/kvm/instance-kvm-cluster-input-schema.json
+++ b/software/kvm/instance-kvm-cluster-input-schema.json
@@ -42,12 +42,6 @@
          "type": "string",
          "format": "uri",
          "default": "http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg"
-        },
-        "image-url-list": {
-          "title": "List of URLs images to download",
-          "description": "The list shall be list of direct URLs to images, followed by hash (#), then by image MD5SUM. Each image shall appear on newline, like: \"https://example.com/image.iso#06226c7fac5bacfa385872a19bb99684<newline>https://example.com/another-image.iso#31b40d58b18e038498ddb46caea1361c\". They will be provided in KVM image list according to the order on the list. After updating the list, the instance has to be restarted to refresh it. Amount of images is limited to 4, and one image can be maximum 5G. Image will be downloaded and checked against its MD5SUM 4 times, then it will be considered as impossible to download with given MD5SUM. Each image has to be downloaded in time shorter than 4 hours, so in case of very slow images to access, it can take up to 16 hours to download all of them. Note: The instance has to be restarted in order to update the list of available images in the VM.",
-          "type": "string",
-          "textarea": "true"
        }
      },
      "type": "object"
@@ -508,6 +502,60 @@
              "description": "If the VM of cluster doesn't run Ansible and report status to this SlapOS instances, then this allow to disable ansible promise so your instance will not fail to check ansible promise.",
              "type": "boolean",
              "default": false
+            },
+            "boot-image-url-list": {
+              "title": "Boot image list",
+              "description": "The list shall be list of direct URLs to images, followed by hash (#), then by image MD5SUM. Each image shall appear on newline, like: \"https://example.com/image.iso#06226c7fac5bacfa385872a19bb99684<newline>https://example.com/another-image.iso#31b40d58b18e038498ddb46caea1361c\". They will be provided in KVM image list according to the order on the list. After updating the list, the instance has to be restarted to refresh it. Amount of images is limited to 4, and one image can be maximum 5G. Image will be downloaded and checked against its MD5SUM 4 times, then it will be considered as impossible to download with given MD5SUM. Each image has to be downloaded in time shorter than 4 hours, so in case of very slow images to access, it can take up to 16 hours to download all of them. Note: The instance has to be restarted in order to update the list of available images in the VM.",
+              "type": "string",
+              "textarea": "true"
+            },
+            "boot-image-url-select": {
+              "title": "Boot image",
+              "type": "array",
+              "oneOf": [
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/0a6aee1d9aafc1ed095105c052f9fdd65ed00ea9274188c9cd0072c8e6838ab40e246d45a1e6956d74ef1b04a1fc042151762f25412e9ff0cbf49418eef7992e#a3ebc76aec372808ad80000108a2593a"
+                  ],
+                  "title": "Debian Buster 10.5 netinst x86_64"
+                },
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/ce5ddfdbdaccdf929b7fe321212356347d82a02f6b7733427282b416f113d91e587682b003e9d376ac189c3b731595c50c236962aadf2720c16d9f36913577c0#23bf2a2d60271e553e63525e794415f1"
+                  ],
+                  "title": "Centos 8.2004 Minimal x86_64"
+                },
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/302c990c6d69575ff24c96566e5c7e26bf36908abb0cd546e22687c46fb07bf8dba595bf77a9d4fd9ab63e75c0437c133f35462fd41ea77f6f616140cd0e5e6a#f3a306f40e4a313fb5a584d73b3dee8f"
+                  ],
+                  "title": "Ubuntu Focal 20.04.1 Live Server x86_64"
+                },
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/6635269a7eb6fbd6b85fda40cd94f14a27bf53cb1fc82ffcce9fe386a025a43e1ab681db7e8cec50416bfbfc90262f0d95273686a101c74b3f17646f0a34c85b#3708a59af6cf820a95cafe0ae73ac399"
+                  ],
+                  "title": "openSUSE Leap 15.2 NET x86_64"
+                },
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/fc17e8c6ae0790162f4beb8fa6226d945cff638429588999b3a08493ff27b280dc2939fba825ae04be1d9082ea8d7c3c002c5e4c39fbbcf88b8ab5104619e28a#ebcdb2223a77f098af3923fe1fa180aa"
+                  ],
+                  "title": "Arch Linux 2020.09.01 x86_64"
+                },
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/c5a511f349a1146b615e6fab9c24f9be4362046adcf24f0ff82c470d361fac5f6628895e2110ebf8ff87db49d4c413a0a332699da6b1bec64275e0c17a15b999#ca7a1e555c04b4d9a549065fa2ddf713"
+                  ],
+                  "title": "Fedora Server 32-1.6 netinst x86_64"
+                },
+                {
+                  "const": [
+                    "https://shacache.nxdcdn.com/6c355def68b3c0427f21598cb054ffc893568902f205601ac60f192854769b31bc9cff8eeb6ce99ef975a8fb887d8d3e56fc6cd5ea5cb4b3bba1175c520047cb#57088b77f795ca44b00971e44782ee23"
+                  ],
+                  "title": "FreeBSD 12.1 RELEASE bootonly x86_64"
+                }
+              ]
            }
          },
          "type": "object"

--- a/software/kvm/instance-kvm-cluster.cfg.jinja2.in
+++ b/software/kvm/instance-kvm-cluster.cfg.jinja2.in
@@ -127,9 +127,13 @@ config-document-host = ${apache-conf:ip}
 config-document-port = ${apache-conf:port}
 config-document-path = ${hash-code:passwd}
 config-keyboard-layout-language = {{ dumps(kvm_parameter_dict.get('keyboard-layout-language', 'fr')) }}
-{%- if 'image-url-list' in kvm_parameter_dict %}
+{%- if 'boot-image-url-list' in kvm_parameter_dict %}
 {#- play nice: if parameter was not constructed by the original request, do not send it at all #}
-config-image-url-list = {{ kvm_parameter_dict['image-url-list'] }}
+config-boot-image-url-list = {{ kvm_parameter_dict['boot-image-url-list'] }}
+{%- endif %}
+{%- if 'boot-image-url-select' in kvm_parameter_dict %}
+{#- play nice: if parameter was not constructed by the original request, do not send it at all #}
+config-boot-image-url-select = {{ kvm_parameter_dict['boot-image-url-select'] }}
 {%- endif %}
 config-type = cluster

--- a/software/kvm/instance-kvm-input-schema.json
+++ b/software/kvm/instance-kvm-input-schema.json
 {
  "type": "object",
-  "$schema": "http://json-schema.org/draft-04/schema",
+  "$schema": "http://json-schema.org/draft-06/schema",
  "title": "Input Parameters",
  "properties": {
    "enable-device-hotplug": {
@@ -366,11 +366,59 @@
      "format": "uri",
      "default": "http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg"
    },
-    "image-url-list": {
+    "boot-image-url-list": {
-      "title": "List of URLs images to download",
+      "title": "Boot image list",
      "description": "The list shall be list of direct URLs to images, followed by hash (#), then by image MD5SUM. Each image shall appear on newline, like: \"https://example.com/image.iso#06226c7fac5bacfa385872a19bb99684<newline>https://example.com/another-image.iso#31b40d58b18e038498ddb46caea1361c\". They will be provided in KVM image list according to the order on the list. After updating the list, the instance has to be restarted to refresh it. Amount of images is limited to 4, and one image can be maximum 5G. Image will be downloaded and checked against its MD5SUM 4 times, then it will be considered as impossible to download with given MD5SUM. Each image has to be downloaded in time shorter than 4 hours, so in case of very slow images to access, it can take up to 16 hours to download all of them. Note: The instance has to be restarted in order to update the list of available images in the VM.",
      "type": "string",
      "textarea": "true"
+    },
+    "boot-image-url-select": {
+      "title": "Boot image",
+      "type": "array",
+      "oneOf": [
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/0a6aee1d9aafc1ed095105c052f9fdd65ed00ea9274188c9cd0072c8e6838ab40e246d45a1e6956d74ef1b04a1fc042151762f25412e9ff0cbf49418eef7992e#a3ebc76aec372808ad80000108a2593a"
+          ],
+          "title": "Debian Buster 10.5 netinst x86_64"
+        },
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/ce5ddfdbdaccdf929b7fe321212356347d82a02f6b7733427282b416f113d91e587682b003e9d376ac189c3b731595c50c236962aadf2720c16d9f36913577c0#23bf2a2d60271e553e63525e794415f1"
+          ],
+          "title": "Centos 8.2004 Minimal x86_64"
+        },
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/302c990c6d69575ff24c96566e5c7e26bf36908abb0cd546e22687c46fb07bf8dba595bf77a9d4fd9ab63e75c0437c133f35462fd41ea77f6f616140cd0e5e6a#f3a306f40e4a313fb5a584d73b3dee8f"
+          ],
+          "title": "Ubuntu Focal 20.04.1 Live Server x86_64"
+        },
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/6635269a7eb6fbd6b85fda40cd94f14a27bf53cb1fc82ffcce9fe386a025a43e1ab681db7e8cec50416bfbfc90262f0d95273686a101c74b3f17646f0a34c85b#3708a59af6cf820a95cafe0ae73ac399"
+          ],
+          "title": "openSUSE Leap 15.2 NET x86_64"
+        },
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/fc17e8c6ae0790162f4beb8fa6226d945cff638429588999b3a08493ff27b280dc2939fba825ae04be1d9082ea8d7c3c002c5e4c39fbbcf88b8ab5104619e28a#ebcdb2223a77f098af3923fe1fa180aa"
+          ],
+          "title": "Arch Linux 2020.09.01 x86_64"
+        },
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/c5a511f349a1146b615e6fab9c24f9be4362046adcf24f0ff82c470d361fac5f6628895e2110ebf8ff87db49d4c413a0a332699da6b1bec64275e0c17a15b999#ca7a1e555c04b4d9a549065fa2ddf713"
+          ],
+          "title": "Fedora Server 32-1.6 netinst x86_64"
+        },
+        {
+          "const": [
+            "https://shacache.nxdcdn.com/6c355def68b3c0427f21598cb054ffc893568902f205601ac60f192854769b31bc9cff8eeb6ce99ef975a8fb887d8d3e56fc6cd5ea5cb4b3bba1175c520047cb#57088b77f795ca44b00971e44782ee23"
+          ],
+          "title": "FreeBSD 12.1 RELEASE bootonly x86_64"
+        }
+      ]
    }
  }
 }
--- a/software/kvm/instance-kvm.cfg.jinja2
+++ b/software/kvm/instance-kvm.cfg.jinja2
@@ -9,7 +9,8 @@
 {% set instance_type = slapparameter_dict.get('type', 'standalone') -%}
 {% set nat_rule_list = slapparameter_dict.get('nat-rules', '22 80 443') -%}
 {% set disk_device_path = slapparameter_dict.get('disk-device-path', None) -%}
-{% set image_url_list_enabled = 'image-url-list' in slapparameter_dict %}
+{% set boot_image_url_list_enabled = 'boot-image-url-list' in slapparameter_dict %}
+{% set boot_image_url_select_enabled = 'boot-image-url-select' in slapparameter_dict %}
 {% set cpu_max_count = dumps(slapparameter_dict.get('cpu-max-count', int(slapparameter_dict.get('cpu-count', 1)) + 1)) %}
 {% set ram_max_size = dumps(slapparameter_dict.get('ram-max-size', int(slapparameter_dict.get('ram-size', 1024)) + 512)) %}
 {% set extends_list = [] -%}
@@ -54,10 +55,15 @@ public = ${:srv}/public/
 cron-entries = ${:etc}/cron.d
 crontabs = ${:etc}/crontabs
 cronstamps = ${:etc}/cronstamps
-{%- if image_url_list_enabled %}
+{%- if boot_image_url_list_enabled %}
-image-repository = ${:srv}/image-repository
+boot-image-url-list-repository = ${:srv}/boot-image-url-list-repository
-image-url-list-var = ${:var}/image-url-list
+boot-image-url-list-var = ${:var}/boot-image-url-list
-image-url-list-expose = ${monitor-directory:private}/image-url-list
+boot-image-url-list-expose = ${monitor-directory:private}/boot-image-url-list
+{%- endif %}
+{%- if boot_image_url_select_enabled %}
+boot-image-url-select-repository = ${:srv}/boot-image-url-select-repository
+boot-image-url-select-var = ${:var}/boot-image-url-select
+boot-image-url-select-expose = ${monitor-directory:private}/boot-image-url-select
 {%- endif %}
 [create-mac]
@@ -73,9 +79,116 @@ recipe = slapos.cookbook:generate.password
 storage-path = ${directory:srv}/passwd
 bytes = 8
-{% if image_url_list_enabled %}
+{% if boot_image_url_select_enabled %}
-## image-url-list support BEGIN
+## boot-image-url-select support BEGIN
-[empty-file-state-base-promise]
+[empty-file-state-base-select-promise]
+<= monitor-promise-base
+module = check_file_state
+name = ${:_buildout_section_name_}.py
+config-state = empty
+# It's very hard to put the username and password correctly, after schema://
+# and before the host, as it's not the way how one can use monitor provided
+# information, so just show the information in the URL
+config-url = ${monitor-base:base-url}/private/boot-image-url-select/${:filename} with username ${monitor-publish-parameters:monitor-user} and password ${monitor-publish-parameters:monitor-password}
+[boot-image-url-select-source-config]
+# generates configuration of the image from the user parameter
+# special "magic" is used, to properly support multiline boot-image-url-select
+# but in the same time correctly generate the configuration file
+recipe = slapos.recipe.template:jinja2
+template = inline:
+{#- Do special trick to support boot-image-url-select being None, if key is present with value "" #}
+{%- raw %}
+  {%- set boot_image_url_select = slap_parameter.get('boot-image-url-select') or '' %}
+  {%- if boot_image_url_select == 'None' %}
+  {#- That's insane protection, is it 'None' because of type = array? #}
+  {%-   set boot_image_url_select = '' %}
+  {%- endif %}
+  {{ boot_image_url_select }}
+{% endraw -%}
+context =
+  section slap_parameter slap-parameter
+rendered = ${directory:etc}/boot-image-url-select.json
+[boot-image-url-select-processed-config]
+# compares if the current configuration has been used by
+# the boot-image-url-select-download, if not, exposes it as not empty file with
+# information
+recipe = slapos.recipe.build
+install =
+  import os
+  import hashlib
+  if not os.path.exists(location):
+    os.mkdir(location)
+  with open('${:state-file}', 'w') as state_handler:
+    try:
+      with open('${:config-file}', 'rb') as config_handler, open('${:processed-md5sum}') as processed_handler:
+        config_md5sum = hashlib.md5(config_handler.read()).hexdigest()
+        processed_md5sum = processed_handler.read()
+        if config_md5sum == processed_md5sum:
+          state_handler.write('')
+        else:
+          state_handler.write('config %s != processed %s' % (config_md5sum, processed_md5sum))
+    except Exception as e:
+      state_handler.write(str(e))
+update = ${:install}
+config-file = ${boot-image-url-select-source-config:rendered}
+state-filename = boot-image-url-select-processed-config.state
+state-file = ${directory:boot-image-url-select-expose}/${:state-filename}
+processed-md5sum = ${directory:boot-image-url-select-var}/update-image-processed.md5sum
+[boot-image-url-select-processed-config-promise]
+# promise to check if the configuration provided by the user has been already
+# processed by the boot-image-url-select-download script, which runs asynchronously
+<= empty-file-state-base-select-promise
+filename = ${boot-image-url-select-processed-config:state-filename}
+config-filename = ${boot-image-url-select-processed-config:state-file}
+[boot-image-url-select-json-config]
+# generates json configuration from user configuration
+recipe = plone.recipe.command
+command = {{ python_executable }} {{ image_download_config_creator }} ${boot-image-url-select-source-config:rendered} ${:rendered} ${directory:boot-image-url-select-repository} ${:error-state-file}
+update-command = ${:command}
+rendered = ${directory:boot-image-url-select-var}/boot-image-url-select.json
+error-state-filename = boot-image-url-select-json-config-error.txt
+error-state-file = ${directory:boot-image-url-select-expose}/${:error-state-filename}
+[boot-image-url-select-config-state-promise]
+# promise to check if configuration has been parsed without errors
+<= empty-file-state-base-select-promise
+filename = ${boot-image-url-select-json-config:error-state-filename}
+config-filename = ${boot-image-url-select-json-config:error-state-file}
+[boot-image-url-select-download-wrapper]
+# wrapper to execute boot-image-url-select-download on each run
+recipe = slapos.cookbook:wrapper
+wrapper-path = ${directory:scripts}/boot-image-url-select-updater
+command-line = {{ python_executable }} {{ image_download_controller }} ${boot-image-url-select-json-config:rendered} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${boot-image-url-select-processed-config:processed-md5sum}
+md5sum-state-filename = boot-image-url-select-download-controller-md5sum-fail.json
+md5sum-state-file = ${directory:boot-image-url-select-expose}/${:md5sum-state-filename}
+error-state-filename = boot-image-url-select-download-controller-error.text
+error-state-file = ${directory:boot-image-url-select-expose}/${:error-state-filename}
+hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
+[boot-image-url-select-download-md5sum-promise]
+# promise to report errors with problems with calculating md5sum of the
+# downloaded images
+<= empty-file-state-base-select-promise
+filename = ${boot-image-url-select-download-wrapper:md5sum-state-filename}
+config-filename = ${boot-image-url-select-download-wrapper:md5sum-state-file}
+[boot-image-url-select-download-state-promise]
+# promise to report errors during download
+<= empty-file-state-base-select-promise
+filename = ${boot-image-url-select-download-wrapper:error-state-filename}
+config-filename = ${boot-image-url-select-download-wrapper:error-state-file}
+## boot-image-url-select support END
+{% endif %} {# if boot_image_url_select_enabled #}
+{% if boot_image_url_list_enabled %}
+## boot-image-url-list support BEGIN
+[empty-file-state-base-list-promise]
 <= monitor-promise-base
 module = check_file_state
 name = ${:_buildout_section_name_}.py
@@ -83,25 +196,25 @@ config-state = empty
 # It's very hard to put the username and password correctly, after schema://
 # and before the host, as it's not the way how one can use monitor provided
 # information, so just show the information in the URL
-config-url = ${monitor-base:base-url}/private/image-url-list/${:filename} with username ${monitor-publish-parameters:monitor-user} and password ${monitor-publish-parameters:monitor-password}
+config-url = ${monitor-base:base-url}/private/boot-image-url-list/${:filename} with username ${monitor-publish-parameters:monitor-user} and password ${monitor-publish-parameters:monitor-password}
-[image-url-list-source-config]
+[boot-image-url-list-source-config]
 # generates configuration of the image from the user parameter
-# special "magic" is used, to properly support multiline image-url-list
+# special "magic" is used, to properly support multiline boot-image-url-list
 # but in the same time correctly generate the configuration file
 recipe = slapos.recipe.template:jinja2
 template = inline:
-{#- Do special trick to support image-url-list being None, if key is present with value "" #}
+{#- Do special trick to support boot-image-url-list being None, if key is present with value "" #}
 {%- raw %}
-  {{ slap_parameter.get('image-url-list') or '' }}
+  {{ slap_parameter.get('boot-image-url-list') or '' }}
 {% endraw -%}
 context =
  section slap_parameter slap-parameter
-rendered = ${directory:etc}/image-url-list.conf
+rendered = ${directory:etc}/boot-image-url-list.conf
-[image-url-list-processed-config]
+[boot-image-url-list-processed-config]
 # compares if the current configuration has been used by
-# the image-url-list-download, if not, exposes it as not empty file with
+# the boot-image-url-list-download, if not, exposes it as not empty file with
 # information
 recipe = slapos.recipe.build
 install =
@@ -122,58 +235,58 @@ install =
      state_handler.write(str(e))
 update = ${:install}
-config-file = ${image-url-list-source-config:rendered}
+config-file = ${boot-image-url-list-source-config:rendered}
-state-filename = image-url-list-processed-config.state
+state-filename = boot-image-url-list-processed-config.state
-state-file = ${directory:image-url-list-expose}/${:state-filename}
+state-file = ${directory:boot-image-url-list-expose}/${:state-filename}
-processed-md5sum = ${directory:image-url-list-var}/update-image-processed.md5sum
+processed-md5sum = ${directory:boot-image-url-list-var}/update-image-processed.md5sum
-[image-url-list-processed-config-promise]
+[boot-image-url-list-processed-config-promise]
 # promise to check if the configuration provided by the user has been already
-# processed by the image-url-list-download script, which runs asynchronously
+# processed by the boot-image-url-list-download script, which runs asynchronously
-<= empty-file-state-base-promise
+<= empty-file-state-base-list-promise
-filename = ${image-url-list-processed-config:state-filename}
+filename = ${boot-image-url-list-processed-config:state-filename}
-config-filename = ${image-url-list-processed-config:state-file}
+config-filename = ${boot-image-url-list-processed-config:state-file}
-[image-url-list-json-config]
+[boot-image-url-list-json-config]
 # generates json configuration from user configuration
 recipe = plone.recipe.command
-command = {{ python_executable }} {{ image_download_config_creator }} ${image-url-list-source-config:rendered} ${:rendered} ${directory:image-repository} ${:error-state-file}
+command = {{ python_executable }} {{ image_download_config_creator }} ${boot-image-url-list-source-config:rendered} ${:rendered} ${directory:boot-image-url-list-repository} ${:error-state-file}
 update-command = ${:command}
-rendered = ${directory:image-url-list-var}/image-url-list.json
+rendered = ${directory:boot-image-url-list-var}/boot-image-url-list.json
-error-state-filename = image-url-list-json-config-error.txt
+error-state-filename = boot-image-url-list-json-config-error.txt
-error-state-file = ${directory:image-url-list-expose}/${:error-state-filename}
+error-state-file = ${directory:boot-image-url-list-expose}/${:error-state-filename}
-[image-url-list-config-state-promise]
+[boot-image-url-list-config-state-promise]
 # promise to check if configuration has been parsed without errors
-<= empty-file-state-base-promise
+<= empty-file-state-base-list-promise
-filename = ${image-url-list-json-config:error-state-filename}
+filename = ${boot-image-url-list-json-config:error-state-filename}
-config-filename = ${image-url-list-json-config:error-state-file}
+config-filename = ${boot-image-url-list-json-config:error-state-file}
-[image-url-list-download-wrapper]
+[boot-image-url-list-download-wrapper]
-# wrapper to execute image-url-list-download on each run
+# wrapper to execute boot-image-url-list-download on each run
 recipe = slapos.cookbook:wrapper
-wrapper-path = ${directory:scripts}/image-updater
+wrapper-path = ${directory:scripts}/boot-image-url-list-updater
-command-line = {{ python_executable }} {{ image_download_controller }} ${image-url-list-json-config:rendered} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${image-url-list-processed-config:processed-md5sum}
+command-line = {{ python_executable }} {{ image_download_controller }} ${boot-image-url-list-json-config:rendered} {{ curl_executable_location }} ${:md5sum-state-file} ${:error-state-file} ${boot-image-url-list-processed-config:processed-md5sum}
-md5sum-state-filename = image-download-controller-md5sum-fail.json
+md5sum-state-filename = boot-image-url-list-download-controller-md5sum-fail.json
-md5sum-state-file = ${directory:image-url-list-expose}/${:md5sum-state-filename}
+md5sum-state-file = ${directory:boot-image-url-list-expose}/${:md5sum-state-filename}
-error-state-filename = image-download-controller-error.text
+error-state-filename = boot-image-url-list-download-controller-error.text
-error-state-file = ${directory:image-url-list-expose}/${:error-state-filename}
+error-state-file = ${directory:boot-image-url-list-expose}/${:error-state-filename}
 hash-existing-files = ${buildout:directory}/software_release/buildout.cfg
-[image-url-list-download-md5sum-promise]
+[boot-image-url-list-download-md5sum-promise]
 # promise to report errors with problems with calculating md5sum of the
 # downloaded images
-<= empty-file-state-base-promise
+<= empty-file-state-base-list-promise
-filename = ${image-url-list-download-wrapper:md5sum-state-filename}
+filename = ${boot-image-url-list-download-wrapper:md5sum-state-filename}
-config-filename = ${image-url-list-download-wrapper:md5sum-state-file}
+config-filename = ${boot-image-url-list-download-wrapper:md5sum-state-file}
-[image-url-list-download-state-promise]
+[boot-image-url-list-download-state-promise]
 # promise to report errors during download
-<= empty-file-state-base-promise
+<= empty-file-state-base-list-promise
-filename = ${image-url-list-download-wrapper:error-state-filename}
+filename = ${boot-image-url-list-download-wrapper:error-state-filename}
-config-filename = ${image-url-list-download-wrapper:error-state-file}
+config-filename = ${boot-image-url-list-download-wrapper:error-state-file}
-## image-url-list support END
+## boot-image-url-list support END
-{% endif %} {# if image_url_list_enabled #}
+{% endif %} {# if boot_image_url_list_enabled #}
 [kvm-controller-parameter-dict]
 python-path = {{ python_eggs_executable }}
@@ -195,10 +308,15 @@ vnc-ip = ${:ipv4}
 vnc-port = 5901
 default-cdrom-iso = {{ debian_amd64_netinst_location }}
-{% if image_url_list_enabled %}
+{% if boot_image_url_list_enabled %}
-image-url-list-json-config = ${image-url-list-json-config:rendered}
+boot-image-url-list-json-config = ${boot-image-url-list-json-config:rendered}
 {% else %}
-image-url-list-json-config =
+boot-image-url-list-json-config =
+{% endif %}
+{% if boot_image_url_select_enabled %}
+boot-image-url-select-json-config = ${boot-image-url-select-json-config:rendered}
+{% else %}
+boot-image-url-select-json-config =
 {% endif %}
 nbd-host = ${slap-parameter:nbd-host}
 nbd-port = ${slap-parameter:nbd-port}
@@ -823,7 +941,7 @@ nbd-port = 1024
 nbd-host =
 nbd2-port = 1024
 nbd2-host =
-image-url-list =
+boot-image-url-list =
 enable-device-hotplug = False
 ram-size = 1024
@@ -873,7 +991,7 @@ keyboard-layout-language = fr
 {% set key_list =  v.split('\n') -%}
 {{ k }} =
  {{ key_list | join('\n  ') }}
-{% elif k == 'image-url-list' %}
+{% elif k == 'boot-image-url-list' %}
 {# needs to decorate possibly multiline or maybe unsafe value #}
 {{ k }} = {{ dumps(v) }}
 {% else -%}
@@ -950,12 +1068,19 @@ parts =
  cron-service
  cron-entry-logrotate
  frontend-promise
-{% if image_url_list_enabled %}
+{% if boot_image_url_list_enabled %}
-  image-url-list-download-wrapper
+  boot-image-url-list-download-wrapper
-  image-url-list-config-state-promise
+  boot-image-url-list-config-state-promise
-  image-url-list-download-md5sum-promise
+  boot-image-url-list-download-md5sum-promise
-  image-url-list-download-state-promise
+  boot-image-url-list-download-state-promise
-  image-url-list-processed-config-promise
+  boot-image-url-list-processed-config-promise
+{% endif %}
+{% if boot_image_url_select_enabled %}
+  boot-image-url-select-download-wrapper
+  boot-image-url-select-config-state-promise
+  boot-image-url-select-download-md5sum-promise
+  boot-image-url-select-download-state-promise
+  boot-image-url-select-processed-config-promise
 {% endif %}
 {% if additional_frontend %}
  frontend-additional-promise

--- a/software/kvm/template/image-download-config-creator.py
+++ b/software/kvm/template/image-download-config-creator.py
@@ -24,7 +24,18 @@ if __name__ == "__main__":
    image_number = 0
    data = fh.read()
    configuration_dict['config-md5sum'] = hashlib.md5(data).hexdigest()
-    for entry in data.decode('utf-8').split():
+    if source_configuration.endswith('.json'):
+      data = data.strip()
+      data_list = []
+      if len(data):
+        try:
+          data_list = json.loads(data)
+        except Exception:
+          error_list.append('ERR: Data is not a JSON')
+          data_list = []
+    else:
+      data_list = data.decode('utf-8').split()
+    for entry in data_list:
      split_entry = entry.split('#')
      if len(split_entry) != 2:
        error_list.append('ERR: entry %r is incorrect' % (entry,))

--- a/software/kvm/template/template-kvm-run.in
+++ b/software/kvm/template/template-kvm-run.in
@@ -99,7 +99,8 @@ enable_device_hotplug = '{{ parameter_dict.get("enable-device-hotplug") }}'.lowe
 logfile = '{{ parameter_dict.get("log-file") }}'
-image_url_list_json_config = '{{ parameter_dict.get("image-url-list-json-config") }}'
+boot_image_url_list_json_config = '{{ parameter_dict.get("boot-image-url-list-json-config") }}'
+boot_image_url_select_json_config = '{{ parameter_dict.get("boot-image-url-select-json-config") }}'
 if hasattr(ssl, '_create_unverified_context') and url_check_certificate == 'false':
  opener = FancyURLopener(context=ssl._create_unverified_context())
@@ -370,25 +371,41 @@ for nbd_ip, nbd_port in nbd_list:
          '-drive',
          'file=nbd:[%s]:%s,media=cdrom' % (nbd_ip, nbd_port)])
 else:
-  image_url_list_used = False
+  index = 0
-  if image_url_list_json_config:
+  if boot_image_url_select_json_config:
-    # Support image-url-list
+    # Support boot-image-url-select
-    with open(image_url_list_json_config) as fh:
+    with open(boot_image_url_select_json_config) as fh:
      image_config = json.load(fh)
    if image_config['error-amount'] == 0:
      for image in sorted(image_config['image-list'], key=lambda k: k['link']):
        link = os.path.join(image_config['destination-directory'], image['link'])
        if os.path.exists(link) and os.path.islink(link):
-          image_url_list_used = True
          kvm_argument_list.extend([
-            '-drive',
+            '-drive', 'file=%s,media=cdrom,if=none,id=cdrom%s' % (link, index),
-            'file=%s,media=cdrom' % (link,)
+            '-device', 'virtio-scsi-pci,id=scsi%s' % (index,),
+            '-device', 'scsi-cd,bus=scsi%s.0,drive=cdrom%s' % (index, index)
          ])
-  if not image_url_list_used:
+          index += 1
-    # If no NBD is specified/available not downloadable image: use internal disk image
+  if boot_image_url_list_json_config:
-    kvm_argument_list.extend([
+    # Support boot-image-url-list
-        '-drive', 'file=%s,media=cdrom' % default_cdrom_iso
+    with open(boot_image_url_list_json_config) as fh:
-    ])
+      image_config = json.load(fh)
+    if image_config['error-amount'] == 0:
+      for image in sorted(image_config['image-list'], key=lambda k: k['link']):
+        link = os.path.join(image_config['destination-directory'], image['link'])
+        if os.path.exists(link) and os.path.islink(link):
+          kvm_argument_list.extend([
+            '-drive', 'file=%s,media=cdrom,if=none,id=cdrom%s' % (link, index),
+            '-device', 'virtio-scsi-pci,id=scsi%s' % (index,),
+            '-device', 'scsi-cd,bus=scsi%s.0,drive=cdrom%s' % (index, index)
+          ])
+          index += 1
+  # Always add by default the default image
+  kvm_argument_list.extend([
+      '-drive', 'file=%s,media=cdrom,if=none,id=cdrom%s' % (default_cdrom_iso, index),
+      '-device', 'virtio-scsi-pci,id=scsi%s' % (index,),
+      '-device', 'scsi-cd,bus=scsi%s.0,drive=cdrom%s' % (index, index)
+  ])
 print('Starting KVM: \n %s' % ' '.join(kvm_argument_list))

--- a/software/kvm/test/test.py
+++ b/software/kvm/test/test.py
@@ -486,8 +486,30 @@ class TestInstanceNbdServer(InstanceTestCase):
 @skipUnlessKvm
-class TestImageUrlList(InstanceTestCase):
+class TestBootImageUrlList(InstanceTestCase):
-  __partition_reference__ = 'iul'
+  __partition_reference__ = 'biul'
+  # variations
+  key = 'boot-image-url-list'
+  test_input = "%s#%s\n%s#%s"
+  image_directory = 'boot-image-url-list-repository'
+  config_state_promise = 'boot-image-url-list-config-state-promise.py'
+  download_md5sum_promise = 'boot-image-url-list-download-md5sum-promise.py'
+  download_state_promise = 'boot-image-url-list-download-state-promise.py'
+  bad_value = "jsutbad"
+  incorrect_md5sum_value_image = "%s#"
+  incorrect_md5sum_value = "url#asdasd"
+  single_image_value = "%s#%s"
+  unreachable_host_value = "evennotahost#%s"
+  too_many_image_value = """
+      image1#11111111111111111111111111111111
+      image2#22222222222222222222222222222222
+      image3#33333333333333333333333333333333
+      image4#44444444444444444444444444444444
+      image5#55555555555555555555555555555555
+      image6#66666666666666666666666666666666
+      """
  @classmethod
  def getInstanceSoftwareType(cls):
@@ -501,7 +523,7 @@ class TestImageUrlList(InstanceTestCase):
  def tearDown(self):
    # clean up the instance for other tests
    # 1st remove all images...
-    self.rerequestInstance({'image-url-list': ''})
+    self.rerequestInstance({self.key: ''})
    self.slap.waitForInstance(max_retry=10)
    # 2nd ...move instance to "default" state
    self.rerequestInstance({})
@@ -535,7 +557,7 @@ class TestImageUrlList(InstanceTestCase):
  def test(self):
    partition_parameter_kw = {
-      'image-url-list': "%s#%s\n%s#%s" % (
+      self.key: self.test_input % (
        self.fake_image, self.fake_image_md5sum, self.fake_image2,
        self.fake_image2_md5sum)
    }
@@ -543,7 +565,7 @@ class TestImageUrlList(InstanceTestCase):
    self.slap.waitForInstance(max_retry=10)
    # check that image is correctly downloaded and linked
    image_repository = os.path.join(
-      self.computer_partition_root_path, 'srv', 'image-repository')
+      self.computer_partition_root_path, 'srv', self.image_directory)
    image = os.path.join(image_repository, self.fake_image_md5sum)
    image_link = os.path.join(image_repository, 'image_001')
    self.assertTrue(os.path.exists(image))
@@ -562,20 +584,29 @@ class TestImageUrlList(InstanceTestCase):
    self.assertTrue(os.path.islink(image2_link))
    self.assertEqual(os.readlink(image2_link), image2)
+    def getRunningImageList():
+      running_image_list = []
+      with self.slap.instance_supervisor_rpc as instance_supervisor:
+        kvm_pid = [q for q in instance_supervisor.getAllProcessInfo()
+                   if 'kvm-' in q['name']][0]['pid']
+        kvm_process = psutil.Process(kvm_pid)
+        software_root = '/'.join([
+          self.slap.software_directory,
+          hashlib.md5(self.getSoftwareURL().encode('utf-8')).hexdigest()])
+        for entry in kvm_process.cmdline():
+          if entry.startswith('file') and 'media=cdrom' in entry:
+            # do cleanups
+            entry = entry.replace(software_root, '')
+            entry = entry.replace(self.computer_partition_root_path, '')
+            running_image_list.append(entry)
+      return running_image_list
    # check that the image is NOT YET available in kvm
-    with self.slap.instance_supervisor_rpc as instance_supervisor:
+    self.assertEqual(
-      kvm_pid = [q for q in instance_supervisor.getAllProcessInfo()
+      ['file=/parts/debian-amd64-netinst.iso/debian-amd64-netinst.iso,'
-                 if 'kvm-' in q['name']][0]['pid']
+       'media=cdrom,if=none,id=cdrom0'],
-      kvm_process = psutil.Process(kvm_pid)
+      getRunningImageList()
-      cmd_line = ''.join(kvm_process.cmdline())
+    )
-      self.assertNotIn(
-        'srv/image-repository/image_001,media=cdrom',
-        cmd_line
-      )
-      self.assertNotIn(
-        'srv/image-repository/image_002,media=cdrom',
-        cmd_line
-      )
    # mimic the requirement: restart the instance by requesting it stopped and
    # then started started, like user have to do it
@@ -584,30 +615,42 @@ class TestImageUrlList(InstanceTestCase):
    self.rerequestInstance(partition_parameter_kw, state='started')
    self.slap.waitForInstance(max_retry=1)
-    # now the image is available in the kvm
+    # now the image is available in the kvm, and its above default image
-    with self.slap.instance_supervisor_rpc as instance_supervisor:
+    self.assertEqual(
-      kvm_pid = [q for q in instance_supervisor.getAllProcessInfo()
+      [
-                 if 'kvm-' in q['name']][0]['pid']
+        'file=/srv/%s/image_001,media=cdrom,if=none,id=cdrom0' % (
-      kvm_process = psutil.Process(kvm_pid)
+          self.image_directory,),
-      cmd_line = ''.join(kvm_process.cmdline())
+        'file=/srv/%s/image_002,media=cdrom,if=none,id=cdrom1' % (
-      self.assertIn(
+          self.image_directory,),
-        'srv/image-repository/image_001,media=cdrom',
+        'file=/parts/debian-amd64-netinst.iso/debian-amd64-netinst.iso,'
-        cmd_line
+        'media=cdrom,if=none,id=cdrom2'
-      )
+      ],
-      self.assertIn(
+      getRunningImageList()
-        'srv/image-repository/image_002,media=cdrom',
+    )
-        cmd_line
-      )
    # cleanup of images works, also asserts that configuration changes are
    # reflected
-    self.rerequestInstance({'image-url-list': ''})
+    self.rerequestInstance({self.key: ''})
    self.slap.waitForInstance(max_retry=2)
    self.assertEqual(
      os.listdir(image_repository),
      []
    )
+    # mimic the requirement: restart the instance by requesting it stopped and
+    # then started started, like user have to do it
+    self.rerequestInstance(partition_parameter_kw, state='stopped')
+    self.slap.waitForInstance(max_retry=1)
+    self.rerequestInstance(partition_parameter_kw, state='started')
+    self.slap.waitForInstance(max_retry=1)
+    # again only default image is available in the running process
+    self.assertEqual(
+      ['file=/parts/debian-amd64-netinst.iso/debian-amd64-netinst.iso,'
+       'media=cdrom,if=none,id=cdrom0'],
+      getRunningImageList()
+    )
  def assertPromiseFails(self, promise):
    monitor_run_promise = os.path.join(
      self.computer_partition_root_path, 'software_release', 'bin',
@@ -625,58 +668,180 @@ class TestImageUrlList(InstanceTestCase):
  def test_bad_parameter(self):
    self.rerequestInstance({
-      'image-url-list': "jsutbad"
+      self.key: self.bad_value
    })
    self.raising_waitForInstance(3)
-    self.assertPromiseFails('image-url-list-config-state-promise.py')
+    self.assertPromiseFails(self.config_state_promise)
  def test_incorrect_md5sum(self):
    self.rerequestInstance({
-      'image-url-list': "%s#" % (self.fake_image,)
+      self.key: self.incorrect_md5sum_value_image % (self.fake_image,)
    })
    self.raising_waitForInstance(3)
-    self.assertPromiseFails('image-url-list-config-state-promise.py')
+    self.assertPromiseFails(self.config_state_promise)
    self.rerequestInstance({
-      'image-url-list': "url#asdasd"
+      self.key: self.incorrect_md5sum_value
    })
    self.raising_waitForInstance(3)
-    self.assertPromiseFails('image-url-list-config-state-promise.py')
+    self.assertPromiseFails(self.config_state_promise)
  def test_not_matching_md5sum(self):
    self.rerequestInstance({
-      'image-url-list': "%s#%s" % (
+      self.key: self.single_image_value % (
        self.fake_image, self.fake_image_wrong_md5sum)
    })
    self.raising_waitForInstance(3)
-    self.assertPromiseFails('image-url-list-download-md5sum-promise.py')
+    self.assertPromiseFails(self.download_md5sum_promise)
-    self.assertPromiseFails('image-url-list-download-state-promise.py')
+    self.assertPromiseFails(self.download_state_promise)
  def test_unreachable_host(self):
    self.rerequestInstance({
-      'image-url-list': "evennotahost#%s" % (
+      self.key: self.unreachable_host_value % (
        self.fake_image_md5sum,)
    })
    self.raising_waitForInstance(3)
-    self.assertPromiseFails('image-url-list-download-state-promise.py')
+    self.assertPromiseFails(self.download_state_promise)
  def test_too_many_images(self):
    self.rerequestInstance({
-      'image-url-list': """
+      self.key: self.too_many_image_value
-      image1#11111111111111111111111111111111
+    })
-      image2#22222222222222222222222222222222
+    self.raising_waitForInstance(3)
-      image3#33333333333333333333333333333333
+    self.assertPromiseFails(self.config_state_promise)
-      image4#44444444444444444444444444444444
-      image5#55555555555555555555555555555555
-      image6#66666666666666666666666666666666
+@skipUnlessKvm
-      """
+class TestBootImageUrlSelect(TestBootImageUrlList):
+  __partition_reference__ = 'bius'
+  # variations
+  key = 'boot-image-url-select'
+  test_input = '["%s#%s", "%s#%s"]'
+  image_directory = 'boot-image-url-select-repository'
+  config_state_promise = 'boot-image-url-select-config-state-promise.py'
+  download_md5sum_promise = 'boot-image-url-select-download-md5sum-promise.py'
+  download_state_promise = 'boot-image-url-select-download-state-promise.py'
+  bad_value = '["jsutbad"]'
+  incorrect_md5sum_value_image = '["%s#"]'
+  incorrect_md5sum_value = '["url#asdasd"]'
+  single_image_value = '["%s#%s"]'
+  unreachable_host_value = '["evennotahost#%s"]'
+  too_many_image_value = """[
+      "image1#11111111111111111111111111111111",
+      "image2#22222222222222222222222222222222",
+      "image3#33333333333333333333333333333333",
+      "image4#44444444444444444444444444444444",
+      "image5#55555555555555555555555555555555",
+      "image6#66666666666666666666666666666666"
+      ]"""
+  def test_not_json(self):
+    self.rerequestInstance({
+      self.key: 'notjson#notjson'
    })
    self.raising_waitForInstance(3)
-    self.assertPromiseFails('image-url-list-config-state-promise.py')
+    self.assertPromiseFails(self.config_state_promise)
+  def test_together(self):
+    partition_parameter_kw = {
+      'boot-image-url-list': "%s#%s" % (
+        self.fake_image, self.fake_image_md5sum),
+      'boot-image-url-select': '["%s#%s"]' % (
+        self.fake_image, self.fake_image_md5sum)
+    }
+    self.rerequestInstance(partition_parameter_kw)
+    self.slap.waitForInstance(max_retry=10)
+    # check that image is correctly downloaded and linked
+    for image_directory in [
+      'boot-image-url-list-repository', 'boot-image-url-select-repository']:
+      image_repository = os.path.join(
+        self.computer_partition_root_path, 'srv', image_directory)
+      image = os.path.join(image_repository, self.fake_image_md5sum)
+      image_link = os.path.join(image_repository, 'image_001')
+      self.assertTrue(os.path.exists(image))
+      with open(image, 'rb') as fh:
+        image_md5sum = hashlib.md5(fh.read()).hexdigest()
+      self.assertEqual(image_md5sum, self.fake_image_md5sum)
+      self.assertTrue(os.path.islink(image_link))
+      self.assertEqual(os.readlink(image_link), image)
+    def getRunningImageList():
+      running_image_list = []
+      with self.slap.instance_supervisor_rpc as instance_supervisor:
+        kvm_pid = [q for q in instance_supervisor.getAllProcessInfo()
+                   if 'kvm-' in q['name']][0]['pid']
+        kvm_process = psutil.Process(kvm_pid)
+        software_root = '/'.join([
+          self.slap.software_directory,
+          hashlib.md5(self.getSoftwareURL().encode('utf-8')).hexdigest()])
+        for entry in kvm_process.cmdline():
+          if entry.startswith('file') and 'media=cdrom' in entry:
+            # do cleanups
+            entry = entry.replace(software_root, '')
+            entry = entry.replace(self.computer_partition_root_path, '')
+            running_image_list.append(entry)
+      return running_image_list
+    # check that the image is NOT YET available in kvm
+    self.assertEqual(
+      ['file=/parts/debian-amd64-netinst.iso/debian-amd64-netinst.iso,'
+       'media=cdrom,if=none,id=cdrom0'],
+      getRunningImageList()
+    )
+    # mimic the requirement: restart the instance by requesting it stopped and
+    # then started started, like user have to do it
+    self.rerequestInstance(partition_parameter_kw, state='stopped')
+    self.slap.waitForInstance(max_retry=1)
+    self.rerequestInstance(partition_parameter_kw, state='started')
+    self.slap.waitForInstance(max_retry=1)
+    # now the image is available in the kvm, and its above default image
+    self.assertEqual(
+      [
+        'file=/srv/boot-image-url-select-repository/image_001,media=cdrom,'
+        'if=none,id=cdrom0',
+        'file=/srv/boot-image-url-list-repository/image_001,media=cdrom,'
+        'if=none,id=cdrom1',
+        'file=/parts/debian-amd64-netinst.iso/debian-amd64-netinst.iso,'
+        'media=cdrom,if=none,id=cdrom2'
+      ],
+      getRunningImageList()
+    )
+    # cleanup of images works, also asserts that configuration changes are
+    # reflected
+    self.rerequestInstance(
+      {'boot-image-url-list': '', 'boot-image-url-select': ''})
+    self.slap.waitForInstance(max_retry=2)
+    for image_directory in [
+      'boot-image-url-list-repository', 'boot-image-url-select-repository']:
+      image_repository = os.path.join(
+        self.computer_partition_root_path, 'srv', image_directory)
+      self.assertEqual(
+        os.listdir(image_repository),
+        []
+      )
+    # mimic the requirement: restart the instance by requesting it stopped and
+    # then started started, like user have to do it
+    self.rerequestInstance(partition_parameter_kw, state='stopped')
+    self.slap.waitForInstance(max_retry=1)
+    self.rerequestInstance(partition_parameter_kw, state='started')
+    self.slap.waitForInstance(max_retry=1)
+    # again only default image is available in the running process
+    self.assertEqual(
+      ['file=/parts/debian-amd64-netinst.iso/debian-amd64-netinst.iso,'
+       'media=cdrom,if=none,id=cdrom0'],
+      getRunningImageList()
+    )
 @skipUnlessKvm
-class TestImageUrlListKvmCluster(InstanceTestCase):
+class TestBootImageUrlListKvmCluster(InstanceTestCase):
-  __partition_reference__ = 'iulkc'
+  __partition_reference__ = 'biulkc'
  @classmethod
  def getInstanceSoftwareType(cls):
@@ -693,18 +858,22 @@ class TestImageUrlListKvmCluster(InstanceTestCase):
      "2a74b7675a8d8ca20476dba6e",)
  fake_image2_md5sum = "d4316a4d05f527d987b9d6e43e4c2bc6"
+  input_value = "%s#%s"
+  key = 'boot-image-url-list'
+  config_file_name = 'boot-image-url-list.conf'
  @classmethod
  def getInstanceParameterDict(cls):
    return {'_': json.dumps({
      "kvm-partition-dict": {
        "KVM0": {
            "disable-ansible-promise": True,
-            "image-url-list": "%s#%s" % (
+            cls.key: cls.input_value % (
              cls.fake_image, cls.fake_image_md5sum)
        },
        "KVM1": {
            "disable-ansible-promise": True,
-            "image-url-list": "%s#%s" % (
+            cls.key: cls.input_value % (
              cls.fake_image2, cls.fake_image2_md5sum)
        }
      }
@@ -715,22 +884,31 @@ class TestImageUrlListKvmCluster(InstanceTestCase):
    #       we assume ordering of the cluster requests
    KVM0_config = os.path.join(
      self.slap.instance_directory, self.__partition_reference__ + '1', 'etc',
-      'image-url-list.conf')
+      self.config_file_name)
    KVM1_config = os.path.join(
      self.slap.instance_directory, self.__partition_reference__ + '2', 'etc',
-      'image-url-list.conf')
+      self.config_file_name)
    with open(KVM0_config, 'r') as fh:
      self.assertEqual(
-        "%s#%s" % (self.fake_image, self.fake_image_md5sum),
+        self.input_value % (self.fake_image, self.fake_image_md5sum),
-        fh.read()
+        fh.read().strip()
      )
    with open(KVM1_config, 'r') as fh:
      self.assertEqual(
-        "%s#%s" % (self.fake_image2, self.fake_image2_md5sum),
+        self.input_value % (self.fake_image2, self.fake_image2_md5sum),
-        fh.read()
+        fh.read().strip()
      )
+@skipUnlessKvm
+class TestBootImageUrlSelectKvmCluster(TestBootImageUrlListKvmCluster):
+  __partition_reference__ = 'biuskc'
+  input_value = "[\"%s#%s\"]"
+  key = 'boot-image-url-select'
+  config_file_name = 'boot-image-url-select.json'
 @skipUnlessKvm
 class TestCpuMemMaxDynamic(InstanceTestCase):
  __partition_reference__ = 'cmm'
@@ -744,9 +922,9 @@ class TestCpuMemMaxDynamic(InstanceTestCase):
  def test(self):
    with open(os.path.join(
-     self.computer_partition_root_path, 'bin', 'kvm_raw'), 'rb') as fh:
+     self.computer_partition_root_path, 'bin', 'kvm_raw'), 'r') as fh:
      kvm_raw = fh.read()
-    self.assertTrue('smp_count = 2' in kvm_raw)
+    self.assertIn('smp_count = 2', kvm_raw)
-    self.assertTrue('smp_max_count = 3' in kvm_raw)
+    self.assertIn('smp_max_count = 3', kvm_raw)
-    self.assertTrue('ram_size = 2048' in kvm_raw)
+    self.assertIn('ram_size = 2048', kvm_raw)
-    self.assertTrue("ram_max_size = '2560'" in kvm_raw)
+    self.assertIn("ram_max_size = '2560'", kvm_raw)
--- a/software/monitor/buildout.hash.cfg
+++ b/software/monitor/buildout.hash.cfg
@@ -14,7 +14,7 @@
 # not need these here).
 [template]
 filename = instance.cfg
-md5sum = 1b5d5a72d0d0e3156770ce8ecc5d19ce
+md5sum = 9ddae686379e8d747410c1adf82b47d6
 [template-monitor]
 _update_hash_filename_ = instance-monitor.cfg.jinja2
@@ -30,7 +30,7 @@ md5sum = a57106ee88ff3295b9ffce84105da79b
 [template-monitor-edgebot]
 _update_hash_filename_ = instance-monitor-edgebot.cfg.jinja2
-md5sum = c535f4df6388cdc3f6c1df2a91d6dd53
+md5sum = c1885a42aadd45bab3185a53258d4ff4
 [network-bench-cfg]
 filename = network_bench.cfg.in

--- a/software/monitor/instance-edgetest-input-schema.json
+++ b/software/monitor/instance-edgetest-input-schema.json
@@ -13,6 +13,12 @@
      "description": "Default HTTP code to check against (default: 200).",
      "type": "string"
    },
+    "check-http-header-dict": {
+      "default": "{}",
+      "title": "HTTP header dict to check",
+      "description": "JSON dict of expected HTTP header, like {\"Cache-Control\": \"max-age=3600, public\", \"Vary\": \"Accept-Encoding\"}",
+      "type": "object"
+    },
    "check-frontend-ip": {
      "default": "",
      "title": "Default space separated list of Frontend IPs to check",

--- a/software/monitor/instance-edgetest-slave-input-schema.json
+++ b/software/monitor/instance-edgetest-slave-input-schema.json
@@ -12,6 +12,12 @@
      "description": "HTTP code to check against (default: comes from master partition).",
      "type": "string"
    },
+    "check-http-header-dict": {
+      "default": "Master default",
+      "title": "HTTP header dict to check",
+      "description": "JSON dict of expected HTTP header, like {\"Cache-Control\": \"max-age=3600, public\", \"Vary\": \"Accept-Encoding\"}",
+      "type": "object"
+    },
    "check-frontend-ip": {
      "default": "Master default",
      "title": "Space separated list of Frontend IPs to check",

--- a/software/monitor/instance-monitor-edgebot.cfg.jinja2
+++ b/software/monitor/instance-monitor-edgebot.cfg.jinja2
@@ -13,6 +13,9 @@
 {%-   if 'check-status-code' not in slave %}
 {%-     do slave.__setitem__('check-status-code', CONFIGURATION['check-status-code']) %}
 {%-   endif %}
+{%-   if 'check-http-header-dict' not in slave %}
+{%-     do slave.__setitem__('check-http-header-dict', CONFIGURATION['check-http-header-dict']) %}
+{%-   endif %}
 {%-   if 'check-certificate-expiration-days' not in slave %}
 {%-     do slave.__setitem__('check-certificate-expiration-days', CONFIGURATION['check-certificate-expiration-days']) %}
 {%-   endif %}
@@ -48,6 +51,7 @@ name = {{ safe_name }}.py
 config-report = http_query
 config-url = {{ slave['url'] }}
 config-status-code = {{ slave['check-status-code'] }}
+config-http-header-dict = {{ slave['check-http-header-dict'] }}
 config-certificate-expiration-days = {{ slave['check-certificate-expiration-days'] }}
 config-failure-amount = {{ slave['failure-amount'] }}
 config-maximum-elapsed-time = {{ slave['check-maximum-elapsed-time'] }}

--- a/software/monitor/instance.cfg
+++ b/software/monitor/instance.cfg
@@ -76,6 +76,7 @@ key = $${slap-connection:key-file}
 cert = $${slap-connection:cert-file}
 # Defaults
 configuration.check-status-code = 200
+configuration.check-http-header-dict = {}
 configuration.nameserver =
 configuration.check-frontend-ip =
 configuration.check-certificate-expiration-days = 15

--- a/software/monitor/software.cfg
+++ b/software/monitor/software.cfg
@@ -78,9 +78,9 @@ scripts =
 [versions]
 slapos.recipe.template = 4.4
-surykatka = 0.4.2
+surykatka = 0.5.0
-# For surykatka 0.4.2
+# For surykatka 0.5.0
 click = 7.0
 certifi = 2019.11.28
 chardet = 3.0.4

--- a/software/monitor/test/test.py
+++ b/software/monitor/test/test.py
@@ -470,6 +470,90 @@ URL =
    )
+class TestEdgeCheckHTTPHeaderDict(EdgeSlaveMixin, SlapOSInstanceTestCase):
+  surykatka_dict = {
+    2: {'expected_ini': """[SURYKATKA]
+INTERVAL = 120
+TIMEOUT = 4
+SQLITE = %(db_file)s
+URL =
+  https://www.erp5.com/
+  https://www.erp5.org/"""}
+  }
+  @classmethod
+  def getInstanceParameterDict(cls):
+    return {
+      'check-http-header-dict':
+        '{"B": "BBB"}',
+    }
+  def assertSurykatkaPromises(self):
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'ip-list': ''")
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'report': 'http_query'")
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'status-code': '200'")
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'http-header-dict': '{\"A\": \"AAA\"}'")
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'certificate-expiration-days': '15'")
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'url': 'https://www.erp5.org/'")
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'json-file': '%s'" % (self.surykatka_dict[2]['json-file'],)
+    )
+    self.assertPromiseContent(
+      'http-query-backend-http-header-promise.py',
+      "'failure-amount': '2'"
+    )
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'ip-list': ''")
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'report': 'http_query'")
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'status-code': '200'")
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'http-header-dict': '{\"B\": \"BBB\"}'")
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'certificate-expiration-days': '15'")
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'url': 'https://www.erp5.com/'")
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'json-file': '%s'" % (self.surykatka_dict[2]['json-file'],)
+    )
+    self.assertPromiseContent(
+      'http-query-backend-promise.py',
+      "'failure-amount': '2'"
+    )
+  def requestEdgetestSlaves(self):
+    self.requestEdgetestSlave(
+      'backend',
+      {'url': 'https://www.erp5.com/'},
+    )
+    self.requestEdgetestSlave(
+      'backend-http-header',
+      {'url': 'https://www.erp5.org/', 'check-http-header-dict': '{"A": "AAA"}'},
+    )
 class TestEdgeCheckCertificateExpirationDays(
  EdgeSlaveMixin, SlapOSInstanceTestCase):
  surykatka_dict = {

--- a/software/neoppod/buildout.hash.cfg
+++ b/software/neoppod/buildout.hash.cfg
@@ -34,7 +34,7 @@ md5sum = 74e0361f3ec3424c905acc4cd55fd8bf
 [template-neo-my-cnf]
 filename = my.cnf.in
-md5sum = 9f6f8f2b5f4cb0d97d50ffc1d3837e2f
+md5sum = a8939dcf440126a30db661b5a0a1bfb7
 [template-neo]
 filename = instance.cfg.in

--- a/software/neoppod/my.cnf.in
+++ b/software/neoppod/my.cnf.in
@@ -9,6 +9,8 @@
 {% if not engine or engine == 'RocksDB' -%}
 {% do plugins.append('ha_rocksdb') -%}
+{% do extra_dict.setdefault('rocksdb_keep_log_file_num', '64') -%}
+{% do extra_dict.setdefault('rocksdb_max_log_file_size', '16M') -%}
 {% endif -%}
 {% if not engine or engine == 'TokuDB' -%}

--- a/software/slapos-master/apache-backend.conf.in
+++ b/software/slapos-master/apache-backend.conf.in
@@ -23,14 +23,14 @@
 #       #  The path given to "SSLSessionCache shmcb:<folder_path>(512000)"
 #       "ssl-session-cache": "<folder_path>",
 #
- #       #  The path given to "SSLCACertificatePath" (can be empty)
+ #       #  The path given to "SSLCACertificateFile" (can be empty)
 #       #  If this value is not empty, it enables client certificate check.
 #       #  (Enabling "SSLVerifyClient require")
- #       "ca-cert-dir": "<directory_path>",
+ #       "ca-cert": "<file_path>",
 #
- #       #  The path given to "SSLCARevocationPath" (used if ca-cert-dir is not
+ #       #  The path given to "SSLCARevocationFile" (used if ca-cert is not
 #       #  empty)
- #       "crl-dir": "<directory_path>",
+ #       "crl": "<file_path>",
 #
 #       #  The path given to "ErrorLog"
 #       "error-log": "<file_path>",
@@ -69,7 +69,7 @@
 #  From to `backend-list`:
 #   - 0.0.0.0:8000 redirecting internaly to http://10.0.0.10:8001 and
 #   - [::1]:8000 redirecting internaly to http://10.0.0.10:8001
- #  only accepting requests from clients who provide a valid SSL certificate trusted in `ca-cert-dir`.
+ #  only accepting requests from clients who provide a valid SSL certificate trusted in `ca-cert`.
 #   - 0.0.0.0:8002 redirecting internaly to http://10.0.0.10:8003
 #   - [::1]:8002 redirecting internaly to http://10.0.0.10:8003
 #  accepting requests from any client.
@@ -83,8 +83,6 @@
 #  For more details, refer to
 #  https://docs.zope.org/zope2/zope2book/VirtualHosting.html#using-virtualhostroot-and-virtualhostbase-together
 -#}
-{% set ca_cert_dir = parameter_dict.get('ca-cert-dir') -%}
-{% set crl_dir = parameter_dict.get('crl-dir') -%}
 LoadModule unixd_module modules/mod_unixd.so
 LoadModule access_compat_module modules/mod_access_compat.so
 LoadModule authz_core_module modules/mod_authz_core.so
@@ -135,16 +133,17 @@ SSLProxyEngine On
 # As backend is trusting Remote-User header unset it always
 RequestHeader unset Remote-User
-{% if ca_cert_dir -%}
+{% if parameter_dict['ca-cert'] -%}
 SSLVerifyClient optional
 RequestHeader set Remote-User %{SSL_CLIENT_S_DN_CN}s
-RequestHeader unset X-Forwarded-For "expr=%{SSL_CLIENT_VERIFY} != 'SUCCESS'"
+SSLCACertificateFile {{ parameter_dict['ca-cert'] }}
-SSLCACertificatePath {{ ca_cert_dir }}
+{%   if not parameter_dict['shared-ca-cert'] %}
-{%   if crl_dir -%}
+{%     if parameter_dict['crl'] -%}
 SSLCARevocationCheck chain
-SSLCARevocationPath {{ crl_dir }}
+SSLCARevocationFile {{ parameter_dict['crl'] }}
-{%   endif -%}
+{%-     endif %}
-{% endif -%}
+{%-   endif %}
+{%- endif %}
 ErrorLog "{{ parameter_dict['error-log'] }}"
 # Default apache log format with request time in microsecond at the end
@@ -164,8 +163,12 @@ Listen {{ ip }}:{{ port }}
 {%   endfor -%}
 <VirtualHost *:{{ port }}>
  SSLEngine on
-{% if enable_authentication and ca_cert_dir -%}
+{% if enable_authentication and parameter_dict['shared-ca-cert'] and parameter_dict['shared-crl'] -%}
  SSLVerifyClient require
+  # Custom block we use for now different parameters.
+  RequestHeader set Remote-User %{SSL_CLIENT_S_DN_CN}s
+  SSLCACertificateFile {{ parameter_dict['shared-ca-cert'] }}
+  SSLCARevocationPath {{ parameter_dict['shared-crl'] }}
  LogFormat "%h %l %{REMOTE_USER}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
@@ -183,8 +186,11 @@ Listen {{ ip }}:{{ port }}
 <VirtualHost {{ ip }}:{{ port }}>
  SSLEngine on
  Timeout 3600
-{%   if enable_authentication and ca_cert_dir -%}
+{%   if enable_authentication and parameter_dict['ca-cert'] and parameter_dict['crl'] -%}
  SSLVerifyClient require
+  SSLCACertificateFile {{ parameter_dict['ca-cert'] }}
+  SSLCARevocationCheck chain
+  SSLCARevocationFile {{ parameter_dict['crl'] }}
  LogFormat "%h %l %{REMOTE_USER}i %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined

--- a/software/slapos-master/buildout.hash.cfg
+++ b/software/slapos-master/buildout.hash.cfg
@@ -18,8 +18,8 @@ md5sum = 2ef0ddc206c6b0982a37cfc21f23e423
 [template-balancer]
 filename = instance-balancer.cfg.in
-md5sum = d10a5ddfffa67b8ca01b3e38315bae2f
+md5sum = ef86e09e44ac67a9b15939df0ab4a466
 [template-apache-backend-conf]
 filename = apache-backend.conf.in
-md5sum = ba8f878083b79535c6a2d10de496d90f
+md5sum = 9d7104ce18f79a7a84988efc11f5ed23
--- a/software/slapos-master/instance-balancer.cfg.in
+++ b/software/slapos-master/instance-balancer.cfg.in
@@ -2,7 +2,6 @@
 {% set part_list = [] -%}
 {% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
 {% set ssl_parameter_dict = slapparameter_dict['ssl'] -%}
-{% set frontend_caucase_url_list = ssl_parameter_dict.get('frontend_caucase_url_list', []) -%}
 {% set shared_ca_path = slapparameter_dict.get('shared-certificate-authority-path') -%}
 {#
 XXX: This template only supports exactly one IPv4 and (if ipv6 is used) one IPv6
@@ -29,8 +28,8 @@ mode = 644
     url=ssl_parameter_dict['caucase-url'],
     data_dir='${directory:srv}/caucase-updater',
     crt_path='${apache-conf-ssl:caucase-cert}',
-     ca_path='${directory:srv}/caucase-updater/ca.crt',
+     ca_path='${apache-conf-ssl:ca-cert}',
-     crl_path='${directory:srv}/caucase-updater/crl.pem',
+     crl_path='${apache-conf-ssl:crl}',
     key_path='${apache-conf-ssl:caucase-key}',
     on_renew='${apache-graceful:output}',
     max_sleep=ssl_parameter_dict.get('max-crl-update-delay', 1.0),
@@ -38,69 +37,6 @@ mode = 644
     openssl=parameter_dict['openssl'] ~ '/bin/openssl',
 )}}
 {% do section('caucase-updater') -%}
-{% do section('caucase-updater-promise') -%}
-{% set frontend_caucase_url_hash_list = [] -%}
-{% for frontend_caucase_url in frontend_caucase_url_list -%}
-{%   set hash = hashlib.md5(frontend_caucase_url).hexdigest() -%}
-{%   do frontend_caucase_url_hash_list.append(hash) -%}
-{%   set data_dir = '${directory:srv}/client-cert-ca/%s' % hash -%}
-{{   caucase.updater(
-       prefix='caucase-updater-%s' % hash,
-       buildout_bin_directory=parameter_dict['bin-directory'],
-       updater_path='${directory:services-on-watch}/caucase-updater-%s' % hash,
-       url=frontend_caucase_url,
-       data_dir=data_dir,
-       ca_path='%s/ca.crt' % data_dir,
-       crl_path='%s/crl.pem' % data_dir,
-       on_renew='${caucase-updater-housekeeper:output}; ${apache-graceful:output}',
-       max_sleep=ssl_parameter_dict.get('max-crl-update-delay', 1.0),
-       openssl=parameter_dict['openssl'] ~ '/bin/openssl',
-     )}}
-{%   do section('caucase-updater-%s' % hash) -%}
-{% endfor -%}
-{% if frontend_caucase_url_hash_list -%}
-[caucase-updater-housekeeper]
-recipe = collective.recipe.template
-output = ${directory:bin}/caucase-updater-housekeeper
-mode = 700
-input =
-  inline:
-  #!${buildout:executable}
-  import glob
-  import os
-  import subprocess
-  hash_list = {{ repr(frontend_caucase_url_hash_list) }}
-  crt_list = ['%s.crt' % e for e in hash_list]
-  crl_list = ['%s.crl' % e for e in hash_list]
-{% if shared_ca_path -%}
-  crt_list.append('{{ shared_ca_path }}/cacert.pem')
-  crl_list.append('{{ shared_ca_path }}/crl')
-{% endif -%}
-  for path in glob.glob('${apache-conf-ssl:ca-cert-dir}/*.crt'):
-    if os.path.basename(path) not in crt_list:
-      os.unlink(path)
-  for path in glob.glob('${apache-conf-ssl:crl-dir}/*.crl'):
-    if os.path.basename(path) not in crl_list:
-      os.unlink(path)
-  for hash in hash_list:
-    crt = '${directory:srv}/client-cert-ca/%s/ca.crt' % hash
-    crt_link = '${apache-conf-ssl:ca-cert-dir}/%s.crt' % hash
-    crl = '${directory:srv}/client-cert-ca/%s/crl.pem' % hash
-    crl_link = '${apache-conf-ssl:crl-dir}/%s.crl' % hash
-    if os.path.isfile(crt) and not os.path.islink(crt_link):
-      os.symlink(crt, crt_link)
-    if os.path.isfile(crl) and not os.path.islink(crl_link):
-      os.symlink(crl, crl_link)
-  subprocess.check_call(['{{ parameter_dict["openssl"] }}/bin/c_rehash', '${apache-conf-ssl:ca-cert-dir}'])
-  subprocess.check_call(['{{ parameter_dict["openssl"] }}/bin/c_rehash', '${apache-conf-ssl:crl-dir}'])
-[caucase-updater-housekeeper-run]
-recipe = plone.recipe.command
-command = ${caucase-updater-housekeeper:output}
-update-command = ${:command}
-{% endif -%}
 {% set haproxy_dict = {} -%}
 {% set apache_dict = {} -%}
@@ -187,27 +123,8 @@ key = ${directory:apache-conf}/apache.pem
 # XXX caucase certificate is not supported by caddy for now
 caucase-cert = ${directory:apache-conf}/apache-caucase.crt
 caucase-key = ${directory:apache-conf}/apache-caucase.pem
-{% if frontend_caucase_url_list -%}
+ca-cert =  ${directory:apache-conf}/ca.crt
-depends = ${caucase-updater-housekeeper-run:recipe}
+crl = ${directory:apache-conf}/crl.pem
-ca-cert-dir = ${directory:apache-ca-cert-dir}
-crl-dir = ${directory:apache-crl-dir}
-{%- endif %}
-[simplefile]
-< = jinja2-template-base
-template = inline:{{ '{{ content }}' }}
-{% macro simplefile(section_name, file_path, content, mode='') -%}
-{%   set content_section_name = section_name ~ '-content' -%}
-[{{  content_section_name }}]
-content = {{ dumps(content) }}
-[{{  section(section_name) }}]
-< = simplefile
-rendered = {{ file_path }}
-context = key content {{content_section_name}}:content
-mode = {{ mode }}
-{%- endmacro %}
 [apache-ssl]
 {% if ssl_parameter_dict.get('key') -%}
@@ -237,10 +154,13 @@ cert = ${apache-ssl:cert}
 key = ${apache-ssl:key}
 cipher =
 ssl-session-cache = ${directory:log}/apache-ssl-session-cache
-{% if frontend_caucase_url_list -%}
 # Client x509 auth
-ca-cert-dir = ${apache-conf-ssl:ca-cert-dir}
+ca-cert = ${apache-conf-ssl:ca-cert}
-crl-dir = ${apache-conf-ssl:crl-dir}
+crl = ${apache-conf-ssl:crl}
+{% if shared_ca_path -%}
+shared-ca-cert = {{ shared_ca_path }}/cacert.pem
+shared-crl = {{ shared_ca_path }}/crl 
 {%- endif %}
 [apache-conf]
@@ -266,8 +186,8 @@ input = inline:
  kill -USR1 "$(cat '${apache-conf-parameter-dict:pid-file}')"
 [{{ section('apache-promise') }}]
-<= monitor-promise-base
 # Check any apache port in ipv4, expect other ports and ipv6 to behave consistently
+<= monitor-promise-base
 module = check_port_listening
 name = apache.py
 config-hostname = {{ ipv4 }}
@@ -308,10 +228,6 @@ post = test ! -s ${apache-conf-parameter-dict:pid-file} || {{ parameter_dict['bi
 [directory]
 recipe = slapos.cookbook:mkdirectory
 apache-conf = ${:etc}/apache
-{% if frontend_caucase_url_list -%}
-apache-ca-cert-dir = ${:apache-conf}/ssl.crt
-apache-crl-dir = ${:apache-conf}/ssl.crl
-{% endif -%}
 bin = ${buildout:directory}/bin
 etc = ${buildout:directory}/etc
 services = ${:etc}/run

--- a/software/slapos-master/test/test/test_erp5.py
+++ b/software/slapos-master/test/test/test_erp5.py
@@ -47,20 +47,17 @@ class TestPublishedURLIsReachableMixin(object):
    # What happens is that instanciation just create the services, but does not
    # wait for ERP5 to be initialized. When this test run ERP5 instance is
    # instanciated, but zope is still busy creating the site and haproxy replies
-    # with 503 Service Unavailable, sometimes the first request is 404, so we
+    # with 503 Service Unavailable when zope is not started yet, with 404 when
-    # retry in a loop.
+    # erp5 site is not created, with 500 when mysql is not yet reachable, so we
-    # If we can move the "create site" in slapos node instance, then this retry loop
+    # retry in a loop until we get a succesful response.
-    # would not be necessary.
    for i in range(1, 60):
      r = requests.get(url, verify=False)  # XXX can we get CA from caucase already ?
-      if r.status_code in (requests.codes.service_unavailable,
+      if r.status_code != requests.codes.ok:
-                           requests.codes.not_found):
        delay = i * 2
        self.logger.warn("ERP5 was not available, sleeping for %ds and retrying", delay)
        time.sleep(delay)
        continue
-      if r.status_code != requests.codes.ok:
+      r.raise_for_status()
-        r.raise_for_status()
      break
    self.assertIn("ERP5", r.text)

--- a/software/slapos-sr-testing/buildout.hash.cfg
+++ b/software/slapos-sr-testing/buildout.hash.cfg
@@ -15,4 +15,4 @@
 [template]
 filename = instance.cfg
-md5sum = 25a4d7e438402d992edadf9339faf557
+md5sum = 14d2f49d20670e44c2a162bcec9e0a8e
--- a/software/slapos-sr-testing/instance.cfg
+++ b/software/slapos-sr-testing/instance.cfg
@@ -44,7 +44,7 @@ environment =
  SLAPOS_TEST_WORKING_DIR=${slapos-test-runner-environment:SLAPOS_TEST_WORKING_DIR}
 [slapos-test-runner-environment]
-PATH = {{ buildout['bin-directory'] }}:{{ curl_location }}/bin/:/usr/bin/:/bin
+PATH = {{ buildout['bin-directory'] }}:{{ curl_location }}/bin/:{{ faketime_location }}/bin/:/usr/bin/:/bin
 SLAPOS_TEST_IPV4 = ${slap-configuration:ipv4-random}
 SLAPOS_TEST_IPV6 = ${slap-configuration:ipv6-random}
 SLAPOS_TEST_WORKING_DIR = ${directory:working-dir}

--- a/software/slapos-sr-testing/software.cfg
+++ b/software/slapos-sr-testing/software.cfg
@@ -4,6 +4,7 @@ extends =
  ../../component/bcrypt/buildout.cfg
  ../../component/curl/buildout.cfg
  ../../component/git/buildout.cfg
+  ../../component/faketime/buildout.cfg
  ../../component/pillow/buildout.cfg
  ../../component/python-cryptography/buildout.cfg
  ../../component/python-mysqlclient/buildout.cfg
@@ -174,6 +175,7 @@ eggs =
  ${python-pynacl:egg}
  ${python-cryptography:egg}
  ${python-mysqlclient:egg}
+  ${backports.lzma:egg}
  ${bcrypt:egg}
  slapos.libnetworkcache
  supervisor
@@ -200,7 +202,6 @@ eggs =
  ${slapos.test.dream-setup:egg}
  ${slapos.test.metabase-setup:egg}
  ${slapos.test.repman-setup:egg}
-  ${backports.lzma:egg}
 entry-points =
  runTestSuite=erp5.util.testsuite:runTestSuite
 scripts =
@@ -239,6 +240,7 @@ context =
  key slapos_location slapos-repository:location
  key interpreter eggs:interpreter
  key curl_location curl:location
+  key faketime_location faketime:location
  key tests :tests
 tests =
  ${slapos.test.kvm-setup:setup}
@@ -309,8 +311,6 @@ Django = 1.11
 # selenium==3.141.0
 urllib3 = 1.24.1
-backports.lzma = 0.0.13
 mock = 2.0.0
 testfixtures = 6.11
 funcsigs = 1.0.2

--- a/software/slapos-testing/buildout.hash.cfg
+++ b/software/slapos-testing/buildout.hash.cfg
@@ -15,4 +15,4 @@
 [template]
 filename = instance.cfg
-md5sum = 47eb5f8e6f56729e2ce0e6213bccf4f7
+md5sum = a04806bdebd611c7f6698b4bef7af70d
--- a/software/slapos-testing/instance.cfg
+++ b/software/slapos-testing/instance.cfg
@@ -88,7 +88,7 @@ command-line =
 #   guarantee about free ports on IPV4 and IPV6
 # * LOCAL_IPV4 is backward compatible, to be migrated, SLAPOS_TEST_IPV4
 environment =
-  PATH=${coreutils:location}/bin:${curl:location}/bin:${openssl:location}/bin:${git:location}/bin:${libxslt:location}/bin:${socat:location}/bin:${lmsensors:location}/bin:${buildout:bin-directory}:/usr/bin/:/bin/
+  PATH=${coreutils:location}/bin:${curl:location}/bin:${openssl:location}/bin:${git:location}/bin:${libxslt:location}/bin:${socat:location}/bin:${lmsensors:location}/bin:${rsync:location}/bin/:${buildout:bin-directory}:/usr/bin/:/bin/
  LOCAL_IPV4=$${slap-configuration:ipv4-random}
  SLAPOS_TEST_IPV4=$${slap-configuration:ipv4-random}
  SLAPOS_TEST_IPV6=$${slap-configuration:ipv6-random}

--- a/software/slapos-testing/software.cfg
+++ b/software/slapos-testing/software.cfg
@@ -12,6 +12,7 @@ extends =
  ../../component/coreutils/buildout.cfg
  ../../component/socat/buildout.cfg
  ../../component/lmsensors/buildout.cfg
+  ../../component/rsync/buildout.cfg
  ../../stack/slapos.cfg
  ./buildout.hash.cfg
@@ -57,7 +58,9 @@ depends = ${slapos.core-setup:egg}
 <= setup-develop-egg
 egg = slapos.cookbook[test]
 setup = ${slapos.cookbook-repository:location}
-depends = ${slapos.core-setup:egg}
+depends =
+  ${slapos.core-setup:egg}
+  ${slapos-cookbook-dependencies:eggs}
 [slapos.core-setup]
 <= setup-develop-egg
@@ -83,10 +86,11 @@ setup = ${slapos.recipe.template-repository:location}
 [slapos.toolbox-setup]
 <= setup-develop-egg
-# XXX slapos.toolbox does not have `test` extra require, `mock` and `pycurl` are only listed in `tests_require` and are listed explicitly
+egg = slapos.toolbox[test]
-egg = slapos.toolbox
 setup = ${slapos.toolbox-repository:location}
-depends = ${slapos.core-setup:egg}
+depends =
+  ${slapos.core-setup:egg}
+  ${slapos-toolbox-dependencies:eggs}
 [slapos.rebootstrap-setup]
 <= setup-develop-egg
@@ -98,6 +102,7 @@ recipe = zc.recipe.egg
 eggs =
  ${lxml-python:egg}
  ${python-cryptography:egg}
+  ${backports.lzma:egg}
  ${pycurl:egg}
  ${bcrypt:egg}
  dnspython
@@ -113,7 +118,6 @@ eggs =
  ${slapos.toolbox-setup:egg}
  ${slapos.libnetworkcache-setup:egg}
  ${slapos.rebootstrap-setup:egg}
-  mock
  zope.testing
  supervisor
 entry-points =

--- a/software/theia/buildout.hash.cfg
+++ b/software/theia/buildout.hash.cfg
@@ -15,12 +15,12 @@
 [instance]
 filename = instance.cfg.in
-md5sum = d8ad39bc93c492026a93c28b33a5dc3a
+md5sum = f95354d4af4a78ad7fd11ebc9281ed19
 [yarn.lock]
 filename = yarn.lock
-md5sum = 89d0a4d0c3ae90b9c5c0923b57766f0f
+md5sum = 07835b4acfbd8f4a96ac15ffecd238b0
 [python-language-server-requirements.txt]
 filename = python-language-server-requirements.txt
-md5sum = 2a296cba4c36d7a5fca5f4347a8c8469
+md5sum = d2ce161244ce9ebce5295302a1b2a7df
--- a/software/theia/instance.cfg.in
+++ b/software/theia/instance.cfg.in
@@ -3,6 +3,7 @@ parts =
  monitor-base
  promises
  frontend-reload
+  tasks.json
  publish-connection-parameter
 extends = ${monitor-template:rendered}
@@ -58,6 +59,9 @@ template = inline:
    proxy /services $${theia-instance:base-url} {
      websocket
    }
+    proxy /file-upload $${theia-instance:base-url} {
+      websocket
+    }
    basicauth $${frontend-instance-password:username} $${frontend-instance-password:passwd} {
      realm "Theia"
      /
@@ -114,22 +118,101 @@ install =
 location = $${directory:frontend-static}/$${:filename}
 filename = $${:_buildout_section_name_}
-[user]
+[tasks.json]
-recipe = slapos.cookbook:userinfo
+recipe = slapos.recipe.template:jinja2
+rendered = $${directory:dot-theia}/tasks.json
+template =
+  inline:
+  {
+    // See https://go.microsoft.com/fwlink/?LinkId=733558
+    // for the documentation about the tasks.json format
+    "version": "2.0.0",
+    "tasks": [
+      {
+        "label": "slapos node software",
+        "detail": "Build all software supplied to the node",
+        "type": "shell",
+        "command": "${buildout:bin-directory}/slapos",
+        "args": [
+          "node",
+          "software",
+          // debug mode can be enabled by commenting out this line:
+          // "--buildout-debug",
+          "--all"
+        ],
+        "options": {
+          "env": {
+            "SLAPOS_CONFIGURATION": "$${slapos-standalone-activate:slapos-configuration}",
+            "GIT_EXEC_PATH": ""
+          }
+        },
+        "group": {
+          "kind": "build",
+          "isDefault": true
+        },
+        "problemMatcher": []
+      },
+      {
+        "label": "slapos node instance",
+        "detail": "Create all instances requested on the node",
+        "type": "shell",
+        "command": "${buildout:bin-directory}/slapos",
+        "args": [
+          "node",
+          "instance",
+          // debug mode can be enabled by commenting out this line:
+          // "--buildout-debug",
+          "--all"
+        ],
+        "options": {
+          "env": {
+            "SLAPOS_CONFIGURATION": "$${slapos-standalone-activate:slapos-configuration}",
+            "GIT_EXEC_PATH": ""
+          }
+        },
+        "problemMatcher": [],
+        "group": {
+          "kind": "build",
+          "isDefault": true
+        }
+      }
+    ]
+  }
-[theia-instance]
-recipe = slapos.cookbook:wrapper
-wrapper-path = $${directory:services}/$${:_buildout_section_name_}
-command-line =
-  env LC_ALL=C.UTF-8 TMP=$${directory:tmp} THEIA_WEBVIEW_EXTERNAL_ENDPOINT='{{hostname}}' THEIA_SHELL=$${theia-shell:rendered} ${theia-wrapper:rendered} --hostname=$${:hostname} --port=$${:port} $${directory:project}
+[theia-service]
+recipe = slapos.recipe.template:jinja2
+rendered = $${directory:bin}/$${:_buildout_section_name_}
+mode = 0700
+template =
+  inline:#!/bin/sh
+  {% raw %}
+  export THEIA_WEBVIEW_EXTERNAL_ENDPOINT='{{hostname}}'
+  {% endraw %}
+  export THEIA_OPEN_EDITOR_TOKEN=$(${openssl:location}/bin/openssl rand -hex 32)
+  export THEIA_URL=$${:base-url}
+  export THEIA_SHELL=$${theia-shell:rendered}
+  export HOME=$${buildout:directory}
+  export TMP=$${directory:tmp}
+  export TEMP=$TMP
+  export LC_ALL=C.UTF-8
+  export EDITOR="${python-language-server:location}/bin/python -m theia_open --wait"
+  exec ${theia-wrapper:rendered} $@
 ip =  $${instance-parameter:ipv4-random}
-hostname =  $${:ip}
 port = 3000
-base-url = http://$${:hostname}:$${:port}/
+base-url = http://$${:ip}:$${:port}/
+[theia-instance]
+recipe = slapos.cookbook:wrapper
+wrapper-path = $${directory:services}/$${:_buildout_section_name_}
+command-line = $${theia-service:rendered}  --hostname=$${:hostname} --port=$${:port} $${directory:project}
 hash-existing-files =
  ${yarn.lock:output}
  ${theia-wrapper:rendered}
+ip =  $${instance-parameter:ipv4-random}
+hostname =  $${:ip}
+port = $${theia-service:port}
+base-url = $${theia-service:base-url}
 [theia-shell]
 recipe = slapos.recipe.template:jinja2
@@ -144,7 +227,6 @@ template = inline:
  if not args: args = ["-c", ". $${slapos-standalone-activate:rendered} && exec env GIT_EXEC_PATH= ${bash:location}/bin/bash", ]
  os.execv('${bash:location}/bin/bash', ['${bash:location}/bin/bash']  + args)
 [slapos-standalone-activate]
 recipe = slapos.recipe.template:jinja2
 rendered = $${directory:bin}/$${:_buildout_section_name_}
@@ -163,13 +245,13 @@ template =
      $${slap-connection:partition-id} \
      --key='$${slap-connection:key-file}' \
      --cert='$${slap-connection:cert-file}'
-  export SLAPOS_CONFIGURATION=$${directory:slapos}/etc/slapos.cfg
+  export SLAPOS_CONFIGURATION=$${:slapos-configuration}
  export SLAPOS_CLIENT_CONFIGURATION=$SLAPOS_CONFIGURATION
 ipv4 = $${instance-parameter:ipv4-random}
 ipv6 = $${instance-parameter:ipv6-random}
 port = 4000
+slapos-configuration = $${directory:slapos}/etc/slapos.cfg
 [promises]
 recipe =
@@ -182,7 +264,7 @@ instance-promises =
 <= monitor-promise-base
 module = check_port_listening
 name = $${:_buildout_section_name_}.py
-config-hostname=  $${theia-instance:ip}
+config-hostname = $${theia-instance:ip}
 config-port = $${theia-instance:port}
 [frontend-listen-promise]
@@ -209,7 +291,7 @@ slave = true
 config-url = $${frontend-instance:url}
 config-https-only = true
 config-type = websocket
-config-websocket-path-list = /services
+config-websocket-path-list = /services /file-upload
 return = domain secure_access
 [publish-connection-parameter]
@@ -233,6 +315,7 @@ var = $${buildout:directory}/var
 srv = $${buildout:directory}/srv
 bin = $${buildout:directory}/bin
 tmp = $${buildout:directory}/tmp
+dot-theia = $${buildout:directory}/.theia/
 pidfiles = $${:var}/run
 services = $${:etc}/service

--- a/software/theia/python-language-server-requirements.txt
+++ b/software/theia/python-language-server-requirements.txt
@@ -27,3 +27,4 @@ typing-extensions==3.7.4.2
 wrapt==1.11.2
 yapf==0.29.0
 zc.buildout.languageserver==0.2.1
+theia-open==0.1.2
--- a/software/theia/software.cfg
+++ b/software/theia/software.cfg
@@ -31,7 +31,7 @@ max_version = 0
 [nodejs]
-<= nodejs-10.19.0
+<= nodejs-12.18.3
 [yarn]
 # this could become a component, but it needs to be invoked from nodejs explicitly,
@@ -159,7 +159,7 @@ mode = 0644
 [package.json]
 recipe = slapos.recipe.template:jinja2
-# this comes from https://github.com/theia-ide/theia-apps/blob/3391dd07cba7ddc5cc833420349a27beb66a5433/theia-full-docker/latest.package.json
+# this comes from https://github.com/theia-ide/theia-apps/blob/a54aaa676e3db07d22ab75dde9f3447576135b4d/theia-full-docker/latest.package.json
 # but with a more recent version of vscode-java-redhat, where https://github.com/redhat-developer/vscode-java/issues/1301 was fixed
 template =
  inline:{
@@ -169,24 +169,26 @@ template =
              "config": {
                  "applicationName": "Theia SlapOS",
                  "preferences": {
+                      "application.confirmExit": "always",
                      "files.enableTrash": false,
                      "files.exclude": {
                          "**.pyc": true,
                          "**.egg-info": true,
                          "__pycache__": true,
                          ".git": true,
-                          ".env": true
+                          ".env": true,
+                          "**/node_modules/**": true
                      },
                      "files.watcherExclude": {
-                        "**/.eggs/**": true,
+                          "**/.eggs/**": true,
-                        "**/.env/**": true,
+                          "**/.env/**": true,
-                        "**/.git/**": true,
+                          "**/.git/**": true,
-                        "**/node_modules/**": true
+                          "**/node_modules/**": true
                      },
                      "editor.multiCursorModifier": "ctrlCmd",
                      "editor.tabSize": 2,
-                      "plantuml.monochrome": false,
+                      "plantuml.server": "https://plantuml.host.vifib.net/svg/",
-                      "plantuml.webservice": "//plantuml.host.vifib.net/svg/",
+                      "plantuml.render": "PlantUMLServer",
                      "gitlens.remotes": [{ "domain": "lab.nexedi.com", "type": "GitLab" }],
                      "java.home": "${java-jdk:location}"
                  }
@@ -205,9 +207,7 @@ template =
          "@theia/filesystem": "latest",
          "@theia/getting-started": "latest",
          "@theia/git": "latest",
-          "@theia/json": "latest",
          "@theia/keymaps": "latest",
-          "@theia/languages": "latest",
          "@theia/markers": "latest",
          "@theia/messages": "latest",
          "@theia/metrics": "latest",
@@ -216,14 +216,12 @@ template =
          "@theia/navigator": "latest",
          "@theia/outline-view": "latest",
          "@theia/output": "latest",
-          "@theia/plantuml": "latest",
          "@theia/plugin": "latest",
          "@theia/plugin-ext": "latest",
          "@theia/plugin-ext-vscode": "latest",
          "@theia/preferences": "latest",
          "@theia/preview": "latest",
          "@theia/process": "latest",
-          "@theia/rust": "latest",
          "@theia/scm": "latest",
          "@theia/search-in-workspace": "latest",
          "@theia/task": "latest",
@@ -232,14 +230,8 @@ template =
          "@theia/userstorage": "latest",
          "@theia/variable-resolver": "latest",
          "@theia/vsx-registry": "latest",
-          "@theia/workspace": "latest"
+          "@theia/workspace": "latest",
-      },
+          "@perrinjerome/theia-open": "0.1.2"
-      "resolutions": {
-          "vscode-json-languageserver": "1.2.2",
-          "vscode-languageserver-protocol": "3.15.0-next.9",
-          "vscode-languageserver-types": "3.15.0-next.5",
-          "**/vscode-json-languageserver/**/vscode-languageserver": "6.0.0-next.1",
-          "**/moment": "2.24.0"
      },
      "devDependencies": {
          "@theia/cli": "latest"
@@ -269,6 +261,7 @@ template =
          "vscode-builtin-java": "https://github.com/theia-ide/vscode-builtin-extensions/releases/download/v1.39.1-prel/java-1.39.1-prel.vsix",
          "vscode-builtin-javascript": "https://github.com/theia-ide/vscode-builtin-extensions/releases/download/v1.39.1-prel/javascript-1.39.1-prel.vsix",
          "vscode-builtin-json": "https://github.com/theia-ide/vscode-builtin-extensions/releases/download/v1.39.1-prel/json-1.39.1-prel.vsix",
+          "vscode-builtin-json-language-features": "https://open-vsx.org/api/vscode/json-language-features/1.46.1/file/vscode.json-language-features-1.46.1.vsix",
          "vscode-builtin-less": "https://github.com/theia-ide/vscode-builtin-extensions/releases/download/v1.39.1-prel/less-1.39.1-prel.vsix",
          "vscode-builtin-log": "https://github.com/theia-ide/vscode-builtin-extensions/releases/download/v1.39.1-prel/log-1.39.1-prel.vsix",
          "vscode-builtin-lua": "https://github.com/theia-ide/vscode-builtin-extensions/releases/download/v1.39.1-prel/lua-1.39.1-prel.vsix",
@@ -316,7 +309,8 @@ template =
          "vscode-java-test": "https://github.com/microsoft/vscode-java-test/releases/download/0.22.0/vscjava.vscode-java-test-0.22.0.vsix",
          "vscode-python": "https://github.com/microsoft/vscode-python/releases/download/2020.1.58038/ms-python-release.vsix",
          "vscode-ruby": "https://github.com/rubyide/vscode-ruby/releases/download/v0.25.0/ruby-0.25.0.vsix",
-          "vscode-zc-buildout": "https://github.com/perrinjerome/vscode-zc-buildout/releases/download/v0.2.0/vscode-zc-buildout-0.2.0.vsix"
+          "vscode-zc-buildout": "https://github.com/perrinjerome/vscode-zc-buildout/releases/download/v0.2.0/vscode-zc-buildout-0.2.0.vsix",
+          "plantuml": "https://open-vsx.org/api/jebbs/plantuml/2.13.12/file/jebbs.plantuml-2.13.12.vsix"
      }
    }
 rendered = ${buildout:directory}/${:_buildout_section_name_}
@@ -342,7 +336,7 @@ template =
  inline:
  #!/bin/bash
  . ${gowork:env.sh}
-  export PATH=${python-language-server:location}/bin/:${java-jdk:location}/bin/:${cli-utilities:PATH}:$PATH
+  export PATH=${python-language-server:location}/bin/:${java-jdk:location}/bin/:${cli-utilities:PATH}:$HOME/.cargo/bin:$PATH
  export THEIA_DEFAULT_PLUGINS="local-dir:${theia:THEIA_DEFAULT_PLUGINS}"
  # reset PS1 from gowork
  export PS1='$ '

--- a/software/theia/yarn.lock
+++ b/software/theia/yarn.lock
--- a/stack/erp5/buildout.cfg
+++ b/stack/erp5/buildout.cfg
@@ -9,8 +9,8 @@ extends =
  ../../component/git/buildout.cfg
  ../../component/graphviz/buildout.cfg
  ../../component/gzip/buildout.cfg
+  ../../component/xz-utils/buildout.cfg
  ../../component/haproxy/buildout.cfg
-  ../../component/hookbox/buildout.cfg
  ../../component/findutils/buildout.cfg
  ../../component/librsvg/buildout.cfg
  ../../component/imagemagick/buildout.cfg
@@ -66,7 +66,6 @@ parts +=
  tesseract
  tesseract-eng-traineddata
  tesseract-osd-traineddata
-  hookbox
  zabbix-agent
 # Buildoutish
@@ -178,6 +177,7 @@ context =
    key erp5_location erp5:location
    key findutils_location findutils:location
    key gzip_location gzip:location
+    key xz_utils_location xz-utils:location
    key haproxy_location haproxy:location
    key instance_common_cfg instance-common:rendered
    key jsl_location jsl:location
@@ -560,14 +560,11 @@ setup = ${erp5:location}
 [zodbpack]
 recipe = zc.recipe.egg
 eggs =
-  ${lxml-python:egg}
-  ${pycurl:egg}
-  ${python-PyYAML:egg}
-  ${python-cryptography:egg}
-  ${python-cliff:egg}
  slapos.toolbox[zodbpack]
 scripts =
  zodbpack
+depends =
+  ${slapos-toolbox-dependencies:eggs}
 [versions]
 # See ../../software/neoppod/software-common.cfg for versions common with NEO:
@@ -636,14 +633,10 @@ WSGIUtils = 0.7
 ZODB3 = 3.11.0
 # astroid 1.4.1 breaks testDynamicClassGeneration
 astroid = 1.3.8
-csp-eventlet = 0.7.0
 erp5diff = 0.8.1.7
-eventlet = 0.20.1
 five.formlib = 1.0.4
 five.localsitemanager = 2.0.5
 google-api-python-client = 1.6.1
-greenlet = 0.4.12
-http-parser = 0.8.3
 httplib2 = 0.10.3
 huBarcode = 1.0.0
 interval = 1.0.0
@@ -664,10 +657,7 @@ pyflakes = 1.5.0
 python-memcached = 1.58
 pytracemalloc = 1.2
 qrcode = 5.3
-restkit = 4.2.2
 rsa = 3.4.2
-rtjp-eventlet = 0.3.2
-socketpool = 0.5.3
 spyne = 2.12.14
 suds = 0.4
 facebook-sdk = 2.0.0
@@ -698,10 +688,6 @@ erp5.recipe.w3validator = 1.0.2
 # Products.CMFCore==2.2.10
 Products.ZSQLMethods = 2.13.5
-# Required by:
-# eventlet==0.20.1
-enum-compat = 0.0.2
 # Required by:
 # SOAPpy===0.12.0nxd001
 fpconst = 0.7.2

--- a/stack/erp5/buildout.hash.cfg
+++ b/stack/erp5/buildout.hash.cfg
@@ -18,7 +18,7 @@ md5sum = 85ce1e2f3d251aa435fef8118dca8a63
 [mariadb-slow-query-report-script]
 filename = mysql-querydigest.sh.in
-md5sum = 0c0d98a68230cd0ad36046bb25b35f4a
+md5sum = 7b14d2b81f2c864e47682ddb03b1b663
 [mariadb-start-clone-from-backup]
 filename = instance-mariadb-start-clone-from-backup.sh.in

--- a/stack/erp5/instance-mariadb.cfg.in
+++ b/stack/erp5/instance-mariadb.cfg.in
@@ -327,17 +327,18 @@ context =
  raw slow_query_path ${directory:srv}/backup/logrotate/mariadb_slowquery.log
  raw pt_query_exec ${binary-wrap-pt-digest:wrapper-path}
  raw dash {{ parameter_dict['dash-location'] }}/bin/dash
+  raw xz {{ parameter_dict['xz-utils-location'] }}/bin/xz
  key output_folder directory:slowquery
-[slow-query-digest-parameters]
+{%if slapparameter_dict.get('max-slowqueries-threshold') and slapparameter_dict.get('slowest-query-threshold') %}
-max_queries_threshold = {{ slapparameter_dict['max-slowqueries-threshold'] }}
-slowest_queries_threshold = {{ slapparameter_dict['slowest-query-threshold'] }}
 [{{ section('monitor-promise-slowquery-result') }}]
 <= monitor-promise-base
 module = check_command_execute
 name = check-slow-query-pt-digest-result.py
-config-command = "{{ parameter_dict['promise-check-slow-queries-digest-result'] }}" --ptdigest_path "${directory:slowquery}" --status_file ${monitor-directory:private}/mariadb_slow_query.report.json --max_queries_threshold "${slow-query-digest-parameters:max_queries_threshold}" --slowest_query_threshold "${slow-query-digest-parameters:slowest_queries_threshold}"
+config-command = "{{ parameter_dict['promise-check-slow-queries-digest-result'] }}" --ptdigest_path "${directory:slowquery}" --status_file ${monitor-directory:private}/mariadb_slow_query.report.json --max_queries_threshold "${:max_queries_threshold}" --slowest_query_threshold "${:slowest_queries_threshold}"
+max_queries_threshold = {{ slapparameter_dict['max-slowqueries-threshold'] }}
+slowest_queries_threshold = {{ slapparameter_dict['slowest-query-threshold'] }}
+{%-endif%}
 [{{ section('promise-check-computer-memory') }}]
 <= monitor-promise-base

--- a/stack/erp5/instance-zope.cfg.in
+++ b/stack/erp5/instance-zope.cfg.in
@@ -55,6 +55,7 @@ environment +=
  HOME=${buildout:directory}
  PATH=${binary-link:target-directory}:{{ parameter_dict['coreutils'] }}/bin:{{ parameter_dict['perl_dbd_mariadb_path'] }}
  TZ={{ slapparameter_dict['timezone'] }}
+  RUN_UNIT_TEST=${directory:bin}/runUnitTest
  MATPLOTLIBRC={{ parameter_dict['matplotlibrc'] }}
  INSTANCE_HOME=${:instance-home}
  CAUCASE={{ slapparameter_dict['caucase-url'] }}
@@ -483,6 +484,7 @@ wrapper-path = ${buildout:bin-directory}/runTestSuite
 < = run-common
 environment-extra =
  REAL_INSTANCE_HOME=${:instance-home}
+  RUN_UNIT_TEST=${directory:bin}/runUnitTest
  SQLBENCH_PATH={{ parameter_dict['sqlbench_path'] }}
  TEST_CA_PATH=${directory:ca-dir}
 {%- if wsgi %}

--- a/stack/erp5/instance.cfg.in
+++ b/stack/erp5/instance.cfg.in
@@ -145,6 +145,7 @@ coreutils-location = {{ coreutils_location }}
 dash-location = {{ dash_location }}
 findutils-location = {{ findutils_location }}
 gzip-location = {{ gzip_location }}
+xz-utils-location = {{ xz_utils_location }}
 mariadb-location = {{ mariadb_location }}
 template-my-cnf = {{ template_my_cnf }}
 template-mariadb-initial-setup = {{ template_mariadb_initial_setup }}

--- a/stack/erp5/mysql-querydigest.sh.in
+++ b/stack/erp5/mysql-querydigest.sh.in
 #!{{dash}}
 # BEWARE: This file is operated by slapgrid
+set -e
 SLOW_QUERY_PATH='{{slow_query_path}}'
 OUTPUT_FOLDER='{{output_folder}}'
 PT_QUERY_EXEC='{{pt_query_exec}}'
@@ -21,6 +23,6 @@ if [ ! -f "$SLOW_LOG" ]; then
  exit 1
 fi
-"$PT_QUERY_EXEC" "$SLOW_LOG" > "$OUTPUT_FILE" && \
+"$PT_QUERY_EXEC" "$SLOW_LOG" > "$OUTPUT_FILE"
-echo "Report generated successfully." || \
-echo "Report failed with code $?"
+{{ xz }} -9 "$OUTPUT_FILE"
--- a/stack/lamp/buildout.cfg
+++ b/stack/lamp/buildout.cfg
@@ -31,6 +31,7 @@ extends =
  ../../component/perl/buildout.cfg
  ../../component/sqlite3/buildout.cfg
  ../../component/stunnel/buildout.cfg
+  ../../component/xz-utils/buildout.cfg
  ../../component/zlib/buildout.cfg
  ../erp5/buildout.cfg
  ../logrotate/buildout.cfg
@@ -88,6 +89,7 @@ context =
    key logrotate_location logrotate:location
    key logrotate_cfg template-logrotate-base:rendered
    key gzip_location gzip:location
+    key xz_utils_location xz-utils:location
    key stunnel_location stunnel:location
    key template_monitor monitor2-template:rendered
    key mariadb_link_binary template-mariadb:link-binary
@@ -137,6 +139,4 @@ location = ${buildout:parts-directory}/${:_buildout_section_name_}
 [eggs]
 recipe = zc.recipe.egg
 eggs =
-  ${lxml-python:egg}
+  ${slapos-toolbox:eggs}
-  ${pycurl:egg}
-  slapos.toolbox
--- a/stack/lamp/buildout.hash.cfg
+++ b/stack/lamp/buildout.hash.cfg
@@ -14,7 +14,7 @@
 # not need these here).
 [instance]
 filename = instance.cfg.in
-md5sum = be63b936ed521edaead8e0770ac64621
+md5sum = 5c953c0f5d3376718eb9c4030288647a
 [instance-apache-php]
 filename = instance-apache-php.cfg.in

--- a/stack/lamp/instance.cfg.in
+++ b/stack/lamp/instance.cfg.in
@@ -78,6 +78,7 @@ coreutils-location = {{ coreutils_location }}
 dash-location = {{ dash_location }}
 findutils-location = {{ findutils_location }}
 gzip-location = {{ gzip_location }}
+xz-utils-location = {{ xz_utils_location }}
 mariadb-location = {{ mariadb_location }}
 template-my-cnf = {{ template_my_cnf }}
 template-mariadb-initial-setup = {{ template_mariadb_initial_setup }}

--- a/stack/monitor/README.md
+++ b/stack/monitor/README.md
@@ -94,20 +94,18 @@ New promises should be placed into the folder etc/plugin, legacy promises are in
 You will use slapos.cookbook:promise.plugin to generate your promise script into `etc/plugin` directory. Adding a promise will look like this:
    [promise-check-site]
-    recipe = slapos.cookbook:promise.plugin
+    <= monitor-promise-base
-    eggs =
+    module = check_port_listening
-      slapos.toolbox
+    name = check_site.py
-    output = ${directory:plugins}/promise-check-mysite-status.py
+    config-hostname = ${publish:ipv6}
-    content = 
+    config-port = 2020
-      from slapos.promise.plugin.check_site_state import RunPromise
-    config-site-url = ${publish:site-url}
-    config-connection-timeout = 20
    config-foo = bar
-    mode = 600
+The section `monitor-promise-base` is defined in the monitor stack, `name` is the filename of the script that will be generated under `etc/plugin` directory, `module` is the name of your promise module (you can find a list of existing module in https://lab.nexedi.com/nexedi/slapos.toolbox/tree/master/slapos/promise/plugin).
 Then you will have to add `promise-check-site` section to buildout parts, so it will be installed.
-In your promise code, you will be able to call `self.getConfig('site-url')`, `self.getConfig('connection-timeout')` and `self.getConfig('foo')`. The returned value is `None` if the config parameter is not set.
+In your promise code, you will be able to call `self.getConfig('hostname')`, `self.getConfig('port')` and `self.getConfig('foo')`. The returned value is `None` if the config parameter is not set.
 Slapgrid will run each promise every time a partition is processed (every minutes in theory), if the partition is up to date, slapgrid will only run promises anomaly check and save the result in a json file. Here is an exemple of promise result:

--- a/stack/slapos-dev.cfg
+++ b/stack/slapos-dev.cfg
@@ -21,6 +21,7 @@ develop = true
 recipe = zc.recipe.egg:develop
 egg = slapos.toolbox
 setup = ${slapos.toolbox-repository:location}
+depends = ${slapos-toolbox-dependencies:eggs}
 [slapos.cookbook-repository]
 develop = true

--- a/stack/slapos.cfg
+++ b/stack/slapos.cfg
@@ -23,6 +23,7 @@ extends =
  ../component/defaults.cfg
  ../component/git/buildout.cfg
  ../component/lxml-python/buildout.cfg
+  ../component/python-backports-lzma/buildout.cfg
  ../component/python-cffi/buildout.cfg
  ../component/python-cliff/buildout.cfg
  ../component/python-cachecontrol/buildout.cfg
@@ -88,6 +89,11 @@ setup = ${slapos.cookbook-repository:location}
 # Install slapos.cookbook containing all officials recipes
 [slapos-cookbook]
 recipe = zc.recipe.egg
+eggs = slapos.cookbook
+depends = ${slapos-cookbook-dependencies:eggs}
+[slapos-cookbook-dependencies]
+recipe = zc.recipe.egg
 eggs =
  ${lxml-python:egg}
  ${python-cffi:egg}
@@ -96,17 +102,23 @@ eggs =
  ${python-cliff:egg}
  ${python-cryptography:egg}
  ${jsonschema:egg}
-  pyOpenSSL
-  slapos.cookbook
 # slapos.toolbox containing utilities
 [slapos-toolbox]
 recipe = zc.recipe.egg
+eggs = slapos.toolbox
+depends = ${slapos-toolbox-dependencies:eggs}
+[slapos-toolbox-dependencies]
+# slapos.toolbox depends on eggs with C-extensions that needs to be
+# installed with slapos provided libraries. This section installs all
+# slapos.toolbox dependencies.
+recipe = zc.recipe.egg
 eggs =
  ${lxml-python:egg}
  ${pycurl:egg}
  ${python-cryptography:egg}
-  slapos.toolbox
+  ${backports.lzma:egg}
 [jsonschema]
 recipe = zc.recipe.egg:custom
@@ -124,7 +136,7 @@ eggs =
 [versions]
 setuptools = 44.0.0
 # Use SlapOS patched zc.buildout
-zc.buildout = 2.7.1+slapos008
+zc.buildout = 2.7.1+slapos009
 # Use SlapOS patched zc.recipe.egg (zc.recipe.egg 2.x is for Buildout 2)
 zc.recipe.egg = 2.0.3+slapos003
 # Use own version of h.r.download to be able to open .xz and .lz archives
@@ -135,6 +147,7 @@ MarkupSafe = 1.0
 PyYAML = 3.13
 Werkzeug = 0.12
 asn1crypto = 1.3.0
+backports.lzma = 0.0.14
 cffi = 1.14.0
 click = 6.7
 cliff = 2.4.0
@@ -160,14 +173,14 @@ pytz = 2016.10
 requests = 2.24.0
 six = 1.12.0
 slapos.cookbook = 1.0.152
-slapos.core = 1.6.0
+slapos.core = 1.6.2
 slapos.extension.strip = 0.4
 slapos.extension.shared = 1.0
 slapos.libnetworkcache = 0.20
 slapos.rebootstrap = 4.5
-slapos.recipe.build = 0.45
+slapos.recipe.build = 0.46
 slapos.recipe.cmmi = 0.16
-slapos.toolbox = 0.109
+slapos.toolbox = 0.111
 stevedore = 1.21.0
 subprocess32 = 3.5.3
 unicodecsv = 0.14.1