openstack
/
heat-specs
Code Issues Proposed changes

Update patch set 1 

Patch Set 1:

(4 comments)

Patch-set: 1
This commit is contained in:
Gerrit User 4257 2018-06-27 19:35:41 +00:00 committed by Gerrit Code Review
parent 556b284aea
commit e58f07d7e1
1 changed files with 90 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
681696cee79dfecbf9754ab466c0222ea59f1d2b
View File

@ -141,6 +141,30 @@
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_6aebfb7a",
"filename": "specs/rocky/multi-cloud-support.rst",
"patchSetId": 1
},
"lineNbr": 47,
"author": {
"id": 4257
},
"writtenOn": "2018-06-27T19:35:41Z",
"side": 1,
"message": "That\u0027s horrible though. The user only needs to supply \u002755fcc88c-2926-47f3-b23b-6c5e2a818933\u0027 and we have all the other information we need from the keystone catalog to construct the URL. Just like every other resource in OpenStack.\n\nIn particular we do *not* want to allow users to specify *any* URL. The credential *must* come from Barbican, and the best way to ensure that is to construct the URL ourselves.\n\nIt appears that even the Barbican CLI works in this hideous manner though, so I guess we\u0027ll need to find some way to resolve the discrepancy :(\nhttps://github.com/openstack/python-barbicanclient/blob/master/barbicanclient/barbican_cli/v1/secrets.py#L37",
"parentUuid": "5f7c97a3_8fc78912",
"range": {
"startLine": 47,
"startChar": 14,
"endLine": 47,
"endChar": 18
},
"revId": "681696cee79dfecbf9754ab466c0222ea59f1d2b",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_6426d425",
@ -334,6 +358,30 @@
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_6a2c5bb2",
"filename": "specs/rocky/multi-cloud-support.rst",
"patchSetId": 1
},
"lineNbr": 92,
"author": {
"id": 4257
},
"writtenOn": "2018-06-27T19:35:41Z",
"side": 1,
"message": "* The proposed unit tests don\u0027t lead me to believe that we\u0027re only storing the href: https://review.openstack.org/#/c/578390/1/heat/tests/db/test_sqlalchemy_api.py\n* The href is already stored in the properties anyway.",
"parentUuid": "5f7c97a3_ea64ebe8",
"range": {
"startLine": 92,
"startChar": 0,
"endLine": 92,
"endChar": 25
},
"revId": "681696cee79dfecbf9754ab466c0222ea59f1d2b",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_8fe9c91a",
@ -369,6 +417,24 @@
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_ca26cfcc",
"filename": "specs/rocky/multi-cloud-support.rst",
"patchSetId": 1
},
"lineNbr": 98,
"author": {
"id": 4257
},
"writtenOn": "2018-06-27T19:35:41Z",
"side": 1,
"message": "Isn\u0027t that what you were describing on line 81?",
"parentUuid": "5f7c97a3_2aee6321",
"revId": "681696cee79dfecbf9754ab466c0222ea59f1d2b",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_4ff3b10a",
@ -463,6 +529,30 @@
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_aaa6f353",
"filename": "specs/rocky/multi-cloud-support.rst",
"patchSetId": 1
},
"lineNbr": 103,
"author": {
"id": 4257
},
"writtenOn": "2018-06-27T19:35:41Z",
"side": 1,
"message": "Ah, got it, thanks. I was not aware of that feature.\n\nI can see times when you actually might want to allow any user in the project to access. So maybe we should just remind users that whoever has access to the credential also has access to the remote stack (and, in fact, anything else in the remote tenant).",
"parentUuid": "5f7c97a3_4aab9f87",
"range": {
"startLine": 102,
"startChar": 10,
"endLine": 103,
"endChar": 16
},
"revId": "681696cee79dfecbf9754ab466c0222ea59f1d2b",
"serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543",
"unresolved": false
},
{
"key": {
"uuid": "5f7c97a3_afe1252e",