[OpenStack-Infra] [openstack-dev] [infra][security] Encryption in Zuul v3

James E. Blair corvus at inaugust.com
Wed Mar 22 17:52:50 UTC 2017


Darragh Bailey <daragh.bailey at gmail.com> writes:

> On 22 March 2017 at 15:02, James E. Blair <corvus at inaugust.com> wrote:
>
>> Ian Cordasco <sigmavirus24 at gmail.com> writes:
>>
>> >
>> > I suppose Barbican doesn't meet those requirements either, then, yes?
>>
>> Right -- we don't want to require another service or tie Zuul to an
>> authn/authz system for a fundamental feature.  However, I do think we
>> can look at making integration with Barbican and similar systems an
>> option for folks who have such an installation and prefer to use it.
>>
>> -Jim
>>
>
> Sounds like you're going to make this plugable, is that a hard requirement
> that will be added to the spec? or just a possibility?

More of a possibility at this point.  In general, I'd like to off-load
interaction with other systems to Ansible as much as possible, and then
add minimal backing support in Zuul itself if needed, that way the core
of Zuul doesn't become a choke point.

-Jim



More information about the OpenStack-Infra mailing list