[openstack-dev] [puppet] Re: Puppet-OpenStack API providers - Follow up

Gilles Dubreuil gilles at redhat.com
Wed May 6 02:49:57 UTC 2015


Hi,

To summarize from latest 2 discussions about this matter.

Workflow to find credentials details:
1. From environment (ENV[<token>] or ENV[<project>] in short)
2. From a RC file located by convention in current user homedir:
~/openstackrc
3. From an openstack configuration file such as keystone.conf,
glance.conf, etc.

Just to avoid confusion, any user/tenant and password or token details
could be used but they have to come from above list.

The change, impacting openstacklib and the current reviews depending on
it, is therefore to remove any other way besides above list of passing
the credentials.
And more specifically remove passing authenticattion dynamically to the
provider because of the many reasons evoked.

Also note that 3. would need to be added afterward as this represent a
factorization work away from the providers.

Regards,
Gilles



More information about the OpenStack-dev mailing list