Update won't work with a trust scoped token
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Heat |
Fix Released
|
High
|
Steven Hardy |
Bug Description
Currently we create a trust both on creation of the backup stack, and in any child nested stack which may be created as a result of the update.
The solution is to create the user creds row only once, (e.g create the trust only once, in the top level parent stack), then allow that to be inherited by the child stacks.
This is also related to enabling some sort of "update owner" functionality, as you don't want the following scenario to happen:
- User A creates stack (creates a trust between User A and heat service user)
- User B updates stack, adding a nested stack (creates a trust between User B and heat service user)
In that scenario, probably neither User A or User B can completely delete the stack, unless they have admin.
Changed in heat: | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Steven Hardy (shardy) |
milestone: | none → juno-2 |
Changed in heat: | |
status: | Fix Committed → Fix Released |
Changed in heat: | |
milestone: | juno-2 → 2014.2 |
Fix proposed to branch: master /review. openstack. org/107455
Review: https:/