Splitted secrets not useable if amount of defined clouds is different between clouds.yaml and secret.yaml
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
os-client-config |
New
|
Undecided
|
Unassigned |
Bug Description
When using using the "Spitted Secrets" feature and secrets.yaml has more clouds defined than clouds.yaml the result is not useable.
I'm using the Ansible OpenStack dynamic inventory to provision systems. All my private secrets for all clouds (5 in total) i'm connecting to are stored in ~/.config/
Example:
# ~/.config/
---
clouds:
cloud-one:
auth:
username: someone
password: topsecret
cloud-two:
auth:
username: someone
password: topsecret
# ~/project-
---
clouds:
cloud-one:
auth:
auth_url: http://
project_name: demo
# ~/project-
---
clouds:
cloud-one:
auth:
auth_url: http://
project_name: demo
The executing of Ansible's OpenStack dynamic inventory (openstack.py) in any of the project folders fails when it tries to connect to the cloud that is not defined within clouds.yaml but in secrets.yaml as parameters like auth_url are missing.
When i put both clouds in clouds.yaml it works fine.
Expected result:
I would expect to merge auth data of secure.yaml only for clouds that are defined within clouds.yaml. I know that secrets.yaml has a higher precedence than clouds.yaml but i guess i'm not the only one using a single secrets.yaml and multiple clouds.yaml.
secrets.yaml = secure.yaml. sorry