On Fri, May 29, 2015 at 7:55 PM, Fox, Kevin M <[email protected]> wrote:
> As an Op, I really really want to replace one image with a new one > atomically with security updates preapplied. Think shellshock, ghost, etc. > It will be basically be the same exact image as before, but patched. > Referencing local ID's explicitly makes it harder to ensure things are > patched, since new vm's will tend to pop up after things are patched with > new vulnerabilities. > That's the exact use case for the versioning concept we have in Artifacts: each artifact is identified by name and version, so there is always "latest version of X" and an API call which returns it. However, that's the question of different API calls and their proper usage: get-by-id returns the very same object which was uploaded, and get by name - the latest object matching the required version. First is good for bit-to-bit immutability guarantees, cache checks etc, second - for the use cases like yours. Same is true for the cross-artifact dependency relations: they may be static (i.e. reference by ID) or dynamic (i.e. reference by name and version).
__________________________________________________________________________ OpenStack Development Mailing List (not for usage questions) Unsubscribe: [email protected]?subject:unsubscribe http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
