Public bug reported:
A name field in Keystone DB is needed for helping identifying trusts.
Effectively , there could be multiple trusts for a same
project/trustor/trustee including the same expiry date and same
impersonate flag. And the same combination could have multiple trusts
assigned with different roles or not.
Having a name would help for implementing trust usage.
A use case scenario is currently with Puppet Keystone module while
creating the trust provider:
When creating a resource, Puppet uses a name as a title for the
resource, that name is unique in order to provide idem-potency. The
trust ID (Keystone DB) doesn't exist until its creation and therefore
cannot be used as a title for a Puppet resource. Without a name, puppet
provider has to make up a name from the different fields, which doesn't
guarantee uniqueness anyway. Worse when fetching resources, the provider
would have to fetch all the fields to identify the resource and take the
first one if many available.
So far, most other Keystone DBMS objects (tables) have a name, which Puppet has
been able to use to identify resources.
The latter is why it made more sense to create this request as a bug instead of
a blueprint, basically saying a name has been missing upfront rather than being
a request for enhancement.
** Affects: keystone
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1475091
Title:
Missing name field for trusts
Status in Keystone:
New
Bug description:
A name field in Keystone DB is needed for helping identifying trusts.
Effectively , there could be multiple trusts for a same
project/trustor/trustee including the same expiry date and same
impersonate flag. And the same combination could have multiple trusts
assigned with different roles or not.
Having a name would help for implementing trust usage.
A use case scenario is currently with Puppet Keystone module while
creating the trust provider:
When creating a resource, Puppet uses a name as a title for the
resource, that name is unique in order to provide idem-potency. The
trust ID (Keystone DB) doesn't exist until its creation and therefore
cannot be used as a title for a Puppet resource. Without a name,
puppet provider has to make up a name from the different fields, which
doesn't guarantee uniqueness anyway. Worse when fetching resources,
the provider would have to fetch all the fields to identify the
resource and take the first one if many available.
So far, most other Keystone DBMS objects (tables) have a name, which Puppet
has been able to use to identify resources.
The latter is why it made more sense to create this request as a bug instead
of a blueprint, basically saying a name has been missing upfront rather than
being a request for enhancement.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1475091/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
