52351a5698
There is now a new configuration option "barbican_auth" in the certificates section, to specify which auth plugin to use when communicating with Barbican. This is because the default option (using ACLs inside Barbican to control access) should be ok as a default workflow, but it might be required to use other methods depending on your deployment. For example, another possible auth method would be BarbicanTrustAuth, utilizing Keystone Trusts. Some deployers may need custom auth methods that do not exist in upstream Keystone, and will need their own Auth plugin. This should be in line with the way Octavia's network and compute drivers work already. While we're in this file, prune the unused (and really bad) method that would *actually* delete certs from Barbican (not in our scope). Also do the tenant_id -> project_id rename. Change-Id: Ic9aef68924bb5c216734afd25403e59476c576e7 |
||
---|---|---|
.. | ||
common | ||
generator | ||
manager | ||
__init__.py |