Deprecate usage of authtoken parameters in providers

When SRBAC is completely implemented according to the current spec, each service user no longer has full admin privilege but has access limited to the actual requirement. This means that we are no longer able to use service users to create resources. This change is a prep-work to get rid of usage of the service user, currently loaded from authtoken parameters in the .conf file. Now each providers loads clouds.yaml file placed in /etc/openstack/puppet. Change-Id: I198e2cc089a12e1ef260d78665f274db9149f9c9
2023-11-16 15:45:34 +09:00 · 2023-11-16 15:45:34 +09:00 · f99ea85cd3
commit f99ea85cd3
parent 428129c2e1
2 changed files with 13 additions and 0 deletions
--- a/lib/puppet/provider/trove.rb
+++ b/lib/puppet/provider/trove.rb
@ -20,6 +20,7 @@ class Puppet::Provider::Trove < Puppet::Provider::Openstack
  end

  def self.trove_request(service, action, error, properties=nil)
+    warning('Usage of keystone_authtoken parameters is deprecated.')
    properties ||= []
    @credentials.username = trove_credentials['username']
    @credentials.password = trove_credentials['password']
--- a/releasenotes/notes/provider-deprecate-at-params-8a9c23a010d4b4d3.yaml
+++ b/releasenotes/notes/provider-deprecate-at-params-8a9c23a010d4b4d3.yaml
@ -0,0 +1,12 @@
+---
+deprecations:
+  - |
+    The following resource types have been using the credential written in
+    the ``[keystone_authtoken]`` section of ``trove.conf``. However this
+    behavior has been deprecated and now these resource types first look for
+    the yaml files in ``/etc/openstack/puppet``. Make sure one of
+    ``clouds.yaml`` or ``admin-clouds.yaml`` (which is created by
+    puppet-keystone) is created in that directory.
+
+    - ``trove_datastore``
+    - ``trove_datastore_version``