Enable application credential support
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Kubernetes Control Plane Charm |
Confirmed
|
Wishlist
|
Unassigned | ||
| Kubernetes Worker Charm |
Triaged
|
Wishlist
|
Unassigned | ||
| Openstack Integrator Charm |
Triaged
|
Wishlist
|
Unassigned | ||
Bug Description
OpenStack application credentials (as of Queens) allow users to create credentials usable via CLI or in API clients that have an ID and a secret with a subset of user roles and an optional expiration date.
https:/
https:/
This approach is preferred when an underlying cloud is integrated with a user directory (via LDAP) and usage of usernames and passwords is undesirable.
The support for using them is not yet in upstream K8s at the time of writing:
https:/
https:/
However, once it is merged, we need to enable it in the openstack-
https:/
| Cory Johns (johnsca) wrote | #1 |
| Changed in charm-openstack-integrator: | |
| status: | New → Triaged |
| Changed in charm-kubernetes-worker: | |
| status: | New → Triaged |
| Changed in charm-kubernetes-master: | |
| status: | New → Triaged |
| importance: | Undecided → Wishlist |
| Changed in charm-kubernetes-worker: | |
| importance: | Undecided → Wishlist |
| Changed in charm-openstack-integrator: | |
| importance: | Undecided → Wishlist |
| Changed in charm-kubernetes-master: | |
| status: | Triaged → Invalid |
| Changed in charm-kubernetes-master: | |
| status: | Invalid → Confirmed |
The referenced PR is available in the cloud-provider-