Details
-
Task
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
2.5.0
-
None
Description
At this point, credential store can be enabled or disabled for a service. Some services, such as Ranger and LogSearch should be able to indicate that CS cannot be disabled. The eventual goal is to always have CS enabled for all services that support credential store.
Current metainfo.xml has the following section
<credential-store> <supported>true</supported> <enabled>false</enabled> </credential-store>
We need to add a notion of required. A third element called "required" may be added. We can potentially, create an enum for a new field "supportType" and collapse "supported" and "required" but that, while succinct, does not help much in readability.
<credential-store> <supported>true</supported> <required>false</required> <enabled>false</enabled> </credential-store>
The above means, CS is supported, not required, and not enabled. "false" is the default for required.
For services that require CS support
<credential-store> <supported>true</supported> <required>true</required> <enabled>true</enabled> </credential-store>
Service create logic should set the CS-enabled flag to be true if required is true independent of what enabled says. required flag is not needed in the service resource REST API but the stacks API should provide access to this flag.
API to disable CS should throw an error if required is true.
Attachments
Attachments
Issue Links
- links to