[Freeipa-devel] [PATCH] 369 Added CLI param and ACL for vault service operations.
Jan Cholasta
jcholast at redhat.com
Mon Aug 17 06:12:18 UTC 2015
On 13.8.2015 18:23, Endi Sukma Dewata wrote:
> On 8/13/2015 6:00 AM, Petr Vobornik wrote:
>> On 08/11/2015 08:42 AM, Jan Cholasta wrote:
>>> On 10.8.2015 21:12, Endi Sukma Dewata wrote:
>>>> On 8/4/2015 10:32 AM, Endi Sukma Dewata wrote:
>>>>>>> Martin, I do not think going on with business as usual is the right
>>>>>>> thing to do here. We know this is going to bite.
>>>>>>> I suggest Endy adds a *new* API if making it backwards compatible is
>>>>>>> not
>>>>>>> possible. The era of bumping whole API version must stop, the sooner
>>>>>>> the
>>>>>>> better.
>>>>>>
>>>>>> My point is that we do not know yet how to do this kind of changes
>>>>>> long term.
>>>>>> So what I did not want to end up are 2 copy&pasted Vault plugins
>>>>>> maintained
>>>>>> forever, differing in just that.
>>>>>>
>>>>>> If you know how to do this without copypasting, I will be fine with
>>>>>> that.
>>>>>
>>>>> We probably can do it like this:
>>>>> * the old plugin continues to provide Vault 1.0 functionality
>>>>> * the new plugin will be a proxy to the old plugin except for the
>>>>> parts
>>>>> that have changed in Vault 1.1.
>>>>>
>>>>> Or the other way around:
>>>>> * the new plugin will provide Vault 1.1 functionality
>>>>> * the old plugin will be a proxy to the new plugin except for the
>>>>> parts
>>>>> that needs to be maintained for Vault 1.0.
>>>>>
>>>>> The first option is probably safer.
>>>>>
>>>>> In any case, IPA 4.2.1 will only provide a single client for Vault
>>>>> 1.1,
>>>>> but two services for Vault 1.0 and 1.1.
>>>>
>>>> A new patch #369-1 is attached. It has been rebased on top of #372 and
>>>> #373 that fix the conflicting parameter while maintaining backward
>>>> compatibility.
>>>
>>> I have modified the first version of the patch to maintain backward
>>> compatibility and not require your patches #372 and #373. Should be much
>>> easier to review. See attachment.
>>
>> Jan approach seems better to me for 4.2.1. Endi, do you agree with the
>> changes? Could we proceed with the review?
>
> Yes, please see the attached patch. I had to update it to remove buggy
> code and revised the docs. I also had to rebase my other patches to make
> sure they work with this patch.
Thanks, ACK.
Fixed commit message (removed the mention of servicename) and pushed to:
master: 0dd95a19ee87a04836f12ad4c1194ad31ac22b93
ipa-4-2: f2117475b8a49b37845529089ea2d5b48f27bfda
--
Jan Cholasta
More information about the Freeipa-devel
mailing list