Descriptionvarious: change API.Login() to handle EnvironTag
This changes a bit of Login handling to allow us to pass in an
EnvironTag which will get validated against the running environment. We
also return EnvironTag as part of the Login response, since otherwise
the existing client doesn't have a good way of finding out that
information.
It then goes around and updates a bunch of places so that we can store
the EnvironTag in our .jenv and read it back out (and pass it in).
I went with a new error message (invalid environment requested), rather
than just ErrPerm, partially because I have already validated the Login
credentials. (Since one user is intended to have access to multiple
environments, it made sense to layer it that way). It does still return
the CodeUnauthorized.
It is still valid to pass in an EnvironTag of "". Eventually we may
change how Login works under that circumstance (for Multi Environment
support), but for now this gets us closer to where we want to be.
If we get to the point that Bootstrap actually stashes our api
information it could also stash the environment tag. However, in the
short term if it just connects to the API like everything else, it will
get the environment UUID cached, which will let us be a bit more
protected from accidentally connecting to the wrong environment.
This might have implications for CI, as I believe they try to re-use
things like CACerts so that they can use the same .jenv files across
mulitple bootstraps. If so, this will start causing the client to get
rejected because the actual environment has changed. Though I think that
is the behavior that we decided we wanted.
https://code.launchpad.net/~jameinel/juju-core/login-returns-env-tag/+merge/221021
(do not edit description out of merge proposal)
Patch Set 1 #
Total comments: 13
Patch Set 2 : various: change API.Login() to handle EnvironTag #Patch Set 3 : various: change API.Login() to handle EnvironTag #
Total comments: 11
MessagesTotal messages: 7
|