vic
vic copied to clipboard
vmware
Considering branching --force into multiple options?
Currently using 0.7.0 and perhaps missing something in the richness of the options we have.
My understanding is that today the --force option is used to drive multiple behaviors. Let's take for example the vic-machine delete command.
--force serves the purpose of
- ignoring the thumbprint
- deleting all existing vms
- deleting the volume store
There may be circumstances where I may want to ignore the certificate BUT I may not want to delete in bulk (and automatically) all cVMs. Or volume stores.
I would say that the --force option should at least be branched into something along the line of --force and --ignore where the latter is solely used to ignore unsigned certificates and the fomer is used to drive more extreme behaviors.
/cc @mlh78750
From #2915 which I'm closing in favour of this one:
I think this ties in with general error handling in vic-machine. We should really identify specific errors and classes of errors via constants so they can both be i18n and we can supply a set of errors to ignore instead of a single flag.
Estimate is for doing it right.
--ignore
Note to self: consider pros/cons of the more verbose --ignore-thumbprint.
We will mark this as won't fix. Given that no customer complains this. Please reopen if you think otherwise.
As this is a security issue, I don't think lack of a customer request is a sufficient reason to decide not to fix it.
(In case it's not clear why this is a security issue: currently --force means lots of things, including that certificate/thumbprint mismatch will be ignored. This means that there's no way to do, for example, a force-delete of a VCH without also ignoring SSL warnings, exposing yourself to a man-in-the-middle attack which could intercept the vSphere credentials being supplied to the command.)