juju
juju copied to clipboard
juju
feat: migrate model user permissions
Import and export model user permissions. In mongo there was the concept of model users, these have been reduced to model user permissions in 4.0 since the controller holds all extra information about the users.
Checklist
- [x] Code style: imports ordered, good names, simple structure, etc
- [x] Comments saying why design decisions were made
- [x] Go unit tests, with comments saying what you're testing
- [x] Integration tests, with comments saying what you're testing
- [ ] doc.go added or updated in changed packages
QA steps
Test 4.0 to 4.0
juju bootstrap lxd source
juju bootstrap lxd target
juju switch source
juju add-model test
juju add-user jim
juju add-user bob
# Grant some permissions on the model
juju grant jim read test
juju grant bob write test
# Generate some last login times
juju change-user-password admin
juju change-user-password jim
juju change-user-password bob
juju logout && juju login -u jim
juju status
juju logout && juju login -u bob
juju status
juju logout && juju login -u admin
# Start migration
juju show-model test
juju switch source
juju
Test 3.6 to 4.0
# Install 3.6
$ juju bootstrap lxd test36
$ juju add-model test-model
# Repete steps above to add users and generate last login times
$ juju show-model test-model-users
test-model-users:
name: admin/test-model-users
short-name: test-model-users
model-uuid: 02138c75-326d-4f0c-8d30-e45ae6e5f6c1
model-type: iaas
controller-uuid: 42a80563-f6cf-4d02-8e53-73e888bb3711
controller-name: test36
is-controller: false
owner: admin
cloud: lxd
region: default
type: lxd
life: alive
status:
current: available
since: 3 minutes ago
users:
admin:
display-name: admin
access: admin
last-connection: just now
bob:
access: write
last-connection: 1 minute ago
jim:
access: read
last-connection: 28 seconds ago
sla: unsupported
agent-version: 3.6-beta3.1
credential:
name: lxd
owner: admin
cloud: lxd
validity-check: valid
supported-features:
- name: juju
description: the version of Juju used by the model
version: 3.6-beta3.1
# Switch to target 4.0 controller
$ juju switch target
$ juju migrate test36:test-model-users target
# Wait for migration to complete
$ juju show-model test-model-users
test-model-users:
name: admin/test-model-users
short-name: test-model-users
model-uuid: 02138c75-326d-4f0c-8d30-e45ae6e5f6c1
model-type: iaas
controller-uuid: 294ed49a-d474-4e0a-8de2-15052e921a93
controller-name: target
is-controller: false
owner: admin
cloud: lxd
region: default
type: lxd
life: alive
status:
current: available
since: 34 seconds ago
users:
admin:
display-name: admin
access: admin
last-connection: 2 minutes ago
bob:
access: write
last-connection: 3 minutes ago
jim:
access: read
last-connection: 2 minutes ago
# Do an upgrade model to check its all fine
$ juju upgrade-model
juju show-model admin/test-model-users
test-model-users:
...
users:
admin:
display-name: admin
access: admin
last-connection: 3 minutes ago
bob:
access: write
last-connection: 12 minutes ago
jim:
access: read
last-connection: 12 minutes ago
...
agent-version: 4.0-beta5.1
...
supported-features:
- name: juju
description: the version of Juju used by the model
version: 4.0-beta5.1
# Login with bob to check he can see the controller
$ juju logout
$ juju login -u bob
$ juju show-model admin/test-model-users
...
users:
bob:
access: write
last-connection: 16 minutes ago
...
Links
Jira card: JUJU-6512
