Bug 1319027

Summary: [bug] heat-stack delete needs a strong warning and confirmation prompt
Product: Red Hat OpenStack Reporter: Jaromir Coufal <jcoufal>
Component: rhosp-directorAssignee: Angus Thomas <athomas>
Status: CLOSED WONTFIX QA Contact: Arik Chernetsky <achernet>
Severity: medium Docs Contact:
Priority: high    
Version: 7.0 (Kilo)CC: cwolfe, dbecker, egallen, jcoufal, jpullen, jruzicka, lhh, markmc, mburns, morazi, rhel-osp-director-maint, saime, sbaker, shardy, srevivo, yeylon, yjog, zbitter
Target Milestone: asyncKeywords: Reopened
Target Release: 7.0 (Kilo)   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1259939 Environment:
Last Closed: 2016-03-23 19:58:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1259939, 1319028    
Bug Blocks:    

Comment 2 Zane Bitter 2016-03-18 14:51:28 UTC 
It's not appropriate to backport the python-heatclient change to a z-stream, since it may break some scripts that run in an environment where they are connected to a tty (for example, we encountered this problem with Ansible in the upstream TripleO CI).

With reference to the OSPd undercloud specifically (as opposed to Heat in general), a far more robust way to ensure that the overcloud is never deleted is to either disallow it entirely or give permissions only to a separate user in policy.json. Since this occurs on the server side it doesn't depend on everyone using the correct version of the client, and you can actually require elevated privileges rather than just an extra keystroke to delete the overcloud.
Comment 3 Jaromir Coufal 2016-03-23 19:58:41 UTC 
To avoid this usability issue, there is going to be documentation provided on restricting policies for OSP7.