Generate password properties exist in the manifest file for the
identifier.
if variables section contains a variable name, the director will try to ask
credhub to generate value if one doesnt exist.
Please confirm these are the processing steps invoked by the Director.
sounds about right.
Also confirm that if no generate password properties are present in the
manifest file for the identifier then no POST call is made to CredHub.
if variables section doesnt have cred with the name, then director will not
attempt to generate it.
specific apis may change over time; however, general variable section
declaration will remain.
On Fri, Jul 14, 2017 at 1:19 PM, Michael Stancampiano <mstancamp(a)gmail.com>
wrote:
Wanted to verify the steps that Bosh Director and CredHub perform to
generate a password during a deployment. Here are the assumed steps:
1) Director does a CredHub REST API GET call to obtain the value for an
identifier in a manifest file.
2) CredHub returns a status code of not found (404).
3) Generate password properties exist in the manifest file for the
identifier. So Director makes a CredHub REST API POST call to generate the
password value passing in the specified password properties from the
manifest file.
4) CredHub returns a generated password value.
Please confirm these are the processing steps invoked by the Director.
Also confirm that if no generate password properties are present in the
manifest file for the identifier then no POST call is made to CredHub.
Thanks.
