On Fri, 2 Jun 2017, Boris Ranto wrote: > On Thu, 2017-06-01 at 22:16 +0000, Sage Weil wrote: > > That part I fixed with NamedTemporaryFile in > > https://github.com/liewegas/ceph/commit/c169c8fd461bf94459cd9 > > 8b658d2a2d8bf42bca6 > > > > Was there also a python module dependency problem? If not, it seems > > much more natural for the module to create the crt/key pair the first > > time it stats if it's not present... > > > > I had something like that before, see commit > > https://github.com/ceph/ceph/pull/14457/commits/92fa210aaa87fcc47b2491f > a44f029f7426cd7b9 > > or > > https://github.com/ceph/ceph/pull/14457/commits/f59e9bf0bbda870311c6084 > 74b9aad63f4323c43 > > that removed/changed it. I had a couple more implementations that did > all sorts of things. I later removed all of them and went with as > simple solution as possible for two reasons: > > - the simple straight-forward solution is usually least likely to bite > us in the future > - it seemed almost impossible to get an agreement on how a more > sophisticated solution should actually look like (it felt like I was > going in the circles) > > The one removed in the first linked patch did not require any special > dependencies (make_ssl_devcert is part of werkzeug). The other linked > one required pyOpenSSL which was kinda bad as afaik, pyOpenSSL is not > being properly maintained. I like the make_ssl_devcert approach personally... John? sage
