destroy: only delete OpenStack objects belonging to the project
Version Control Information
Source branch: feature/safe-port-deletion
Target branch: devel
Commits:
* destroy: only delete OpenStack objects belonging to the project
This filter should normally not be necessary, because the credentials
are normally scoped to a project. However, at least Neutron will list
*all* resources from *all* projects if the *user* has sufficient
privileges for that, no matter the project scoping of their token.
This has caused absolute chaos with C&H's Kubernetes customers when a
DevOps person accidentally had the admin role in their project and they
deleted their cluster.
Description
Feel free to add further information about your MR in this section
Closes: #
Merge Prerequisites
-
MR title (and description) are descriptive -
Code is readable and syntactically correct -
Code is understandable -
Documentation has been updated, if necessary -
Commit messages look good -
Release note file added in latest commit
As a developer: please do not tick these boxes yourself. As a reviewer: please get yourself a hot cold beverage.