The cloud specification is really a controller property, and in Scenario the Model object is closest to the controller. This means that it is more logical to have the cloud_spec property on the Model object than on State.
The one charm (application) specific aspect of credential-get is trust - you don't trust an entire model at a time, you trust individual applications. However, trust is broader than cloud credentials (e.g. the extra access available with k8s). To facilitate this, a new app_trusted Boolean attribute is added to the Context, which controls whether the cloud specification can be accessed (and might do other things in the future).
The cloud specification is really a controller property, and in Scenario the
Modelobject is closest to the controller. This means that it is more logical to have thecloud_specproperty on theModelobject than onState.The one charm (application) specific aspect of
credential-getis trust - you don't trust an entire model at a time, you trust individual applications. However, trust is broader than cloud credentials (e.g. the extra access available with k8s). To facilitate this, a new app_trustedBoolean attribute is added to theContext, which controls whether the cloud specification can be accessed (and might do other things in the future).