Move dashboard_client to CF catalog extension described in profile.md #483
Conversation
|
Hey mattmcneeney! Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA. |
spec.md
Outdated
| @@ -378,7 +378,7 @@ It is therefore RECOMMENDED that implementations avoid such strings. | |||
| | requires | array of strings | A list of permissions that the user would have to give the service, if they provision it. The only permissions currently supported are `syslog_drain`, `route_forwarding` and `volume_mount`. | | |||
| | bindable* | boolean | Specifies whether Service Instances of the service can be bound to applications. This specifies the default for all plans of this service. Plans can override this field (see [Plan Object](#plan-object)). | | |||
| | metadata | object | An opaque object of metadata for a Service Offering. It is expected that Platforms will treat this as a blob. Note that there are [conventions](profile.md#service-metadata) in existing Service Brokers and Platforms for fields that aid in the display of catalog data. | | |||
| | dashboard_client | [DashboardClient](#dashboard-client-object) | Contains the data necessary to activate the Dashboard SSO feature for this service. | | |||
| | dashboard_client | [DashboardClient](profile.md#dashboard-client-object) | Deprecated; has been moved to the [Cloud Foundry Service Metadata](profile.md#cloud-foundry-service-metadata) object. Contains the data necessary to activate the Dashboard SSO feature for this service. | | |||
There was a problem hiding this comment.
perhaps remove Contains the data necessary to activate the Dashboard SSO feature for this service. as well?
|
LGTM, my only nit is to remove the description for the deprecated field so that someone goes to look at the new location inside of profile.md for more information. But I am ok as is as well... |
|
I agree this is CF specific and should be moved from the top-level of the spec. I think there are a few things to address.
I think this proposal meets the first two issues. The third issue does not have a clear answer since we don't have a concept of "sensitive" in the spec that a platform could care about, so I don't think we should block on this, but maybe we need to consider this as a separate concern? Before merging we should give CF a chance to update to use the new location. |
The field is just being marked deprecated, and not removed. So CF can still go on using the field in the current location even if the PR is merged. In the future, perhaps CF should look into a Generic Action Auth call on the broker for a service and that would fix point 3? It might have to be a generic broker action as you auth before an instance is created I think. |
|
Look to see if we can resolve #462 as part of this work |
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
from
88979dd
to
2b63a7f
Compare
|
This is now covering #462 |
profile.md
Outdated
|
|
||
| | Response Field | Type | Description | | ||
| | --- | --- | --- | | ||
| | id | string | The id of the oAuth client that the dashboard will use. If present, MUST be a globally unique non-empty string. | |
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
from
2b63a7f
to
907c49b
Compare
|
Any other thoughts on this @zrob and co? Can I get a 👍 if people are happy to move this into validation through implementation? |
| @@ -393,15 +393,6 @@ company). Additionally, some Platforms might modify the service names before | |||
| presenting them to their users. This specification places no requirements on | |||
| how Platforms might expose these values to their users. | |||
|
|
|||
| ##### Dashboard Client Object | |||
There was a problem hiding this comment.
If its just deprecated, I'm not sure we can fully remove it from the spec yet - don't we usually keep the old fields around?
There was a problem hiding this comment.
Since we're still linking to it elsewhere, I'd be keen to remove this to keep things tidier. You can still find out what it is in the versioned profile.md - it's just moved. What do you think?
There was a problem hiding this comment.
By that logic we should remove all CF-isms from the core spec today. :-) I think each version of a spec should be complete on its own. It feels wrong to mention something that is only defined in an old version of the spec.
spec.md
Outdated
| @@ -378,7 +378,7 @@ It is therefore RECOMMENDED that implementations avoid such strings. | |||
| | requires | array of strings | A list of permissions that the user would have to give the service, if they provision it. The only permissions currently supported are `syslog_drain`, `route_forwarding` and `volume_mount`. | | |||
| | bindable* | boolean | Specifies whether Service Instances of the service can be bound to applications. This specifies the default for all plans of this service. Plans can override this field (see [Plan Object](#plan-object)). | | |||
| | metadata | object | An opaque object of metadata for a Service Offering. It is expected that Platforms will treat this as a blob. Note that there are [conventions](profile.md#service-metadata) in existing Service Brokers and Platforms for fields that aid in the display of catalog data. | | |||
| | dashboard_client | [DashboardClient](#dashboard-client-object) | Contains the data necessary to activate the Dashboard SSO feature for this service. | | |||
| | dashboard_client | [DashboardClient](profile.md#dashboard-client-object) | Deprecated (see the [Cloud Foundry Service Metadata](profile.md#cloud-foundry-service-metadata) object). | | |||
There was a problem hiding this comment.
I think this needs to point to the old stuff, until its fully removed, but keep the deprecation statement and pointer to the new stuff.
There was a problem hiding this comment.
See above. Since both spec.md and profile.md are versioned, can we not move things between these without 'breaking' anything?
There was a problem hiding this comment.
My point is that existing brokers might look at the spec and see this field and, even though its deprecated, they're still allowed to send it. Which means we need to still clearly define it. We can't leave a hole in the supported functionality. See how we dealt with org_id - we tagged it as deprecated in favor of context but still fully defined it.
|
SGTM just a minor comment on the spec changes. |
|
how about adding a login call to OSBAPI? |
profile.md
Outdated
| @@ -421,3 +421,12 @@ specific behaviour. | |||
| | Broker API Field | Type | Description | | |||
| | --- | --- | --- | | |||
| | metadata.shareable | string | Allows Service Instances to be shared across orgs and spaces. | | |||
| | metadata.dashboard_client | [DashboardClient](#dashboard-client-object) | Contains the data necessary to activate the Dashboard SSO feature for this service. | | |||
There was a problem hiding this comment.
I think we should take a step back here - this doesn't seem like a great fit for metadata or the catalog endpoint in general, as-is.
In kubernetes, we take whatever's in metadata and put it into a user-visible field. AFAIK we don't have an expectation that the platform name is sent to the catalog endpoint. That means that when a broker returns this field, it will be visible to every user that can see the service resource. That means that if you return this information, you've opened it up to a wider audience than you probably expected.
I don't wish to stall this at all, but I think we need to begin reasoning about the catalog endpoint as returning information that may be visible to everyone, even users with a low degree of privilege. Could we consider moving this to a separate resource or subresource in the future?
There was a problem hiding this comment.
So in this regard, CF and k8s are behaving differently. In CF, the platform uses information in metadata to understand behaviours but doesn't make this information visible to the end user. We also only show some information from the catalog in general, hence this kind of information has been stored here.
Do you think this is probably a good input for the v3 design?
There was a problem hiding this comment.
In general it does seem like we may need to have a clean separation between data that's ok for end users to see and data that is not ok for end users to see - and each needs to be clearly identified in the spec so that Platforms can act appropriately. In this case, if we were to move this data into some "secretMetadata" section then Kube can know that it should do something special with it.
There was a problem hiding this comment.
Actually CF and K8s are the same here. We expose all information returned in metadata on the CF API. Historically metadata has been populated with data for client tooling. This would be the first time we have to "hide" something from the response.
If we're considering a different abstraction for broker-to-platform metadata. Do we want to move it to the current metadata object just to have to move it again later?
There was a problem hiding this comment.
I don't want to block this, but I think putting secret information into metadata is something that could have negative consequences. I would prefer not to accumulate fields that require filtering in metadata and I don't think we should set that example for users.
I have been thinking about this and haven't come up with a great solution yet :-/
|
Moving Next plan:
|
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
from
907c49b
to
d92fa48
Compare
mattmcneeney
changed the title
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
from
d92fa48
to
26876a7
Compare
|
I can live with that. |
|
This makes sense to me. We also talked about using this as a chance to address #462. I'm happy to go with this or see one more update to mention the unique constraint. |
|
LGTM |
|
One more little review needed |
|
rebase needed |
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
from
26876a7
to
2a51d82
Compare
|
@duglin rebased |
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
2 times, most recently
from
d1da943
to
ca4707a
Compare
mattmcneeney
force-pushed
the
move-dashboard-client-to-metadata
branch
from
ca4707a
to
3a536ed
Compare
|
LGTM |
The
dashboard_clientobject is only used by service brokers that are being used with Pivotal Cloud Foundry. We should therefore investigate if it is feasible to deprecate this field (similar to what we did withorganization_guidandspace_guid) and move it into the service-level metadata specific for Cloud Foundry environments.Adding the do not merge flag as I need some feedback from the CF side before moving this into review.