Pulp

Can this be removed from the sprint until the functional details are added and it's groomed? Without that the work isn't clear enough to be picked up on a sprint.

As a Pulp user, I would like to use a RHUI which has the Amazon authentication plugin enabled as an alternate content source.

The existing ACS config supports most of the required values, but two additional HTTP headers (X-RHUI-ID and X-RHUI-SIGNATURE) have to be presented in order to obtain content from the RHUI. The values of these two headers are strings that do not change once an instance is created.

What is an ACS config? I'm not sure how these two headers will be configured? Also is the user only providing the values and we hardcode the names, or is it a generalized configuration and the user supplies both the config name and its value?

ah, I was just being lazy with my typing :) acs = alternate content source

There are probably a number of ways to solve the problem of getting the content out of a RHUI, but one idea would be to allow setting the two X-RHUI headers via https://docs.pulpproject.org/user-guide/content-sources.html. I believe if two additional settings were exposed to set values for the two headers and then the header values were passed through to nectar, that would work. I think it would operate similarly to how basic auth is set up.

OK that is a good plan. The last bit of detail I'm looking for are the actual names of those two options. Then one of us can write out the deliverables as checklist items. I can help w/ that once the setting names are decided.

Thanks for all the input you've given. This story is really shaping up.

The full names are `X-RHUI-ID` and `X-RHUI-SIGNATURE`.

All of the names of those options are lower case. Do you think upper or lower case would be better?

I added some checklist items. I don't know if the default should be empty string or None. Where are the alternate content source defaults specified?

I think lowercase is better, at least IMO. For the None vs empty string, I'm ok with either as long as the header not sent on requests by default.

I also like the lower case consistency. I rewrote the checklist item to name those as the alternate content source config names. I also added two more docs checklist items.

I don't think that adding RHUI specific options to the alternate content source descriptor is appropriate. These are just HTTP headers and should be supported generically. Instead, let's add support for a headers option. This is a list option (like paths) but has the form of <header>=<value>.

Example:

headers: X-RHUI-ID=1234 \
         X-RHUI-SIGNATURE=AF1902B9C8DAF1902B9C8D

+1 to @jortel's idea to call it headers. Similar to paths it will be <str> with an optionl list delimited by space or newline. Thanks @jortel for also updating the checklist. I think this is good to go.