Project

Profile

Help

Pulp 3 Minimum Viable Product » History » Sprint/Milestone 17

semyers, 02/28/2017 06:08 PM
Update Authentication section with contents of etherpad https://etherpad.net/p/Pulp3_Authentication_MVP

1 1 bmbouter
# Pulp 3.0.0 Minimum Viable Product (MVP)
2
3
## Authentication
4
5 17 semyers
As an authenticated user I can manage user(s).
6
7
  - Add a user
8
  - View user(s)
9
  - Update any user detail
10
  - Delete a user
11
12
As an API user, I can have documentation to generate a JSON Web Token (JWT) without the server being online.
13
14
A user authenticated with HTTP/HTTPS "Basic" auth can acquire a non-expiring JWT to access the API.
15
16
  - The JWT shall have a created timestamp which can be used to invalidate
17
  - The JWT shall have a user identifier (its primary key)
18
19
I can authenticate to any API call using HTTP/HTTPS "Basic" auth with a username and password that Pulp stores.
20
21
  - The password is stored as a hash (for security).
22
23
As an API user, I can authenticate any API call with a JWT.
24
25
As an API user, I can invalidate all JWT tokens for a given user issued earlier than now.
26
27
As an authenticated user, when deleting a user 'foo', all of user 'foo's JWTs are invalidated.
28 1 bmbouter
29
## Repositories
30
31 2 Ichimonji10
I can list all repos  
32
I can CRUD a repository  
33
I can list associated importers and publishers  
34
I can list content in a repository  
35
I can summarize content in a repo (including counts)  
36
I can CRUD an importer  
37
I can CRUD a publisher
38 1 bmbouter
39
## Content Manipulation
40
41 4 Ichimonji10
I can sync an importer  
42
I can publish a publisher  
43
I can upload *(What to where?)*  
44
I can copy *(What from where to where?)*  
45
I can clean up orphans
46 1 bmbouter
47
## Filter
48
49 5 Ichimonji10
I can filter all nouns *(What is the meaning of "filter?" What is a noun?)*
50 1 bmbouter
51
## Task Management
52
53 13 Ichimonji10
I can list all tasks and filter them *(Does this listing include only tasks that have not finished? If so, is there a way to list finished tasks?)*  
54 1 bmbouter
I can see a detail view for a specific task including its progress and results  
55
I can cancel tasks
56
57
## Task Group
58
59
I can view a summary of the status of all tasks in a group
60
61
## Event Listener Notifier
62
63
I can receive serialized task info via AMQP on each task save
64
65 12 Ichimonji10
*Can this be restated in more pedantic terms? Does this mean that an arbitrary host can attach itself to Pulp's AMQP message bus and get updates on the progress of tasks?*
66
67 1 bmbouter
## Status
68
69
I can view the status of all pulp components  
70
I can view an overall health attribute  
71
I can view information about unapplied migrations
72
73
## Plugin API
74
75
We will have one  
76
We will use one  
77
It will be semantically versioned at 0.x separate from the REST API
78
79 6 Ichimonji10
*Will this API be a Python code interface, a networked HTTP interface, or something else? In other words, for Pulp to use a plugin, will Pulp look for Python code, will it make HTTP calls to some networked resource, or something else?*
80
81
*What are three examples of plugins that will be written? (One goal is "we will use one," so presumably some specific plug-ins are already in mind.)*
82
83 1 bmbouter
## CLI
84
85 8 Ichimonji10
We will port what is there with as little effort as possible *(Does this mean that porting will be easy for developers, or that switching from the Pulp 2-3 CLI will be easy for users? If the former, isn't this an implementation detail that doesn't belong in an MVP document? If the latter, does this mean that we're going to carry forward the issues with pulp-admin, like a lack of status codes?)*
86
87 1 bmbouter
repo CRUD  
88
CRUD for importers  
89
CRUD for publishers  
90
trigger syncs  
91
trigger publish  
92
list content in a repo  
93
upload  
94
server status  
95
list and cancel tasks  
96 8 Ichimonji10
authn via basic auth  
97
*(Should the supported set of operations be stated in terms of "The capabilities listed in the 'Authenctication,' 'Repositories,' and 'Filter' sections will be supported by the CLI."?)*
98 1 bmbouter
99
## Nectar Plugin Download API
100
101 9 Ichimonji10
*(Is it correct to say that "I, the user, can download files via HTTP, HTTPS and file://," or "Nectar, the application, can download files via HTTP, HTTPS and file://?")*  
102 1 bmbouter
I can download files via HTTP, HTTPS  
103
I can download via file://  
104 9 Ichimonji10
Authentication parity with 2.y *(Again, is this an "I can do X" statement or a "Nectar can do X" statement?)*  
105 1 bmbouter
Recommend something for bandwidth limiting  
106
Verify integrity of downloaded files  
107 10 Ichimonji10
Alternate content source support *(Please clarify what this means. Does this mean that content can be downloaded via a protocol other than HTTP, HTTPS and file://? Does it mean that a single importer may attempt to download content from a prioritized list of locations? Something else? Assuming this is an importer-related things, which types of importers will support this? RPM? Python? Etc?)*  
108 1 bmbouter
Streamer parity with 2.y
109
110
## Consumer Applicability
111
112
Using consumer profiles and repo bindings I can compute applicability with 2.y parity  
113
Performance needs to be awesome
114
115 11 Ichimonji10
*(Is the Pulp Consumer going away in Pulp 3? If so, is this section still appropriate?)*
116
117 1 bmbouter
## ISO exports
118
119 16 Ichimonji10
Export a group of repos to a single iso *(What will the format be? A plain directory tree that's understandable by Pulp?)*
120 1 bmbouter
121
## Plugin compatibility
122
123
rpm will work with platform  
124
puppet will work with platform  
125
ostree will work with platform  
126
python will work with platform  
127
file_plugin will work with platform  
128
docker will work with platform
129
130
## Migrations
131
132 14 Ichimonji10
users can run an executable similar to pulp-manage-db that is not named pulp-manage-db *(Why the change in name?)*