Pulp 3 Minimum Viable Product » History » Sprint/Milestone 17
semyers, 02/28/2017 06:08 PM
Update Authentication section with contents of etherpad https://etherpad.net/p/Pulp3_Authentication_MVP
| 1 | 1 | bmbouter | # Pulp 3.0.0 Minimum Viable Product (MVP) |
|---|---|---|---|
| 2 | |||
| 3 | ## Authentication |
||
| 4 | |||
| 5 | 17 | semyers | As an authenticated user I can manage user(s). |
| 6 | |||
| 7 | - Add a user |
||
| 8 | - View user(s) |
||
| 9 | - Update any user detail |
||
| 10 | - Delete a user |
||
| 11 | |||
| 12 | As an API user, I can have documentation to generate a JSON Web Token (JWT) without the server being online. |
||
| 13 | |||
| 14 | A user authenticated with HTTP/HTTPS "Basic" auth can acquire a non-expiring JWT to access the API. |
||
| 15 | |||
| 16 | - The JWT shall have a created timestamp which can be used to invalidate |
||
| 17 | - The JWT shall have a user identifier (its primary key) |
||
| 18 | |||
| 19 | I can authenticate to any API call using HTTP/HTTPS "Basic" auth with a username and password that Pulp stores. |
||
| 20 | |||
| 21 | - The password is stored as a hash (for security). |
||
| 22 | |||
| 23 | As an API user, I can authenticate any API call with a JWT. |
||
| 24 | |||
| 25 | As an API user, I can invalidate all JWT tokens for a given user issued earlier than now. |
||
| 26 | |||
| 27 | As an authenticated user, when deleting a user 'foo', all of user 'foo's JWTs are invalidated. |
||
| 28 | 1 | bmbouter | |
| 29 | ## Repositories |
||
| 30 | |||
| 31 | 2 | Ichimonji10 | I can list all repos |
| 32 | I can CRUD a repository |
||
| 33 | I can list associated importers and publishers |
||
| 34 | I can list content in a repository |
||
| 35 | I can summarize content in a repo (including counts) |
||
| 36 | I can CRUD an importer |
||
| 37 | I can CRUD a publisher |
||
| 38 | 1 | bmbouter | |
| 39 | ## Content Manipulation |
||
| 40 | |||
| 41 | 4 | Ichimonji10 | I can sync an importer |
| 42 | I can publish a publisher |
||
| 43 | I can upload *(What to where?)* |
||
| 44 | I can copy *(What from where to where?)* |
||
| 45 | I can clean up orphans |
||
| 46 | 1 | bmbouter | |
| 47 | ## Filter |
||
| 48 | |||
| 49 | 5 | Ichimonji10 | I can filter all nouns *(What is the meaning of "filter?" What is a noun?)* |
| 50 | 1 | bmbouter | |
| 51 | ## Task Management |
||
| 52 | |||
| 53 | 13 | Ichimonji10 | I can list all tasks and filter them *(Does this listing include only tasks that have not finished? If so, is there a way to list finished tasks?)* |
| 54 | 1 | bmbouter | I can see a detail view for a specific task including its progress and results |
| 55 | I can cancel tasks |
||
| 56 | |||
| 57 | ## Task Group |
||
| 58 | |||
| 59 | I can view a summary of the status of all tasks in a group |
||
| 60 | |||
| 61 | ## Event Listener Notifier |
||
| 62 | |||
| 63 | I can receive serialized task info via AMQP on each task save |
||
| 64 | |||
| 65 | 12 | Ichimonji10 | *Can this be restated in more pedantic terms? Does this mean that an arbitrary host can attach itself to Pulp's AMQP message bus and get updates on the progress of tasks?* |
| 66 | |||
| 67 | 1 | bmbouter | ## Status |
| 68 | |||
| 69 | I can view the status of all pulp components |
||
| 70 | I can view an overall health attribute |
||
| 71 | I can view information about unapplied migrations |
||
| 72 | |||
| 73 | ## Plugin API |
||
| 74 | |||
| 75 | We will have one |
||
| 76 | We will use one |
||
| 77 | It will be semantically versioned at 0.x separate from the REST API |
||
| 78 | |||
| 79 | 6 | Ichimonji10 | *Will this API be a Python code interface, a networked HTTP interface, or something else? In other words, for Pulp to use a plugin, will Pulp look for Python code, will it make HTTP calls to some networked resource, or something else?* |
| 80 | |||
| 81 | *What are three examples of plugins that will be written? (One goal is "we will use one," so presumably some specific plug-ins are already in mind.)* |
||
| 82 | |||
| 83 | 1 | bmbouter | ## CLI |
| 84 | |||
| 85 | 8 | Ichimonji10 | We will port what is there with as little effort as possible *(Does this mean that porting will be easy for developers, or that switching from the Pulp 2-3 CLI will be easy for users? If the former, isn't this an implementation detail that doesn't belong in an MVP document? If the latter, does this mean that we're going to carry forward the issues with pulp-admin, like a lack of status codes?)* |
| 86 | |||
| 87 | 1 | bmbouter | repo CRUD |
| 88 | CRUD for importers |
||
| 89 | CRUD for publishers |
||
| 90 | trigger syncs |
||
| 91 | trigger publish |
||
| 92 | list content in a repo |
||
| 93 | upload |
||
| 94 | server status |
||
| 95 | list and cancel tasks |
||
| 96 | 8 | Ichimonji10 | authn via basic auth |
| 97 | *(Should the supported set of operations be stated in terms of "The capabilities listed in the 'Authenctication,' 'Repositories,' and 'Filter' sections will be supported by the CLI."?)* |
||
| 98 | 1 | bmbouter | |
| 99 | ## Nectar Plugin Download API |
||
| 100 | |||
| 101 | 9 | Ichimonji10 | *(Is it correct to say that "I, the user, can download files via HTTP, HTTPS and file://," or "Nectar, the application, can download files via HTTP, HTTPS and file://?")* |
| 102 | 1 | bmbouter | I can download files via HTTP, HTTPS |
| 103 | I can download via file:// |
||
| 104 | 9 | Ichimonji10 | Authentication parity with 2.y *(Again, is this an "I can do X" statement or a "Nectar can do X" statement?)* |
| 105 | 1 | bmbouter | Recommend something for bandwidth limiting |
| 106 | Verify integrity of downloaded files |
||
| 107 | 10 | Ichimonji10 | Alternate content source support *(Please clarify what this means. Does this mean that content can be downloaded via a protocol other than HTTP, HTTPS and file://? Does it mean that a single importer may attempt to download content from a prioritized list of locations? Something else? Assuming this is an importer-related things, which types of importers will support this? RPM? Python? Etc?)* |
| 108 | 1 | bmbouter | Streamer parity with 2.y |
| 109 | |||
| 110 | ## Consumer Applicability |
||
| 111 | |||
| 112 | Using consumer profiles and repo bindings I can compute applicability with 2.y parity |
||
| 113 | Performance needs to be awesome |
||
| 114 | |||
| 115 | 11 | Ichimonji10 | *(Is the Pulp Consumer going away in Pulp 3? If so, is this section still appropriate?)* |
| 116 | |||
| 117 | 1 | bmbouter | ## ISO exports |
| 118 | |||
| 119 | 16 | Ichimonji10 | Export a group of repos to a single iso *(What will the format be? A plain directory tree that's understandable by Pulp?)* |
| 120 | 1 | bmbouter | |
| 121 | ## Plugin compatibility |
||
| 122 | |||
| 123 | rpm will work with platform |
||
| 124 | puppet will work with platform |
||
| 125 | ostree will work with platform |
||
| 126 | python will work with platform |
||
| 127 | file_plugin will work with platform |
||
| 128 | docker will work with platform |
||
| 129 | |||
| 130 | ## Migrations |
||
| 131 | |||
| 132 | 14 | Ichimonji10 | users can run an executable similar to pulp-manage-db that is not named pulp-manage-db *(Why the change in name?)* |
.