<div dir="ltr"><div><div>Hi Augus,<br><br></div>I agree with that 'trigger' should not be put in workbook. in current implement, it's hard to get the execution context while schedule trigger.<br><br></div>Here is one bug to complain about missing context.<br>
<div><a href="https://bugs.launchpad.net/mistral/+bug/1335758">https://bugs.launchpad.net/mistral/+bug/1335758</a><br><br><div><div><div class="gmail_extra">Thanks,<br></div><div class="gmail_extra">Ray<br></div><div class="gmail_extra">
<br><div class="gmail_quote">On Tue, Jun 10, 2014 at 1:59 PM, Angus Salkeld <span dir="ltr"><<a href="mailto:angus.salkeld@rackspace.com" target="_blank">angus.salkeld@rackspace.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA1<br>
<br>
Hi<br>
<br>
I was looking at <a href="https://blueprints.launchpad.net/mistral/+spec/mistral-ceilometer-integration" target="_blank">https://blueprints.launchpad.net/mistral/+spec/mistral-ceilometer-integration</a><br>
and trying to figure out how to implement that.<br>
<br>
I can see some problems:<br>
- - at the moment the trust is created when you PUT the workbook definition<br>
this means that if a totally different user executes the workbook, it will be run as the user that<br>
created the workbook :-O<br>
<a href="https://github.com/stackforge/mistral/blob/master/mistral/services/workbooks.py#L27" target="_blank">https://github.com/stackforge/mistral/blob/master/mistral/services/workbooks.py#L27</a><br>
<a href="https://github.com/stackforge/mistral/blob/master/mistral/engine/data_flow.py#L92" target="_blank">https://github.com/stackforge/mistral/blob/master/mistral/engine/data_flow.py#L92</a><br>
- - Workbooks can't be sharable if the trust is created at workbook create time.<br>
- - If the trust is not created at workbook create time, how do you use triggers?<br>
<br>
It seems to me that it is a mistake putting the "triggers" in the workbook<br>
because there are three entities here:<br>
1) the shareable workbook with tasks (a template really that could be stored in glance)<br>
2) the execution entity (keeps track of the running tasks)<br>
3) the person / trigger that initiates the execution<br>
- execution context<br>
- authenticated token<br>
<br>
if we put "3)" into "1)" we are going to have authentication issues and<br>
potentially give up the idea of sharing workbooks.<br>
<br>
I'd suggest we have a new entity (and endpoint) for triggers.<br>
- - This would associate 3 things: trust_id, workbook and trigger rule<br>
- - This could also be then used to generate a URL for ceilometer or solum to call<br>
in an autonomous way.<br>
- - One issue is if your workflow takes a *really* long time and you don't use the<br>
trigger then you won't have a trust, but a normal user token. But maybe if<br>
the manually initiates the execution, we can create a "manual trigger" in the<br>
background?<br>
<br>
I can also help out with: <a href="https://blueprints.launchpad.net/mistral/+spec/mistral-multitenancy" target="_blank">https://blueprints.launchpad.net/mistral/+spec/mistral-multitenancy</a><br>
I believe all that needs to be done is to filter the db items by project_id that is<br>
in the user context.<br>
<br>
Any thoughts on the above (or better ways of moving forward)?<br>
<br>
- -Angus<br>
<br>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v1<br>
Comment: Using GnuPG with Thunderbird - <a href="http://www.enigmail.net/" target="_blank">http://www.enigmail.net/</a><br>
<br>
iQEcBAEBAgAGBQJTlp7HAAoJEFrDYBLxZjWoqtAH/3Un3miZmcPjXCO/klU7jsXw<br>
nEYQhWBI+IJuZ5W9MgSHkLg2PwfL6nFxhzyFjG5GloH7QQjO+jGIeE+sBSwPPF/K<br>
kTkllROUhzOO+VFMTIA3y+c173oklmmUtznbuUvDLgLtxNEgtxOWyvZMF3vHO5sS<br>
VkzfSXhg+VbZdg7lVqkaPOtRY/tJ7uVvtskeGZJRIVbE1iINGtqW0aC0WMXXLb7c<br>
7ek8H9lYuxiQ10++7lU+0g6Yn6Momtcmh5j+dTZvJsZw/XEPCc+aDYsE+Yz9tqwb<br>
blh2tWAqNri+xWtumyIAnfv2teJtiDUkzRqRTwxycBOdrkhQ6Nq0RpTCg15jNsA=<br>
=TXJE<br>
-----END PGP SIGNATURE-----<br>
<br>
_______________________________________________<br>
OpenStack-dev mailing list<br>
<a href="mailto:OpenStack-dev@lists.openstack.org">OpenStack-dev@lists.openstack.org</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</blockquote></div><br></div></div></div></div></div>