HDFGroup / hsds

Cloud-native, service based access to HDF data
https://www.hdfgroup.org/solutions/hdf-kita/
Apache License 2.0
131 stars 53 forks source link

Declarative method for defining domains and ownership #123

Open bilalshaikh42 opened 2 years ago

bilalshaikh42 commented 2 years ago

My apologies if this is documented somewhere and i missed it Is there a way to declaratively create some top-level folders and assign user permissions? Our use case is that we define our infrastructure entirely declaratively. Therefore, deploying a new version or changing the backend storage (this particular situation) is just a matter of changing the configuration values.

However, for HSDS we end up with one additional step, which is to call the API to post a new domain and assign the ACLS for the user.

Would it be feasible to have this be a configuration option?

jreadey commented 2 years ago

The API calls to setup folders and ACLs in the end just results in JSON files on your storage system. Can you just use those JSON files as the infrastructure definition?

bilalshaikh42 commented 2 years ago

That would be possible, but would still be an "additional" step past the configuration itself. If the server could read a list of domains, similar to the "allowed domains" variable, or even read the json files you mentioned and create them if they do not exist, it would allow for sharing a particular domain structure more easily.

This is not a major issue for us, but more of a convenience. Was curious as to the feasibility.

jreadey commented 2 years ago

Interesting idea! Am a little concerned to add extra complexity in the server now. Could you add something similar in your server startup script? E.g. check for folders by querying the storage system and create if need be. Then proceed with launching the server.