search

ManageIQ / floe

Floe is a runner for Amazon States Language workflows
Apache License 2.0
0 stars 5 forks source link

Pass credentials around with context #203

Closed kbrock closed 2 months ago

kbrock commented 3 months ago

Overview

My higher goal is to have State not store the workspace, context, nor credentials. See #210

We store Context and Credentials separately in the database. So it makes sense to keep them separate.

But having a single container that holds all runtime state simplifies matters.

Before

Passed Context and Credentials separately. The State accessed them using State#workspace#context and State#workspace#credentials.

If we go towards removing State#workspace, run_nonblock(context, credentials) will provide that data.

After

Context contains the context and Context#to_h returns the same value. But Context#credentials will contain the sensitive credentials.

The State accesses them using State#workspace#context and `State#workspace#context#credentials.

If we go towards removing State#workspace, run_nonblock(context) will be able to provide that data.

Compromise

Would have liked to remove Workspace#context and Workspace#initialize(..., context), but left it in there until we update manageiq-providers-workspace.

kbrock commented 3 months ago

update:

kbrock commented 3 months ago

update:

kbrock commented 2 months ago

update:

miq-bot commented 2 months ago

Checked commit https://github.com/kbrock/floe/commit/deffd73f83325ae4e1a20fc7d9c6a643fd4aa659 with ruby 2.7.8, rubocop 1.56.3, haml-lint 0.51.0, and yamllint 9 files checked, 0 offenses detected Everything looks fine. :cake: