BREAKING! allow OBs to be updated by provisioner

[BlaineEXE]

THIS IS A BREAKING CHANGE!

Sometimes, an OB might need to be updated by the provisioner. For example, the endpoint of the object store changed.

In order for this to work, lib-bucket-provisioner must use an idempotent controller, and it must call Provision()/Grant() on each reconcile. Provision() and Grant() must then also be idempotent. In order to allow these calls to be more idempotent, l-b-p will now call GenerateUserID() to generate a deterministic idempotency key that Provision() and Grant() will then use as a user name and for any actions that need help being idempotent between runs.

Because Provision() and Grant() are idempotent, there is now no need for the Update() method.

This is a change to the previous API spec which allowed provisioners to return errors if a bucket already existed in the backend.

Signed-off-by: Blaine Gardner blaine.gardner@redhat.com

[travisn]

The breaking change is that the API is not returning errors anymore where it would have previously? In that case, I would guess that clients such as Rook users would not see this as a breaking change under normal conditions?

[BlaineEXE]

The breaking API change is that Provision() and Grant() are expected to be idempotent. That previously was not the case. As I'm working to implement this with Rook, I'm realizing there are other changes needed as well.

[BlaineEXE]

To clarify some more about Provision() no longer requiring cleanup:

This library has generated the bucket name before calling Provision() for a while, and now with GetUserID() deterministically generating a user ID, there shouldn't be any risk of leaving dangling buckets/users with random names on the backend. For partially-provisioned OBCs, cleanup can now safely happen when Delete() is called.