search

oasis-open / tosca-community-contributions

OASIS TC Open Repository: Manages TOSCA profiles, tests, and templates that are maintained by the TOSCA community. They are intended to be used as examples to help developers get started with TOSCA and to test compliance of TOSCA implementations with the standard.
https://github.com/oasis-open/tosca-community-contributions
Apache License 2.0
38 stars 25 forks source link

Add support for declarative policies #141

Open lauwers opened 1 year ago

lauwers commented 1 year ago

TOSCA's current policy syntax supports imperative policies only. These policies follow an event-condition-action pattern. We should add support for declarative policies that follow a context-capability-constraint pattern and express invariant conditions that must hold true at all times. Ironically, all the policy examples in the spec (e.g. colocation and anti-colocation placement policies) are examples of declarative policies, but TOSCA currently does not include syntax that allows one to define the semantics of such policies.

lauwers commented 1 year ago

I envision declarative policies to be defined using a set of invariants, i.e. Boolean expressions that must hold true at all times. However, this will likely require extensions to our TOSCA Path syntax to allow get_property functions to access members of a group. For example:

groups:
  sw-group:
    members: [ sw1, sw2, sw3 ]

policies:
  anti-colocation:
    target: sw-group
    conditions:
      $not:
        $equal:
          - $get_property: [ ALL, RELATIONSHIP, host, TARGET, uuid ]
          - $get_property: [ OTHER, RELATIONSHIP, host, TARGET, uuid ]

In this TOSCA Path proposal, the ALL keyword means all members of the target group and OTHER means *all other members of the group`.

Alternatively, we could introduce a GROUP keyword to avoid the need to identify the target group in the policy definition. Comments?