search

odtp-org / odtp

ODTP: A tool designed to manage, run, and design digital twins.
https://odtp-org.github.io/odtp-manuals/
GNU Affero General Public License v3.0
12 stars 1 forks source link

[FEATURE] Pick secret file provide upload file feature #191

Open jugdemon opened 6 days ago

jugdemon commented 6 days ago

We are running ODTP now on a server where the user of the Dashboard cannot access the underlying machine. To provide secrets, it would be great if the user can upload the file from the dashboard and the file gets stored locally in ODTP.

Importance Level

(High)

This feature is critical to make ODTP available via a dashboard to external users.

Origin

We want to showcase ODTP to ETH internal partners and they should be able to run twins themselves via the dashboard which we make available to them. Adding secrets.

User Impact

Users without CLI access cannot add new secrets at the moment. We want to have dashboard only users. It is critical.

Mockups or Diagrams

None

Affected Components (examples: components, modules, … )

All components that need secrets but the user cannot access the CLI.

Technical Requirements (if possible, otherwise completed by SDSC)

Detailed technical specifications or requirements needed to implement the feature. This could include algorithms, data structures, APIs, or third-party services.

Related Documents/Links:

References to any related documentation, user stories, tickets, or external resources that provide additional context.

Dependencies (if possible, otherwise completed by SDSC):

Identification of any other features, systems, or processes that the proposed feature depends on or interacts with. This can be considered a “ready if” field and it will define what’s needed to have in order to start the development.

Acceptance criteria:

Specific criteria or metrics for evaluating the success or effectiveness of the feature once implemented.

sabinem commented 2 days ago

@jugdemon just to clarify: what exactly do you mean with that:

To provide secrets, it would be great if the user can upload the file from the dashboard and the file gets stored locally in ODTP.

Would it be enough to have the secrets available for the session of the user? Then this would still mean that if he restarts his session, there would still be another upload of the secrets necessary occasionaly. But would that solve your issue?

We don't want to store secrets in the databases of ODTP.

jugdemon commented 2 days ago

Dear Sabine, Yes, that is what we need. As it stand right now, we need to pick the secret file from the file System where ODTP is installed. As we host an ODTP Server, the user has no access to the file System and cannot deposit files in the server file System. Right now an Server Administrator needs to place the file there which is in convenient.

I should have been more precise - I meant that the secret file gets placed in the local odtp folder on the file System, not the ODTP database.

I see the advantage of the secret being uploaded per session and not being locally stored. Either solution works, what matters is that the secret can be provided via file upload so that a person without Server access and provide the secret.

I hope that makes sense.