Closed kibbles-n-bytes closed 5 years ago
Reading #368 I see this:
the platform MUST cease polling, the operation state MUST be considered
failed
, and the Platform SHOULD send a deprovision request
And then the current orphan mitigation
To mitigate orphan Service Instances and bindings, the marketplace SHOULD attempt to delete resources it cannot be sure were successfully created, and SHOULD keep trying to delete them until the Service Broker responds with a success.
Both sections seems to be in sync, am I missing something?
I think @kibbles-n-bytes is talking about this line in the provision section:
Responses with any other status code will be interpreted as a failure and a deprovision request MUST be sent to the Service Broker to prevent an orphan being created on the Service Broker.
Note the "MUST".
There might be some inconsistency between the two sections, but I would prefer to solve this by: 1 - moving the orphan mitigation section into the appropriate Provision and Binding sections of the spec. Having the logic of how to deal with each type of response split between two sections of the spec hard to follow and leads to possible conflicts, like @kibbles-n-bytes is suggesting we have. 2 - once we do 1, we can then see if we still have an inconsistency - but I doubt we will.
Note, this is related to: https://github.com/openservicebrokerapi/servicebroker/pull/254 and might end up closing that one.
The new orphan mitigation section makes this much clearer. Closing.
In the new text about platforms sending a deprovision request for every resource that has attempted to be provisioned, we specify that the platform MUST send a deletion request. However, the existing orphan mitigation section says that the platform SHOULD attempt a deletion for the specific orphan mitigation circumstances. As neither section specifies the timing as to when this deletion request will happen, the new text basically overwrites the entirety of the orphan mitigation section.
We should clarify our intent here. Should orphan mitigation happen immediately upon the platform deciding to mark the resource as failed? If so, we should specify that here. If not, then is orphan mitigation no longer relevant? We should then rework this section entirely to just talk about cleaning up of resources in general.