-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API refactor #37
Comments
Updated with some info on ThirdPartyResources |
This would probably tie in with the Controller Refactor. Also removes the need for us to start our own etcd instance. |
My current understanding of ThirdPartyResources is that only the resource is stored in etcd. For the rest of associated data it should be stored outside of that (so I assume our own etcd) |
Yes. Thinking about pipelines, stages, and build info would be stored as ThirdPartyResources and it's up to the controllers to monitor the api for changes to start builds, send notifications, etc. |
Ah yeah, I hadn't considered storing more than pipelines in there. One thing we might need to check is if TPR is enabled in GKE |
I don't think it's enabled in our latest installation. |
A few things I think we need to improve on the API.
|
How will users be managed in this API? Per-user pipelines (with different auth flows for different services). Can we use the K8s user (which would probably fit the TPR model)? |
Would it make sense to use gRPC which seems to be the trend for newer K8s Go projects? (Helm, etcd) |
This would relate to the controllers too. I think it would be better for the API to have separate data structures for the pipelines, builds, and stages. The API just creates/updates them then a separate controller watches over the changes, runs the builds, then calls the API to update on the status. When TPR is available, it'd be easier to just go and say:
we could probably use the k8s user. or if not, make the user into another TPR? something like |
Still thinking about the users. should pipelines be linked to users? eg. 2 users accessing the same repo can have separate pipelines? which means a repo can have several hooks pertaining to a pipeline? Our current implem doesn't have a concept of user. All the pipelines shown are created by logged in users (who have admin access to the repo) but they are shared for all users (even without repo access). Everyone can run the build. |
I'm wondering if builds are something that lives as a resource. Its something thats generated as part of a running a pipeline but its never edited after its finished. Would it be better to keep it in its own data store (etcd or object store)? |
Yes, I was considering that too. As a dev can I run the same pipeline as another user for doing my own testing... I would think yes. |
The builds do get edited for a short time, when a stage or all stages finishes. Same as the stages when their job is complete. Was thinking of it similar to a Job when it's running, it spins up a pod and for the moment that it's running, it is visible when we run |
The idea of having the builds as a resource is that the API can just edit the build's definition marking a stage as |
Hadn't considered it that way but makes some sense if there are edits going on |
A general idea of how the new spec will look like as well as updates for the way the pipeline resources are stored in etcd (making it closer to K8S TPR). pipeline spec
note: stages can override vars and notifs. todo:
pipelinesPrefix: /kontinuous/pipelines/{pipeline-uuid}/{json-data} JSON data:
pipeline - uuid mapkey: /kontinuous/pipeline-uuid/{pipeline-name} value: the uuid for the pipeline name note: the api should use the friendly name of the pipeline but internally we should use the uuid. This is used to map the pipeline name to it's uuid. buildsPrefix: /kotninuous/builds/{pipeline-uuid}/{build-uuid}/{json-data}
build - uuid mapkey: /kontinuous/build-uuid/{pipeline-uuid}.{build-num} value: the build uuid for the given build number note: the api shoulduse the build number but internally we should use the uuid. this is used to map the pipeline name to it's uuid. stagesPrefix: /kontinuous/stages/{pipeline-uuid}/{build-uuid}/{stage-uuid}/{json-data}
stage - uuid mapkey: /kontinuous/stage-uuid/{pipeline-uuid}.{build-uuid}.{stage-num} value: the stage uuid for the given stage number |
Now that we have an initial prototype built, there are a few areas on the API that can be improved.
Mentioned in #15, the
ThirdPartyResource
may be a better approach to integrating the API. We get the benefits of Kube API Auth along with the use of etcd - https://github.com/kubernetes/kubernetes/blob/release-1.2/docs/design/extending-api.md(Currently a stub... updates to come)
The text was updated successfully, but these errors were encountered: