apiserver: organise facades #7606

Merged
merged 1 commit into from Jul 11, 2017

Conversation

Projects
None yet
3 participants
Member

axw commented Jul 10, 2017

Description of change

Organise facades into subdirectories:

  • facades/agent
  • facades/client
  • facades/controller

There are a few facades that do not have
an obvious home:

  • storageprovisioner is run by the controllers
    (for model-level storage), and on machine
    agents (for machine-level storage).
  • imagemetadata is, unfortunately, serving two
    purposes: it serves the client, for listing,
    adding and removing image metadata; and it
    serves the image metadata worker. Because the
    image metadata client code is behind a feature
    flag, we could probably break API compatibility,
    and make it worker-only. I've left it alone for
    now, and put it in the facades/client package.
  • migrationtarget is for controllers to talk to
    each other, but it accepts only client
    authentication. Nevertheless, I've put it in the
    facades/controller package.

And then there were some bugs in facade auth:

  • logfwd was using AuthMachineAgent, and should
    have used AuthController. It has been updated
    to use the latter.
  • payloads had no auth at all; it has been updated
    to use AuthClient.
  • metricsmanager and undertaker: redundant calls
    to AuthMachineAgent, when AuthController would
    do. Simplified.
  • charmrevisionupdater: was allowing non-controller
    agents, now does not.
  • keymanager and highavailability: both were allowing
    controller unnecessarily; dropped.

QA steps

Run tests. Bootstrap.

Documentation changes

None.

Bug reference

None.

axw added a commit to axw/juju that referenced this pull request Jul 10, 2017

apiserver/...: fix several auth issues
Backport of auth issues found/fixed in
juju#7606.

- logfwd was using AuthMachineAgent, and should
  have used AuthController. It has been updated
  to use the latter.
- payloads had no auth at all; it has been updated
  to use AuthClient.
- metricsmanager and undertaker: redundant calls
  to AuthMachineAgent, when AuthController would
  do. Simplified.
- charmrevisionupdater: was allowing non-controller
  agents, now does not.
- keymanager and highavailability: both were allowing
  controller unnecessarily; dropped.

axw added a commit to axw/juju that referenced this pull request Jul 10, 2017

apiserver/...: fix several auth issues
Backport of auth issues found/fixed in
juju#7606.

- logfwd was using AuthMachineAgent, and should
  have used AuthController. It has been updated
  to use the latter.
- payloads had no auth at all; it has been updated
  to use AuthClient.
- metricsmanager and undertaker: redundant calls
  to AuthMachineAgent, when AuthController would
  do. Simplified.
- charmrevisionupdater: was allowing non-controller
  agents, now does not.
- keymanager and highavailability: both were allowing
  controller unnecessarily; dropped.

axw added a commit to axw/juju that referenced this pull request Jul 10, 2017

apiserver/...: fix several auth issues
Backport of auth issues found/fixed in
juju#7606.

- logfwd was using AuthMachineAgent, and should
  have used AuthController. It has been updated
  to use the latter.
- payloads had no auth at all; it has been updated
  to use AuthClient.
- metricsmanager and undertaker: redundant calls
  to AuthMachineAgent, when AuthController would
  do. Simplified.
- charmrevisionupdater: was allowing non-controller
  agents, now does not.
- keymanager and highavailability: both were allowing
  controller unnecessarily; dropped.

jujubot added a commit that referenced this pull request Jul 10, 2017

Merge pull request #7607 from axw/apiserver-facade-auth-fixes
apiserver/...: fix several auth issues

## Description of change

Backport of auth issues found/fixed in
#7606.

- logfwd was using AuthMachineAgent, and should
  have used AuthController. It has been updated
  to use the latter.
- payloads had no auth at all; it has been updated
  to use AuthClient.
- metricsmanager and undertaker: redundant calls
  to AuthMachineAgent, when AuthController would
  do. Simplified.
- charmrevisionupdater: was allowing non-controller
  agents, now does not.
- keymanager and highavailability: both were allowing
  controller unnecessarily; dropped.

## QA steps

Run tests. Bootstrap.

## Documentation changes

None.

## Bug reference

None.
Owner

jameinel commented Jul 11, 2017

Offhand it feels like storageprovisioner can be made an 'agent' and we should fix 'imagemetadata' because it should not be serving 2 masters. If we need to pull some of the code into 'common', that would be ok, but we should have a separate facade for clients than for agents. Not that you have to do that for this patch, but its a clear mistake to combine them.

Member

axw commented Jul 11, 2017

we should fix 'imagemetadata' because it should not be serving 2 masters. If we need to pull some of the code into 'common', that would be ok, but we should have a separate facade for clients than for agents. Not that you have to do that for this patch, but its a clear mistake to combine them.

Agreed. I have filed a bug (https://bugs.launchpad.net/juju/+bug/1703582) and added a card.

apiserver: organise facades
Organise facades into subdirectories:
 - facades/agent
 - facades/client
 - facades/controller

There are a few facades that do not have
an obvious home:

 - storageprovisioner is run by the controllers
   (for model-level storage), and on machine
   agents (for machine-level storage).
 - imagemetadata is, unfortunately, serving two
   purposes: it serves the client, for listing,
   adding and removing image metadata; and it
   serves the image metadata worker. Because the
   image metadata client code is behind a feature
   flag, we could probably break API compatibility,
   and make it worker-only. I've left it alone for
   now, and put it in the facades/client package.
 - migrationtarget is for controllers to talk to
   each other, but it accepts only client
   authentication. Nevertheless, I've put it in the
   facades/controller package.

And then there were some bugs in facade auth:

 - logfwd was using AuthMachineAgent, and should
   have used AuthController. It has been updated
   to use the latter.
 - payloads had no auth at all; it has been updated
   to use AuthClient.
 - metricsmanager and undertaker: redundant calls
   to AuthMachineAgent, when AuthController would
   do. Simplified.
 - charmrevisionupdater: was allowing non-controller
   agents, now does not.
 - keymanager and highavailability: both were allowing
   controller unnecessarily; dropped.
Member

axw commented Jul 11, 2017

$$merge$$

Contributor

jujubot commented Jul 11, 2017

Status: merge request accepted. Url: http://juju-ci.vapour.ws:8080/job/github-merge-juju

@jujubot jujubot merged commit 551f83c into juju:develop Jul 11, 2017

1 check failed

github-check-merge-juju Ran tests against PR. Use !!.*!! to request another build. IE, !!build!!, !!retry!!
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment