...
1=============================================
2Most of the tests are testing the authentication.
3
4Scenario 1:
5serverA creates context with user and calls serverB calls server C
6for example, h2gproxy
7create context with "user/password" and "token" and "OTP/challenge/pin"
8
9Scenario 2:
10cmdline calls serverA calls serverB calls server C
11for example, some cmdline tool
12
13Scenario 3:
14serverA creates context with no user and calls serverB calls server C
15for example, a 'database backup service'
16
17Scenario 4:
18serverA creates context with user and calls server B. serverB stores request and executes new request some time (e.g. days) later with a context with that user
19for example, a 'trigger me if something happens" service
20
21The scenarios contain shared code, which is in shared
22
23=============================================
24Considerations:
25
26* Performance is quite important. We expect a goeasyops-server to run locally next to the caller, but all clusters share common userids etc.
27
28* Simple for developers. The go-easyops framework must, at most, depend on a single service which also provides a local mode, possibly with 'mock'. This
29means it must "proxy" services, such as auth-, registry-
30
31* A local service must be accessible by upstream services. (register with an upstream registry)
32
33* A local service must prefer local services. (use a different, local registry instead of upstream)
34
35
36=============================================
37Context is for passing API Boundaries. It may not be familiar to developers looking at this code to understand why the context is used so often, but it is its intented and useful purpose.
38
39=============================================
40In order to pass, each test must
41a) cleanly pass auth information through to next service, including a requestid
42b) must reject calls if a signature does not match
43
44
45==============================================
46Design Idea:
47* expose a service which returns a registry address
48* Service expected to be _always_ available on localhost:5000
49* split behaviour into "DC mode" and "Dev mode"
50--- dc mode:
511) return the 'cluster' registry
52--- dev mode:
531) return localhost:5000 for registry, auth-service (and any other required services)
542) expose grpc mock services on localhost:5000 for these services
55
56further Features:
57* expose all (authorised) services (including hosted in datacenters) on localhost:5000 and proxy those
58* expose all local services to a datacenter proxy of sort (tbd)
59
View as plain text