Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add allow_delete parameter to Deprovision API #763

Merged
merged 4 commits into from
Jul 16, 2024

Conversation

dbwiddis
Copy link
Member

@dbwiddis dbwiddis commented Jul 6, 2024

Description

Adds an allow_delete parameter to the Deprovision Workflow API which can contain a comma-delimited list of resource ids which may be deleted.

When the parameter does not contain resources that require it, the deprovision API returns a 403 response identifying the remaining resources.

Added DeleteIndexStep, DeleteIngestPipelineStep, and DeleteSearchPipelineStep which require the use of this parameter.

Added a denylist to prevent the use of these steps when provisioning workflows, and filtered the Get Workflow Steps API return to remove them from that list as well

Issues Resolved

Documentation

Please review:

Note to Reviewers

This implementation causes a change in API behavior.

Current behavior is to simply remove these unimplemented deletions from the resource list and silently fail, giving a 200 (OK) on successful deprovision while the resources remain. (As a concrete example, if an index was created and included in the created resources list, deprovisioning would simply remove it from the resources list without taking any action (deleting the index).)

This is misleading, as an attempt to provision again will fail with a pre-existing index, so I think the change is justified, but should be made clear to anyone using existing scripting relying on this behavior.

I think 403 (Forbidden) is the best response type here, but I'm open to discussion here if you have a better proposal.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@github-actions github-actions bot added the backport 2.x backport PRs to 2.x branch label Jul 6, 2024
Copy link

codecov bot commented Jul 6, 2024

Codecov Report

Attention: Patch coverage is 93.08176% with 11 lines in your changes missing coverage. Please review.

Project coverage is 75.41%. Comparing base (4a62386) to head (7de36c3).

Files Patch % Lines
...search/flowframework/workflow/DeleteIndexStep.java 89.65% 2 Missing and 1 partial ⚠️
...owframework/workflow/DeleteIngestPipelineStep.java 89.65% 2 Missing and 1 partial ⚠️
...owframework/workflow/DeleteSearchPipelineStep.java 89.65% 2 Missing and 1 partial ⚠️
...wframework/rest/RestDeprovisionWorkflowAction.java 66.66% 0 Missing and 1 partial ⚠️
...pensearch/flowframework/workflow/WorkflowStep.java 0.00% 1 Missing ⚠️
Additional details and impacted files
@@             Coverage Diff              @@
##               main     #763      +/-   ##
============================================
+ Coverage     74.61%   75.41%   +0.79%     
- Complexity      783      816      +33     
============================================
  Files            84       88       +4     
  Lines          3873     3998     +125     
  Branches        356      362       +6     
============================================
+ Hits           2890     3015     +125     
  Misses          825      825              
  Partials        158      158              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Member

@ohltyler ohltyler left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At a high level LGTM, thanks for adding this! Meets the frontend requirements and will make deprovisioning/reprovisioning a much smoother experience. I concur with a 403 response on resources left over, I think that makes the most sense.

Copy link
Member

@owaiskazi19 owaiskazi19 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall with one comment

@dbwiddis dbwiddis merged commit 7e7e993 into opensearch-project:main Jul 16, 2024
20 checks passed
@dbwiddis dbwiddis deleted the allow-delete branch July 16, 2024 16:49
@opensearch-trigger-bot
Copy link
Contributor

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/flow-framework/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/flow-framework/backport-2.x
# Create a new branch
git switch --create backport/backport-763-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 7e7e99305d88b9f8ece719fd0b3b2183e8a6b82b
# Push it to GitHub
git push --set-upstream origin backport/backport-763-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/flow-framework/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-763-to-2.x.

dbwiddis added a commit to dbwiddis/flow-framework that referenced this pull request Jul 16, 2024
* Add allow_delete parameter to Deprovision API

* Add denylist for workflow step types users are not allowed to use

Signed-off-by: Daniel Widdis <[email protected]>

* Remove denylisted steps from GetWorkflowStep response

Signed-off-by: Daniel Widdis <[email protected]>

* Remove mention of new steps from change log

Signed-off-by: Daniel Widdis <[email protected]>

---------

Signed-off-by: Daniel Widdis <[email protected]>
dbwiddis added a commit that referenced this pull request Jul 16, 2024
…785)

Add allow_delete parameter to Deprovision API (#763)

* Add allow_delete parameter to Deprovision API

* Add denylist for workflow step types users are not allowed to use



* Remove denylisted steps from GetWorkflowStep response



* Remove mention of new steps from change log



---------

Signed-off-by: Daniel Widdis <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport 2.x backport PRs to 2.x branch
Projects
None yet
4 participants