Organization of variables into namespaces
Keys are currently flat in Craton, and require convention at the user level. Support functionality at the service level, including filtering and validation.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Jim Baker
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Keys for variables are currently flat in Craton. The only restriction is that they must be valid Unicode, and probably should be in ASCII for most usages. Currently we can implement user-level namespace support by using a convention, which I suggest should be using / as a separator. But we can directly support namespaces in the Craton service itself. Possible namespaces might be include ssh/ (to replace access keys for hosts, plus much more); plugin/ (to provide a means to configure plugins, like Hashicorp Vault for ssh key storage); nova/ (for remote access); aws/; maintenance/ (with state transitions constrained); and maybe ansible/. If desired, the namespace can be of any depth, eg, foo/bar/baz/my_key.
Namespaces should be pluggable, so that keys/values can be restricted, eg, a value must conform to a JSON schema definition; or to restrict values to follow certain rules, such as a state transition graph. It should be possible to filter and rename namespaces, much as we see in Python imports, in client usage.
Because namespaces simply layer on the keys, they do not change how variables work in other ways, such as with RBAC; notifications; secret storage; blame; and other auditing/