[CMFA: Edit Options] Automate Infra Manage [read/write]

[btm]

Automate Infra Manage

(Chef Manage in Automate)

Following Automate Infra Views [read-only] #1544 work, we want to add create, read, update, delete (CRUD) functionality for some of the objects. Feature parity with Chef Mange, with some exclusions, is the scope of this epic.

The 'Permissions' tabs that allow you to edit object ACLs (oc_bifrost) is out of scope for all Automate work. We will not make a UI for this functionality. Users that still use it may continue using knife-acl, but going forward the IAM functionality of Automate should be used for role-based access control (RBAC).

The global objects (users, groups, orgs) are out of scope for this epic.

There are 5 objects that we will add support for:

• nodes (API only)
• roles
• environments
• data bags
• clients # stretch goal

Nodes

Node UI is excluded from this epic

We can create the API for infra-server-proxy for nodes, but the UI has to be designed in the context of One Node View. Design for this hasn't started, although some exploratory development has begin.

Create

Nodes cannot be created in the UI.

Update

For a node I should be able to edit the following items:

• run list
  the common run list editor modal described above should be used for the nodes run list
• tags
  A tag is a single word the user wants to associate with a node.
  A node may have multiple tags
  Tags are free text, they do not need to be created first like environments.
  Tags are stored as part of the "normal" attributes for a node, but have special functionality.
• environment
  This is a drop down list of existing environments.
  A node may only exist in a single environment
• attributes
  Typically and historically nodes are presented as a JSON blob
  Because tags are normal attributes they also show up in the JSON blob
  Nodes have 'normal' precedence attributes. This could be noted somewhere. It is currently noted in the top right corner of the json editor modal in Chef Manage.

This would use the shared JSON editor modal.

Delete

When a node is deleted, we should look for a client with a matching name and offer to delete it if it exists. nodes and clients almost always coming in matching sets.

Roles

Roles should have full CRUD. They can contain both default and override precedence attributes, which are separately edited JSON blobs.

They also have their own run lists, which can contain nested roles.

They do support also have multiple environment specific run lists. This is currently not supported by chef Manage, and thus is out of scope for this epic.

Environments

Environments should have full CRUD. They can contain both default and override precedence attributes, which are separately edited JSON blobs.

In addition to attributes, environments can contain cookbook constraints which requires a unique modal for configuration. The supported constraint operators are:

=
>
<
>=
<=
~>

https://docs.chef.io/cookbook_versioning/#constraints

Data Bags

Data bags contain two levels, the data bags themselves, and their children which are referred to as data bag items.

Data Bags need only to have Create & Delete functionality. It is not immediately clear if the Infra Server API allows data bags to be renamed, but the existing Chef Manage UI does not support this so it is out of scope.

Data Bag Items

Data bag items should have full CRUD. The contents of a data bag item is a JSON blob. The id field is required and must match the name of the data bag item.

Clients

If a client view was completed in the #1544 epic, then this functionality is a stretch goal for this epic. If it was not completed for #1544, then all of the client work will be part of the next epic.

Create

When a client is created, the user should have the option to specify the client is a validation client, which has special permissions. Otherwise, creation only takes a name.

The Infra Server API will return a private key and a public key. The private key should be displayed with the warning that it is not stored anywhere and the user cannot retrieve it again later. Options to download the key to a file and copy the key to the users clipboard should be presented.

Update

This allows creating a new key, e.g. "Reset Key" without having to delete and then create the client again.

Delete

This is permanent.

Aha! Link: https://chef.aha.io/epics/SH-E-406

[susanev]

the edit run list and edit node attributes both are kind of big design interaction things, could we move those out into their own epics?

[btm]

the edit run list and edit node attributes both are kind of big design interaction things, could we move those out into their own epics?

Moved to #3479.

[AnkurMundhra]

Following features should be included as a part of completion of this epic:

• Edit view of data bags: delete, create​
• Data bag item: create, edit, delete​
• Edit view of environments: delete, edit cookbook constraints, edit environment attributes​
• Edit view of roles: edit role run list, edit role attributes​
• Edit client: delete​
• Reset client key

[kalroy]

Create Data Bag UI -- #4541
Delete Data Bag UI -- #4543
Create Data Bag Item UI -- #4730 -- Needs Refinement
Delete Data Bag Item UI -- #4731 -- Needs Refinement
Edit Data Bag Item UI -- #4542
Create Environment UI -- #4544 -- Needs Refinement
Delete Environment UI -- #4546 -- Needs Refinement
Edit cookbook constraints -- #4545 -- Needs refinement
Edit environment attributes -- #4545 -- Needs Refinement
Edit Role Run List -- #4540
Edit Role Attributes​ -- #4540
Delete Role -- #3777
Create Client -- #4568
Delete Client -- #4567 -- Needs Refinement
Reset Client Key --#4569

[kalroy]

Closing the issue as the UI Improvements are handled in another EPIC:
#4965