Hi all, The registry resources may contain sensitive data that we do not need to expose to anyone who is having a download link or access to source code. Can we further list down set of resources we are concerned here? IMO, we need to securely transfer the car file from jenkins and provide a temporary download link only for the authenticated users. In this case, we will not show a download button directly in resources page, rather upon requesting for a download, we will generate the car file and show the download link. WDYT?
thank you. On Mon, Aug 3, 2015 at 6:40 PM, Danushka Fernando <danush...@wso2.com> wrote: > Hi All > > Currently in AF we have four kind of resources/runtime configs. > > 1. > > Databases > 2. > > Data Sources > 3. > > APIs > 4. > > Registry Resources > > > But for ESB Apptype only Registry Resources will be valid. So in the UI we > need to show only registry resources for the application. This is planned > to handle by adding some configurations to the AppType configuration. > AppType configuration will contain a new configuration as > Supported_Resources_Types which could contain values such as datasources, > databases, apis and registry_resources in comma separated way. In UI it > will show only supported resources types and users can manage those types > of resources via AppFactory for the particular AppType. In this case it > will only be registry_resources. > > First problem to solve is what to show in this page for view purposes. > Since no edit part is there and only will be a place to upload the new CAR > file for the stage it will only be matter of showing the resources of the > ESB application. There are few things that we can show here. > > > 1. > > We can show the CAR file for the stage and add a download link. But > the problem is from where to get this built artifact from to let the user > download the artifact. Options we have are like below. > 1. > > Download from Jenkins - We need to construct an url for jenkins > built artifact. But again this url contains groupIds of the artifact > which > is difficult to construct. > 2. > > Download from S2 Git - We can get this artifact from s2 git > location to a temp location in AF and let the user download it. Here > again > we need to clone whole repo for the simple download. > 3. > > Build it from source code on the fly - Will take processing power > and will be slow also. > 4. > > Store the CAR in some apache server so later we can provide the > users the link to download > 2. > > We can read the artifacts.xml from the source code and show it in the > UI just for view purposes. > 3. > > Show registry resources from the registry itself. > 4. > > Provide the git repo url and show the CAR file name. No download > option provided. > > > Next problem is to match these things with the existing UI. For ESB > apptype we need to give upload option instead of edit option. To solve this > we can do following > > > 1. > > We can do a complex configuration in apptype to say which apptype > allows uploading car files and not and which apptype allows just the car > file uploading and which allows adding from ui and which allows both and so > on. > 2. > > We can introduce a new runtime config type as CAR Resources and we can > have upload option there which will be cleaner IMO. > > > But still the we need to solve first problem in a clean way to provide a > complete solution. IMO #5 is OK and simple. But having a download option is > always nicer and better. Any Ideas would be appreciated. > > > [1] [Architecture] [AF] Adding CAR application type to App Factory > > Thanks & Regards > Danushka Fernando > Senior Software Engineer > WSO2 inc. http://wso2.com/ > Mobile : +94716332729 > > _______________________________________________ > Architecture mailing list > Architecture@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Manjula Rathnayaka Associate Technical Lead WSO2, Inc. Mobile:+94 77 743 1987
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
