XML

Word

Printable

Type: Story
Resolution: Done
Priority: Undefined
Fix Version/s: Primaza 0.1
Affects Version/s: None
Component/s: Service Binding
Labels:
None

Story Points:
8
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
Claim a Registered Service
Git Pull Request:
https://github.com/primaza/primaza/pull/33, https://github.com/primaza/primaza/pull/54, https://github.com/primaza/primaza/pull/59, https://github.com/primaza/primaza/pull/63
Intelligence Requested:
Market:

Sprint:
AppSvc Sprint 231, AppSvc Sprint 232

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Owner: Architect:

Francesco Ilario

Story (Required)

As a Developer, I would like applications agents to perform service binding so that I can bind my applications to services.

Background (Required)

As defined in the Primaza architecture document, we need to implement the logic to bind applications to services.
As of now, we are relying on Service Binding Operator, but we need a simpler binding mechanism to be integrated in our agents.
This mechanism would simplify the binding experience and reduce the number of Primaza's dependencies.

See epic for arch document link.

Glossary

See glossary in architecture document

Out of scope

Application Agent
Env variable projection of secret's data
No immutable resources

In Scope

Service Binding in Application Agents
Project secret's data into workloads
Delete secret's data from workloads

Approach(Required)

We need to create a controller for binding applications to services that will be eventually packaged into Application Agents.

Primaza pushes Secret and Service Binding for each claimed Service into the application namespaces. Hence, binding is always performed against Secrets.
Look at how Service Binding Operator performs service binding against Secrets and implement this feature in the Application agent.

When a Service Binding is created (or updated) into an Application namespace, the Application agent has to get the data from the secret and project them into applications matching the Application specification from Service Binding instance.
Service Bindings may explicitly request an Application by Name or by LabelSelector. LabelSelector can match more than one resource.

Service Binding status should be updated with respect to binding operation result.

When the Service Binding is deleted, the secret's data should be removed from workloads.

If it's possible, use in memory volumes for storing secrets data when projected into pods.

Demo requirements(Required)

A great demo would show data from a secret been projected into an application after the Service Binding is created.

Dependencies

Edge Case

BDD Tests

You can find BDD Test specification for this story in the "Testing Instruction" Field Tab or in the GitHub Issue linked to this story.
Click here for all BDD Tests Issues.

Acceptance Criteria

Development
ServiceBinding controller projects secret's data into pods
ServiceBinding controller deletes secret's data from pods
ServiceBinding controller updates ServiceBinding status
Application Agent has a ServiceBinding controller

QE
There are test cases for projection of secret's data
There are test cases for Service Binding status update

Docs
There is a section in Service Binding page in our docs dedicated to explaining how the binding is performed by Application Agent
Update architecture document with any changes while implementing

INVEST Checklist

Dependencies identified
Blockers noted and expected delivery timelines set
Design is implementable
Acceptance criteria agreed upon
Story estimated

Legend

Unknown
Verified
Unsatisfied

relates to

APPSVC-1298 Claim for specific cluster

Closed

APPSVC-1271 Define the ServiceClaim API

Closed

APPSVC-1281 Define Application Agent

Closed

Assignee:: Kartikey Mamgain (Inactive)

Reporter:: Francesco Ilario

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: 2023/01/30 5:47 PM

Updated:: 2023/03/08 3:21 PM

Resolved:: 2023/03/08 3:21 PM

Details

Description