XML

Word

Printable

Type: Story
Resolution: Done
Priority: Major
Fix Version/s: Primaza 0.1
Affects Version/s: None
Component/s: Service Binding
Labels:
None

Story Points:
3
Blocked:
False
Blocked Reason:
None
Ready:
False
Epic Link:
Claim a Registered Service
Testing Instructions:

Hide
Feature: Claim for specific cluster

    Scenario: Application Namespace exists

        Given Primaza Cluster "primaza-main" is running
        And Worker Cluster "primaza-worker" for "primaza-main" is running
        And Clusters "primaza-main" and "primaza-worker" can communicate
        And On Primaza Cluster "primaza-main", Worker "primaza-worker"'s ClusterContext secret "primaza-kw" is published
        And On Worker Cluster "primaza-worker", application namespace "applications" exists
        And On Primaza Cluster "primaza-main", Resource is created
        """
        apiVersion: primaza.io/v1alpha1
        kind: ClusterEnvironment
        metadata:
            name: primaza-worker
            namespace: primaza-system
        spec:
            environmentName: stage
            clusterContextSecret: primaza-kw
            applicationNamespaces:
            - applications
        """
        And On Primaza Cluster "primaza-main", Resource is created
        """
        apiVersion: primaza.io/v1alpha1
        kind: RegisteredService
        metadata:
          name: primaza-rsdb
          namespace: primaza-system
        spec:
          constraints:
            environments:
            - stage
          serviceClassIdentity:
            - name: type
              value: psqlserver
            - name: provider
              value: aws
          serviceEndpointDefinition:
            - name: host
              value: mydavphost.io
            - name: port
              value: "5432"
            - name: user
              value: davp
            - name: password
              value: quedicelagente
            - name: database
              value: davpdata
          sla: L3
          """
        And On Primaza Cluster "primaza-main", RegisteredService "primaza-rsdb" state will eventually move to "Available"
        And On Primaza Cluster "primaza-main", Resource is created
        """
        apiVersion: apps/v1
        kind: Deployment
        metadata:
          name: stage-app
          labels:
            app: stage-app
        spec:
          replicas: 1
          selector:
            matchLabels:
              app: stage-app
          template:
            metadata:
              labels:
                app: stage-app
            spec:
              containers:
              - name: bash
                image: bash:latest
                command: ["sleep","infinity"]
        """
        When On Primaza Cluster "primaza-main", Resource is created
        """
        apiVersion: primaza.io/v1alpha1
        kind: ServiceClaim
        metadata:
          name: sc-test
          namespace: primaza-system
        spec:
          serviceClassIdentity:
          - name: type
            value: psqlserver
          - name: provider
            value: aws
          serviceEndpointDefinitionKeys:
          - host
          - port
          - user
          - password
          - database
          applicationContext:
            cluster: primaza-worker
            namespace: applications
          application:
            kind: Deployment
            apiVersion: apps/v1
            name: stage-app
        """
        Then On Primaza Cluster "primaza-main", the status of ServiceClaim "sc-test" is "Resolved"
        And On Worker Cluster "primaza-worker", the secret "sc-test" in namespace "applications" has the key "type" with value "psqlserver"
        And On Worker Cluster "primaza-worker", the service binding "sc-test" in namespace "applications" is bound

    Scenario: Application Namespace does not exist

        Given Primaza Cluster "primaza-main" is running
        And Worker Cluster "primaza-worker" for "primaza-main" is running
        And Clusters "primaza-main" and "primaza-worker" can communicate
        And On Primaza Cluster "primaza-main", Worker "primaza-worker"'s ClusterContext secret "primaza-kw" is published
        And On Primaza Cluster "primaza-main", Resource is created
        """
        apiVersion: primaza.io/v1alpha1
        kind: ClusterEnvironment
        metadata:
            name: primaza-worker
            namespace: primaza-system
        spec:
            environmentName: stage
            clusterContextSecret: primaza-kw
            applicationNamespaces: []
        """
        When On Primaza Cluster "primaza-main", Resource is created
        """
        apiVersion: primaza.io/v1alpha1
        kind: ServiceClaim
        metadata:
          name: sc-test
          namespace: primaza-system
        spec:
          serviceClassIdentity:
          - name: type
            value: psqlserver
          - name: provider
            value: aws
          serviceEndpointDefinitionKeys:
          - host
          - port
          - user
          - password
          - database
          applicationContext:
            cluster: primaza-worker
            namespace: applications
          application:
            kind: Deployment
            apiVersion: apps/v1
            name: stage-app
        """
        Then On Primaza Cluster "primaza-main", the status of ServiceClaim "sc-test" is "Unmatched"

Show
Feature: Claim for specific cluster     Scenario: Application Namespace exists         Given Primaza Cluster "primaza-main" is running         And Worker Cluster "primaza-worker" for "primaza-main" is running         And Clusters "primaza-main" and "primaza-worker" can communicate         And On Primaza Cluster "primaza-main", Worker "primaza-worker"'s ClusterContext secret "primaza-kw" is published         And On Worker Cluster "primaza-worker", application namespace "applications" exists         And On Primaza Cluster "primaza-main", Resource is created         """         apiVersion: primaza.io/v1alpha1         kind: ClusterEnvironment         metadata:             name: primaza-worker             namespace: primaza-system         spec:             environmentName: stage             clusterContextSecret: primaza-kw             applicationNamespaces:             - applications         """         And On Primaza Cluster "primaza-main", Resource is created         """         apiVersion: primaza.io/v1alpha1         kind: RegisteredService         metadata:           name: primaza-rsdb           namespace: primaza-system         spec:           constraints:             environments:             - stage           serviceClassIdentity:             - name: type               value: psqlserver             - name: provider               value: aws           serviceEndpointDefinition:             - name: host               value: mydavphost.io             - name: port               value: "5432"             - name: user               value: davp             - name: password               value: quedicelagente             - name: database               value: davpdata           sla: L3           """         And On Primaza Cluster "primaza-main", RegisteredService "primaza-rsdb" state will eventually move to "Available"         And On Primaza Cluster "primaza-main", Resource is created         """         apiVersion: apps/v1         kind: Deployment         metadata:           name: stage-app           labels:             app: stage-app         spec:           replicas: 1           selector:             matchLabels:               app: stage-app           template:             metadata:               labels:                 app: stage-app             spec:               containers:               - name: bash                 image: bash:latest                 command: ["sleep","infinity"]         """         When On Primaza Cluster "primaza-main", Resource is created         """         apiVersion: primaza.io/v1alpha1         kind: ServiceClaim         metadata:           name: sc-test           namespace: primaza-system         spec:           serviceClassIdentity:           - name: type             value: psqlserver           - name: provider             value: aws           serviceEndpointDefinitionKeys:           - host           - port           - user           - password           - database           applicationContext:             cluster: primaza-worker             namespace: applications           application:             kind: Deployment             apiVersion: apps/v1             name: stage-app         """         Then On Primaza Cluster "primaza-main", the status of ServiceClaim "sc-test" is "Resolved"         And On Worker Cluster "primaza-worker", the secret "sc-test" in namespace "applications" has the key "type" with value "psqlserver"         And On Worker Cluster "primaza-worker", the service binding "sc-test" in namespace "applications" is bound     Scenario: Application Namespace does not exist         Given Primaza Cluster "primaza-main" is running         And Worker Cluster "primaza-worker" for "primaza-main" is running         And Clusters "primaza-main" and "primaza-worker" can communicate         And On Primaza Cluster "primaza-main", Worker "primaza-worker"'s ClusterContext secret "primaza-kw" is published         And On Primaza Cluster "primaza-main", Resource is created         """         apiVersion: primaza.io/v1alpha1         kind: ClusterEnvironment         metadata:             name: primaza-worker             namespace: primaza-system         spec:             environmentName: stage             clusterContextSecret: primaza-kw             applicationNamespaces: []         """         When On Primaza Cluster "primaza-main", Resource is created         """         apiVersion: primaza.io/v1alpha1         kind: ServiceClaim         metadata:           name: sc-test           namespace: primaza-system         spec:           serviceClassIdentity:           - name: type             value: psqlserver           - name: provider             value: aws           serviceEndpointDefinitionKeys:           - host           - port           - user           - password           - database           applicationContext:             cluster: primaza-worker             namespace: applications           application:             kind: Deployment             apiVersion: apps/v1             name: stage-app         """         Then On Primaza Cluster "primaza-main", the status of ServiceClaim "sc-test" is "Unmatched"
Git Pull Request:
https://github.com/primaza/primaza/pull/68
Intelligence Requested:
Market:

Sprint:
AppSvc Sprint 232, AppSvc Sprint 233, AppSvc Sprint 234

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

Owner: Architect:

Francesco Ilario

Story (Required)

As a developer, I would like to create cluster specific claims so that I can bind an application in a specific cluster

Background (Required)

We need to implement the ServiceClaim API as define in the Primaza architecture document.

As of now, the ServiceClaim controller can create ServiceBindings that bind a service to applications filtered by a label selector.
We also want to bind to a specific application, providing its name.

See epic for arch document link.

Glossary

See glossary in architecture document

Out of scope

ServiceBinding API, we will use SBO for now
No TTL
No ClaimID

In Scope

Push bindings and secrets to worker cluster

Approach(Required)

Add custom validation on ServiceClaims checking that ApplicationClusterContext and EnvironmentTag are not defined at the same time.

Use the ApplicationContext to select the namespace where to push the SED secret and the ServiceBinding.

The cluster provided into ApplicationContext should match with one ClusterEnvironment, and the namespaces should be also present into the cluster environment's applicationNamespaces.
If not the service binding should not be pushed and an error condition should be added into ServiceClaim's Status.

validation should check if cluster environment and namespaces exists

Demo requirements(Required)

~~APPSVC-1271~~

Dependencies

Edge Case

BDD Tests

You can find BDD Test specification for this story in the "Testing Instruction" Field Tab or in the GitHub Issue linked to this story.
Click here for all BDD Tests Issues.

Acceptance Criteria

Development
ServiceClaim controller can bind an application to a service in a specific cluster namespace
Primaza validates ServiceClaim ensuring that ApplicationClusterContext and EnvironmentTag are not defined at the same time

QE
There are test cases for binding to an application in a specific cluster namespace
There are test cases for cluster and namespace not matched with existing cluster environments

Docs
There is a page in ServiceClaim doc dedicated to explaining how to bind to an application into a single namespace using the ApplicationClusterContext
Update architecture document with any changes while implementing

INVEST Checklist

Dependencies identified
Blockers noted and expected delivery timelines set
Design is implementable
Acceptance criteria agreed upon
Story estimated

Legend

Unknown
Verified
Unsatisfied

depends on

APPSVC-1271 Define the ServiceClaim API

Closed

is related to

APPSVC-1288 Primaza Agents deployment

Closed

APPSVC-1293 Application Agent's Service Binding controller

Closed

relates to

APPSVC-1299 Claim from an Application Namespace

Closed

Assignee:: Baiju Muthukadan

Reporter:: Francesco Ilario

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2023/02/15 11:43 AM

Updated:: 2023/04/05 9:48 AM

Resolved:: 2023/04/05 9:48 AM

Details

Description