Modified provider checks to be version independant #193
Conversation
Signed-off-by: aish-where-ya <[email protected]>
aish-where-ya
requested review from
autodidaddict,
brooksmtownsend,
thomastaylor312 and
connorsmith256
as code owners
Signed-off-by: aish-where-ya <[email protected]>
There was a problem hiding this comment.
This does explicitly block people from pushing different providers to the same image repository, but I think that's an okay assertion 🤔
Thoughts @thomastaylor312?
|
We can always pick the other route and explicitly perform checks against the version. It would involve retrieving items from the linkedef hash map, splitting it into reference and version and performing checks for this specific case where the user is trying to put in an existing provider with a different version. I'm thinking about cases where the approach in the PR will fail/succeed to catch what the other approach can/cannot. This one is a lesser number of steps that's all. |
|
Does wadm have access to the lattice's metadata KV bucket? If so, wadm should be able to translate from the providers' image ref to its public key, which might be a better test for uniqueness |
The image ref to public key lookup can be gleaned from making a control interface API request for the claims cache. Giving wadm direct access to buckets like those of the lattice cache can be potentially problematic in some production scenarios, especially multi-tenant and high security. |
Signed-off-by: aish-where-ya <[email protected]>
Signed-off-by: aish-where-ya <[email protected]>
Signed-off-by: aish-where-ya <[email protected]>
| return; | ||
| } | ||
| }; | ||
| if stored_manifest.name() != name { |
There was a problem hiding this comment.
I think a comment here would be helpful to indicate that we don't want to compare to other versions of this application since upgrading versions is a valid scenario
src/server/handlers.rs
Outdated
| } | ||
| }; | ||
| if stored_manifest.name() != name { | ||
| if let Some(deployed_manifest) = stored_manifest.get_version(deployed_version) { |
There was a problem hiding this comment.
Consider using stored_manifest.get_deployed to simplify this loop
src/server/handlers.rs
Outdated
| if let Some(deployed_version) = &model_summary.deployed_version { | ||
| let (stored_manifest, _) = match self | ||
| .store | ||
| .get(account_id, lattice_id, &model_summary.name) | ||
| .await | ||
| { | ||
| Ok(Some(m)) => m, | ||
| Ok(None) => (StoredManifest::default(), 0), | ||
| Err(e) => { | ||
| error!(error = %e, "Unable to fetch data"); | ||
| self.send_error(msg.reply, "Internal storage error".to_string()) | ||
| .await; | ||
| return; | ||
| } | ||
| }; |
There was a problem hiding this comment.
I think if you use the suggestion in the above comment with get_deployed you can get rid of this check altogether 😄
There was a problem hiding this comment.
Modifying the check instead of removing since we don't want to perform a fetch operation if there is no currently deployed version.
src/server/handlers.rs
Outdated
| } else { | ||
| manifests.get_current() | ||
| } | ||
| } | ||
| None => manifests.get_current(), |
There was a problem hiding this comment.
If we can't get the version that we requested, we actually want to send an error back to the sender (see below.) It may be worth moving this check up above where you start looking through the manifests so that we can early-failure ack
if !manifests.deploy(req.version) {
trace!("Requested version does not exist");
self.send_reply(
msg.reply,
// NOTE: We are constructing all data here, so this shouldn't fail, but just in
// case we unwrap to nothing
serde_json::to_vec(&DeployModelResponse {
result: DeployResult::Error,
message: format!(
"Model with the name {name} does not have the specified version to deploy"
),
})
.unwrap_or_default(),
)
.await;
return;
src/server/handlers.rs
Outdated
| let image_ref_split: Vec<&str> = image_name.split(':').collect(); | ||
| if let (Some(&ref_link), Some(&ref_version)) = | ||
| (image_ref_split.first(), image_ref_split.last()) |
There was a problem hiding this comment.
This shows up in a place or two, if it makes sense consider a function like
fn parse_image_ref_and_tag(image_name: &str) -> Option<(String, String)>
I'm bad at naming but you get the idea 😄
src/server/handlers.rs
Outdated
| "Provider {image_name} is currently deployed. Forbidden operation.", | ||
| ); | ||
| self.send_error( | ||
| msg.reply, | ||
| format!( | ||
| "Provider {image_name} is currently deployed. Forbidden operation." |
There was a problem hiding this comment.
Is there a way here to indicate which model is deployed with the offending provider?
| "Provider {image_name} is currently deployed. Forbidden operation.", | |
| ); | |
| self.send_error( | |
| msg.reply, | |
| format!( | |
| "Provider {image_name} is currently deployed. Forbidden operation." | |
| "Provider {image_name} is currently deployed with a different version. Forbidden operation.", | |
| ); | |
| self.send_error( | |
| msg.reply, | |
| format!( | |
| "Provider {image_name} is currently deployed with a different version. Forbidden operation." |
Signed-off-by: aish-where-ya <[email protected]>
Signed-off-by: aish-where-ya <[email protected]>
Feature or Problem
Bug: Providers deployed in a manifest on a link name needed to have a unique image reference associated with it. This allowed for providers with the same reference but different versions to be created on the same link name.
Fix: This PR improves upon this issue by associating an image ref, regardless of the version, with a link name. By ignoring the version, we permit only unique image references into the manifest/lattice.
Related Issues
Release Information
next
Consumer Impact
Capabilities with duplicate image refs will be removed.
Testing
manually tested
Built on platform(s)
Tested on platform(s)
Unit Test(s)
Modified
test_manifest_validationAcceptance or Integration
Updated e2e test named
e2e_upgradesto check for provider versioningManual Verification
manually verified.