add support for annotations of workflow access to resource (storage and compute)
Closed this issue · 1 comments
volodymyrss commented
use cases to satisfy:
- CRbeam append-only cache storage, globally readable
- need
- access to MMODA platform, individual token of the requesting user
annotation includes:
- what is resource name (S3 CRBeam, ODA)
- limit resource, storage, compute
in local nb config (in parameter cell):
<> oda:usesResource oda:CRBeamS3 .
oda:CRBeamS3 a oda:S3 .
oda:CRBeamS3 oda:resourceBindingEnvVarName "S3_CREDENTIALS" .
site config
oda:CRBeamS3 oda:url "..." .
- add to ontology oda:S3
- nb2workflow (nb2deploy) should use site config to substitute credentials to S3_CREDENTIALS env in a minikube
volodymyrss commented
let's set environment from secret as https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#define-container-environment-variables-using-secret-data
there should be site configuration which maps annotations to secret name
need to add some ontology terms
oda-hub/ontology#22