oda-hub/nb2workflow

add support for annotations of workflow access to resource (storage and compute)

Closed this issue · 1 comments

use cases to satisfy:

  • CRbeam append-only cache storage, globally readable
    • need
  • access to MMODA platform, individual token of the requesting user

annotation includes:

  • what is resource name (S3 CRBeam, ODA)
    • limit resource, storage, compute

in local nb config (in parameter cell):

<> oda:usesResource oda:CRBeamS3 .
oda:CRBeamS3 a oda:S3 .
oda:CRBeamS3 oda:resourceBindingEnvVarName "S3_CREDENTIALS" .

site config

oda:CRBeamS3 oda:url "..." .
  • add to ontology oda:S3
  • nb2workflow (nb2deploy) should use site config to substitute credentials to S3_CREDENTIALS env in a minikube

let's set environment from secret as https://kubernetes.io/docs/tasks/inject-data-application/distribute-credentials-secure/#define-container-environment-variables-using-secret-data

there should be site configuration which maps annotations to secret name

need to add some ontology terms
oda-hub/ontology#22