Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature]: Korifi API users can create service bindings of type 'key' #2320

Open
1 task
danail-branekov opened this issue Mar 20, 2023 · 3 comments
Open
1 task

[Feature]: Korifi API users can create service bindings of type 'key' #2320

danail-branekov opened this issue Mar 20, 2023 · 3 comments
Labels
explore mta support the MTA controller

Comments

@danail-branekov
Copy link
Member

danail-branekov commented Mar 20, 2023
edited
Loading

Blockers/Dependencies

No response

Background

Currently when a user creates a service binding korifi assumes that it is of type "app". However the cf api docs define two types of service bindings - "app" and "key". We should support both types of service bindding.

Acceptance Criteria

GIVEN I have pushed and app and created a service instance
WHEN I execture the following request

curl "https://api.example.org/v3/service_credential_bindings" \
  -X POST \
  -H "Authorization: bearer [token]" \
  -H "Content-type: application/json" \
  -d '{
    "type": "key",
    "name": "some-binding-name",
    "relationships": {
      "service_instance": {
        "data": {
          "guid":
          "7304bc3c-7010-11ea-8840-48bf6bec2d78"
        }
      },
      "app": {
        "data": {
          "guid": "e0e4417c-74ee-11ea-a604-48bf6bec2d78"
        }
      }
    }
  }'

THEN I get 202 Accepted and a json response describing a key binding

GIVEN I have created a key service binding
WHEN I try to list all key bindings

curl "https://api.example.org/v3/service_credential_bindings/?type=key" \
  -X GET \
  -H "Authorization: bearer [token]"

THEN I get 200 OK and a list of key bindings only

Dev Notes

  • do not create service binding io secret for key bindings
@danail-branekov danail-branekov added the mta support the MTA controller label Mar 20, 2023
@github-project-automation github-project-automation bot moved this to 🧊 Icebox in Korifi - Backlog Mar 20, 2023
@georgethebeatle
Copy link
Member

Understand more about what type "key" means. It looks like the key bindings should not be mounted to any app, but just serve as credential storage. It is also interesting to understand more about how the MTA uses these.

@ddraganovv ddraganovv mentioned this issue Nov 7, 2024
Closed
@georgethebeatle
Copy link
Member

This doc explains what service keys are and how they are managed. In short, this is a way to generate credentials for a service instance, without having to push an app. After doing that user are free to use them from outside the system or to create UPSI in other spaces or whatever else they might want to do with them. It sounds like type key is a thing in the managed service instances world and does not make too much sense for user provided instances.

This was referenced Nov 27, 2024
Closed
Closed
@ddraganovv ddraganovv mentioned this issue Dec 4, 2024
Closed
@ddraganovv ddraganovv mentioned this issue Dec 13, 2024
Closed
@danail-branekov danail-branekov mentioned this issue Jan 14, 2025
Merged
@danail-branekov
Copy link
Member Author

The initial PR to support key service bindings creates the service binding io secret that is not needed for the key bindings. As a next step creating that secret should be omitted for such bindings as it is not used

@danail-branekov danail-branekov moved this from 🧊 Icebox to 🔄 In progress in Korifi - Backlog Jan 14, 2025
@georgethebeatle georgethebeatle moved this from 🔄 In progress to 🇪🇺 To do in Korifi - Backlog Jan 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
explore mta support the MTA controller
Projects
Korifi - Backlog
Status: 🇪🇺 To do
Milestone
No milestone
Development

No branches or pull requests
2 participants
@danail-branekov @georgethebeatle