Organization of variables into namespaces

Registered by Jim Baker on 2017-01-31

Keys are currently flat in Craton, and require convention at the user level. Support functionality at the service level, including filtering and validation.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Jim Baker
Direction:
Needs approval
Assignee:
None
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

Keys for variables are currently flat in Craton. The only restriction is that they must be valid Unicode, and probably should be in ASCII for most usages. Currently we can implement user-level namespace support by using a convention, which I suggest should be using / as a separator. But we can directly support namespaces in the Craton service itself. Possible namespaces might be include ssh/ (to replace access keys for hosts, plus much more); plugin/ (to provide a means to configure plugins, like Hashicorp Vault for ssh key storage); nova/ (for remote access); aws/; maintenance/ (with state transitions constrained); and maybe ansible/. If desired, the namespace can be of any depth, eg, foo/bar/baz/my_key.

Namespaces should be pluggable, so that keys/values can be restricted, eg, a value must conform to a JSON schema definition; or to restrict values to follow certain rules, such as a state transition graph. It should be possible to filter and rename namespaces, much as we see in Python imports, in client usage.

Because namespaces simply layer on the keys, they do not change how variables work in other ways, such as with RBAC; notifications; secret storage; blame; and other auditing/governance.

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.