Friday, 2015-07-10

« Thursday, 2015-07-09 Index Saturday, 2015-07-11 »
*** annegentle has joined #openstack-api00:44
*** annegentle has quit IRC00:49
*** Apoorva_ has quit IRC01:17
*** salv-orlando has joined #openstack-api01:43
*** salv-orlando has quit IRC01:52
*** nightanne has joined #openstack-api02:34
*** salv-orlando has joined #openstack-api02:36
*** salv-orlando has quit IRC03:10
*** nightanne has quit IRC03:35
*** nightanne has joined #openstack-api03:36
*** nightanne has quit IRC04:09
*** salv-orlando has joined #openstack-api04:11
*** salv-orlando has quit IRC04:20
*** salv-orlando has joined #openstack-api05:24
*** salv-orlando has quit IRC05:34
*** ig0r__ has joined #openstack-api05:52
*** ig0r_ has quit IRC05:55
*** subscope has quit IRC06:25
*** salv-orlando has joined #openstack-api06:37
*** subscope has joined #openstack-api06:38
*** salv-orlando has quit IRC06:40
*** salv-orlando has joined #openstack-api07:09
*** sigmavirus24_awa has quit IRC07:27
*** dolphm has quit IRC07:30
*** stevelle has quit IRC07:32
*** alex_klimov has joined #openstack-api07:39
*** salv-orlando has quit IRC07:39
*** fzdarsky has joined #openstack-api08:06
*** lucasagomes has joined #openstack-api08:16
*** salv-orlando has joined #openstack-api08:20
*** cdent has joined #openstack-api08:30
*** e0ne has joined #openstack-api09:51
*** alex_klimov has quit IRC10:27
*** alex_klimov has joined #openstack-api10:37
*** e0ne is now known as e0ne_10:49
*** dolphm has joined #openstack-api10:53
*** e0ne_ is now known as e0ne11:01
*** lucasagomes is now known as lucas-hungry11:15
*** e0ne is now known as e0ne_11:35
*** nightanne has joined #openstack-api12:08
*** nightanne is now known as morninganne12:11
*** ig0r__ has quit IRC12:17
*** e0ne_ is now known as e0ne12:21
*** terrylhowe has joined #openstack-api12:23
*** ig0r_ has joined #openstack-api12:23
*** lucas-hungry is now known as lucasagomes12:34
*** e0ne is now known as e0ne_12:46
*** e0ne_ is now known as e0ne12:47
*** morninganne has quit IRC13:31
*** woodster_ has joined #openstack-api13:36
*** morninganne has joined #openstack-api13:42
*** morninganne has quit IRC13:43
*** morninganne has joined #openstack-api14:01
*** sigmavirus24_awa has joined #openstack-api14:04
*** sigmavirus24_awa is now known as sigmavirus2414:04
*** sigmavirus24 is now known as sigmavirus24_awa14:05
*** sigmavirus24_awa is now known as sigmavirus2414:05
*** morninganne has quit IRC14:11
*** morninganne has joined #openstack-api14:39
*** fifieldt has quit IRC14:49
*** morninganne has quit IRC14:50
*** morninganne has joined #openstack-api14:51
*** alex_xu has quit IRC15:08
*** alex_xu has joined #openstack-api15:10
*** notmars has joined #openstack-api15:15
*** ig0r__ has joined #openstack-api15:19
*** ig0r_ has quit IRC15:22
*** e0ne is now known as e0ne_15:28
*** e0ne_ is now known as e0ne15:29
*** Apoorva_ has joined #openstack-api15:56
*** notmars has quit IRC16:01
*** stevelle has joined #openstack-api16:04
*** e0ne has quit IRC16:11
*** cdent has quit IRC16:12
*** alex_klimov has quit IRC16:14
*** salv-orlando has quit IRC16:44
*** notmars has joined #openstack-api16:48
*** bitblt has joined #openstack-api17:01
*** fzdarsky has quit IRC17:03
*** lucasagomes is now known as lucas-beer17:27
*** e0ne has joined #openstack-api17:28
*** salv-orlando has joined #openstack-api17:46
*** salv-orlando has quit IRC17:50
*** e0ne has quit IRC17:52
*** e0ne has joined #openstack-api17:54
*** e0ne has quit IRC17:58
*** morninganne has quit IRC18:10
*** terrylhowe has quit IRC18:55
*** terrylhowe has joined #openstack-api18:57
*** morninganne has joined #openstack-api19:03
*** etoews has quit IRC19:07
*** morninganne is now known as annegentle19:12
*** ig0r__ has quit IRC19:19
*** ig0r_ has joined #openstack-api19:20
*** salv-orlando has joined #openstack-api20:04
*** bitblt has quit IRC20:14
*** salv-orl_ has joined #openstack-api20:15
*** salv-orlando has quit IRC20:18
*** salv-orl_ has quit IRC20:22
*** salv-orlando has joined #openstack-api20:30
*** annegentle has quit IRC20:39
*** ig0r_ has quit IRC21:10
*** salv-orlando has quit IRC21:11
*** annegentle has joined #openstack-api21:18
*** annegentle has quit IRC21:19
*** annegentle has joined #openstack-api21:20
*** salv-orlando has joined #openstack-api21:21
*** notmars has quit IRC21:39
elmikomiguelgrinberg: you around?21:50
miguelgrinbergelmiko: yup21:51
elmikodo you have an opinion on using query parameters in POST and PUT?21:51
miguelgrinbergnormally you'd want all the info in the body of the request, what's a use case for having query string args?21:52
elmikoi was commenting on a review about a copy style request for a resource21:52
miguelgrinbergI don't think it goes against REST, if that's the question, but it is unusual21:53
elmikoand one suggestion was to use a special parameter in the json body for the request21:53
elmikoanother suggestion was to create a special copy endpoint, resource/<id>/copy21:53
elmikoand i suggested as an alternative, resource/<id>?copy_from=<another id>21:54
elmikohave you come across anything like this?21:54
miguelgrinbergso you are creating a new resource, using an existing one as sort of a template21:54
elmikoyes21:54
elmikoif you have time, i'm sure they'd love any thoughts you have on https://review.openstack.org/#/c/127823/21:54
miguelgrinbergany reason why you can't read the source resource and then create a new one with the same data?21:55
elmikonot that i'm aware of, i think the barbican folks were trying to create a copy endpoint. i'm not sure about the whole use case though21:57
elmikomaybe they don't want to round trip the unencrypted payload21:57
elmikothat's just speculation though21:57
miguelgrinbergyeah, I guess I would not be able to argue about that if we are talking sensitive info21:58
miguelgrinbergin a normal case you would just GET the source and then POST it to get a copy21:58
elmikoright, that makes sense21:58
elmikoi'll add a comment in the review21:58
elmikothanks!21:59
miguelgrinbergelmiko: they say it in the spec: "Currently, this is done by22:00
miguelgrinbergretrieving and re-storing the secret.  This would be better done in the22:00
miguelgrinbergbarbican server directly, so that secrets need not be manipulated outside22:00
miguelgrinbergthe barbican server."22:00
elmikoah, there we go22:00
miguelgrinbergwhy do we always have to deal with hard problems?22:00
elmikolol22:01
miguelgrinbergmaybe a query argument can work for this, I think it is better than the body, since you are not sending resource data22:01
miguelgrinbergOh, I know. How about sending a POST request to the resource URL, the one you want to copy?22:02
elmikoi think that's what they are suggesting, POST resource/<id to copy>22:03
miguelgrinbergthat's not what the spec says, they are using the same collection URL, and passing a copy_ref value in the body22:04
elmikoheh, i just hit service unavailable22:04
elmikomaintenance22:04
miguelgrinbergyeah, I'll ask them about that idea22:05
stevellepost to the collection with a query argument?22:05
stevellejust catching up here22:05
miguelgrinbergstevelle: we have 3 options22:05
elmikostevelle: that's what i had suggested22:05
miguelgrinberg#1 post to collection URL with query_ref argument to source resource22:05
miguelgrinberg#2 post to collection URL with copy_ref argument in body (this is what the spec says now)22:06
miguelgrinberg#3 post to source resource URL (my proposal)22:06
elmikothey also had a fourth idea in the spec, post to a resource/<id>/copy endpoint22:07
miguelgrinbergokay, so #4 is to have a dedicated endpoint for copying22:07
elmikoyea22:07
stevelleI would say that 2 is not as clean unless the clone has a property that identifies where it was cloned from.22:07
miguelgrinbergso copy_ref is the URL of the resource you want to copy22:08
stevellesomething not right about posting what looks like a property for a new resource and not having that property in the resulting resource22:08
miguelgrinbergyes, agreed22:08
elmikoagreed22:09
stevellefor #3 are you suggesting an querystring arg on that post?22:09
*** annegentle has quit IRC22:09
miguelgrinbergno, much simpler than that, just send a POST request to the resource you want to copy, instead of addressing the collection22:10
stevellewhat payload is posted?22:10
miguelgrinbergsomething like POST /v1/secrets/123 to clone secret #12322:10
miguelgrinbergno payload22:10
miguelgrinbergthe response is a 201, with a location of the new resource22:10
stevelleis that resource immutable?22:11
elmikothat might actually be the simplest22:11
miguelgrinbergprobably not, but you would use PUT if you want to edit it22:11
elmikostevelle: no, those resources can be updated with a PUT22:11
elmikowe are talking about secrets here, and you can create a new secret by POST to /secrets22:12
elmikoand then update with a PUT to /secrets/<id>22:12
* stevelle engages on a mental tangent about the post secrets website22:12
elmikofor example, you are allowed to create a secret with no payload, then update the payload later22:12
stevelleI have to say I'm not as comfortable with that option22:13
elmikowith which?22:13
stevelle#322:13
elmikowell, i'm sure they would love the discussion https://review.openstack.org/#/c/127823/22:14
elmiko=)22:14
stevellethe PUT vs POST distinction is something I seem to be outvoted on however.22:14
elmikoimo it's still open for discussion, at least on this review22:15
miguelgrinbergquick survey of stackoverflow on the topic shows that the prefernce is the query string arg22:15
stevelleI know of no resources in OpenStack which are ever created or updated in such a way that PUT is appropriate because we never use complete resource representations.22:15
elmikointeresting22:15
elmikois PUT supposed to use full resource?22:16
miguelgrinbergyes22:16
elmikoahh22:16
stevelleThat is how I have operated, yes.22:16
elmikothey might be doing it slightly oddly then22:16
elmikohttp://docs.openstack.org/developer/barbican/api/quickstart/secrets.html#how-to-update-a-secret22:17
stevellecreated_at and updated_at are examples of how the representations we make can be said to be complete.22:17
stevellesorry, said to be incomplete22:17
stevelleall that metadata suggests to me that post should be used on create and update.  As such I feel like encumbering POST with a copy operation might step on the toes of maybe someday using post correctly here, as impractical as that may be22:20
elmikoyea22:21
miguelgrinbergPOST is rarely used on update, or maybe I don't understand what you are saying?22:21
stevelleif the server updates that updated_at field, ignoring the value sent in the update request, I view that as a violation of the idea of the 'complete resource representation' and thus not a good case for PUT.  It's a bit purist I admit22:22
elmikomakes a certain amount of sense though22:23
miguelgrinbergmy take on that is that you can have read-only fields in your representation22:23
stevellemiguelgrinberg: I will buy read-only but not server-managed.22:24
miguelgrinbergobviously you can't send the id to a POST request, you will find out the id once the resource is created22:24
miguelgrinbergyet it is part of the representation22:24
miguelgrinbergthe created/modified_at fall in the same category22:24
miguelgrinbergthe links to other resources same thing22:24
stevellethe server-generated id is an immutable, and doesn't change on update.22:25
miguelgrinbergisn't created_at the same?22:25
stevelleso the client has a complete representation22:25
stevelleso creating with a post, rather than a put, we agree on22:25
miguelgrinbergso your rule is that PUT must have a complete resource, but POST doesn't have to?22:26
stevellecorrect22:26
miguelgrinbergah ok22:26
miguelgrinbergseems arbitrary to me, so what do you do with id/created/modified_at in a PUT request?22:27
miguelgrinbergthey're useless, yet by your rule they need to be included22:28
stevelleif your resources have those properties at all, you are basically saying "POST please"22:28
stevelleunless the values of them are not in the representation, and are header-bound22:29
stevelleand that is ok, your api just uses post and nobody has to think too hard :)22:30
miguelgrinbergso you have a PUT that you are not using for anything :)22:30
stevelletrue22:31
stevellethere is a beauty in a place like openstack in saying 'dont worry your head about put vs post if you have an updated_at field managed by the server.  use post'22:32
stevelleand reading the review I think I would agree with you elmiko on the copy endpoint.22:38
*** alex_xu has quit IRC22:43
*** alex_xu has joined #openstack-api22:43
elmikoplease add comments with anything you guys might think for the review, the specifically asked for guidance from the wg22:45
stevelleI'm starring it for weekend reading, thanks22:45
elmikoawesome, thanks stevelle22:45
*** elmiko is now known as _elmiko22:50
*** terrylhowe has quit IRC23:00
*** salv-orlando has quit IRC23:05
*** lucas-beer has quit IRC23:23
*** openstackgerrit has quit IRC23:39
*** openstackgerrit has joined #openstack-api23:39
« Thursday, 2015-07-09 Index Saturday, 2015-07-11 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!