Refactor Client Entity Models

https://blueprints.launchpad.net/python-barbicanclient/+spec/client-refactor-models

The current Entity Models in the client are a bit awkward to use. This blueprint proposes refactoring some functionality to make the API more usable and consistent.

Problem Description

The Entity Models in barbicanclient should be refactored to provide a more Pythonic api. This refactor will make the existing Entities consistent with the recently approved Containers blueprint. [1]

[1]http://specs.openstack.org/openstack/barbican-specs/specs/juno/client-add-containers.html

Proposed Change

Refactor existing Models to provide methods for actions that affect a single entity inside the entity class. This will allow for worflows that only affect a single entity to be completed without the need for a reference to the corresponding EntityManager subclass.

The Secret entity should be refactored to add a store() method and a payload property:

from barbicanclient import client

# Set up client connection
connection = client.Client(tenant_id="1", endpoint=ENDPOINT, insecure=True)

# Create a new Secret
my_secret = connection.secrets.Secret(name="My secret name",
                                      payload="the secret sauce")
my_secret.store()

# Alternatively set Secret properties instead of passing args
my_secret = connection.secrets.Secret()
my_secret.name = "My secret name"
my_secret.payload = "the secret sauce"
my_secret.store()

Similarly, Orders should allow both args to the constructor as well as setting properties directly. We should also add a submit() method to submit the order to the API:

from barbicanclient import client

# Set up client connection
connection = client.Client(tenant_id="1", endpoint=ENDPOINT, insecure=True)

# Create and submit a new Order
my_order = connection.orders.Order(
    name="My Order",
    payload_content_type="application/octet-stream"
    algorithm="AES",
    mode="CBC",
    bit_length=256,
    expiration=None
)
my_order.submit()

# Alternatively set the Order properties instead of passing args
my_order = connection.orders.Order()
my_order.name = "My Order"
my_order.payload_content_type = "application/octet-stream"
my_order.algorithm = "AES"
my_order.mode = "CBC"
my_order.bit_length = 256
my_order.expiration = None
my_order.submit()

Listing entities should still be handled via the corresponding EntityManager. The ability to decrypt a secret, however, should be moved to the Secret class, and removed from the SecretManager.

Retrieving entities should be moved from the EntityManager (replacing the get() function) to the Entity constructor. For example:

my_secret = connection.secrets.Secret(secret_ref=SECRET_REF)
my_order = connection.orders.Order(order_ref=ORDER_REF)

Deleting entities can either be done with the existing EntityManager delete(entity_ref) or with a new Entity function, delete(). An example using a Secret:

# New method
my_secret = connection.secrets.Secret(secret_ref=SECRET_REF)
my_secret.delete()

# Old way still works
connection.secrets.delete(secret_ref=SECRET_REF)

Alternatives

We could continue to use the objects as they currently exist.

Also note that the Orders functionality will need to be revisited once the Typed Orders implementation lands. [2]

[2]http://specs.openstack.org/openstack/barbican-specs/specs/juno/api-orders-add-more-types.html

Data model impact

None

REST API impact

None

Security impact

None

Notifications & Audit Impact

Logging should be done in a manner consistent with the rest of the library.

Other end user impact

This change will require rewriting how Secret objects are consumed, and will require a new major version for the client library.

Performance Impact

None

Other deployer impact

None

Developer impact

None

Implementation

Assignee(s)

Blueprint Draft: Douglas Mendizábal (redrobot) Implementation: Adam Harwell (rm_work)

Work Items

  • Refactor Secret entity
  • Refactor Order entity

Dependencies

None

Testing

Testing should be consistent with existing testing in the library.

Documentation Impact

Common workflows will have to be updated to give examples on how to use the refactored classes.