@julian7 commented on Wed Jul 06 2016
Currently hab-depot is tied to GitHub oauth. It would be good to allow alternative auth sources for private depots (like github enterprise, gitlab).
@adamhjk commented on Wed Jul 06 2016
This seems like a great idea, especially as we think about people deploying depot's locally.
@tdavis commented on Wed Jul 06 2016
I was about to request this, actually. As a related but possibly easier first step, it'd be nice if you were to complete the api.raml
specification to make implementing the depot easier. The RAML file doesn't appear to formalize the authentication scheme, either.
@tdavis commented on Wed Jul 06 2016
After looking at the code, it seems a bit more complicated than that since the HTTP API is wrapping calls to a bespoke RPC service elsewhere which also depends on some protobufs defined for builders?
@reset commented on Thu Jul 07 2016
The depot is mounted in the builder-api which is a gateway server. A gateway server does external authentication at the edge to then find and create you an account on the session server. Any of the components prefixed with builder-*
are part of a hosted service that will be launching in the near future. Services communicate to each other over a binary protocol using ZeroMQ and Protobufs. Messages are sent from one service through a routing server and into another service.
Right now the accounts are tightly coupled with GitHub so we can get a first version of the service out the door. There will be an abstraction to allow people to develop different authentication mechanisms at the edge but that'll happen after the first version drops.
Be prepared for an adventure if you want to add pluggable back-ends before then π. It's do-able but you'll need to understand the whole bowl at this point!
@tdavis commented on Thu Jul 07 2016
Any of the components prefixed with builder-*
are part of a hosted
service that will be launching in the near future.
Okay, that clears up a lot of my confusion around the purpose of all
those components.
Services communicate to each other over a binary protocol using ZeroMQ
and Protobufs. Messages are sent from one service through a routing
server and into another service.
Out of curiosity, why did you choose to implement your own protocol over
ZeroMQ over using an established RPC layer like Thrift or gRPC?
Be prepared for an adventure if you want to add pluggable back-ends
before then π. It's do-able but you'll need to understand the
whole bowl at this point!
That's pretty much what I figured, thanks for clarifying things. I'm in
no great hurry so I'll wait for things to flesh out a bit more.
Habitat is the first automation tool I've seen in a long time that makes
any damn sense so I'm really excited for it and will gladly contribute
when things have stabilized.
@reset commented on Thu Jul 07 2016
@tdavis ZeroMQ and Protobufs are both established and well documented open source libraries that accomplish nearly the same thing. I could have chosen a number of other combinations but if I had more time I probably would have written my own sockets library and not used ZeroMQ, either. I'm happy with ZeroMQ now that I've had plenty of time with it, but I have preferences about how the API should look and feel and a lot of the popular open source libraries don't match them.
The documentation around the builder services will get better as they get closer to completion. It should be pretty easy for developers to contribute as the services all behave as single threaded servers even though they are highly concurrent.
I'm glad you're excited about Habitat and that it makes sense to you! It's only going to get better as it matures :)
@adamhjk commented on Thu Jul 07 2016
@tdavis to riff on what @reset said - there are specific behaviors about the way the services connect to one another that are facilitated by ZeroMQ at the socket layer. Using something like Thrift or gRPC wouldn't have given us those (although we could have written our own socket layer, as @reset points out.) Protobufs work pretty great for what we use them for - back-compat binary serialization. :)