Hi,

>> The Huawei Object Storage Java SDK does not yet support bucket
>> encryption. What should I return in the corresponding methods
>> "setBucketEncryption" and "deleteBucketEncryption" - true, false or
>> throw an exception?

> This is a design decision that the code should already be clear on (in
> for instance the minio plugin) . Strangely, the DeleteBucketCmd always
> creates a success response, while the CreateBucketCmd handles
> exceptions as expected. I think there is a bug in DeleteBucketCmd in
> that respect.


Actually, looking at the MinIO or simulator plugin, the design decision is not 
clear at all:

"setBucketEncryption" and "deleteBucketEncryption" both have a boolean as 
return value, but only ever return true or throw an exception, yet, never 
return false. So, it boils down to "Everything went well unless an exception is 
thrown." Normally in Java this kind of behavior is achieved by a "void" return 
value. Therefore I naturally wondered when my methods should return false. The 
intention behind the boolean might have been:

true -- the method set / deleted the bucket encryption, respectively

exception -- the method should have completed but some unforeseen 
out-of-the-ordinary error occurred, e. g. network connection error

false -- the device was purchased without a license for bucket-level 
encryption; unless a valid encryption license is installed into the device, 
this method will always continue to return false


> I gues your PR is https://github.com/apache/cloudstack/pull/8359. You
> can look at the ./deps/install-non-oss.sh or at

> https://github.com/shapeblue/cloudstack-nonoss/blob/main/install-non-oss.sh
> to see how these situations are handled. This method would require you
> to hide your sub-project behind the -Dnoredist flag. which is an
> inconvenience but is the only way to deal with those
> non-redistributables. If Huawei allows, we can add the jar in that
> repo.


It seems to me like this will not work, because an Object Storage Plugin has to 
be added to client/pom.xml and the provider's name into 
ui/src/views/infra/AddObjectStorage.vue? Hardcoding my plugin into those places 
would result in the client/pom.xml not building and my provider to be available 
in the UI's dropdown selection even though the corresponding plugin is not 
present on the classpath?


Or is there some dynamic dependency injection class scanning going on at 
runtime which detects all plugin provider beans at runtime and sends their 
ObjectStoreProvider instance variable "providerName" property to the UI to 
populate the dropdown selection? When a plugin is selected in the UI this would 
then trigger the client/pom.xml project to do a dynamic bean lookup to find the 
correct ObjectStoreProvider class by "providerName"? If this dynamic bean 
discovery is actually being done I would not have to add my project to 
client/pom.xml or into the "AddObjectStorage.vue" file? So, I guess dynamic 
bean discovery is NOT done?


I have next to no experience with the Spring (Boot) framework, only with Java 
SE / Jakarta EE and CDI / Weld, so maybe I just overlooked something very 
important in the code base, but from what information I was able to gather it 
seems like I should not be contributing my plugin upstream unless I can add the 
JAR library in question via Maven coordinates.


And judging from the fact that Huawei has still not answered my request to 
publish the OBS SDK with Maven coordinates, I assume that this is the "chinese 
way" of saying "Nope, not going to happen!".


Mit freundlichen Grüßen
R. Feicht

sc synergy GmbH
Hilgestrasse 14 | 55294 Bodenheim | Deutschland
Fon: +49 6135 71691 - 000 | Fax: +49 6135 71691 - 299
http://www.scsynergy.com | ronald.fei...@scsynergy.com
Sitz der Gesellschaft Bodenheim, HRB 8830, Amtsgericht Mainz, Geschäftsführer: 
Christian Reichert


________________________________
From: Daan Hoogland <daan.hoogl...@gmail.com>
Sent: Wednesday, January 31, 2024 10:49
To: dev@cloudstack.apache.org
Subject: Re: Adding Huawei Object Storage: 3 questions

Ronald,

On Wed, Jan 31, 2024 at 10:02 AM Ronald Feicht
<ronald.fei...@scsynergy.de> wrote:
>
> Hi,
>
> I have only lately found out, that I cannot use the publicly available
> Java SDK for Huawei Object Storage (which has Maven coordinates) as this
> SDK only works for the public Huawei Cloud, not for local non-cloud
> devices. Instead, all I have is a JAR file under the Apache License 2.0
> sent to me via email. I integrated that JAR file as a local repository
> inside plugins/storage/object/huawei-obs/local-huawei-sdk/. This is a
> quite ugly and frustrating "solution" as I have no influence on getting
> the right Java SDK published to maven central. I have opened a support
> ticket with Huawei asking whether I may include the JAR into the
> Cloudstack source code or better yet if they would be so kind as to
> publish it via maven central - but have not received an answer, yet.
> What is the official way for integrating local-only JAR files under the
> Apache License 2.0 into Cloudstack?

I gues your PR is https://github.com/apache/cloudstack/pull/8359. You
can look at the ./deps/install-non-oss.sh or at
https://github.com/shapeblue/cloudstack-nonoss/blob/main/install-non-oss.sh
to see how these situations are handled. This method would require you
to hide your sub-project behind the -Dnoredist flag. which is an
inconvenience but is the only way to deal with those
non-redistributables. If Huawei allows, we can add the jar in that
repo.

> The Huawei Object Storage Java SDK does not yet support bucket
> encryption. What should I return in the corresponding methods
> "setBucketEncryption" and "deleteBucketEncryption" - true, false or
> throw an exception?

This is a design decision that the code should already be clear on (in
for instance the minio plugin) . Strangely, the DeleteBucketCmd always
creates a success response, while the CreateBucketCmd handles
exceptions as expected. I think there is a bug in DeleteBucketCmd in
that respect.

> My assumption: The "createUser" method gets called via the UI by an
> account wishing to create a simple non-privileged user which may then
> use the created buckets of that account, but not create, modify or
> delete buckets themselves? Is this assumption correct?

Users log into accounts and get their rights based on the account. For
all users in an account the rights are the same.
sorry, I might not have gotten it but I no better answer on that (see
the code ;)

>
> Best regards,
> Ronald
> --
> *sc synergy GmbH*
> Hilgestrasse 14 | 55294 Bodenheim | Deutschland
> Fon: +49 6135 71691 - 000 | Fax: +49 6135 71691 - 299
> http://www.scsynergy.com | ronald.fei...@scsynergy.com
> Sitz der Gesellschaft Bodenheim, HRB 8830, Amtsgericht Mainz,
> Geschäftsführer: Christian Reichert



--
Daan

Reply via email to