README.md 2.6 KB
Newer Older
ubedv's avatar
ubedv committed
1 2 3
FEUDAL Scripts
=

Lukas Burgey's avatar
Lukas Burgey committed
4 5
FEUDAL scripts are executed by a [feudalClient](https://git.scc.kit.edu/feudal/feudalClient) to facilitate the customized deployment process
of a service.
ubedv's avatar
ubedv committed
6

Lukas Burgey's avatar
Lukas Burgey committed
7 8
The scripts use the JSON encoding for input and output. The specific formats are loosely outlined below.
The input is passed to the scripts via stdin.
ubedv's avatar
ubedv committed
9

Lukas Burgey's avatar
Lukas Burgey committed
10 11 12 13 14 15
The [feudalClient](https://git.scc.kit.edu/feudal/feudalClient) can be used to generate and validate JSON schema for input
and output, see:
```
   feudalClient schema --help
   feudalClient validate --help
```
ubedv's avatar
ubedv committed
16

ubedv's avatar
ubedv committed
17
Input Format
ubedv's avatar
ubedv committed
18
-
ubedv's avatar
ubedv committed
19
```
ubedv's avatar
ubedv committed
20
{
ubedv's avatar
ubedv committed
21 22 23
    // The state which is to be reached by this script execution
    //
    // deployed     -> the script is supposed to deploy the user
Lukas Burgey's avatar
Lukas Burgey committed
24
    // not_deployed -> the script is supposed to remove the user
ubedv's avatar
ubedv committed
25
    "state_target": "deployed" or "not_deployed",
Lukas Burgey's avatar
Lukas Burgey committed
26 27 28


    // The user which is requesting access
ubedv's avatar
ubedv committed
29 30
    "user": {
        "userinfo": <OpenID Connect userinfo as json dict>
Lukas Burgey's avatar
Lukas Burgey committed
31 32 33 34 35 36 37 38 39 40 41

        // The credentials from the user, which need to be deployed
        // The dict maps a credential type to a list of credentials of this type.
        "credentials": {
            "ssh_key": [
                {
                    "name": "unity_key",
                    "value": "ssh-... ..."
                }
            ]
        },
ubedv's avatar
ubedv committed
42
    },
Lukas Burgey's avatar
Lukas Burgey committed
43 44 45


    // Answers to a previously requested questionnaire, may not be present
ubedv's avatar
ubedv committed
46 47 48 49
    "questionnaire": {
        "question_name": "user answer to this question"
    }
}
ubedv's avatar
ubedv committed
50
```
ubedv's avatar
ubedv committed
51 52


ubedv's avatar
ubedv committed
53
Output Format
ubedv's avatar
ubedv committed
54
-
ubedv's avatar
ubedv committed
55
```
ubedv's avatar
ubedv committed
56
{
ubedv's avatar
ubedv committed
57 58 59 60 61 62 63
    // The state as of now (after the script run)
    //
    // deployed     -> The deployment was processed successfully
    // not_deployed -> The removal of the user was processed successfully
    // failed       -> An error occured and the script could not reach the 'state_target' from the Input
    // rejected     -> The user is not permitted to use this service, for whatever reason
    // questionnaire-> The script needs more information to deploy the user
ubedv's avatar
ubedv committed
64
    "state": "deployed" or "not_deployed" or "failed" or "rejected" or "questionnaire",
Lukas Burgey's avatar
Lukas Burgey committed
65 66 67 68 69


    "message": "<message for the user describing what happened. Must not be empty.",

    // In case we need more info from the user: set state to "questionnaire" and put
ubedv's avatar
ubedv committed
70
    // questions in this dictionary.
Lukas Burgey's avatar
Lukas Burgey committed
71
    // The user can answer these questions (and we will receive the answers some input in the future)
ubedv's avatar
ubedv committed
72 73 74
    "questionnaire": {
        "question_name": "question"
    },
Lukas Burgey's avatar
Lukas Burgey committed
75

ubedv's avatar
ubedv committed
76
    // additional credentials and instructions, the user needs to access the service (in addition to her credentials from the Input)
ubedv's avatar
ubedv committed
77 78 79 80 81
    // an example would be the user name of the provisioned user.
    "credentials": {
        "key": "value"
    }
}
82
```