X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=TODO;h=dc34209cd4005e5db01cf1442d89de71e825abbe;hb=5486324ce598ee3b0067be4554fc749cb6d204e7;hp=7f442ee6f7b623cbd1d42f3790c9125a1898a2da;hpb=a880dce009c66f53f08b76fc6ddd8df31be2504d;p=sfa.git diff --git a/TODO b/TODO index 7f442ee6..dc34209c 100644 --- a/TODO +++ b/TODO @@ -1,40 +1,47 @@ -- test rpms: build/install - -- Stop invalid users -* a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list - -- Component manager - * GetTicket - must verify_{site,slice,person,keys} on remote aggregate - * Redeem ticket - RedeemTicket/AdminTicket not working. Why? +SM + * connect SM to ProtoGeni Aggregates +SFACE + * attribute management + * aggregate manager checks role of user managing attributes + +Unit Tests + * fix tests in tests/ directory + +Build/Tags + * test rpm build/install + +Stop invalid users + * a recently disabled/deleted user may still have a valid cred. Keep a list of valid/invalid users on the aggregate and check callers against this list + +NM Plugin * install the slice and node gid when the slice is created (create NM plugin to execute sfa_component_setup.py ?) + * test + +Component manager + * install trusted certs when interface starts (component_manager_pl.init_server()) + * Redeem ticket - RedeemTicket/AdminTicket not working. Why? + ** This may be replaced by sfa + credentials -- Protogeni -* agree on standard set of functon calls -* agree on standard set of privs -* on permission error, return priv needed to make call -* cache slice resource states (if aggregate goes down, how do we know what - slices were on it and recreate them? do we make some sort of transaction log) - -- Registry -* sign peer gids -* update call should attempt to push updates to federated peers if - the peer has a record for an object that is updated locally -* api.update_membership() shoudl behave more like resolve when looking up records (attempt to resolve records at federated registeries) instead of only looking in the local registry +Registry +* fix legacy credential support * move db tables into db with less overhead (tokyocabinet?) -* make resolve, fill_record_info more fault tolerent. Skip records with failures -- Auth Service +GUI/Auth Service * develop a simple service where users auth using username/passord and receive their cred * service manages users key/cert,creds - -- GUI - * requires user's cred (depends on Auth Service above) + * gui requires user's cred (depends on Auth Service above) -- SM call routing -* sfi -a option should send request to sm with an extra argument to - specify which am to contact instead of connecting directly to the am - (am may not trust client directly) +- Protogeni +* agree on standard set of privs +* on permission error, return priv needed to make call +* cache slice resource states (if aggregate goes down, how do we know what + slices were on it and recreate them? do we make some sort of transaction log) + +Questions +========= +- SM/Aggregate +* should the rspec contain only the resources a slice is using or all resources availa and mark what the slice is using. - Initscripts on sfa / geniwrapper * should sfa have native initscript support or should we piggyback off of myplc?