Generate test coverage report in CI pipeline
Resolved
1.0
|
Review 2733-coverage-report branch
0
|
|
Workbench displays garbage collection histogram
Resolved
1.0
|
Figure out how to make histogram graph in flot.
0
Add histogram to workbench
Place it below the table at https://workbench.qr1hi.arvadosapi.com/keep_disks
0
Review 2638-add-cache-age-disk-usage-histogram-to-workbench
0
|
|
datamanager logs block age vs disk space histogram
Resolved
1.0
|
Compute disk space vs block age histogram
0
Log disk space vs block age histogram
0
Add option to specify number of histogram buckets
0
|
|
Verify and generate permission hints in Keep
Resolved
4.0
|
Review 2328-keep-permission-hints
0
Permissions command-line flags
Desired command line arguments to control permissions:
* @--enable-permissions=@ _true/false_ to enable or disable permission enforcement
** For transition, maybe support a @--generate-permissions@ flag and a @--enforce-permissions@ flag.
** Alternatively, make Keep always generate permission tokens, but only enforce them when the perms flag is turned on.
** Permissions are always required for DELETE
* @--privileged-ip@ specifies IP addresses to be considered superuser.
** If permissions are disabled, index (@GET /index.txt@) and @DELETE@ do not work unless remote address matches @--privileged-ip@ command line argument
* @--signature-ttl=num_seconds@ to control expiry time of signatures
* @--signature-key-fd=fdnum@ to read signing key from given file descriptor
0
Keep interface for generating and verifying tokens
Implement a Go interface for generating permissions tokens and verifying them. (Use an interface to facilitate testing).
0
Review 2328-signatures-for-integration-testing branch
0
Finalize spec for permissions tokens
Issues to resolve:
* How are tokens verified?
* Is a token tied to a user? Can a permissions token be shared with someone else?
0
|
|
Recurring: Update doc site to ensure it is internally consistent and accurately reflects the current behavior of the software.
Resolved
1.0
|
Review 2505-update-docs branch
0
|
|
User can get a no-auth-required link to an Arvados object, i.e., turn on "anyone with the link can view" permission
Resolved
3.0
|
API server accepts a supplemental list of API tokens for additional read-only permissions
When provided, the API server will grant access to resources as though GET scopes from the supplemental authorizations were added to the primary authorizations' scopes.
0
Workbench supports a "temporary API token" query parameter everywhere
When provided, Workbench uses the API token to make any API server requests. However, unlike the current @api_token@ behavior, Workbench does not set up or change the current user session based on this token.
0
Review 1904-workbench-temp-token-wip
This implements the behavior described in task #2663.
0
Review 1904-wget-collections-wip
This is a small branch to make @wget -r@ work decently with reader_tokens.
0
Review 1904-object-scopes-wip
This branch introduces general, URL-based scopes to API client authorizations. They can be used to give a token very particular read and write permissions to specific resources. Refer to #2642 and #2662 for additional rationale.
0
Workbench has an interface to share collections using reader tokens
Tom says: ”hopefully sooner rather than later -- none of the Javascript or Workbench-server support will be specific to Groups. (But if it makes the difference between getting it done or not, "only groups are essential for this story" is the rule.)”
0
Workbench can get an API token, good for reading only one object
The API token will be "for" the current user, with very limited scope. The token should be persisted, so that the user can expire it later if desired.
TBD:
* How much of this work happens in the API server, and how much in Workbench?
0
Review 1904-api-reader-tokens-wip
This branch implements the work described in #2702.
0
Review 1904-workbench-reader-tokens-wip
This implements the functionality described in task #2663.
0
|
Workbench can manage no-auth URLs to access a specific object
These URLs are built using the limited API tokens of #2662, put in the query parameter of #2663.
"Manage" means create and delete. When a URL is deleted, its associated API token should be expired as well.
0
|
API server has functionality and test fixtures for folders
Resolved
1.0
|
Add & document group_class attribute on group resource
0
Add test fixtures and tests demonstrating "object is in a folder"
0
Review 2640-folder-api branch
0
Add unique constraint for names within folder
0
Refuse to create ownership cycles.
Ensure the owner_uuid chain always leads to a user.
0
Review (new) 2640-folder-api branch
0
|
|
Run Job tasks in a Docker container
Resolved
1.0
|
Test and refine crunch-job docker_image patch in the staging environment
0
Document the docker_image runtime constraint
0
Review 2492-docker-crunch-jobs
This branch adds a @docker_image@ runtime constraint to Jobs. If specified, Crunch will run the Job script inside a Docker container built from that image.
0
|
|
arv-mount exposes filesystem paths like /tag/tagname/collection-uuid and /folder/foldername/collection-uuid
Resolved
3.0
|
Review 2035-arv-mount-tags-folders at revision b4a9aaa
0
Review 2035-arv-mount-tags-folders
0
arv-mount exposes tags at {mountpoint}/tag/{tag_text}
ls mnt/tag/foo -> list of UUIDs of objects referenced by links with link_class=tag name=foo
0
Add 'select' and 'distinct' to API server, required to get request a list of distinct tags
0
arv-mount exposes different object types at {mountpoint}/{objecttype}/{uuid}
e.g., mnt/collection/12345678+12/foo.txt
0
|
|
Implement a websocket read-only event bus backed by the logs table
Resolved
|
Research websockets support in rails
0
Review origin-2608-websocket-event-bus-alt2
0
Support filtering what events to receive
0
Apply permissions as user with API token
0
Websockets working in deployment
0
|
|
2525
2525
Radhika Chippada
Generate a Java SDK using Google API tools
Resolved
3.0
|
Learn about Google APIs Client Library for Java
https://developers.google.com/discovery/libraries
0
Add documentation
Add a README file that will serve as a getting started guide.
0
Setup SDK as a maven project
This will help eliminate the need to upload the discovery service client jars into our git repository.
0
Implement SDK using google discovery service client implementation.
0
2525-java-sdk branch review
0
|
|
|
|
Fix install doc bugs
(from email)
1. Install Single Sign On (SSO) server:
* We would want to add “cd into your home directory or wherever you want to install ” before doing the git clone
2. Install API server:
* We would want to add “cd into your home directory or wherever you want to install ” before doing the git clone
3. Install client libraries
* git clone https://github.com/curoverse/arvados.git is failing because we already did it in the api server and the repository exists.
<pre>
$ git clone https://github.com/curoverse/arvados.git
fatal: destination path 'arvados' already exists and is not an empty directory.
</pre>
4. Install Client Libraries:
* sudo python setup.py install — is failing.
I do not find a setup.py file in this directory. I do find a setup.py.src file but am not sure if I need to do something first.
5. Install API Server:
* Do we want to include a note about installing “rvm” in the “install dependencies” section? It was not so obvious for me at first.
6. This is probably not a documentation issue, but I am having this issue. I setup following the steps and when I login into workbench, I am seeing the welcome page. It appears that my account needs to be activated. Not sure if I missed some step or if it is something due to some newer improvements in code. I had not seen this in my earlier run-ins with the workbench / api server.
0
Building python egg should go in sdk/python/python-sdk.html and install/client.html should just tell you to use "pip install"
0
Document "filters" parameter
0
Call new log records "log entry" instead of "log" on log methods page
0
Review 2744-update-dev-docs branch
0
|
|
add docker to compute node image
Resolved
1.0
|
install some version of docker, make sure it starts up by default, update image
0
|
|
Create groups and use them like project folders to manage objects in Workbench.
Resolved
5.0
|
Editable name link for each item in a folder
0
Buttons to add/remove folders
0
Test ownership of new name links
0
Add "Move to folder" widget on "show" pages
0
Show list of folders somewhere in left nav area
0
New UI to present contents of group
0
Add "remove" buttons to folder contents panel
0
Prevent duplicate name links after add+edit
0
Add search feature to folder contents panel
0
Review 1970-folder-view branch
0
|
|
arv-mount is set up automatically when user logs in to VM
Resolved
1.0
|
When a user logs in, see if fuse mount is present, if not mount it. User-specific? Or system-wide? If system-wide, this is a stupid way to do it; it should just be mounted from /etc/fstab
0
|
|
Keep supports I/O locking
Resolved
2.0
|
Review 2620-keep-serialize-io
This is a very large code review. Here are some hints that may make it easier to understand what's going on here:
A _Volume_ interface has been added to provide an abstraction layer for implementing any kind of storage device. The only Volume that has been implemented so far is a _UnixVolume_ (a volume mounted as a local POSIX filesystem).
When Keep receives a @GET@ or @PUT@ request from a remote user, it invokes a Get or Put method on the appropriate Volume. The Volume is responsible for serializing any I/O requests if necessary.
Suggestions for review:
# First review @volume.go@, which describes the Volume interface and implements a _MockVolume_ used for testing the front end.
# It may help then to review @keep_test.go@, to see how the Volume interface is used in unit tests.
# At that point, the changes in @keep.go@ should be easier to understand: they chiefly change the Keep front-end to interact with the Volume interface rather than reading and writing files directly to disk.
# The underlying UnixVolume type is implemented in volume_unix.go, including the code for managing any serialized I/O requests. volume_unix_test.go supplies unit tests.
Or, you know, review in whatever order makes sense to you. :-P
0
Serialize Keep I/O
Enforce "one read/write operation per mount point" restriction (with command line flag to disable, for AWS. --no-io-lock?)
2.0
|
|
Control transient/persistent switch in Workbench
Resolved
2.0
|
Pick appropriate UI widget and stick on collections#index
0
Add switch widget to collections#show
0
Add switch widget to collections table on dashboard
0
Review 1969-persistent-switch branch
0
|
|
Repository owner_uuid and Arvados admins should get RW permission in gitolite
Resolved
1.0
|
review 2223-more-gitolite-permissions branch
0
|
|
Datamanager outputs garbage collection list
Resolved
1.0
|
Output garbage collection list
0
Move datamanager to experimental directory and submit
0
|
|
Remove unused top level controllers and routes in apiserver.
Resolved
1.0
|
Test for appropriate error codes/messages at top level routes
0
Remove excess controllers and routes
0
Review 2409-remove-unused-controllers branch
0
|
|
Workbench displays user usage in logs
Resolved
1.0
|
Update workbench documentation as I use it
https://arvados.org/projects/arvados/wiki/Hacking_Workbench
0
Review 2612-workbench-displays-user-storage
Have first version running at https://10.13.121.106:3001/users/storage . It's not ready for check in, but I'd like to get a preliminary review before I write too much code since I've never worked on workbench or even ruby on rails before.
0
Fix indentation/whitespace discovered in activity.html.erb
0
Run development workbench on shell.arvados
0
Modify workbench code to display user usage
0
|
|
When a job output contains a single image file, show a thumbnail image inline on Workbench pipeline_instance and job pages.
Resolved
0.5
|
Detect common image formats and show thumbnail image inline (linking to full-size image) next to normal output link (which links to collection detail page)
0
Review 1971-show-image-thumbnails branch for Peter
0
|
|