Conditional operators inclusion support

[gberche-orange]

As a service author, in order to support different service plans, and different arbitrary params, I need to conditionally include some bosh operators depending on OSB input data received during service provisionning or unprovisionning

Proposal:

Given a user input provided by coab as coab-vars.yml in #29

---
deployment_name: "c_aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaa0"
instance_id: "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaa0"
service_id: "service_definition_id"
plan_id: "smallguid123455"
context:
  platform: "cloudfoundry"
  user_guid: "user_guid1"
  space_guid: "space_guid1"
  organization_guid: "org_guid1"
parameters:
  cacheRatio: 0.8642
  cacheSizeMb: 10
  slowQuery: false
  roadmin: true
previous_values:
  plan_id: "previous_plan_guid"

and a service model with files ending with a suffix matching the -when-<property-path>-equals-<property-value> where

• <property-path> designates the path to a key within the coab-vars.yml structure. Supported path include toplevel properties such as plan_id, or parameters top level keys such as parameters.roadmin
• <property-value> represents a value to match as string case insensitive litteral such as true or 0.8642

$ tree coab-depls/cloudfoundry-mysql/

coab-depls/cloudfoundry-mysql/
|-- deployment-dependencies.yml
`-- template
    |-- 03-add-roadmin-operators.yml-when-parameters.roadmin-equals-true -> ./cf-mysql-deployment/operations/add-roadmin.yml
    |-- 07-service-plan-small-operators.yml-when-planid-equals-smallguid123455 -> ./cf-mysql-deployment/operations/add-read-write-admin.yml
    |-- 08-kubernetes-binding-format-operators.yml-when-context.platform-equals-kubernetes
    |-- 08-cloudfoundry-binding-format-operators.yml-when-context.platform-equals-cloudfoundry
    |-- 10-enable-syslog-operators.yml -> ./cf-mysql-deployment/operations/enable-syslog.yml
    |-- cloudfoundry-mysql-vars-tpl.yml
    `-- 99-cloudfoundry-mysql.yml -> ./cf-mysql-deployment/cf-mysql-deployment.yml

then coab would generate conditionnally include the operators files depending on their matching of coab-vars.yml (while preserving systematic inclusion of other operators), resulting in the following coab bosh template directory

$ tree coab-depls/c_1c7d3610-6223-4d45-bc76-f027457a1253

c_1c7d3610-6223-4d45-bc76-f027457a1253/
|-- deployment-dependencies.yml
`-- template
    |-- 03-add-roadmin-operators.yml-> ../../cloudfoundry-mysql/template/03-add-roadmin-operators.yml-when-parameters.roadmin-equals-true
    |-- 07-service-plan-small-operators.yml -> ../../cloudfoundry-mysql/template/07-service-plan-small-operators.yml-when-planid-equals-smallguid123455
    |-- 08-cloudfoundry-binding-format-operators.yml -> ../../cloudfoundry-mysql/template/08-cloudfoundry-binding-format-operators.yml-when-context.platform-equals-cloudfoundry
    |-- 10-enable-syslog-operators.yml -> ./cf-mysql-deployment/operations/enable-syslog.yml -> ../../cloudfoundry-mysql/template/10-enable-syslog-operators.yml
    |-- cloudfoundry-mysql-vars-tpl.yml  -> ../../cloudfoundry-mysql/template/cloudfoundry-mysql-vars-tpl.yml
    `-- 99-cloudfoundry-mysql.yml -> ../../cloudfoundry-mysql/template/99-cloudfoundry-mysql.yml

In order to avoid the feature being used to bypass security, the following restrictions are imposed

• the <property-path> only supports basic path designation
• the <property-value> only supports exact string case insensitive matches.

In the future, we might consider additional matcher syntaxes such as -when<property-path>-isdefined (e.g. -when-previous_values.plan_id-isdefined to conditionally include operator only during service plan update)

[gberche-orange]

Service authors would test this mechanism by running a distinct COAB instance with a distinct service name e.g. stubbed-cassandra-on-demand configure to push paas-templates changes into a distinct disabled-feature-coab-services-instances-for-tests branch, that COA would ignore.

By invoking the broker through usual CloudFoundry CLI, broker authors are able to test (possibly in an automated way) that their conditional operators are properly triggered depending on expected conditions: authors asserts the git commits pushed by coab as a result of their input. Service authors unit tests could potentially assert the content of the git commits for various CF CLI inputs.

This stubbed-cassandra-on-demand service would only be enabled on integration COA instance and not in production instances, nor exposed to end-users.

[gberche-orange]

@poblin-orange an alternative to this feature is for operators to leverage the COA pre-deploy.sh hook and use shell to conditionally remove operators symlinks generated by COA depending on the coab-vars.yml content (probably evaluated through bosh interpolate or other shell commands to How to parse YAML string via Bash)

Pros of the pre-deploy.sh approach:

• more flexible for operators as they can add arbitrary logic
• potentially easier to unit test (i.e. without coab/git interactions)

Cons of the pre-deploy.sh approach:

• adds more complexity for operators
• potentially fragile scripts if not associated by unit tests (executed outside of COA framework)