[FOLIO-3372] Module users creation automation for reference environments Created: 21/Dec/21 Updated: 10/Jan/22 |
|
| Status: | Blocked |
| Project: | FOLIO |
| Components: | None |
| Affects versions: | None |
| Fix versions: | None |
| Type: | Story | Priority: | P2 |
| Reporter: | Mikhail Fokanov | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | dev-environment, devops | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original estimate: | Not Specified | ||
| Issue links: |
|
||||||||||||||||||||||||
| Sprint: | |||||||||||||||||||||||||
| Development Team: | FOLIO DevOps | ||||||||||||||||||||||||
| Description |
|
Purpose/Overview: Some modules (e.g. mod-pubsub, mod-search, mod-remote-storage) creates users on tenant init, which is considered insecure. Also such virtual (module) users could be deleted by mistake by librarians using Folio UI. Requirements/Scope:
"user": { "permissions": ["search.index.inventory.reindex.post", ....]} Acceptance criteria:
|
| Comments |
| Comment by Mikhail Fokanov [ 21/Dec/21 ] |
|
Additional documentation for this task: https://docs.google.com/document/d/1fbX8sLRJAMEX4FJ8Ix2CmrGcowd5N0KSg6_j-Jq0lEg/edit#heading=h.6wcz7jfu7qx5 |
| Comment by Julian Ladisch [ 22/Dec/21 ] |
|
I prefer to have these task been automated in Okapi and not as an additional tasks that sysops need to do. This will make a single server installation very easy because Okapi can do everything. This is my proposal as a draft to be discussed: https://folio-org.atlassian.net/browse/OKAPI-1061 |
| Comment by Jakub Skoczen [ 10/Jan/22 ] |
|
Blocked until a solution is discussed and agreed on (meeting scheduled for 11.01). |