Two parts to this issue:
- A means of returning warnings when posting to the provisioner API
- Don't error/abort when failing to provision a credential that is not used
Warnings
The provisioner returns a { data, errors } object right now
But we want to enable warnings - message which suggest a problem with the payload but which are not critical.
There are two ways we can do this:
- Return a warnings array, like
{ data, errors, warning } (I think I prefer this - easier to reason about)
- Return a severity key on each error in the
{ data, errors }
Credential Errors
When posting a project to the provisioner, any credentials in the credentials array will be linked. If the credentials don't exist, an error is thrown.
This can be a problem when deploying a project on cloud (which may have many dev credentials attached) to another instance.
The ideal solution is that if a credential is in the credentials array but is NOT actively linked to any workflows, report a warning but carry on processing the request.
What about credentials actively used by the workflow but are not present in the app? Should we create/update the project anyway and let a user manually set up the credential? Just let it fail at runtime? I don't think this is unreasonable given the decoupled nature of credentials. So maybe in this case we complete the request and create the project, but still return an error (not a warning)
See also
#4465
OpenFn/kit#1268
Two parts to this issue:
Warnings
The provisioner returns a
{ data, errors }object right nowBut we want to enable warnings - message which suggest a problem with the payload but which are not critical.
There are two ways we can do this:
{ data, errors, warning }(I think I prefer this - easier to reason about){ data, errors }Credential Errors
When posting a project to the provisioner, any credentials in the credentials array will be linked. If the credentials don't exist, an error is thrown.
This can be a problem when deploying a project on cloud (which may have many dev credentials attached) to another instance.
The ideal solution is that if a credential is in the
credentialsarray but is NOT actively linked to any workflows, report a warning but carry on processing the request.What about credentials actively used by the workflow but are not present in the app? Should we create/update the project anyway and let a user manually set up the credential? Just let it fail at runtime? I don't think this is unreasonable given the decoupled nature of credentials. So maybe in this case we complete the request and create the project, but still return an error (not a warning)
See also
#4465
OpenFn/kit#1268