allow writing into Data Volume in job submission #9
Conversation
There was a problem hiding this comment.
I don't understand the lines like
426/554: datVols.append({'userVolumeId': vol.get('id')...
I thought data volumes are identified by their name, not by a userVolumeId.
Also, the API expect for datavolumes the attribute 'writable', not 'needsWriteAccess'.
I have attached a version of submitShellCommandJob that I have used to work around not being able to write to data volumes. See attached file:
|
the VolumeContainerModel seems to have both a name and an id. I'm now adding both, but probably you remember better whether name is enforced to be unique at registration time. |
…ult outputs types for rdb domain queries.
py2/SciServer/Jobs.py
Outdated
| @@ -410,7 +410,7 @@ def submitNotebookJob(notebookPath, dockerComputeDomain=None, dockerImageName=No | |||
| datVols = []; | |||
| if dataVolumes is None: | |||
There was a problem hiding this comment.
I know this is not part of this PR, but I believe that when no dataVolumes are explicitly provided, whether as [] or as None, we should NOT mount any data volumes.
There was a problem hiding this comment.
however, in any case I would NOT make them writable, even though the DV may be writable by default. I would be happy if users are explicit in what thye want us to do, and if by accident (not providing explicit list) they mount all data volumes, at least they should not be writable.
There was a problem hiding this comment.
Currently behavior is to mount everything if no volumes are specified though. I think that does make for a much more convenient experience for the user instead having to specify a long list of dictionaries of user and data volumes.
There was a problem hiding this comment.
@jonashaase : could you confirm you agree with the changes I just made?
| @@ -422,12 +422,12 @@ def submitNotebookJob(notebookPath, dockerComputeDomain=None, dockerImageName=No | |||
| if vol.get('name') == dVol.get('name'): | |||
| found = True; | |||
| if dVol.get('needsWriteAccess'): | |||
| if dVol.get('needsWriteAccess') is True and 'write' in vol.get('allowedActions'): | |||
| if dVol.get('needsWriteAccess') is True: | |||
There was a problem hiding this comment.
why is the constraint on "'write' in allowedActions" removed?
There was a problem hiding this comment.
it's a bug fix (vol does not have 'allowedActions' field)
| datVols.append({'id': vol.get('id'), 'name': vol.get('name'), 'writable': True}); | ||
| else: | ||
| datVols.append({'id': vol.get('id'), 'name': vol.get('name'), 'writable': False}); | ||
| else: | ||
| if 'write' in vol.get('allowedActions'): | ||
| if vol.get('writable') is True: |
There was a problem hiding this comment.
again here if a user does not ask for write access we should not give it by default, even if they are allowed to write there..
I'd rather err on the side of caution.
py2/SciServer/Jobs.py
Outdated
| @@ -538,7 +536,7 @@ def submitShellCommandJob(shellCommand, dockerComputeDomain = None, dockerImageN | |||
| datVols = []; | |||
| if dataVolumes is None: | |||
| for vol in dockerComputeDomain.get('volumes'): | |||
| if 'write' in vol.get('allowedActions'): | |||
| if vol.get('writable') is True: | |||
… parameter value (but give data volumes only read permissions)
|
additions were made based on a conversation on slack. Will copy that here: so @channel any votes for using the word 'all', both for data and user volumes to explicitly indicate all should be mounted? for data volumes this would imply all read-only, for user volumes mounting writable would depend on what rights you have? |
| if userVolumes is None: | ||
| if userVolumes == 'all': |
There was a problem hiding this comment.
Should we be concerned with backward compatibility here? There may be some cases where users code is passing None and expecting all volumes. Might be good to give a warning about changing behavior prior to all out removal, or at least print warning that behavior has already changed.
|
Agree, warning should be given for some time.
Or maybe not even allow None and throw an exception?
We currently seem to have None as default.
We could make 'all' the default and a user would have had to explicitly have the value set to None to have a problem with backwards compatibility.
|
|
Could throw an exception, but new documentation and version number warn users as well. Much more disruptive changes might come in the future (like using classes), so users should not expect backwards compatibility for always. |
|
I don't think that is realistic to expect our users to check version labels and documentation.
They are not explicitly updating their python install or their sciserver modules, they just create a new container.
So it is reasonable to expect them to be surprised if their code does not work anymore.
And we should give an explicit indication of the reason why.
|
|
Yes, this is what I am getting after. There does appear to be some possible sense in a |
|
ok. so choice is how to treat None if it is used as an explicit value. |
|
@mtaghiza just pushed a change to raise an exception, so none will no longer be valid. It will get the job done (nicer would be as you said, turn it to all and put warning - so anyone passing None won't have to fix things immediately) |
|
@mtaghiza would you consider changing the behaviour to turn None to 'all' and raise a warning? |
sure, I did, but not in all methods. Just pushed it. |
|
I meant that if a user specifies None explicitly for userVolumes or dataVolumes, the code will not throw an exception, but change that variable to 'all' and raise a warning. currently still throws an exception. |
In this particular case, we might be overcomplicating things with adding a warning for a while an then sometime in the future switch the code to throw the exception. If we simply throw the exception in the first place, it is not the case that all users will immediately need to spend some time and effort updating their code. In fact, it is quite the contrary: it will only affect those users that have explicitly assigned the value to None, and only if they happen to create a new container and run the same code in it at some undetermined point in the future. More over, the code update is so trivial and explicit that those particular users can change the value from None to 'all' in a few seconds. And in real life, these end users generally disregard warnings whatsoever, and wait until the last second to update their code only when it breaks, which they will have to do anyways. |
| for vol in dockerComputeDomain.get('volumes'): | ||
| datVols.append({'name': vol.get('name')}); | ||
| datVols.append({'id': vol.get('id'), 'name': vol.get('name'), 'writable': False}); | ||
|
|
||
| else: | ||
| for dVol in dataVolumes: |
There was a problem hiding this comment.
it is still possible for the input argument dataVolumes to be None. In that case this code would throw an error I think.
maybe protect against that by setting dataVolumes to [] if the input was None?
Same for userVolumes.
| for vol in dockerComputeDomain.get('volumes'): | ||
| datVols.append({'name': vol.get('name')}); | ||
| datVols.append({'id': vol.get('id'), 'name': vol.get('name'), 'writable': False}); |
There was a problem hiding this comment.
Just noting here that we treat data volumes differently from user volumes. in the latter needsWriteAccess is decided by user privilege when 'all', for former we want users to explicitly ask for write access.
No description provided.