Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature] Abstract the Artifact Storage API via API server #10872

Open
HumairAK opened this issue Jun 5, 2024 · 2 comments
Open

[feature] Abstract the Artifact Storage API via API server #10872

HumairAK opened this issue Jun 5, 2024 · 2 comments
Labels
area/backend area/frontend kind/feature

Comments

@HumairAK
Copy link
Contributor

HumairAK commented Jun 5, 2024
edited
Loading

Feature Area

/area frontend
/area backend

What feature would you like to see?

Currently the KFP Frontend server directly reads from the configured Artifact Storage when visualizing Artifacts. Instead we should abstract artifact storage entirely behind the KFP API server, provide a separate artifact storage api for the Front End, as well as any other clients looking to fetch the same information via the API server directly. We should remove any logic that requires the front end to store credentials for object storage and isolate these to the API server only.

This is how it works today:

image

Notice that, the backend writes the the object store, but the front end reads from it. This requires both the backend and frontend to require access to the object store. There is little reason for this, when we can abstract this entirely behind the backend api server and keep these credentials and artifact store access a pure backend concern.

In an ideal future, the frontend client would not have to query mlmd either, but there's a separate issue for that.

We should instead architect this to be something like the following:

image

What is the use case or pain point?

We see this key api feature as a backend concern that has leaked into the frontend. We also see this as a security concern. There seems to be little reason why the front end should have direct access to the artifact storage.

Furthermore, this forces any other potential client for api server to now also have to have direct access to object storage if they wish to view artifacts, which is breaking KFP abstractions, should a user really have to know where/how in object storage their artifact is being stored?

Is there a workaround currently?

Rely on frontend storage to continue to provide this functionality.

Love this idea? Give it a 👍.
@HumairAK HumairAK mentioned this issue Jul 9, 2024
Merged
1 task
@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 5, 2024

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@github-actions github-actions bot added the lifecycle/stale The issue / pull request is stale, any activities remove this label. label Aug 5, 2024
@HumairAK
Copy link
Contributor Author

HumairAK commented Aug 6, 2024

/remove-lifecycle stale

@google-oss-prow google-oss-prow bot removed the lifecycle/stale The issue / pull request is stale, any activities remove this label. label Aug 6, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/backend area/frontend kind/feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@HumairAK