Peerless + New Argo
This commit is contained in:
@@ -65,6 +65,10 @@ type ComputeResourceInstance struct {
|
||||
Nodes []*ComputeNode `json:"nodes,omitempty" bson:"nodes,omitempty"`
|
||||
}
|
||||
|
||||
// IsPeerless is always false for compute instances: a compute resource is
|
||||
// infrastructure owned by a peer and can never be declared peerless.
|
||||
func (ri *ComputeResourceInstance) IsPeerless() bool { return false }
|
||||
|
||||
func NewComputeResourceInstance(name string, peerID string) ResourceInstanceITF {
|
||||
return &ComputeResourceInstance{
|
||||
ResourceInstance: ResourceInstance[*ComputeResourcePartnership]{
|
||||
|
||||
@@ -68,6 +68,13 @@ func NewDataInstance(name string, peerID string) ResourceInstanceITF {
|
||||
}
|
||||
|
||||
func (ri *DataInstance) StoreDraftDefault() {
|
||||
// Enforce peerless invariant: a public-origin instance cannot have peer ownership.
|
||||
if ri.Origin.Ref != "" && (ri.CreatorID != "" || len(ri.Partnerships) > 0) {
|
||||
// Strip partnerships and creator: the structural invariant wins.
|
||||
// Origin.Ref presence is the authoritative signal that this is peerless.
|
||||
ri.CreatorID = ""
|
||||
ri.Partnerships = nil
|
||||
}
|
||||
found := false
|
||||
for _, p := range ri.ResourceInstance.Env {
|
||||
if p.Attr == "source" {
|
||||
|
||||
@@ -28,6 +28,8 @@ type ResourceInstanceITF interface {
|
||||
utils.DBObject
|
||||
GetID() string
|
||||
GetName() string
|
||||
GetOrigin() OriginMeta
|
||||
IsPeerless() bool
|
||||
StoreDraftDefault()
|
||||
ClearEnv()
|
||||
FilterInstance(peerID string)
|
||||
|
||||
31
models/resources/origin.go
Normal file
31
models/resources/origin.go
Normal file
@@ -0,0 +1,31 @@
|
||||
package resources
|
||||
|
||||
// OriginType qualifies where a resource instance comes from.
|
||||
type OriginType int
|
||||
|
||||
const (
|
||||
// OriginPeer: instance offered by a known network peer (default).
|
||||
OriginPeer OriginType = iota
|
||||
// OriginPublic: instance from a public registry (Docker Hub, HuggingFace, etc.).
|
||||
// No peer confirmation is needed; access is unrestricted.
|
||||
OriginPublic
|
||||
// OriginSelf: self-hosted instance with no third-party peer.
|
||||
OriginSelf
|
||||
)
|
||||
|
||||
// OriginMeta carries provenance information for a resource instance.
|
||||
type OriginMeta struct {
|
||||
Type OriginType `json:"origin_type" bson:"origin_type"`
|
||||
Ref string `json:"origin_ref,omitempty" bson:"origin_ref,omitempty"` // e.g. "docker.io/pytorch/pytorch:2.1"
|
||||
License string `json:"origin_license,omitempty" bson:"origin_license,omitempty"` // SPDX identifier or free-form
|
||||
Verified bool `json:"origin_verified" bson:"origin_verified"` // manually vetted by an OC admin
|
||||
}
|
||||
|
||||
// IsPeerless MUST NOT be used for authorization decisions.
|
||||
// Use ResourceInstance.IsPeerless() instead, which derives the property
|
||||
// from structural invariants rather than this self-declared field.
|
||||
//
|
||||
// This method is kept only for display/logging purposes.
|
||||
func (o OriginMeta) DeclaredPeerless() bool {
|
||||
return o.Type != OriginPeer
|
||||
}
|
||||
@@ -50,6 +50,15 @@ type ProcessingInstance struct {
|
||||
Access *ProcessingResourceAccess `json:"access,omitempty" bson:"access,omitempty"` // Access is the access
|
||||
}
|
||||
|
||||
func (ri *ProcessingInstance) StoreDraftDefault() {
|
||||
// Enforce peerless invariant: a public-origin instance cannot have peer ownership.
|
||||
if ri.Origin.Ref != "" && (ri.CreatorID != "" || len(ri.Partnerships) > 0) {
|
||||
ri.CreatorID = ""
|
||||
ri.Partnerships = nil
|
||||
}
|
||||
ri.ResourceInstance.StoreDraftDefault()
|
||||
}
|
||||
|
||||
func NewProcessingInstance(name string, peerID string) ResourceInstanceITF {
|
||||
return &ProcessingInstance{
|
||||
ResourceInstance: ResourceInstance[*ResourcePartnerShip[*ProcessingResourcePricingProfile]]{
|
||||
|
||||
@@ -175,6 +175,12 @@ func VerifyAuthAction[T ResourceInstanceITF](baseInstance []T, request *tools.AP
|
||||
if len(instanceID) > 0 && !slices.Contains(instanceID, instance.GetID()) {
|
||||
continue
|
||||
}
|
||||
// Structurally peerless instances (no creator, no partnerships, non-empty Ref)
|
||||
// are freely accessible by any requester.
|
||||
if instance.IsPeerless() {
|
||||
instances = append(instances, instance)
|
||||
continue
|
||||
}
|
||||
_, peerGroups := instance.GetPeerGroups()
|
||||
for _, peers := range peerGroups {
|
||||
if request == nil {
|
||||
@@ -206,6 +212,7 @@ type GeoPoint struct {
|
||||
|
||||
type ResourceInstance[T ResourcePartnerITF] struct {
|
||||
utils.AbstractObject
|
||||
Origin OriginMeta `json:"origin,omitempty" bson:"origin,omitempty"`
|
||||
Location GeoPoint `json:"location,omitempty" bson:"location,omitempty"`
|
||||
Country countries.CountryCode `json:"country,omitempty" bson:"country,omitempty"`
|
||||
AccessProtocol string `json:"access_protocol,omitempty" bson:"access_protocol,omitempty"`
|
||||
@@ -231,6 +238,19 @@ func NewInstance[T ResourcePartnerITF](name string) *ResourceInstance[T] {
|
||||
}
|
||||
}
|
||||
|
||||
func (ri *ResourceInstance[T]) GetOrigin() OriginMeta {
|
||||
return ri.Origin
|
||||
}
|
||||
|
||||
// IsPeerless returns true when the instance has no owning peer and a non-empty
|
||||
// registry reference. This is derived from structural invariants — NOT from the
|
||||
// self-declared Origin.Type field — to prevent auth bypass via metadata manipulation:
|
||||
//
|
||||
// CreatorID == "" ∧ len(Partnerships) == 0 ∧ Origin.Ref != ""
|
||||
func (ri *ResourceInstance[T]) IsPeerless() bool {
|
||||
return ri.CreatorID == "" && len(ri.Partnerships) == 0 && ri.Origin.Ref != ""
|
||||
}
|
||||
|
||||
func (ri *ResourceInstance[T]) FilterInstance(peerID string) {
|
||||
partnerships := []T{}
|
||||
for _, p := range ri.Partnerships {
|
||||
@@ -249,6 +269,9 @@ func (ri *ResourceInstance[T]) ClearEnv() {
|
||||
}
|
||||
|
||||
func (ri *ResourceInstance[T]) GetProfile(peerID string, partnershipIndex *int, buyingIndex *int, strategyIndex *int) pricing.PricingProfileITF {
|
||||
if ri.IsPeerless() {
|
||||
return pricing.GetDefaultPricingProfile()
|
||||
}
|
||||
if partnershipIndex != nil && len(ri.Partnerships) > *partnershipIndex {
|
||||
prts := ri.Partnerships[*partnershipIndex]
|
||||
return prts.GetProfile(buyingIndex, strategyIndex)
|
||||
@@ -262,6 +285,9 @@ func (ri *ResourceInstance[T]) GetProfile(peerID string, partnershipIndex *int,
|
||||
}
|
||||
|
||||
func (ri *ResourceInstance[T]) GetPricingsProfiles(peerID string, groups []string) []pricing.PricingProfileITF {
|
||||
if ri.IsPeerless() {
|
||||
return []pricing.PricingProfileITF{pricing.GetDefaultPricingProfile()}
|
||||
}
|
||||
pricings := []pricing.PricingProfileITF{}
|
||||
for _, p := range ri.Partnerships {
|
||||
pricings = append(pricings, p.GetPricingsProfiles(peerID, groups)...)
|
||||
@@ -277,6 +303,10 @@ func (ri *ResourceInstance[T]) GetPricingsProfiles(peerID string, groups []strin
|
||||
}
|
||||
|
||||
func (ri *ResourceInstance[T]) GetPeerGroups() ([]ResourcePartnerITF, []map[string][]string) {
|
||||
// Structurally peerless: universally accessible — wildcard on all peers.
|
||||
if ri.IsPeerless() {
|
||||
return []ResourcePartnerITF{}, []map[string][]string{{"*": {"*"}}}
|
||||
}
|
||||
groups := []map[string][]string{}
|
||||
partners := []ResourcePartnerITF{}
|
||||
for _, p := range ri.Partnerships {
|
||||
|
||||
@@ -57,6 +57,10 @@ type StorageResourceInstance struct {
|
||||
Throughput string `bson:"throughput,omitempty" json:"throughput,omitempty"` // Throughput is the throughput of the storage
|
||||
}
|
||||
|
||||
// IsPeerless is always false for storage instances: a storage resource is
|
||||
// infrastructure owned by a peer and can never be declared peerless.
|
||||
func (ri *StorageResourceInstance) IsPeerless() bool { return false }
|
||||
|
||||
func NewStorageResourceInstance(name string, peerID string) ResourceInstanceITF {
|
||||
return &StorageResourceInstance{
|
||||
ResourceInstance: ResourceInstance[*StorageResourcePartnership]{
|
||||
|
||||
Reference in New Issue
Block a user