Work in Progress
Please don't use this Document for now, we are currently updating it.
EUROPLANET2024 Research Infrastructure
Grant agreement no: 871149
Document: VESPA - WP6-2-044- TN-v0.1(16)
This work is licensed under a Creative Commons Attribution 4.0 International License
Data provider on-boarding process
Start date of project: 01 February 2020
Duration: 48 Months
Responsible WP Leader: Stéphane Erard
Project co-funded by the European Union's Horizon 2024 research and innovation programme
Restricted to other programme participants (including the Commission Service)
Restricted to a group specified by the consortium (including the Commission Services)
Confidential, only for members of the consortium (excluding the Commission Services)
EPN2024 - RI
48 months: 01 February 2020 – 31 January 2024
Title of Document
Data provider on-boarding process
Contributing Work package
Abstract: This document describes the on-boarding process for new data providers in VESPA.
Document history (to be deleted before submission to Commission)
VESPA is providing an repository architecture for managing and maintaining VESPA service configuration and metadata, using a GitLab server (https://voparis-gitlab.obspm.fr/vespa). The access to the repositories are granted through EduTEAMS (an authentication and authorisation infrastructure (AAI) service provided by GÉANT). This document presents the workflow of the on-boarding process.
The data provider's on-boarding process is a six step workflow. Steps 1, 3 and 5 require action from the external data provider's team. Steps 2, 4 and 6 require action from the VESPA team.
Step 1. Data Provider requesting an access
The data provider's identifies a list of persons, who will need access to the team repositories on
voparis-gitlab. He sends the corresponding list of emails to firstname.lastname@example.org, requesting a new set of repositories to be set up.
The required information for this step are listed below:
|Acronym of institution or data center||PADC||This will be used for setting up group of repositories as described in VESPA-Hub Repository Architecture (see <institute> placeholder)|
|Institution logo||The logo will be used (if available) as the group icon on |
|Name of the server(s) to be implemented||voparis-tap-planeto||This will be used for setting up group and repositories as described in VESPA-Hub Repository Architecture (see <server_name> placeholder)|
|Name of the service(s) to be implemented||planets||This will be used for setting up repositories as described in VESPA-Hub Repository Architecture (see <service_name> placeholder)|
|List of persons, whom access should be granted to||John Doe (email@example.com)|
In case of a team selected during an annual VESPA workshop, this step is done through the VESPA workshop call.
Step 2. VESPA inviting persons to EduTEAMS and preparing the repositories
A VESPA EduTEAMS administrator invites all the persons listed in step 1.
The VESPA administrator must log into EduTEAMS management web interface (https://mms.eduteams.org) and authenticate with its identity provider (IdP). With the "invite member" button, the administrator can invite new users.
The VESPA administrator creates a group in EduTEAMS. In the "Groups" tab, click on "Create". Then enter the group "Name" (acronym of institute, as given in step 1), a short description (e.g.: "<<insitute>> services"), and select "providers" as a parent.
The VESPA team also prepares the groups and repositories according to the information provided in step 1, and following the VESPA-Hub Repository Architecture document.
Step 3. Data provider team members accepting invitation on EduTEAMS
Each team member listed in step 1 should have received an invitation email from EduTEAMS and should accept it. During the EduTEAMS registration process, the new user shall identify himself or herself through his/her preferred identity provider (IdP). If the new user's institution is available in the proposed IdP list, it should be selected. Other means of authentication include ORCID, Github, etc.
Step 4. VESPA to approve new user and setup group membership
For new user, the administrator will receive an email stating a pending approval for a new user. Once the user application is approved (by clicking on the link provided in the automated email), the administrator sets up the group membership on EduTEAMS. In the "Groups" tab, select the desired group. On the new group tab, use the "add" button to search and add new user to the group.
On the "Add member(s)" interface, type the name of the new user in the text box and click on "search". Selected the desired user profile and click on "Add".
Step 5. New users to log into voparis-gitlab for a first time
After step 4, each new user has to log into https://voparis-gitlab.obspm.fr a first time, using the EduTEAMS login method, so that the GitLab server creates their account.
At this point, the new users can access voparis-gitlab, but their access to their repositories are not granted yet.
Step 6. VESPA granting access to repositories
The VESPA teams adds the new gitlab users (after step 5 is done) to their respective repositories and groups, with "Owner" role, and no expiration date.
After the team members have been granted access to their repositories, they can start working on their resources (as defined in VESPA-Hub Repository Architecture):
- The server configuration repository, which stores the DaCHS server configuration files.
- The service resource repositories, which store the configuration and scripts associated to each individual scientific service (see: Individual Repository for VESPA Service Resource Descriptor in DaCHS).
Each repository will serve as a backup repository, a development environment and a issue tracker. The VESPA team hence will support the providers' teams in the configuration of their servers and the development of their services.