I would like to implement a complex VM provisioning approval process with multiple manual approve steps.
An example scenario is this: Alex requests a new VM, thereby a pending approval is created and handed over to Ben, who edits the request and assigns an IP address for the VM. Then Ben approves the request, at wich point it gets assigned to Clark for review and approval. When Clark approves, the provisioning task is created and eventually the VM will be provisioned.
I have did some research on this, and I identified two possible ways to achieve this scenario:
By catching the request approval event from automate, so that I set the request state back to “Pending” and assign the approval request to a second approver after the first approval has completed. Then after the second approval, let the approval event propagate so that the task is created.
(Hack) Instead of directly provisioning the VM, create a service catalog item for each step in the process (step 1: “VM Provision”, step 2: “Assign IP address”), and implement the workflow by modifying the service provisioning state machine, so that after step 1. has been approved, automatically create a request for the step 2. catalog item (instead of provisioning the VM). Then, after the step 2. catalog item has been approved, provision the VM.
I understand that both of these methods are merely workarounds at best, not real solutions. But unfortunately I couldn’t get even these workarounds working.
With the first approach, I have hit a wall when I was trying to access the “approvals” property (relation) of the “miqProvisionRequest” object. I wanted to create and add a new approval object to the provision request, but it turned out that I can’t access the approvals relationship via DRuby. So it looks like it’s a dead end.
With the second approach, I was able to imitate the workflow behaviour, but then I saw that it is not possible for an approver to modify the request object in case of a catalog item request, as it is with VM provisioning requests. (There is an “Edit” button in the VM provisioning approval screen, but there is no such button in case of service provisioning requests). This way I am unable to implement the scenario where Ben manually enters the IP address of the VM. Again, a dead end.
So my questions are:
- Is either one of the aforementioned approaches doable? If yes, how can I get through the problems described above?
- If not, is there any way to implement this functionality with CloudForms alone, without integrating with an external workflow solution?