https://docs.datomic.com/cloud/whatis/data-model.html#sec-5

is that saying its ok to use :person/name instead of :customer/name or :employee/name ?

and differentiate between customer or employee by other attributes? for ex: :person/department, :person/role for employees.

just confused if that advice is given for prototyping or is idiomatic to do so

Seems like Datomic Cloud (with :server-type :ion) doesn't like namespaced database names?

I also can't seem to list-databases (https://docs.datomic.com/client-api/datomic.client.api.html#var-list-databases) to work 😞

(def cfg {:server-type :ion,
          :region "us-east-1",
          :system "dev",
          :query-group "dev",
          :endpoint "",
          :proxy-port 8182})
=> #'user/cfg
(def client (d/client cfg))
=> #'user/client
(d/list-databases client)
CompilerException java.lang.IllegalArgumentException: No single method: list_databases of interface: datomic.client.api.Client found for function: list-databases of protocol: Client, compiling:(/tmp/form-init5702408163425337762.clj:1:1)

I'm having the same error as this user: https://forum.datomic.com/t/issue-retrieving-com-datomic-ion-dependency-from-datomic-cloud-maven-repo/508 except that I can't download the jar at all:

es@bocha:~/src/ion-starter$ aws s3 cp  .
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden

wget works, though, so I'm baffled

FWIW, this is my version of AWS Tools:

es@bocha:~/src/ion-starter$ aws --version
aws-cli/1.14.28 Python/2.7.12 Linux/4.4.0-130-generic botocore/1.8.32

if I either add --no-sign-request to the aws invocation or if I add read permission for arn:aws:s3:::datomic-releases-1fc2183a/* in the IAM group of the user I have credentials configured for, then the aws cp succeeds, but I still get the same error when trying to run clj

if I rename my ~/.aws/credentials to something else, then last cause in the traceback becomes Caused by: com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain instead of Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 542B5E955147817A; S3 Extended Request ID: (elided), so, unlike in the forum report above, it seems the right credentials are getting picked up by clj

https://forum.datomic.com/t/issue-retrieving-com-datomic-ion-dependency-from-datomic-cloud-maven-repo/508/6

If you set your aws resources file in the terminal does aws s3 cp work?

nvm. I see your results

it seems I was missing at least one other permission, GetBucketLocation for <s3://datomic-releases-1fc2183a> . actually, if I go lazy and allow all S3 ops for all buckets and objects, then clj works. I created a new AWS IAM user for this tutorial, and I only assigned it the datomic-admin-­­$APP-$REGION policy. I guess most people just use their existing AWS credentials, which have access to everything, and that's why they don't get bitten by this issue?

bottom line: I think permissions to access the datomic repos should be given to the autogenerated datomic-admin-... policies

I can continue to pinpoint the exact permissions if that's useful

Were you using an old account for AWS? You have to have an account that supports EC2-VPC

If your AWS account was prior to DEC 4 2013 it wouldn’t support EC2-VPC

That wouldn’t be it nvm

I need to look again at what perms are needed

@jaret: adding these permissions solved it for me:

{
            "Sid": "VisualEditor2",
            "Effect": "Allow",
            "Action": [
                "s3:GetObject",
                "s3:GetBucketLocation"
            ],
            "Resource": [
                "arn:aws:s3:::datomic-releases-1fc2183a",
                "arn:aws:s3:::datomic-releases-1fc2183a/maven/releases/*"
            ]
        }

I got the following error trying to perform the initial push in the ions tutorial:

{:command-failed "{:op :push}",
 :causes
 ({:message
   "Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 2AF8C01FF6D0B032; S3 Extended Request ID: (elided)",
   :class AmazonS3Exception})}

{
            "Sid": "VisualEditor3",
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::datomic-code-3a1b169a-4a28-4693-8e32-891f20e65112/*",
                "arn:aws:s3:::datomic-code-3a1b169a-4a28-4693-8e32-891f20e65112"
            ]
        }

nitpick: I now get the following error when trying to do the initial push. it's obvious that I need to commit the addition of the ion-config.edn, but the tutorial doesn't mention it

{:command-failed "{:op :push}",
 :causes
 ({:message
   "You must either specify a uname or deploy from clean git commit",
   :class IllegalArgumentException})}

another permissions error. I'm wondering whether I did something wrong in the datomic cloud setup

{:command-failed "{:op :push}",
 :causes
 ({:message
   "User: arn:aws:iam::563900263565:user/deitomique is not authorized to perform: codedeploy:RegisterApplicationRevision on resource: arn:aws:codedeploy:eu-central-1:563900263565:application:deitomique (Service: AmazonCodeDeploy; Status Code: 400; Error Code: AccessDeniedException; Request ID: d00b0b01-83f9-11e8-ad19-ad95a71fbe60)",
   :class AmazonCodeDeployException})}

and then some more in CloudFormation and StepFunction, when deploying

finally, I get the following error when trying to invoke the API Gateway endpoint via curl: {"message":"Missing Authentication Token"}

nevermind; I was using the URL as it appears in the Invoke URL, so I was missing the /datomic at the end of the path

what's this /datomic suffix all about anyway? should I just add /datomic at the end of any Invoke URLs exposed via API Gateway, or is that set somewhere (that I missed) in the ion-starter project?

ions is awesome BTW; I was just pointing out points of friction in the tutorial, should that help

@euccastro That's a recent bug fix in the tutorial. /datomic can be anything... makes sense if you think about having many routes associated with your endpoint based on request path.

thanks!

If anyone is looking for a super basic, very fast, getting started material for Datomic Ions, I’ve put this together last night: https://twitter.com/tiagoluchini/status/1016698810364461058

hi, is it the case that say limit and offset aren’t available in the sync client API?

why do you believe that?

@eoliphant https://docs.datomic.com/cloud/client/client-api.html#offset-and-limit

yes that’s what I’m looking at. The async api for say q takes a map of the form {:query '[:find ..] :offset .. :limit ..} The sync api looks like the same list (or map) form as on prem [:find .. :where.. ]

yeah it looks like :chunk :offset and :limit are only available for the async api

@eoliphant That's not correct. From the docs "The arity-1 version takes :query and :args in arg-map, which allows additional options for :offset, :limit, and :timeout. See namespace doc."

(arity-1 version (q {:query '[:find ..] :offset .. :limit ..}))

ah yeah, I didn’t pull the db in to the map

Need some help to formulate a query. In my application, a character can have a set of skills. Those skills can be based of off other skills. And those skills can be based of off other skills again. How do I write a recursive query which gives me all the skills of a character, but also all the skills those skills reference?

If that was confusing I can happily make a better attempt at explaining it.

You probably need to use rules: https://docs.datomic.com/on-prem/query.html#rules

I might be missing something obvious here. But I don't know why this would help 😅

oh

I think I get it... opening repl

No. I didn't 😞

I fail to see how rules can be used to form recursive queries 😕

You set up two rules with the same name. One that is your base case, one that follows your "skills" chain and recursively calls the rule, again.

ahh, ok

Thanks for the heads up 😃

Hi! What is the best way to fill a datomic database with test data?

Hey, I'm still not on ions 😢 There is cons on run datomic on fargate? Apart from formatting/html issues, is there a problem in this tutorial? https://www.avisi.nl/blog/2018/02/13/how-to-run-the-datomic-transactor-on-amazon-ecs-fargate

Trying to follow the “First time upgrade instructions” https://docs.datomic.com/cloud/operation/upgrading.html I don’t see the “Reuse existing storage on create” option to mark true in my AWS console.. Did they change it on us?

@fingertoe It's there. Are you sure that you copied the storage template?