WF-004: Workstation Provisioning Workflow
Overview
This workflow automatically provisions GCP Cloud Workstations when a user completes subscription checkout. It determines the appropriate machine configuration based on subscription tier and handles the full lifecycle from creation to user notification.
Trigger: Pub/Sub message on workstation-provisioning-sub
Duration: ~30-120 seconds (GCP workstation creation)
Related Workflows: WF-002 (Checkout), WF-003 (Stripe Webhook)
Prerequisites
Before starting, ensure you have:
- Required tools installed
- Access to necessary resources
- Basic understanding of concepts
Verify setup:
# Verification command
Workflow Diagram
Step-by-Step Narrative
Step 1: Provisioning Event Received
- Node: Provision Event Trigger
- Type: Google Cloud Pub/Sub Trigger
- Subscription:
workstation-provisioning-sub - Actions:
- Receives provisioning request from Pub/Sub
- Extracts message data:
user_id,org_id,tier - Acknowledges message to prevent redelivery
Step 2: Determine Workstation Configuration
- Node: Determine Workstation Config
- Type: Code (JavaScript)
- Actions:
- Maps subscription tier to machine configuration:
- Starter: e2-medium, 50GB disk
- Professional: e2-highmem-4, 100GB disk
- Business: n2-highmem-8, 200GB disk
- Enterprise: n2-highmem-16, 500GB disk
- Generates unique workstation ID:
ws-{user_id_prefix} - Prepares configuration payload
- Maps subscription tier to machine configuration:
Step 3: Create Workstation Record
- Node: Create Workstation Record
- Type: PostgreSQL Insert
- Table:
public.workstations - Actions:
- Inserts workstation record with status
creating - Stores machine type and disk size
- Associates with user and organization
- Records creation timestamp
- Inserts workstation record with status
Step 4: Call GCP Workstations API
- Node: Create GCP Workstation
- Type: HTTP Request (REST API)
- Endpoint:
workstations.googleapis.com/v1/.../workstations - Method: POST
- Actions:
- Creates workstation in GCP
- Specifies workstation config based on tier
- Sets environment variables for user context
- Returns operation name for status polling
Step 5: Wait for Creation
- Node: Wait for Creation
- Type: Wait Node
- Duration: 10 seconds
- Actions:
- Pauses workflow to allow GCP to create workstation
- Prevents excessive API polling
- Allows GCP time to initialize resources
Step 6: Check Workstation Status
- Node: Check Workstation Status
- Type: HTTP Request (REST API)
- Endpoint:
workstations.googleapis.com/v1/{workstation_name} - Method: GET
- Actions:
- Polls workstation status from GCP
- Checks for
STATE_RUNNING - Returns current state and metadata
Step 7: Status Check Loop
- Node: Is Running?
- Type: If/Else Condition
- Condition:
state === 'STATE_RUNNING' - Actions:
- If Running: Proceed to update and notify
- If Not Running: Loop back to wait and check again
- Maximum 12 iterations (2 minutes total)
Step 8: Update Status to Running
- Node: Update Status Running
- Type: PostgreSQL Update
- Table:
public.workstations - Actions:
- Updates status to
running - Stores GCP workstation resource name
- Records
provisioned_attimestamp - Updates organization
workstation_count
- Updates status to
Step 9: Send Ready Email
- Node: Send Ready Email
- Type: Email Send
- Actions:
- Notifies user their workstation is ready
- Includes machine specifications
- Provides "Launch Workstation" button/link
- Sent from:
noreply@coditect.ai
Step 10: Publish Ready Event
- Node: Publish Ready Event
- Type: Google Cloud Pub/Sub
- Topic:
workstation-events - Actions:
- Publishes
workstation.readyevent - Includes workstation ID and user ID
- Enables analytics and monitoring integrations
- Triggers any downstream automation
- Publishes
Data Flow
Input (Pub/Sub message):
{
"user_id": "user-uuid",
"org_id": "org-uuid",
"tier": "professional",
"user_email": "user@example.com"
}
Database Record:
{
"id": "ws-uuid",
"organization_id": "org-uuid",
"user_id": "user-uuid",
"machine_type": "e2-highmem-4",
"boot_disk_size_gb": 100,
"status": "running",
"gcp_workstation_id": "projects/.../workstations/ws-xxx"
}
Output (Pub/Sub event):
{
"event": "workstation.ready",
"user_id": "user-uuid",
"workstation_id": "projects/.../workstations/ws-xxx",
"timestamp": "2024-01-15T10:30:00Z"
}
Tier Configuration Matrix
| Tier | Machine Type | vCPUs | Memory | Disk | Monthly Cost |
|---|---|---|---|---|---|
| Starter | e2-medium | 2 | 4GB | 50GB | ~$25 |
| Professional | e2-highmem-4 | 4 | 32GB | 100GB | ~$80 |
| Business | n2-highmem-8 | 8 | 64GB | 200GB | ~$200 |
| Enterprise | n2-highmem-16 | 16 | 128GB | 500GB | ~$500 |
Error Handling
| Error | Cause | Action |
|---|---|---|
| GCP API 403 | Quota exceeded | Alert ops, queue for retry |
| GCP API 409 | Name conflict | Generate new ID, retry |
| Creation timeout | GCP delay | Extend polling, alert if >5min |
| DB write failure | Connection issue | Retry with exponential backoff |
Monitoring and Alerts
-
Prometheus Metrics:
workstation_provisioning_duration_secondsworkstation_provisioning_success_totalworkstation_provisioning_failure_total
-
Alerting Rules:
- Provisioning takes >3 minutes → Warning
- Provisioning fails → Critical, page on-call
Security Considerations
- GCP Workstation runs in tenant-isolated VPC
- User environment variables encrypted in transit
- Workstation ID not predictable (UUID-based)
- OAuth2 authentication for GCP API calls
- Audit log entry for compliance
Related Documents
Troubleshooting
Common Issue 1
Problem: Description of issue Solution: Steps to resolve
Common Issue 2
Problem: Description of issue Solution: Steps to resolve
Next Steps
After completing this guide:
- Explore: Additional related features
- Practice: Apply concepts in your project
- Reference: Related documentation