Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

/api/auth/rules endpoint implementation improvements #5190

Merged
merged 7 commits into from
Nov 2, 2022
Merged

/api/auth/rules endpoint implementation improvements #5190

merged 7 commits into from
Nov 2, 2022

Conversation

azhavoro
Copy link
Contributor

Motivation and context

How has this been tested?

Checklist

License

  • I submit my code changes under the same MIT License that covers the project.
    Feel free to contact the maintainers if that's a concern.

@azhavoro azhavoro marked this pull request as ready for review October 31, 2022 11:32
@azhavoro azhavoro requested a review from nmanovic as a code owner October 31, 2022 11:32
@azhavoro
Copy link
Contributor Author

/check

@github-actions
Copy link
Contributor

github-actions bot commented Oct 31, 2022
edited
Loading

❌ Some checks failed
📄 See logs here

@azhavoro
Copy link
Contributor Author

/check

@github-actions
Copy link
Contributor

github-actions bot commented Oct 31, 2022
edited
Loading

🚫 Workflows has been canceled
📄 See logs here

nmanovic
nmanovic reviewed Oct 31, 2022
View reviewed changes
cvat/apps/iam/apps.py Outdated

class IAMConfig(AppConfig):
name = 'cvat.apps.iam'

def ready(self):
from .signals import register_signals
register_signals(self)

if strtobool(os.environ.get("IAM_BUNDLE_RULES", '0')):
bundle_path = Path(settings.IAM_RULE_BUNDLE_PATH)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use the same pattern for names. For now we have IAM_RULE_BUNDLE, IAM_BUNDLE_RULES.

I will recommend something like IAM_OPA_BUNDLE

nmanovic
nmanovic reviewed Nov 1, 2022
View reviewed changes
.github/workflows/full.yml Outdated
max_tries=12
while [[ $(curl -s -o /dev/null -w "%{http_code}" localhost:8181/health) != "200" && max_tries -gt 0 ]]; do (( max_tries-- )); sleep 5; done
while [[ $(curl -s -o /dev/null -w "%{http_code}" localhost:8181/health?bundle=true) != "200" && max_tries -gt 0 ]]; do (( max_tries-- )); sleep 5; done
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bundles - Boolean parameter to account for bundle activation status in response. This includes any discovery bundles or bundles defined in the loaded discovery configuration.

nmanovic
nmanovic reviewed Nov 1, 2022
View reviewed changes
.github/workflows/main.yml Outdated

max_tries=12
while [[ $(curl -s -o /dev/null -w "%{http_code}" localhost:8181/health) != "200" && max_tries -gt 0 ]]; do (( max_tries-- )); sleep 5; done
while [[ $(curl -s -o /dev/null -w "%{http_code}" localhost:8181/health?bundle=true) != "200" && max_tries -gt 0 ]]; do (( max_tries-- )); sleep 5; done
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bundles - Boolean parameter to account for bundle activation status in response. This includes any discovery bundles or bundles defined in the loaded discovery configuration.

nmanovic
nmanovic reviewed Nov 1, 2022
View reviewed changes
.github/workflows/schedule.yml Outdated
max_tries=12
while [[ $(curl -s -o /dev/null -w "%{http_code}" localhost:8181/health) != "200" && max_tries -gt 0 ]]; do (( max_tries-- )); sleep 5; done
while [[ $(curl -s -o /dev/null -w "%{http_code}" localhost:8181/health?bundle=true) != "200" && max_tries -gt 0 ]]; do (( max_tries-- )); sleep 5; done
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bundles - Boolean parameter to account for bundle activation status in response. This includes any discovery bundles or bundles defined in the loaded discovery configuration.

nmanovic
nmanovic reviewed Nov 1, 2022
View reviewed changes
.vscode/launch.json Outdated
"CVAT_SERVERLESS": "1"
"CVAT_SERVERLESS": "1",
"ALLOWED_HOSTS": "*",
"IAM_BUNDLE_RULES": "1"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's use IAM_OPA_BUNDLE here

nmanovic
nmanovic reviewed Nov 1, 2022
View reviewed changes
cvat/apps/iam/apps.py Outdated

class IAMConfig(AppConfig):
name = 'cvat.apps.iam'

def ready(self):
from .signals import register_signals
register_signals(self)

if strtobool(os.environ.get("IAM_BUNDLE_RULES", '0')):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's create a separate function create_opa_bundle

nmanovic
nmanovic reviewed Nov 1, 2022
View reviewed changes
cvat/settings/base.py Outdated
@@ -390,6 +390,9 @@ def add_ssh_keys():
TMP_FILES_ROOT = os.path.join(DATA_ROOT, 'tmp')
os.makedirs(TMP_FILES_ROOT, exist_ok=True)

IAM_RULE_BUNDLE_PATH = os.path.join(STATIC_ROOT, 'opa', 'bundle.tar.gz')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IAM_OPA_BUNDLE_PATH

@nmanovic nmanovic merged commit 49bdef0 into develop Nov 2, 2022
@nmanovic nmanovic deleted the az/init_opa branch November 2, 2022 04:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nmanovic nmanovic nmanovic approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@azhavoro @nmanovic