Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tests, warehouse: per-provider OIDC admin flags #13871

Merged
merged 6 commits into from
Jun 7, 2023
Merged

tests, warehouse: per-provider OIDC admin flags #13871

merged 6 commits into from
Jun 7, 2023

Conversation

woodruffw
Copy link
Member

Closes #13841.

CC @di: This should be helpful in your form/view work on #13551 🙂

@woodruffw
tests, warehouse: per-provide OIDC admin flags
d9579a7 
Closes pypi#13841.

Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw woodruffw requested a review from a team as a code owner June 6, 2023 03:42
@woodruffw woodruffw added admin Features needed for the Admin UI (people running the site) trusted-publishing labels Jun 6, 2023
@woodruffw woodruffw mentioned this pull request Jun 6, 2023
Closed
di
di reviewed Jun 6, 2023
View reviewed changes
warehouse/manage/views/__init__.py
@@ -1249,7 +1249,7 @@ def add_github_oidc_publisher(self):
if not self.oidc_enabled:
raise HTTPNotFound

if self.request.flags.enabled(AdminFlagValue.DISALLOW_OIDC):
if self.request.flags.disallow_oidc(AdminFlagValue.DISALLOW_GITHUB_OIDC):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should probably make the error message here more accurate, something like "This trusted publisher is temporarily disabled", because the global disable might not be accurate. (This will also potentially help us debug the difference between this error message and other identical ones).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense to me -- this particular callsite is GitHub only, so I can make it clear that GitHub-based trusted publishers are disabled here.

warehouse/manage/views/__init__.py
@@ -1366,7 +1366,7 @@ def delete_oidc_publisher(self):
if not self.oidc_enabled:
raise HTTPNotFound

if self.request.flags.enabled(AdminFlagValue.DISALLOW_OIDC):
if self.request.flags.disallow_oidc():
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this handle publisher-specific deletions?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it could, although I'm not sure if it's worth the complexity: deletion is conceptually "monomorphic" while creation requires us to use the exact provider variant, so we'd need to pass in additional context with the deletion to figure out which type of instance we're actually deleting (and then accept/reject that deletion request based on the right set of flag values).

So IMO not worth it for the amount of code/special-casing it'll take, but if you'd like to have it then I can figure it out 🙂.

warehouse/accounts/views.py
@@ -1604,7 +1604,7 @@ def delete_pending_oidc_publisher(self):
if not self.oidc_enabled:
raise HTTPNotFound

if self.request.flags.enabled(AdminFlagValue.DISALLOW_OIDC):
if self.request.flags.disallow_oidc():
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should this handle publisher-specific deletions?

woodruffw and others added 2 commits June 6, 2023 17:13
@woodruffw @di
Update warehouse/admin/flags.py
7dce63c 
Co-authored-by: Dustin Ingram <di@users.noreply.github.com>
@woodruffw
admin/flags: fixup enabled
5a56bc0 
Signed-off-by: William Woodruff <william@trailofbits.com>
@woodruffw
Copy link
Member Author

@di More generally, what do you think about removing the warehouse.oidc.enabled feature flag? It should be redundant with the admin flag now that the feature has been rolled out. I can do this in this PR or with a follow-on.

@woodruffw
tests, warehouse: fix admin messages
e3c8d12 
Signed-off-by: William Woodruff <william@trailofbits.com>
@di
Copy link
Member

di commented Jun 7, 2023

@di More generally, what do you think about removing the warehouse.oidc.enabled feature flag? It should be redundant with the admin flag now that the feature has been rolled out. I can do this in this PR or with a follow-on.

Yes let's do it in a follow-on PR.

@woodruffw woodruffw mentioned this pull request Jun 7, 2023
Closed
@di di enabled auto-merge (squash) June 7, 2023 15:50
@di di merged commit eeceb6c into pypi:main Jun 7, 2023
@woodruffw woodruffw deleted the tob-oidc-admin-flags branch June 7, 2023 15:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@di di di approved these changes

Assignees
No one assigned
Labels
admin Features needed for the Admin UI (people running the site) trusted-publishing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Admin flags to disable individual Trusted Publisher providers
2 participants
@woodruffw @di