Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Restricted Queues #406

Merged
merged 6 commits into from
Dec 3, 2024
Merged

Restricted Queues #406

merged 6 commits into from
Dec 3, 2024

Conversation

val500
Copy link
Contributor

@val500 val500 commented Nov 14, 2024
edited
Loading

Description

This PR adds restricted queue functionality to Testflinger. Restricted Queues are special queues that require authentication/authorization for job submission. A list of these queues are stored in a collection called restricted_queues. For every job submitted, the requested queue is checked to make sure it is not in the restricted queue collection. If it is, a JWT token must be submitted with the job with adequate permission to push to that restricted queue.

Resolved issues

Resolves https://warthogs.atlassian.net/browse/CERTTF-419

Documentation

Documentation was added to the public documentation in docs/

Web service API changes

N/A

Tests

Unit tests were added - these tests as well as previous job_priority/authentication tests were moved to test_v1_authorization.py.

@val500 val500 marked this pull request as draft November 14, 2024 21:55
@val500 val500 requested a review from plars November 18, 2024 19:34
@val500 val500 marked this pull request as ready for review November 18, 2024 19:34
plars
plars requested changes Nov 21, 2024
View reviewed changes
docs/explanation/index.rst Show resolved Hide resolved
plars
plars requested changes Nov 21, 2024
View reviewed changes
docs/explanation/authentication.rst Outdated Show resolved Hide resolved
server/src/api/v1.py Outdated Show resolved Hide resolved
@val500 val500 force-pushed the CERTTF-419-Restricted-queues branch from 88844df to 65bbcc8 Compare November 22, 2024 21:54
@val500 val500 requested a review from plars November 22, 2024 22:27
plars
plars requested changes Dec 3, 2024
View reviewed changes
Copy link
Collaborator

@plars plars left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One very minor question, but I think once that's sorted then we can land this - then do some further testing in staging before deployment to production. There's some policy documentation that needs to be written, but I think that's more specific to our own policies of how we use it, so we'll need to sort out where that should go.

server/src/api/v1.py Outdated Show resolved Hide resolved
@val500 val500 force-pushed the CERTTF-419-Restricted-queues branch from 65bbcc8 to 1f693ba Compare December 3, 2024 20:59
@val500 val500 requested a review from plars December 3, 2024 21:00
plars
plars approved these changes Dec 3, 2024
View reviewed changes
Copy link
Collaborator

@plars plars left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good now, let's land and do some further testing in staging.

@val500 val500 merged commit cec3c40 into main Dec 3, 2024
6 checks passed
@val500 val500 deleted the CERTTF-419-Restricted-queues branch December 3, 2024 21:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@plars plars plars approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@val500 @plars