8000 Add id-token write permisson for deploying db docs by kathy-t · Pull Request #6047 · dockstore/dockstore · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Add id-token write permisson for deploying db docs #6047

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Dec 5, 2024
Merged

Add id-token write permisson for deploying db docs #6047

merged 3 commits into from
Dec 5, 2024

Conversation

kathy-t
Copy link
Contributor
@kathy-t kathy-t commented Dec 5, 2024
edited
Loading

Description
Follow-up to #6043, where I removed the id-token: write permissions because I thought it was only used for deploying the image. Turns out it's needed for deploying the DB docs (see the error in the Annotations section here). The error didn't pop up until I merged the PR to the develop branch because the job only runs for the develop branch.

Review Instructions
DB docs should be deployed for the develop branch

Issue
https://ucsc-cgl.atlassian.net/browse/SEAB-6771

Security and Privacy

If there are any concerns that require extra attention from the security team, highlight them here and check the box when complete.

  • Security and Privacy assessed

e.g. Does this change...

  • Any user data we collect, or data location?
  • Access control, authentication or authorization?
  • Encryption features?

Please make sure that you've checked the following before submitting your pull request. Thanks!

  • Check that you pass the basic style checks and unit tests by running mvn clean install
  • Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket.
  • Follow the existing JPA patterns for queries, using named parameters, to avoid SQL injection
  • If you are changing dependencies, check the Snyk status check or the dashboard to ensure you are not introducing new high/critical vulnerabilities
  • Assume that inputs to the API can be malicious, and sanitize and/or check for Denial of Service type values, e.g., massive sizes
  • Do not serve user-uploaded binary images through the Dockstore API
  • Ensure that endpoints that only allow privileged access enforce that with the @RolesAllowed annotation
  • Do not create cookies, although this may change in the future
  • If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.

@kathy-t kathy-t self-assigned this Dec 5, 2024
@codecov Codecov
Copy link
codecov bot commented Dec 5, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 74.53%. Comparing base (2ccfcbb) to head (3ed701d).
Report is 1 commits behind head on develop.

Additional details and impacted files 
@@            Coverage Diff             @@
##             develop    #6047   +/-   ##
==========================================
  Coverage      74.53%   74.53%           
  Complexity      5535     5535           
==========================================
  Files            381      381           
  Lines          19922    19922           
  Branches        2057     2057           
==========================================
  Hits           14849    14849           
  Misses          4085     4085           
  Partials         988      988
Flag Coverage Δ
bitbuckettests 26.50% <ø> (ø)
hoverflytests 27.96% <ø> (ø)
integrationtests 56.61% <ø> (ø)
languageparsingtests 10.99% <ø> (ø)
localstacktests 21.40% <ø> (ø)
toolintegrationtests 30.24% <ø> (ø)
unit-tests_and_non-confidential-tests 25.93% <ø> (ø)
workflowintegrationtests 38.07% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@kathy-t
Revert "Test that it works"
3ed701d 
This reverts commit 737f595.
@sonarqubecloud SonarQubeCloud
Copy link
sonarqubecloud bot commented Dec 5, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@kathy-t kathy-t merged commit 71241f4 into develop Dec 5, 2024
24 checks passed
@kathy-t kathy-t deleted the feature/seab-6771/reusable-deploy-image branch December 5, 2024 18:07
denis-yuen pushed a commit that referenced this pull request Dec 11, 2024
@kathy-t @denis-yuen
Add id-token write permisson for deploying db docs (#6047)
7a0277d 
https://ucsc-cgl.atlassian.net/browse/SEAB-6771
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@coverbeck coverbeck coverbeck approved these changes

@denis-yuen denis-yuen denis-yuen approved these changes

@svonworl svonworl Awaiting requested review from svonworl

Assignees

@kathy-t kathy-t

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kathy-t @coverbeck @denis-yuen
0