make cc.xml endpoint public, and only list public pipelines #8809
Conversation
a2ee95e to
dc62930
Compare
There was a problem hiding this comment.
Thanks for the PR!
You'll need to add a test for this in the api test suite. You'll want to add tests to this file:
Lines 355 to 363 in d2e262b
You can see the current tests will need to be updated for the non-auth'd workflow.
You can run the tests by running go test ./atc/api/ from the root of the repo, where the go.mod and go.sum files are.
When I try to run the tests against your code I get this error:
┌─[feat-public-ccxml][~/workspace/concourse/concourse]
└─▪ go test ./atc/api/
atc/api/ccserver/get.go:4:2: missing go.sum entry for module providing package code.cloudfoundry.org/lager (imported by github.com/concourse/concourse/atc/api/ccserver); to add:
go get github.com/concourse/concourse/atc/api/ccserver
Actually not sure if this dependency should be changed or not 🤔 Should probably still be "code.cloudfoundry.org/lager/v3". Not sure if your IDE made these suggestions?
I'll leave a few other comments, but adding tests is the big thing that needs to happen here.
|
Thanks @taylorsilva ! |
fa8b6fc to
2f0e7bc
Compare
|
@taylorsilva how would you expect this feature to behave for teams with no public pipelines? 404? 401? 200 with empty XML? |
|
@LukeWinikates 200 with empty xml seems to make the most sense at first glance. I decided to do some research to see if anyone ever did anything like this before. Came across this comment: #5308 (comment) The original PR that added cc.xml has some interesting tidbits about the auth stuff: #2759 |
5b0ea8b to
2366de5
Compare
Thanks for digging! Using the public pipeline concept to determine what cc.xml shows makes intuitive sense to me. It seems as though vito was introducing an idea of uuids so that the badge/cc.xml URL wouldn't reveal the team name, but I'm not sold on the value of that.
I'd be interested in alternatives to CCMenu, but I haven't had luck finding one. We are having trouble managing Slack notifications as a way of observing build errors, and this was the next thing I thought to try. I couldn't find a different cc.xml client for Mac with working install instructions. |
2366de5 to
0d95003
Compare
Signed-off-by: Luke Winikates <winikatesl@vmware.com>
31ca927 to
90546a1
Compare
|
@taylorsilva I just force-pushed this to bring it up to date with master and remove a |
|
@taylorsilva is there anything else I can do to help get this PR ready to merge? |
|
@LukeWinikates sadly not, unless you can make more time in the day for me to get stuff done haha 😅 I had to give a couple interviews at work this week, so my time has been eaten up. All I want to do is make sure the tests are behaving the way we expect them too and then this will be good to merge. Thanks for your patience! |
Signed-off-by: Taylor Silva <dev@taydev.net>
|
Merged! Thanks again for the PR @LukeWinikates |
|
thanks @taylorsilva |
Changes proposed by this PR
closes #
Notes to reviewer
Hi friends - I've never made a concourse PR before, and don't know the codebase well. I am a longtime concourse user.
I want to try out the cc.xml feature, but it requires authentication. This URL should be publicly accessible, because tools like ccmenu don't implement cookie based authentication.
I don't think that this code works quite yet, but I thought there might be value putting a sketch of the solution out there already to get advice sooner.
See also #3979
Release Note
cc.xmlendpoint while unauthenticated