Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable authentication for license files #1071

Merged
merged 7 commits into from
Feb 8, 2024
Merged

Disable authentication for license files #1071

merged 7 commits into from
Feb 8, 2024

Conversation

rjschwei
Copy link
Member

Description

We want to have a where the client, for example SUSEConnect, can display license information to the user prior to registering a specific module or product. With the intend to have this display prior to registration the license file to be displayed cannot be in a path that requires authentication. Update the nginx configuration for Public Cloud setup to skip authentication for the license path.

Fixes # (issue)

Change Type

Please select the correct option.

  • [x ] Bug Fix (a non-breaking change which fixes an issue)
  • New Feature (a non-breaking change which adds new functionality)
  • Documentation Update (a change which only updates documentation)

Checklist

Please check off each item if the requirement is met.

  • I have verified that my code follows RMT's coding standards with rubocop.
  • [ x] I have reviewed my own code and believe that it's ready for an external review.
  • I have provided comments for any hard-to-understand code.
  • I have documented the MANUAL.md file with any changes to the user experience.
  • [x ] RMT's test coverage remains at 100%.
  • If my changes are non-trivial, I have added a changelog entry to notify users at package/obs/rmt-server.changes.

Other Notes

Please use this space to provide notes or thoughts to the team, such as tips on how to review/demo your changes.

@rjschwei
Disable authentication for license files
c7cb42c 
We want to have a where the client, for example SUSEConnect, can display
license information to the user prior to registering a specific module or
product. With the intend to have this display prior to registration
the license file to be displayed cannot be in a path that requires
authentication. Update the nginx configuration for Public Cloud setup to
skip authentication for the license path.
@digitaltom
Copy link
Member

@jesusbv does this make https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 obsolete?

felixsch
felixsch approved these changes Jan 22, 2024
View reviewed changes
Copy link
Contributor

@felixsch felixsch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm 👍

How I reviewed this pull request:

  • Checked the nginx configuration changes
  • Read about the log_not_found option which was new to me

As always, if you think I missed something I should test, please let me know🚀

@SUSE SUSE deleted a comment from suse-tests-pass Jan 24, 2024
@felixsch
Copy link
Contributor

Can I merge this to allow it to be released with 2.15? @rjschwei @jesusbv

@SUSE SUSE deleted a comment from suse-tests-pass Jan 24, 2024
@rjschwei
Copy link
Member Author

Can I merge this to allow it to be released with 2.15? @rjschwei @jesusbv

@felixsch from my perspective yes. However, based on what @digitaltom found https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 this configuration change shouldn't be necessary. I think we should understand why the escape for authentication for the license path doesn't work already.

@jesusbv
Copy link
Collaborator

jesusbv commented Jan 25, 2024

@jesusbv does this make https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 obsolete?

Yes, the auth error happened before reaching that code

@rjschwei
Copy link
Member Author

OK, I think we have all the answers now. @felixsch can you please merge? We can have a conversation about whether or not we want to remove https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 i and that can be handled in a separate PR. Hope this approach is amenable to everyone. Thanks

@felixsch
Copy link
Contributor

sounds good! Will merge this PR when CI is green!

@SUSE SUSE deleted a comment from suse-tests-pass Jan 31, 2024
@SUSE SUSE deleted a comment from suse-tests-fail Feb 7, 2024
@felixsch felixsch merged commit 077e78e into master Feb 8, 2024
3 checks passed
@felixsch felixsch deleted the noauthLicense branch February 8, 2024 11:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixsch felixsch felixsch approved these changes

Assignees

@jesusbv jesusbv

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@rjschwei @digitaltom @felixsch @jesusbv