This repository has been archived by the owner on Apr 17, 2023. It is now read-only.
api: added a bootstrap endpoint #1681
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mssola
force-pushed
the
api-bootstrap
branch
from
85516d4
to
cddb8fa
Compare
mssola
force-pushed
the
api-bootstrap
branch
2 times, most recently
from
5933d1d
to
6baf1d8
Compare
|
@vitoravelino this is passing now (with the second commit I'm fixing a silly issue with how we call rubocop so Travis is green). |
Is this a new github feature? Force rebase even if there's no conflict... |
I think it is. It's a new option from the repo settings, and we have it enabled (which kinda makes sense) |
This new endpoint lives inside of the user namespace and its main goal is to allow people to create the first admin user from the API. This endpoint is only allowed if the `first_user_admin` option has not been disabled. Another restriction is that there shouldn't be a user already created. Last but not least, this method can be called without being authenticated. In the ideal case, you would call this method when you just started your Portus instance. Then, you will get the first user created (same arguments as `POST /api/v1/users`) and it will also get an application token assigned to it. The reponse will be the `plain_token` from the application token. Thus, the whole point of this method is to follow this workflow: 1. Portus instance deployed. 2. Admin uses this bootstrap endpoint to create the admin user and get an application token. 3. With this application token the admin starts to administrate the instance (e.g. register the registry on Portus) entirely from the API. 4. Admin makes the Portus instance available inside of the organization and starts structuring it inside of Portus. Finally, this commit also started to make error responses more uniform. This was firstly done to DRY some of the code created by this feature. It probably needs more work (see SUSE#1437). See SUSE#1412 Signed-off-by: Miquel Sabaté Solà <[email protected]>
I've also added the -x flag so it's more obvious what's failing. Signed-off-by: Miquel Sabaté Solà <[email protected]>
| bad_request!(application_token.errors) | ||
| end | ||
| else | ||
| bad_request!(user.errors) |
There was a problem hiding this comment.
Shouldn't this be unprocessable_entity?
| status 201 | ||
| { plain_token: plain_token } | ||
| else | ||
| bad_request!(application_token.errors) |
vitoravelino
approved these changes
Mar 15, 2018
|
The 400 vs 422 case will be moved into another PR, as discussed internally. |
mssola
added a commit
that referenced
this pull request
Mar 20, 2018
See #1729 See #1681 Signed-off-by: Miquel Sabaté Solà <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This new endpoint lives inside of the user namespace and its main goal is to
allow people to create the first admin user from the API. This endpoint is only
allowed if the
first_user_adminoption has not been disabled. Anotherrestriction is that there shouldn't be a user already created. Last but not
least, this method can be called without being authenticated.
In the ideal case, you would call this method when you just started your Portus
instance. Then, you will get the first user created
(same arguments as
POST /api/v1/users) and it will also get an applicationtoken assigned to it. The reponse will be the
plain_tokenfrom the applicationtoken. Thus, the whole point of this method is to follow this workflow:
application token.
instance (e.g. register the registry on Portus) entirely from the API.
starts structuring it inside of Portus.
Finally, this commit also started to make error responses more uniform. This was
firstly done to DRY some of the code created by this feature. It probably needs
more work (see #1437).
See #1412
Signed-off-by: Miquel Sabaté Solà [email protected]