Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add new private channel publishing guardrails #14167

Open
5 tasks
mmitche opened this issue Oct 26, 2023 · 3 comments
Open
5 tasks

Add new private channel publishing guardrails #14167

mmitche opened this issue Oct 26, 2023 · 3 comments
Assignees
@dkurepa
Labels
Ops - Service Maintenance Used to track issues related to maintaining the services .NET Eng Supports

Comments

@mmitche
Copy link
Member

mmitche commented Oct 26, 2023

  • This issue is blocking
  • This issue is causing unreasonable pain

As extra insurance, Arcade publishing should refuse to publish to public endpoints if the commit being published is not anonymously accessible. I could see this implemented in a couple ways:

Darc

  • Darc would attempt to anonymously access to commit of the BAR build id that is about to be published. This would happen locally as well as in CI automation, assuming that a local dev has updated their darc client.
  • If the commit is anonymously accessible, any channel is permissible
  • If the commit is not anonymously accessible, only internal channels are permissible.

Because publishing endpoint data is kept in arcade, this would require some kind of DB addition. On that note, I don't love it.

Arcade

  • The maestro publishing logic would attempt to anonymously access to commit of the BAR build id that is about to be published.
  • For all channels to be published to, if any are public (this metadata is on the channel config) and the commit is not anonymously accessible, we fail.

This method does have one annoying side effect. Dev builds of branches pushed only to AzDO (e.g. for testing arcade changes) would not be able to be published to the public "General Testing" channel. I propose that this would be deal with by adding an override switch to darc that would explicitly pass the "SkipSafetyChecks" parameter to the build task.

Verdict

I think going with the arcade publishing method is best.

Release Note Category

  • Feature changes/additions
  • Bug fixes
  • Internal Infrastructure Improvements

Release Note Description
@mmitche
Copy link
Member Author

mmitche commented Oct 26, 2023

Okay, these guardrails do not need to be 'new'. They existed:

https://github.com/dotnet/arcade/blob/main/src/Microsoft.DotNet.Build.Tasks.Feed/src/PublishArtifactsInManifestBase.cs#L331-L341

@mmitche
Copy link
Member Author

mmitche commented Oct 26, 2023

https://github.com/dotnet/arcade/blob/main/eng/publishing/v3/publish.yml#L166

This is set incorrectly.

@mmitche
Copy link
Member Author

mmitche commented Oct 26, 2023

And the safety check is never executed.

@missymessa missymessa added the Ops - Service Maintenance Used to track issues related to maintaining the services .NET Eng Supports label Nov 16, 2023
@garath garath added the Ops - P2 Operations task, priority 2 label Mar 25, 2024
@garath garath removed the Ops - P2 Operations task, priority 2 label Apr 9, 2024
@dkurepa dkurepa self-assigned this Sep 2, 2024
@dkurepa dkurepa mentioned this issue Sep 3, 2024
Open
1 task
@dkurepa dkurepa mentioned this issue Oct 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dkurepa dkurepa

Labels
Ops - Service Maintenance Used to track issues related to maintaining the services .NET Eng Supports
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@garath @mmitche @missymessa @dkurepa