Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bypass authentication for metric endpoints #862

Merged
merged 1 commit into from
Jul 7, 2020
Merged

Bypass authentication for metric endpoints #862

merged 1 commit into from
Jul 7, 2020

Conversation

woop
Copy link
Member

@woop woop commented Jul 6, 2020
edited
Loading

What this PR does / why we need it:

The /metrics and /actuator endpoints require authentication. Most users do not want auth on these utility endpoints, as they will typically not be exposed. This bug fix ensures that security is not applied to these two HTTP endpoints.

Furthermore, the current Auth test suite needs to be extended to actually catch these regressions. It can be tracked here #860

Does this PR introduce a user-facing change?:

NONE

@woop woop added the kind/bug label Jul 6, 2020
@woop woop force-pushed the fix-authentication-bugs branch from 9e32cb4 to 0dee96c Compare July 7, 2020 01:23
@woop woop changed the title Fix authentication bugs with WebSecurity and AuthReaders Bypass Auth for metric endpoints Jul 7, 2020
@woop woop changed the title Bypass Auth for metric endpoints Bypass authentication for metric endpoints Jul 7, 2020
@woop
Copy link
Member Author

woop commented Jul 7, 2020

/test test-end-to-end-auth

@feast-ci-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: pyalex, woop

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@pyalex
Copy link
Collaborator

pyalex commented Jul 7, 2020

/lgtm

@woop
Copy link
Member Author

woop commented Jul 7, 2020

/test test-end-to-end-batch

@feast-ci-bot feast-ci-bot merged commit beed7e5 into feast-dev:master Jul 7, 2020
@feast-ci-bot
Copy link
Collaborator

@woop: The following test failed, say /retest to rerun them all:

Test name Commit Details Rerun command
test-end-to-end-auth 0dee96c link /test test-end-to-end-auth

Full PR test history

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@mrzzy mrzzy mentioned this pull request Aug 6, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pyalex pyalex pyalex approved these changes

@davidheryanto davidheryanto Awaiting requested review from davidheryanto

@khorshuheng khorshuheng Awaiting requested review from khorshuheng

@zhilingc zhilingc Awaiting requested review from zhilingc

Assignees

@pyalex pyalex

Labels
approved kind/bug lgtm size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@woop @feast-ci-bot @pyalex