This repository was archived by the owner on Jul 1, 2024. It is now read-only.
porcelain: allow optional headers and low-level SDKOptions #26
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
srenatus
force-pushed
the
sr/high-level-low-level
branch
from
73ee59e to
8c46e96
Compare
srenatus
commented
Apr 11, 2024
| import rego.v1 | ||
| default allow := false | ||
| allow if input.method == "PUT" |
Contributor
Author
There was a problem hiding this comment.
Policy PUT calls happening later in the test setup.
srenatus
commented
Apr 11, 2024
| default allow := false | ||
| allow if input.method == "PUT" | ||
| allow if input.path[0] == "health" |
Contributor
Author
There was a problem hiding this comment.
Health check, needed for wait strategy
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
srenatus
commented
Apr 11, 2024
Comment on lines
+40
to
+41
| allow if input.path[2] == "test" | ||
| allow if input.path[2] == "has" |
Contributor
Author
There was a problem hiding this comment.
Existing tests' prefixes
srenatus
commented
Apr 11, 2024
Comment on lines
+42
to
+45
| allow if { | ||
| input.path[2] = "token" | ||
| input.identity = "opensesame" | ||
| } |
Contributor
Author
There was a problem hiding this comment.
New test: requests for /v1/data/token/* only work with a proper authorization header (bearer token)
srenatus
commented
Apr 11, 2024
| content: authzPolicy, | ||
| target: "/authz.rego", | ||
| }, | ||
| ]) |
Contributor
Author
There was a problem hiding this comment.
The system authz policy needs to be loaded when the server is started
srenatus
changed the title
Contributor
Author
|
I'll fix those conflicts tomorrow 🤞 |
srenatus
force-pushed
the
sr/high-level-low-level
branch
from
8c46e96 to
420d88c
Compare
srenatus
changed the title
| }); | ||
|
|
||
| it("allows custom headers", async () => { | ||
| const authorization = "Bearer opensesame"; |
Check failure
Code scanning / CodeQL
Hard-coded credentials
Including a test for each of them. Signed-off-by: Stephan Renatus <stephan@styra.com>
srenatus
force-pushed
the
sr/high-level-low-level
branch
from
420d88c to
954bfae
Compare
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Let's make sure this is somewhat aligned among the different SDKs... 👀