New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding ApiKeySourceType. #2298
Adding ApiKeySourceType. #2298
Conversation
Codecov Report
@@ Coverage Diff @@
## develop #2298 +/- ##
===========================================
+ Coverage 93.58% 94.29% +0.71%
===========================================
Files 90 97 +7
Lines 6124 7119 +995
Branches 1260 1467 +207
===========================================
+ Hits 5731 6713 +982
- Misses 183 196 +13
Partials 210 210
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for your contributions.
There are some failed tests. Also, you should add the expected output under tests/translator/output/aws-us-gov
and tests/translator/output/aws-cn/
.
@lee-11 I didn't notice the PR was still in draft. I also saw the issue discussing about the behavior of |
Oh, yes. So far so good, but I'm winging it a bit here and could use some guidance. I'm not sure how to test a transformed template can actually be deployed. Is there a convenient way to transform a known good SAM template I have on hand? |
Is there documentation that should be updated with this PR? I've poked around the repo and don't see anything. Sorry for asking; I'm totally unfamiliar with both Python and this repo. |
One way is, for example, in the test template you provided, you can replace the dummy s3 bucket/key with actual s3 bucket/key that exists. Then you can deploy it in CloudFormation (via AWS CLI or in AWS Console).
|
@lee-11 Did you actually get an example to deploy with this change? I did the same type of changes and whilst I could get sam validate to work it failed during sam deploy. |
I did, yes. However my deploy wasn't through the sam cli, but using the Can you provide the details of how you used the SAM cli to test this? |
@hawflau if I may ask, what's the process from here for an external PR? Anything needed from me or that I should be expecting as next steps? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lee-11 Thanks for updating the PR and adding the integration test case. I tried to run it but encountered some failed validations. Could you please check and update accordingly? Thanks
integration/resources/templates/combination/api_with_authorizer_apikey.yaml
Show resolved
Hide resolved
awesome work folks - in what release will we see this fix emerge? |
@sawilde We don't track specific releases, since things outside our control can happen (security patches, non public features, etc). We tend to not combine PRs with some of those processes so we don't accidentally affect others timelines. With that said, we are taking about cutting a release in the coming weeks to get Http IAM auth and some other bug fixes merged out. This PR (more specifically anything in |
Thanks for the update, I'll keep on eye out. Is there a releases thread I could follow? |
@imjustd thanks for the update |
#1274
This PR attempts to make the changes needed to support the feature of API Gateway that allows a Lambda Custom Authorizer to take on the responsibility of identifying the API Key for authorized requests (versus having the client specify the key via the
x-api-key
header). This PR adds the optional string propertyApiKeySourceType
to theAWS:Serverless::Api
and adds validation that it holds one of the two acceptable values:"HEADER"
or"AUTHORIZER"
.To validate this work (I'm not a Python developer, so this is a bit of a learning experience for me) I ran the tests as described in the development guide (i.e.
make pr
). I didn't see any failed tests and the code coverage remained over95%
(this is a very small change, so the impact was minimal), so the "optional" nature of the new property seems correct (backward compatible).I also added a new test for the
AUTHORIZER
use case. The test makes use of correct value since the default is already tested in others.Finally, I added an integration test to verify it all works as intended.
I haven't implemented intrinsic functions since I don't believe they are useful for enumerated values like this. That said, I'm happy to add that in if it makes sense.
Checklist:
make pr
passesI have not added examples for this property since it is a fairly complicated topic to explain (requires an Api, Authorizer, Plan and Key at minimum). Also, it looks like the examples have been moved to another repo.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.