feat: add GET /templates/{templateID}/tags endpoint#1904
Conversation
…tags The SDK needs a way to list all tags for a template. This adds the missing list endpoint alongside the existing assign (POST) and delete (DELETE) ones.
beran-t
requested review from
ValentaTomas,
dobrac and
jakubno
as code owners
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 74d68ad24e
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| case template.TeamID != team.ID: | ||
| telemetry.ReportError(ctx, "user doesn't have access to the template", nil, telemetry.WithTemplateID(templateID)) | ||
| a.sendAPIStoreError(c, http.StatusForbidden, fmt.Sprintf("You don't have access to this sandbox template (%s)", templateID)) | ||
|
|
There was a problem hiding this comment.
When a caller from a different team requests this endpoint, the handler returns 403 (template.TeamID != team.ID), but the new OpenAPI operation and generated client response type only model 200/401/404/500 (spec/openapi.yml and GetTemplatesTemplateIDTagsResponse in api.gen.go). In that cross-team scenario, SDK users lose typed error handling for a normal authorization outcome, which is a contract mismatch introduced with this endpoint.
Useful? React with 👍 / 👎.
- Deduplicate tags using DISTINCT ON to return only the latest assignment per tag - Support template names/aliases via ResolveAlias instead of direct ID lookup - Add 403 response to OpenAPI spec for cross-team access denial
3 participants
Summary
GET /templates/{templateID}/tagsAPI endpoint that returns all tags assigned to a template, each with its associated build ID and creation timestampListTemplateTagsSQL query and updates the OpenAPI spec with aTemplateTagresponse schemaPOST /templates/tags(assign) andDELETE /templates/tags(delete) endpoints so the SDK can list tags