[v15] Set default access request TTL to 1 week. #39509
Conversation
lib/services/access_request_test.go
Outdated
There was a problem hiding this comment.
actually, any reason why we removed this test? i ran into an issue where user is able to request a pending TTL pass their access expiry, and am looking at this test and I think it could've caught the problem? 😅
There was a problem hiding this comment.
I think this went through a ton of iterations and got pretty confused by the end, so I'll see if I can restore this.
There was a problem hiding this comment.
i attempted a fix (i was already working on it to test my ui changes): #39548
mdwn
force-pushed
the
bot/backport-35799-branch/v15
branch
from
ae34f16
to
c157813
Compare
|
I notice a lot of checks are failing, @mdwn is it worth reviewing now or should I hold off until you have a chance to fix things? |
|
I'll take a look shortly. I'll ping when this is ready. |
The TTL for a request now defaults to 1 week. This will allow reviewers more time to review an access request before it disappears. Co-authored-by: Lisa Kim <lisa@goteleport.com>
mdwn
force-pushed
the
bot/backport-35799-branch/v15
branch
from
c157813
to
141fad9
Compare
* Prevent setting pending request TTL pass the access expiry time * Allow setting max duration less than sessionTTL when role max_duration is not set * Add more test, clarify comment * Remove unused params * Add a test for respecting both pending and max duration request * Add a fakeclock to fix access request time diff check differences
mdwn
force-pushed
the
bot/backport-35799-branch/v15
branch
from
141fad9
to
4885dab
Compare
|
@ibeckermayer This should be good to go now. This is mine and @kimlisa's fixed together. |
|
@kimlisa has verified this fix, so I've removed the do-not-merge tag. |
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
|
/excludeflake * |
Backport #35799 to branch/v15
Includes Lisa's fix: #39548
changelog: Access Request TTLs default to 1 week.