Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need to authorise Vercel deployment for PR created by developers not having access to the organization Vercel #43

Closed
shivaylamba opened this issue Apr 21, 2022 · 6 comments
Closed

Need to authorise Vercel deployment for PR created by developers not having access to the organization Vercel #43

shivaylamba opened this issue Apr 21, 2022 · 6 comments

Comments

@shivaylamba
Copy link
Contributor

image
At the moment any PR not created by me in the demos, repo says that the check for the tenant token demo in vercel needs to be verified by the authorized person and the check fails.
While for other demos it works fine
@nicolasvienot
Copy link
Member

nicolasvienot commented Apr 21, 2022
edited
Loading

Hi @shivaylamba!

I just made a PR to try and figure out what was the problem. I think I figured it out.

The difference between the tenant-token demo and all the other demos in Vercel is that the tenant-token demo is using environment variables stored in Vercel.
So as a security, any commit not coming from a Vercel member of the tenant-token project is by default not authorized to deploy a preview.

I think you can disable this security behavior in your Vercel project in /settings/security. You will find a section Git Fork Protection.

Also, I would advise you to set up specific environment variables for Production, Preview and Development.

Let me know if this is not clear, if you need more information or if this fixes your issue! 😄

🦭

@nicolasvienot nicolasvienot mentioned this issue Apr 21, 2022
Merged
3 tasks
@nicolasvienot
Copy link
Member

Hey @meilisearch/devrel-team, did it fix your issue?

@ferdi05
Copy link
Contributor

ferdi05 commented May 17, 2022

no idea, do you @shivaylamba ?

@nicolasvienot nicolasvienot removed their assignment May 17, 2022
@shivaylamba
Copy link
Contributor Author

This should be fixed, since I followed the steps as suggested by @nicolasvienot to configure the setting in Vercel for the project.

@nicolasvienot
Copy link
Member

Hi @meilisearch/devrel-team,

After a talk with @CaroFG I wanted to get back to this issue and the way we handled it.
Be aware that disabling the Git Fork Protection on Vercel might cause security issue if you have the same environment variables in your preview, staging and production environment.

It means that anyone can trigger a deployment in Preview mode by creating a PR in this repository, and this PR will have access to your environment variables. If there is any sensitive information there (Meilisearch master key or private key for example), you should either only use them in production or find another way to handle them. Let me know if you need any help with that.

See vercel post here

@ferdi05
Copy link
Contributor

ferdi05 commented Jun 9, 2022

cc @shivaylamba @oluademola
I let you all and @CaroFG handle this, it's out of my expertise area

@chirag-63 chirag-63 mentioned this issue Jul 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ferdi05 @shivaylamba @nicolasvienot