-
Notifications
You must be signed in to change notification settings - Fork 150
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bug: api/v1/version?include_latest=true
fails behind firewall
#6750
Comments
Related to @aaronsteers this seems like an uncontroversial change. Any objections? |
@dingobar, @tayloramurphy re:
Yes, I agree with this approach. Totally makes sense. Also, and not mutually exclusive with the above, we could add a UI setting called What do you think? |
@aaronsteers I like it 👍 @dingobar we'd love a PR on this if you're willing 😄 |
I'll give it a shot |
I took the liberty of creating a separate issue for it here #6760 as I see it as a separate issue (in fact a FR not a BUG). I submitted a PR here #6761. For the issue at hand, I have a PR hanging here #6751 which I would love to get a review on as well |
Thank you for the issue @dingobar. As you've hopefully heard by now, the Meltano UI has been deprecated, and is scheduled for removal in Meltano 3.0. Since no additional work/improvements for the UI are planned leading up to its removal, I'll be closing this issue. |
Meltano Version
2.6.0
Python Version
3.9
Bug scope
API
Operating System
Linux - Ubuntu 22.04
Description
Not sure if everyone would agree but I file this as a bug. I find this reasonable because meltano should not depend on external metadata to do its job.
When running behind a restrictive firewall,
meltano ui start
succeeds, but fails on request due to callingapi/v1/version?include_latest=true
, which calls out to pypi.org to get the latest version of meltano from there. For environments with strict firewall policies (typically environments with a large amount of critical infrastructure like in our case the telco industry), we cannot open for egress to external domains that are not our own. In these cases, I would like meltano to fail gracefully. In general, it could be worth considering how we will deal with these types of external metadata dependencies going forwards - crash? succeed but fail external calls silently? succeed but log warnings of failed calls? global switch to disable egress requests?Here is the controller code for the endpoint.
Here is where meltano ui calls the endpoint with the
latest_version=true
parameter.Suggested fix
I suggest we simply add a try-except on that call to the endpoint, and return
latest_version: null
if we cannot retrieve the latest version.I don't mind implementing that. I have some time on my hands the coming days too.
Code
The error stacktrace for meltano UI.
The text was updated successfully, but these errors were encountered: