-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add allow list #373
Add allow list #373
Conversation
Can one of the admins verify this patch? |
fa15d2b
to
3c14ebc
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is awesome! I like that it's documented and fully functional (hopefully, no test coverage, I will get to this later).
I put my observations inline, my main thoughts are: reading the file must be elsewhere and we should make sure that this doesn't add much burden when defining new distros (therefore I proposed restricted distributions and globs in the allow list). Otherwise, these are just minor Go things that you didn't know.
The other big missing thing is testing - we should try to cover everything as much as possible, unit testing is fine.
Anyway, thanks for your work, and I'm happy to discuss everything in more depth if needed. :)
7a687a2
to
96e4497
Compare
29617b3
to
2912116
Compare
2912116
to
325d438
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, we are getting really close, this is exciting, thank you! :)
7370eb7
to
f39a2b9
Compare
Adds an allow list for distributions that verifies that a compose request's distribution is valid for the requesting account. Validation is done using the account's orgId, which is cross referenced against an allow list file pointed to by the ALLOW_FILE environment variable. If no ALLOW_FILE environment variable is set, then an empty allow list is used as a default value.
f39a2b9
to
7d41e0c
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is great, thank you!
Adds an allow list for distributions that verifies that a compose
request's distribution is valid for the requesting account. Validation
is done using the account's orgId, which is cross referenced against an
allow list file pointed to by the ALLOW_FILE environment variable. If no
ALLOW_FILE environment variable is set, a set of fallback default values
is used.