Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to expose artifacts feature on Travis web/api #17

Open
shawnzhu opened this issue Jan 20, 2017 · 5 comments
Open

How to expose artifacts feature on Travis web/api #17

shawnzhu opened this issue Jan 20, 2017 · 5 comments
Labels
question

Comments

@shawnzhu
Copy link
Owner

I've made travis-build to provide an addon to enable travis-worker uploading artifacts into artifacts server via a JWT token. There're two options in my mind to expose artifacts meta info to travis-web:

  1. add new api endpoint in travis-api like /api/jobs/<job-id>/artifacts so Travis web can pick up artifacts meta info via existing authentication of travis-api. Then the architecture design is, travis-api will serve as gateway of artifacts server for all API traffic.
  2. add the authentication method used by travis-api today to this artifacts server so that travis-web can redirect user to artifacts server directly. Then the artifacture design is, artifacts-server needs to access Redis and/or Postgres database of Travis CI.

@josh @meatballhat @rkh comments?
@shawnzhu
Copy link
Owner Author

shawnzhu commented Jan 26, 2017
edited
Loading

I've managed to made option 2 via shawnzhu/travis-web@3765ce4

  • issue a JWT to user from travis-web by configuring a private key in travis-web
  • a user agent of travis-web will talk to the artifacts server via CORS

So far, the problem is user has to acquire a new JWT from travis-web after JWT expires.

@shawnzhu
Copy link
Owner Author

This is an important question needs an answer because the design that a Travis CI user interacts with artifacts data determines the architecture:

  • using user-to-server JWT token or server-to-server JWT token.
  • how to access artifacts feature via Travis CLI.

These are generated from internal feedback from Travis CI enterprise users.

@joshk
Copy link

joshk commented Mar 19, 2017

Hey @shawnzhu

I'm sorry for my delayed feedback. Maybe we can setup a call to go over any remaining questions?

@shawnzhu
Copy link
Owner Author

shawnzhu commented Mar 23, 2017
edited
Loading

Summary

@joshk suggests travis-web sends API calls to Artifacts server directly.

  • API calls contains a Travis API token like API calls to travis-api
  • when processing this request in artifacts server, it will send a request to URI /repos/{repo-slug} of travis-api with the API token to do authentication and perform access control (whether user can access the repo associated with build job)
  • no changes to travis-api

There are also good inputs on improvements:

@joshk
Copy link

joshk commented Mar 23, 2017

Thanks for writing this up @shawnzhu

I believe the URL would need to be /job/:id as that is the only thing kept in the DB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@joshk @shawnzhu