Browser IDP - Configure Browser IDP to automatically install Playwright Browser Drivers per old behavior <= 2.36.4 #1006
Conversation
xinkecf35
changed the title
|
Codecov ReportAttention: Patch coverage is
❗ Your organization needs to install the Codecov GitHub app to enable full functionality. Additional details and impacted files@@ Coverage Diff @@
## master #1006 +/- ##
==========================================
+ Coverage 36.33% 36.40% +0.06%
==========================================
Files 52 52
Lines 7530 7546 +16
==========================================
+ Hits 2736 2747 +11
- Misses 4412 4415 +3
- Partials 382 384 +2
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
There was a problem hiding this comment.
This is good, and it was by design that we do not impose the downloading of the playwright during the login process. From my analysis, it appears that the upstream project doesn't check or store info which allows it to invalidate the cache on upgrade, something that has been an issue on the upstream project: playwright-community/playwright-go#236
I see two solutions here:
- Either way check that the binary exists and only download if it doesn't
- Document the presence of playwright as a requisite library
- Find a way to bundle both of them so they are installed together.
@briantist / @gliptak - any thoughts?
|
Hey @mapkon I'd like to help where I can, but I've actually never used golang and I'm not really familiar with the code in this project. I do have a lot of experience with GitHub Actions though, so hopefully I can continue to assist in those areas! |
No worries! Thanks for clarifying. I would still want your thoughts on whether documentation or auto-download is the way forward here? |
|
I can speak to what I observed working through the patch. The downloads are fairly sizeable, so it is a lot of overhead to force for each interaction. On the other side, the cache expiration is unclear. Would separating the download (allowing for external "cache refresh") be large impact? |
|
mapkon/gliptak, yeah that's reasonable for not wanting to bake in the browser download anymore, at least in the exact way it was before with old version of playwright. As another option, how palatable would be to have an option specific to IDP browser option or even a separate command to ask to install the driver? Focusing largely as an user experience, it feels less "irritating" if one needs to acquire drivers to invoke a specific option on the saml2aws instead being surprised to needing acquiring tooling/toolchains that may not even use on a daily basis. |
|
including this with reading through both flags and commands, both don't seem to offer provider specific overrides. |
How about we document it? I am not really sure about downloading dependencies to enact the basic functionality of the program, which is login? |
|
download outside |
|
@wolfeidau We are starting to get users reporting issues related to the playwright dependency not downloading, something that affects the functioning of the app. How do you suggest we proceed on this? |
xinkecf35
force-pushed
the
fix-browser-idp-auto-download
branch
from
f046cbb
to
ae4b316
Compare
Need to figure out: - how to set loginDetails - integrate flag overrides with the creation of IDPAccount value - test for all of the changes.
|
Just to provide a suggestion as a way to move forward: Perhaps add a new configuration property to the config called Or maybe even a flag on |
I think this is a superb middle ground. Let's go with this! |
Not the best thing to do since it brings us back to almost square one. Just the easiest thing I can think of before seriously breaking other parts of the interface/trying to figure out how to assert that playwright.Install() was called
| @@ -39,7 +39,8 @@ func TestValidate(t *testing.T) { | |||
| client, err := New(account) | |||
| assert.Nil(t, err) | |||
| loginDetails := &creds.LoginDetails{ | |||
| URL: "https://google.com/", | |||
| URL: "https://google.com/", | |||
| DownloadBrowser: true, | |||
There was a problem hiding this comment.
is there a way to test fail without download?
There was a problem hiding this comment.
In a word, yes. It should be easy to copy/paste this test without the flag set and check if the error is not nil since I believe that's how the error is being propagated up to the user.
There was a problem hiding this comment.
Okay, so I've added the test, though the change was larger than I had thought it'll be.
I have added a new config parameter to allow one to set the directory that Playwright installs into though I've purposely not documented it.
I did this way because otherwise my test was going to be sensitive if a previous test ran and installed playwright before this test which introduces all sorts of headaches. Also couldn't think of a clean way to tear that down without being a royal pain to do so.
So instead, you technically can now choose where you download the drivers to, defaulting to the default location if you don't care.
There was a problem hiding this comment.
I left the existing test so that it downloads the drivers to the default location though an argument could be made it shouldn't.
| } | ||
|
|
||
| func (cl *Client) Authenticate(loginDetails *creds.LoginDetails) (string, error) { | ||
|
|
||
| // Optionally download browser drivers if specified | ||
| if loginDetails.DownloadBrowser { |
There was a problem hiding this comment.
will this (re)download/install at every run?
There was a problem hiding this comment.
It shouldn't re-download since playwright-go does have that caching mechanism. Just by manually invoking the relevant playwright install command it doesn't re-download the binary, at least not without first nuking the relevant cache.
With this code, if you were to set it in the config file, it would functionally bring you back to the 2.36.4 behavior where it always checks if you have the drivers or not. If you do, it outputs the relevant message about how the drivers are installed but with no progress bar for downloading the binaries.
Alternatively, if you don't set it in the config, it will only download the driver if you set the relevant flag.
…y invoked Not super great a testing detail is leaked out to the config, but seems the cleanest way to do it without breaking the client creation function
|
@gliptak Thoughts? |
|
Any way to pass a flag during 'saml2aws configure' that would set the 'download_browser_driver = true' to the config file? |
|
@mikex99 I recommend targeting |
|
When will a new version with this merge be released? |
We are organizing a test of the current codebase. Please see here: #1029 (comment) If you can spend sometime to test out the current master and ascertain release readiness, I will appreciate |
I can test, but I would need a binary to test with. |
Description
This PR seeks to have the browser IDP option to once again automatically download Browser Drivers as was the default behavior for saml2aws versions <= 2.36.4
This PR would functionally close #1005
Motivation
When saml2aws was upgraded to 2.36.5 and using the IDP option of
Browser, one would get this failure message:It appears that as part of upgrading browser binaries and thus playwright as part of issue #952 and PR #982 introduced a version of playwright-go that had breaking change to the underlying playwright driver that will no longer automatically acquire browser drivers.
Per the breaking change notice in playwright-go, this PR seeks to add the API Install method of acquiring the browser driver.
Alternatives
Alternatively, instead of baking in the install, the README could be updated to reflect this requirement, and have the user on their own acquired the driver via either the playwright-go CLI or the upstream Playwright Typescript project.
This however does add friction to use saml2aws, especially if one is using a package manager like Homebrew or Chocolatey, i.e. needing to on top of acquiring saml2aws via the documented means to also separately acquire Go Tools or NPM/NPX/Node to acquire playwright driver.
Additional Comments
The author recognizes the implementation is somewhat naive in that it gives no configuration to avoid downloading the drivers which might desirable, e.g. avoid re-downloading drivers for CI/CD tests