Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Authentication and Authorization for feast serving #865

Merged
merged 8 commits into from
Jul 29, 2020
Merged

Add Authentication and Authorization for feast serving #865

merged 8 commits into from
Jul 29, 2020

Conversation

jmelinav
Copy link
Collaborator

@jmelinav jmelinav commented Jul 8, 2020
edited
Loading

What this PR does / why we need it:
PR enables authentication and authorization for feast serving, configurations remain same as feast core's authentication and authorization configuration.
Which issue(s) this PR fixes:

Fixes #823

Does this PR introduce a user-facing change?:Yes

The following params on python sdk "Client" object has been renamed. 
params "core_enable_auth", "core_auth_provider" and "core_auth_token" 
has been renamed to "enable_auth", "auth_provider" and "auth_token" respectively. 
Now same params are used for enabling auth on both core and serving connections.

It doesn't break if auth is enabled only on core and not on serving. 
However client will pass the auth metadata to serving as well.

action required : If deployment has auth enabled, 
then python sdk "Client" object references should be updated to use new params.

@feast-ci-bot
Copy link
Collaborator

Hi @jmelinav. Thanks for your PR.

I'm waiting for a feast-dev member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dr3s dr3s added kind/feature New feature or request and removed needs-kind labels Jul 8, 2020
@jmelinav jmelinav changed the title WIP:Authentication for feast serving Add Authentication and Authorization for feast serving Jul 9, 2020
@jmelinav
Copy link
Collaborator Author

jmelinav commented Jul 9, 2020

/assign @pyalex

@dr3s
Copy link
Collaborator

dr3s commented Jul 9, 2020

/lgtm

@dr3s
Copy link
Collaborator

dr3s commented Jul 9, 2020

/ok-to-test

@jmelinav
Copy link
Collaborator Author

jmelinav commented Jul 9, 2020

/test test-end-to-end-auth

@jmelinav
Copy link
Collaborator Author

jmelinav commented Jul 9, 2020

/test test-end-to-end-batch

@jmelinav
Copy link
Collaborator Author

/test test-end-to-end-auth

@jmelinav
Copy link
Collaborator Author

/test test-end-to-end-batch-dataflow

@feast-ci-bot
Copy link
Collaborator

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: dr3s, jmelinav
To complete the pull request process, please assign pyalex
You can assign the PR to them by writing /assign @pyalex in a comment when ready.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@dr3s
Copy link
Collaborator

dr3s commented Jul 28, 2020

/test-end-to-end

@dr3s
Copy link
Collaborator

dr3s commented Jul 28, 2020

/retest

@jmelinav
Copy link
Collaborator Author

/test test-end-to-end-batch-dataflow

@dr3s
Copy link
Collaborator

dr3s commented Jul 28, 2020

/lgtm

@feast-ci-bot
Copy link
Collaborator

New changes are detected. LGTM label has been removed.

@feast-ci-bot feast-ci-bot removed the lgtm label Jul 29, 2020
@feast-ci-bot
Copy link
Collaborator

feast-ci-bot commented Jul 29, 2020
edited
Loading

@jmelinav: The following test failed, say /retest to rerun them all:

Test name Commit Details Rerun command
test-end-to-end-batch-dataflow aae07e5 link /test test-end-to-end-batch-dataflow

Full PR test history

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@dr3s
Copy link
Collaborator

dr3s commented Jul 29, 2020

/test test-end-to-end-redis-cluster

@dr3s dr3s merged commit 4ed5cda into feast-dev:master Jul 29, 2020
@jmelinav jmelinav deleted the feast-serving-auth branch July 29, 2020 17:21
@mrzzy mrzzy mentioned this pull request Aug 2, 2020
Merged
pyalex pushed a commit that referenced this pull request Aug 2, 2020
@jmelinav
Add Authentication and Authorization for feast serving (#865)
e11d860 
* Authentication and authorization for feast serving, squashed on 07/21

* fix e2e, add metadata plugin in jobs, merge labels, auth failure test, removed unwanted expire time validation from gauth.

* fix rebase adaption.

* Fix core integration test.

* Authentication integration test.

* Add authorization test and minor refactoring.

* fix failing integration test.

* fix lint error.
@mrzzy mrzzy mentioned this pull request Aug 16, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@woop woop woop left review comments

@mrzzy mrzzy mrzzy left review comments

@dr3s dr3s dr3s approved these changes

@davidheryanto davidheryanto Awaiting requested review from davidheryanto

@khorshuheng khorshuheng Awaiting requested review from khorshuheng

@pyalex pyalex Awaiting requested review from pyalex

@zhilingc zhilingc Awaiting requested review from zhilingc

Assignees

@dr3s dr3s

@pyalex pyalex

Labels
kind/feature New feature or request ok-to-test size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Authentication and Authorization for feast serving
6 participants
@jmelinav @feast-ci-bot @dr3s @woop @mrzzy @pyalex