Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: monitor whether API Authentication has been enabled #4235

Merged
merged 14 commits into from
Feb 9, 2022
Merged

feat: monitor whether API Authentication has been enabled #4235

merged 14 commits into from
Feb 9, 2022

Conversation

anmonteiro
Copy link
Contributor

πŸŽ‰ Thanks for submitting a pull request! πŸŽ‰

Summary

Fixes #4226

For us to review and ship your PR efficiently, please perform the following steps:

  • Open a bug/issue before writing your code πŸ§‘β€πŸ’». This ensures we can discuss the changes and get feedback from everyone that should be involved. If you`re fixing a typo or something that`s on fire πŸ”₯ (e.g. incident related), you can skip this step.
  • Read the contribution guidelines πŸ“–. This ensures your code follows our style guide and
    passes our tests.
  • Update or add tests (if any source code was changed or added) πŸ§ͺ
  • Update or add documentation (if features were changed or added) πŸ“
  • Make sure the status checks below are successful βœ…

A picture of a cute animal (not mandatory, but encouraged)

@anmonteiro anmonteiro requested a review from sgrove February 8, 2022 22:34
@anmonteiro anmonteiro added the type: feature code contributing to the implementation of a feature and/or user facing functionality label Feb 8, 2022
@github-actions
Copy link

github-actions bot commented Feb 8, 2022
edited
Loading

πŸ“Š Benchmark results

Comparing with cb5f302

Package size: 438 MB

⬇️ 0.00% decrease vs. cb5f302

^  440 MB  441 MB                                                                                  438 MB 
β”‚   β”Œβ”€β”€β”    β”Œβ”€β”€β”                                                                                    β”Œβ”€β”€β”  
β”‚   |  |    |  |                                                                                    |β–’β–’|  
β”‚ ──┼──┼────┼──┼───377 MB──377 MB──377 MB──377 MB──377 MB──377 MB──377 MB──377 MB──377 MB──377 MB───|β–’β–’|──
β”‚   |  |    |  |    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    β”Œβ”€β”€β”    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
β”‚   |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |  |    |β–’β–’|  
└───┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴────┴──┴──>
    T-12    T-11    T-10    T-9     T-8     T-7     T-6     T-5     T-4     T-3     T-2     T-1      T
Legend

@anmonteiro anmonteiro changed the title Monitor whether API has been enabled while running the local functions server feat: monitor whether API Authentication has been enabled Feb 8, 2022
sgrove
sgrove reviewed Feb 8, 2022
View reviewed changes
src/lib/functions/server.js
// XXX(anmonteiro): this name is deprecated. Delete after 3/31/2022
const jwt = generateNetlifyGraphJWT(config.netlifyGraphConfig)
event.authlifyToken = jwt
event.netlifyGraphToken = jwt
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should get the changes ported to nf-server and proxy soon as well

Copy link
Contributor

@sgrove sgrove Feb 9, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similarly, anywhere we inject ONEGRAPH_AUTHLIFY_TOKEN in the env we should also inject NETLIFY_GRAPH_TOKEN so we're future-proof for the public launch.

But that can be a follow-on PR, best if it isn't done here.

@sgrove
Copy link
Contributor

sgrove commented Feb 8, 2022

@anmonteiro Looks like some relevant tests might have been affected.

sgrove
sgrove previously approved these changes Feb 9, 2022
View reviewed changes
Copy link
Contributor

@sgrove sgrove left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

erezrokah
erezrokah reviewed Feb 9, 2022
View reviewed changes
src/lib/functions/server.js Outdated
// performance optimization, load express on demand
// eslint-disable-next-line node/global-require
const express = require('express')
// eslint-disable-next-line node/global-require
const expressLogging = require('express-logging')
const app = express()
const functionHandler = createHandler({ config, functionsRegistry })
const functionHandler = await createHandler(options)
Copy link
Contributor

@erezrokah erezrokah Feb 9, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

createHandler is not async so this await seems redundant? unless we should be awaiting startPollingForAPIAuthentication here https://github.com/netlify/cli/pull/4235/files#diff-de106b743be68ae2e9146d09931f894e258783a68db916a6d0e39e3908b28c84R90

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This might be an artifact from a previous version of the code. Let me see if it can be safely removd.

erezrokah
erezrokah reviewed Feb 9, 2022
View reviewed changes
src/lib/functions/server.js
delete config.authlify
}

setTimeout(helper, frequency)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have we considered using https://github.com/sindresorhus/p-wait-for#p-wait-for to abstract the polling part?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As an aside, isn't it better to reduce the number of dependencies, especially for code that's so small like this and does what we need? It'll help cut down on renovate PRs, ongoing security issues, etc.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We already have it as a dependency so package size will remain the same

cli/package.json

Line 283 in 7251872

"p-wait-for": "^3.0.0",

Whether we should inline dependencies or not has been discussed before, and you can see a good explanation on the reasons we've chosen to prefer well maintained, well tested, small, single purpose packages here.
I don't believe inlining the code will reduce security issues. Using a well maintained package ensures any security issue is reported and known to us. I don't believe that would be the case when inlining.

Happy to discuss this again in an issue though if you'd like to open one.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sounds like a good improvement to make as a follow-up PR. I'm opening an issue to change our pollers in Graph to use p-wait-for.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#4256

@anmonteiro anmonteiro mentioned this pull request Feb 9, 2022
Open
@anmonteiro anmonteiro added the automerge Add to Kodiak auto merge queue label Feb 9, 2022
@kodiakhq kodiakhq bot merged commit 437c225 into main Feb 9, 2022
@kodiakhq kodiakhq bot deleted the anmonteiro/monitor-api-authentication branch February 9, 2022 19:16
@token-generator-app token-generator-app bot mentioned this pull request Feb 9, 2022
Merged
@anmonteiro anmonteiro mentioned this pull request Feb 15, 2022
Merged
5 tasks
@token-generator-app token-generator-app bot mentioned this pull request May 26, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@erezrokah erezrokah erezrokah left review comments

@sgrove sgrove sgrove approved these changes

Assignees
No one assigned
Labels
automerge Add to Kodiak auto merge queue type: feature code contributing to the implementation of a feature and/or user facing functionality
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

netlify dev --graph should monitor is API Authentication has been enabled after starting
3 participants
@anmonteiro @sgrove @erezrokah