Closed
Bug 1375199
Opened 7 years ago
Closed 5 years ago
[aws-provisioner] Remove required scopesets from aws-provisioner workerType endpoint
Categories
(Taskcluster :: Services, enhancement, P5)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: pmoore, Assigned: dustin)
References
Details
Only when bug 1375197 is resolved fixed, we should open up the worker type definitions by changing the following API point to require no scopes:
https://docs.taskcluster.net/reference/integrations/aws-provisioner/references/api#workerType
|
Reporter | |
Updated•7 years ago
|
Summary: Remove required scopesets from aws-provisioner workerType endpoint → [aws-provisioner] Remove required scopesets from aws-provisioner workerType endpoint
|
||
Comment 1•7 years ago
|
||
Worth mentioning is that even though we currently allow a list of scopes in the worker type definition, these scopes actually have no purpose and aren't part of any credentials issued by the provisioner.
|
|
Reporter | |
Comment 2•7 years ago
|
||
(In reply to John Ford [:jhford] CET/CEST Berlin Time from comment #1)
> Worth mentioning is that even though we currently allow a list of scopes in
> the worker type definition, these scopes actually have no purpose and aren't
> part of any credentials issued by the provisioner.
Thanks John.
This bug is more about removing the required scope aws-provisioner:view-worker-type:<workerType> from the workerType API endpoint (i.e. requiring no auth when hitting https://aws-provisioner.taskcluster.net/v1/worker-type/<workerType>).
I think the issue about the scopes property of the worker type definition no longer being used/required is tracked in bug 1375228.
|
||
Comment 3•7 years ago
|
||
Found in triage.
Pete: you were going to do something with this batch of bugs, IIRC.
|
|
||
Comment 4•6 years ago
|
||
We are working to move our provisioning to the new worker manager design. This design does not have any provisioner secrets in it and will not have worker types protected by scopes. I'm marking this P5 because it's low priority to fix in the Aws-Provisioner codebase and dependent on a much larger project of removing provisioner secrets.
Blocks: 1478941
Priority: -- → P5
|
||
Updated•6 years ago
|
Component: AWS-Provisioner → Services
|
Assignee | |
Updated•6 years ago
|
Assignee: nobody → dustin
|
|
Assignee | |
Comment 5•6 years ago
|
||
|
|
Assignee | |
Updated•5 years ago
|
Status: NEW → RESOLVED
Closed: 5 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•