Closed
Bug 1375492
Opened 8 years ago
Closed 7 years ago
Only reset the root accessToken if the env var is present
Categories
(Taskcluster :: Services, enhancement)
Taskcluster
Services
Tracking
(Not tracked)
RESOLVED
WONTFIX
People
(Reporter: dustin, Assigned: shreya99oak, Mentored)
Details
Currently, this accessToken is reset on every auth startup, which means that the value must be present in the heroku config. But it is only useful on initial install of the service, which happened long, long ago. Removing it from the heroku config would be one less place this very powerful credential appears.
|
Reporter | |
Updated•8 years ago
|
Mentor: dustin
|
|
Reporter | |
Comment 2•7 years ago
|
||
Sure -- the service in question is https://github.com/taskcluster/taskcluster-auth
At https://github.com/taskcluster/taskcluster-auth/blob/44dc61eafc3454c145ec45b5b3201a76b4d2589f/config.yml#L23 it defines a rootAccessToken. This is important the *first* time the service starts up, as it's the only way to start creating other clients. But the current implementation sets the accessToken for the "root" client every time it starts up.
So the work to do on this bug is to change the implementation so that it only uses this configuration value if the "root" client doesn't already exist.
|
|
Reporter | |
Comment 3•7 years ago
|
||
Before you get started, though, please finish up bug 1303225. We have a lot of applicants looking for bugs to work on, so I want to make sure we distribute them fairly!
|
|
Reporter | |
Comment 4•7 years ago
|
||
Oh, sorry, I totally mixed that up. Yes, please go ahead with this bug! :)
Assignee: nobody → shreya99oak
|
|
Reporter | |
Comment 6•7 years ago
|
||
Shreya, how is this going?
Hi, yarn test stills gives an error
~/Desktop/taskcluster-auth$ yarn test
yarn run v1.5.1
$ yarn lint
$ eslint src/*.js test/*.js
$ mocha test/*_test.js
Skip tests for due to missing pulse credentials; create user-config.yml
error An unexpected error occurred: "Command failed.
Exit code: 1
Command: sh
Arguments: -c mocha test/*_test.js
Directory: /home/shweta/Desktop/taskcluster-auth
Output:
".
info If you think this is a bug, please open a bug report with the information provided in "/home/shweta/Desktop/taskcluster-auth/yarn-error.log".
info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command.
|
|
Reporter | |
Comment 8•7 years ago
|
||
Hm, this service is particularly difficult to get the tests running for. Do you want to work on bug 1443015 instead? It's still about testing, but doesn't require getting the auth tests running :)
|
|
Reporter | |
Comment 9•7 years ago
|
||
This is going to end up getting replaced with static clients, which should always enforce. So I don't think this needs to be done anymore!
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
|
||
Updated•6 years ago
|
Component: Authentication → Services
You need to log in
before you can comment on or make changes to this bug.
Description
•