Skip to content

Fix Roles API test failures #225

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jun 22, 2023
Merged

Fix Roles API test failures #225

merged 2 commits into from
Jun 22, 2023

Conversation

@john-odonnell
Copy link
Contributor

Desired Outcome

Fix the OpenAPI description CI build.

Implemented Changes

Connected Issue/Story

CNJR-1816

Definition of Done

At least 1 todo must be completed in the sections below for the PR to be
merged.

Changelog

  • The CHANGELOG has been updated, or
  • This PR does not include user-facing changes and doesn't require a
    CHANGELOG update

Test coverage

  • This PR includes new unit and integration tests to go with the code
    changes, or
  • The changes in this PR do not require tests

Documentation

  • Docs (e.g. READMEs) were updated in this PR
  • A follow-up issue to update official docs has been filed here: [insert issue ID]
  • This PR does not require updating any documentation

Behavior

  • This PR changes product behavior and has been reviewed by a PO, or
  • These changes are part of a larger initiative that will be reviewed later, or
  • No behavior was changed with this PR

Security

  • Security architect has reviewed the changes in this PR,
  • These changes are part of a larger initiative with a separate security review, or
  • There are no security aspects to these changes

@john-odonnell john-odonnell requested a review from a team as a code owner June 16, 2023 17:42
@john-odonnell
Roles API: remove 403 response
9d1a704 
As of Conjur v1.19.3, requests to the Roles API return 404
when the caller has insufficient privilege. See
https://github.com/cyebrark/conjur/pull/2755.
@john-odonnell
Roles API Tests: update admin system memberships
c9fa1a3
@john-odonnell
Copy link
Contributor Author

john-odonnell commented Jun 20, 2023
edited
Loading

Tried and failed to fix the Kong example - we shouldn't let it block this PR. See my in-progress fix on the kong-fix branch.

Part of the issue is that the insomnia-inso npm package used to generate the Kong declarative config has been deprecated in favor of a new Inso CLI.

Once these are swapped, there's another issue when trying to make requests to Conjur through the Kong gateway:

<header>
  <h1>Blocked host: kong</h1>
</header>
<div id="container">
  <h2>To allow requests to kong make sure it is a valid hostname (containing only numbers, letters, dashes and dots), then add the following to your environment configuration:</h2>
  <pre>config.hosts &lt;&lt; "kong"</pre>
</div>

This is a result of Rails's Host Authorization middleware active in Conjur, restricting the set of accepted hostnames to only those listed here. Maybe we could open up the set of accepted hosts in Conjur's development config env.

gl-johnson
gl-johnson approved these changes Jun 21, 2023
View reviewed changes
Copy link
Contributor

@gl-johnson gl-johnson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@john-odonnell john-odonnell merged commit 12a7267 into main Jun 22, 2023
@john-odonnell john-odonnell deleted the build-fix branch June 22, 2023 12:54
@gl-johnson gl-johnson mentioned this pull request Oct 2, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@gl-johnson gl-johnson gl-johnson approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@john-odonnell @gl-johnson