Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Be more explicit about configs and where they come from #535

Merged
merged 6 commits into from
Oct 29, 2024

Conversation

bheesham
Copy link
Member

This PR adds/removes a couple of things:

  • A documented env.sample
  • An updated env.sample, now shows the full keys we expect, along with some docs about where to get them
  • Less dependencies (everett) -- this one did a bit of magic which I removed and implemented ourself (as a result it should be painfully clear what's missing on startup)
  • Use OIDC_REDIRECT_URI -- we set this environment variable but never use it

See individual commits for a better review story.

@bheesham bheesham requested a review from a team October 29, 2024 16:59
Copy link
Contributor

@dividehex dividehex left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 I love it! ❤️

@bheesham
Copy link
Member Author

Ou, actually, I found an issue. I'll re-do bits of this (specifically concerning the OIDC_REDIRECT_URI bit).

I'll mark this PR as a DO NOT MERGE for now.

dashboard/config.py Outdated Show resolved Hide resolved
@bheesham bheesham changed the title Be more explicit about configs and where they come from DO NOT MERGE Be more explicit about configs and where they come from Oct 29, 2024
@bheesham bheesham changed the title DO NOT MERGE Be more explicit about configs and where they come from Be more explicit about configs and where they come from Oct 29, 2024
@bheesham
Copy link
Member Author

Should be resolved now -- I removed the bits in oidc_auth which confused me (and weren't being used anyways, see the handler for /forbidden).

This allows us to remove a dependency (`everett`) while being clearer about
where configs come from. If something fails with a `KeyError` (or similar), we
can `grep` the codebase and find that value.

Jira: IAM-1443
Jira: IAM-1443
I was confusing what this configuration value was used for. Turns out, we don't
make explicit use of this, though internally Flask-pyoidc does.

To clear up some confusion here I removed the bit of code from
TokenVerification.

Jira: IAM-1443
@bheesham bheesham merged commit a2d56de into mozilla-iam:master Oct 29, 2024
1 check passed
@bheesham bheesham deleted the simpler-config branch October 29, 2024 18:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants