Skip to content

ROX-12450: Support robot accounts in Quay integration form#2974

Merged
pedrottimark merged 3 commits intomasterfrom
ROX-12450-QuayIntegrationForm-RobotAccounts
Sep 6, 2022
Merged

ROX-12450: Support robot accounts in Quay integration form#2974
pedrottimark merged 3 commits intomasterfrom
ROX-12450-QuayIntegrationForm-RobotAccounts

Conversation

@pedrottimark
Copy link
Contributor

@pedrottimark pedrottimark commented Sep 6, 2022
edited
Loading

Description

Counterpart to #2578

Adjustments to mocks for factors that were absent in the original overview: Update stored credentials check box and no authentication for public registries.

  • Use more precise volcabulary: Replace registry which refers to Quay itself with repositories and also refer to images. From research online at docs.quay.io
  • Minimize changes to documentation: Do not move Type and OAuth token fields from their current locations on the form.
  • Replace front-end validation with information: Render Alert element (if editing which includes creating) preceding Update stored credentials field. It has Authentication as title. Conditionally render bullet items which are relevant for the type. Write the items in parallel form.
  • Let backend behavior and request responses be source of truth: Especially because requirements for stored credentials are implicit instead of explicit, do not use radio buttons to select OAuth token versus robot accounts. Radio buttons are not relevant for all scenarios: For public repositories, neither stored credentials. For scanner, only token.

Changed files

  1. Edit cypress/integration/integrations/imageIntegrations.test.js

    • Delete 'An OAuth token is required' assertion.

  2. Edit src/Containers/Integrations/IntegrationForm/Forms/QuayIntegrationForm.tsx

    • Delete oauthToken from validationSchema object so backend is the single source of truth.
    • Add registryRobotCredentials: null property to defaultValues object.
    • Add hasInitialOauthToken and include it in the condition whether to render 'Currently-stored token will be used.' for placeholder of OAuth token.
    • Clear robot account password like oauthToken property.
    • Add special case for Quay integration, because unauthenticated is an implicit instead of explicit property.
    • Conditionally render Alert element if editing which includes creating.
    • Delete isRequired prop because Alert element explains the relationships.
    • Conditionally render Robot username and Robot password in a grid (as in some auth providers forms).
    • Include username in the condition whether to render 'Currently-stored password will be used.' for placeholder of Robot password.

  3. Edit src/types/imageIntegration.proto.ts

    • Add registryRobotCredentials property to QuayConfig type.
    • Add QuayRobotAccount type.

Checklist

  • Investigated and inspected CI test results
  • Edited integration test

Testing Performed

With feature flag disabled

export ROX_QUAY_ROBOT_ACCOUNTS=false

  1. View existing integration

    • OAuth token field with empty input box that is disabled. Response: registryRobotCredentials: null
      Disabled-OAuth-token

    • Update stored credentials is ticked: OAuth token field with empty input box that is enabled.
      Disabled-Update-stored-credentials

With feature flag enabled

export ROX_QUAY_ROBOT_ACCOUNTS=true

Authentication

  1. If editing, which includes creating, Authentication info alert renders relevant items:

    • Registry
      Authentication-Registry

    • Scanner
      Authentication-Scanner

    • Registry + Scanner
      Authentication-Registry-Scanner

Behavior

  1. View existing integration

    • Registry: OAuth token Robot username Robot password fields with empty input boxes that are disabled, but username is not empty if there is a Robot account.
      Behavior-View-Registry

    • Scanner: OAuth token field with empty input box that is disabled.
      Behavior-View-Scanner

    • Registry + Scanner: OAuth token Robot username Robot password fields with empty input boxes that are disabled, but username is not empty if there is a Robot account.
      Behavior-View-Registry-Scanner

  2. Create new integration: Relevant fields have empty input boxes that are enabled. For Type of Scanner, only OAuth token field is relevant.

    • Public repository: Leave empty. See properties in payload and response:

      oauthToken: "",
registryRobotCredentials: null

      Behavior-Create-Public

    • Private repository: Enter stored credentials in relevant fields. See properties in payload and response:

      oauthToken: "token"
registryRobotCredentials: {
    username: "namespace+accountname",
    password: "password"
}

      Behavior-Create-Private

  3. Edit existing integration

    • If initial values do not have stored credentials: Update stored credentials is unticked and relevant fields have empty input boxes that are disabled. For Type of Scanner, only OAuth token field is relevant.
      Behavior-Edit-Registry-Public

    • If initial values do have stored credentials: Update stored credentials is ticked and relevant fields have empty input boxes that are enabled, but username is not empty if there is a Robot account. For Type of Scanner, only OAuth token field is relevant.
      Behavior-Edit-Registry-Private

    • Edge case: Update stored credentials is ticked and delete Username with intent to change from authenticated to unauthenticated:

      registryRobotCredentials: {
    username: "",
    password: ""
}

      Maybe would need registryRobotCredentials: null instead, because interpreted as incomplete request to update stored credentials. At least it demonstrates that form displays error message.

      Failure

@ghost
Copy link

ghost commented Sep 6, 2022
edited by ghost
Loading

Images are ready for the commit at 8523d20.

To use with deploy scripts, first export MAIN_IMAGE_TAG=3.71.x-488-g8523d20f7c.

@pedrottimark pedrottimark changed the title Support robot accounts in Quay integration form ROX-12450: Support robot accounts in Quay integration form Sep 6, 2022
@openshift-ci
Copy link

openshift-ci bot commented Sep 6, 2022

@pedrottimark: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/gke-upgrade-tests 8523d20 link false /test gke-upgrade-tests

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

@pedrottimark pedrottimark merged commit bb6797b into master Sep 6, 2022
@pedrottimark pedrottimark deleted the ROX-12450-QuayIntegrationForm-RobotAccounts branch September 6, 2022 22:58
@pedrottimark pedrottimark mentioned this pull request Sep 7, 2022
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vjwilson vjwilson vjwilson approved these changes

@bradr5 bradr5 Awaiting requested review from bradr5

@dvail dvail Awaiting requested review from dvail

Assignees

No one assigned

Labels

area/ui

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@pedrottimark @vjwilson