feat: allow running review app to validate pr from external contribution #253
Conversation
* configure streamsync to be able to deploy review application
| @@ -0,0 +1,2 @@ | |||
| https://github.com/FabienArcellier/nodejs-buildpack#streamsync-review | |||
There was a problem hiding this comment.
I don't know where to document the role of the Procfile and .buildpacks. .buildpacks does not support code comment.
* create a review app to access to different basic streamsync application
FabienArcellier
force-pushed
the
26-allow-running-review-app-to-validate-pr-from-external-contribution
branch
from
7ff972b to
3e0363a
Compare
Is it too hard to implement auth with something like Google Auth and whitelist a few people? Running We'll be deploying many features that'll require us to handle API keys and maybe other sorts of confidential information. Being overly cautious but I'm scared someone could install a keylogger / etc, dump memory, or do something nasty. |
* configure authentication layer on review application
I added authentication when the review application listens for remote access. When the app is accessible in remote access, the basic auth configuration is mandatory. It is done using the OAuth2 is easy with library. I will prepare an implementation to compare. |
| @@ -34,6 +34,7 @@ watchdog = ">= 3.0.0, < 4" | |||
| pandas = {version = ">= 2.2.0, < 3", optional = true} | |||
| pyarrow = {version = ">= 15.0.0, < 16.0.0",optional = true} | |||
| plotly = {version = ">= 5.18.0, < 6", optional = true} | |||
| scikit-learn = {version = "^1.4.1.post1", optional = true} | |||
There was a problem hiding this comment.
Why is this here? Do we require it now for any reason?
There was a problem hiding this comment.
We are using it in the getting started application.
There was a problem hiding this comment.
Ah you're right, and this doesn't bloat the standard distributions (bare, ds) right? Just the build
|
Hey @FabienArcellier what's the status of this? Are we going for the custom buildpack? If it's too hard we can even drop the quickstart app, I wouldn't spend too much time / add too much complexity to support this |
|
I have finished the work on the buildpack. This branch is not required anymore. I close it. |
The integration of an app review mechanism deploys a PR on demand to test the code online or demonstrate it without requiring cloning the branch locally.
I used the reviewapp mechanism from scalingo, a French PaaS platform. Their implementation is close to Heroku. After a first reading, project administrators will be able to trigger an environment to try and experiment on the code of the PR.
The validation environment can be modified by any visitor. If this mechanism poses a problem, we will add authentication to limit access and only offer read access for visitors.