diff --git a/ci/deploy.sh b/ci/deploy.sh index 736d85e24..7ac3c4fa7 100755 --- a/ci/deploy.sh +++ b/ci/deploy.sh @@ -52,6 +52,7 @@ function run { # # Additionally sets a branch tag assuming this is the latest tag for the given # branch. The branch tag has the form: dev-main +# Also sets a tag with just the branch short hash function set_dev_tags { local branch="$1" # replace '.' and '/' in branch name with '-' @@ -62,7 +63,7 @@ function set_dev_tags { local short_hash short_hash="$(git rev-parse --short=9 HEAD)" version="${branch_prefix}-${short_hash}" - export docker_tags=("$version" "$branch_prefix") + export docker_tags=("$version" "$branch_prefix" "$short_hash") } # The Github workflow passes a ref of the form refs/heads/ or diff --git a/crates/tests/databases-tests/src/capabilities_tests.rs b/crates/tests/databases-tests/src/capabilities_tests.rs index c20574c76..69c4885af 100644 --- a/crates/tests/databases-tests/src/capabilities_tests.rs +++ b/crates/tests/databases-tests/src/capabilities_tests.rs @@ -1,7 +1,4 @@ -#[cfg(test)] -mod capabilities_tests { - #[tokio::test] - async fn get_capabilities() { - insta::assert_json_snapshot!(ndc_postgres::capabilities::get_capabilities()); - } +#[tokio::test] +async fn get_capabilities() { + insta::assert_json_snapshot!(ndc_postgres::capabilities::get_capabilities()); } diff --git a/crates/tests/databases-tests/src/snapshots/databases_tests__capabilities_tests__capabilities_tests__get_capabilities.snap b/crates/tests/databases-tests/src/snapshots/databases_tests__capabilities_tests__get_capabilities.snap similarity index 100% rename from crates/tests/databases-tests/src/snapshots/databases_tests__capabilities_tests__capabilities_tests__get_capabilities.snap rename to crates/tests/databases-tests/src/snapshots/databases_tests__capabilities_tests__get_capabilities.snap diff --git a/crates/tests/tests-common/src/schemas.rs b/crates/tests/tests-common/src/schemas.rs index 598cc6271..5b89dd946 100644 --- a/crates/tests/tests-common/src/schemas.rs +++ b/crates/tests/tests-common/src/schemas.rs @@ -1,3 +1,4 @@ +use std::fmt::Write; /// Checks that a given value conforms to the schema generated by `schemars`. /// /// Panics with a human-readable error if the value does not conform, or if the @@ -17,14 +18,14 @@ pub fn check_value_conforms_to_schema(value: serde_json Err(errors) => { panic!( "The configuration does not conform to the schema.\n{}", - errors - .map(|error| { - format!( - "{}\ninstance path: {}\nschema path: {}\n\n", - error, error.instance_path, error.schema_path - ) - }) - .collect::() + errors.fold(String::new(), |mut str, error| { + let _ = write!( + str, + "{}\ninstance path: {}\nschema path: {}\n\n", + error, error.instance_path, error.schema_path + ); + str + }) ) } } diff --git a/docker-compose.yaml b/docker-compose.yaml index bad8f8ee8..66c5288d7 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -171,6 +171,12 @@ services: COLLECTOR_OTLP_ENABLED: "true" COLLECTOR_ZIPKIN_HOST_PORT: "9411" + auth-hook: + build: ../v3-engine/hasura-authn-webhook/dev-auth-webhook + init: true + ports: + - 3050:3050 + volumes: prom_data: grafana_data: diff --git a/flake.lock b/flake.lock index 3510bcdd4..cc7e42cf9 100644 --- a/flake.lock +++ b/flake.lock @@ -40,11 +40,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1697723726, - "narHash": "sha256-SaTWPkI8a5xSHX/rrKzUe+/uVNy6zCGMXgoeMb7T9rg=", + "lastModified": 1698318101, + "narHash": "sha256-gUihHt3yPD7bVqg+k/UVHgngyaJ3DMEBchbymBMvK1E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7c9cc5a6e5d38010801741ac830a3f8fd667a7a0", + "rev": "63678e9f3d3afecfeafa0acead6239cdb447574c", "type": "github" }, "original": { @@ -72,11 +72,11 @@ ] }, "locked": { - "lastModified": 1698199907, - "narHash": "sha256-n8RtHBIb0rLuYs4RDehW6mj6r6Yam/ODY1af/VCcurw=", + "lastModified": 1698726852, + "narHash": "sha256-V1S4TTzg++GzPc96i/yy4jib+7/xU0LXHcggm9MllMM=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "22b8d29fd22cfaa2c311e0d6fd8a0ed9c2a1152b", + "rev": "ec19bd20af08f3b004089cc12ab54c823ed899b7", "type": "github" }, "original": { diff --git a/justfile b/justfile index d32c2f0c4..c15770861 100644 --- a/justfile +++ b/justfile @@ -256,6 +256,7 @@ start-metrics: # run the v3 engine binary, pointing it at our connector run-engine: start-dependencies + docker compose up --wait auth-hook @echo "http://localhost:3000/ for graphiql console" @echo "http://localhost:4002/ for jaeger console" # Run graphql-engine using static Chinook metadata @@ -265,7 +266,8 @@ run-engine: start-dependencies cargo run --release \ --manifest-path ../v3-engine/Cargo.toml \ --bin engine -- \ - --metadata-path ./static/chinook-metadata.json + --metadata-path ./static/chinook-metadata.json \ + --authn-config-path ./static/auth_config.json # start a postgres docker image and connect to it using psql repl-postgres: diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 4cb81fb19..1d8e1f052 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,4 +1,4 @@ [toolchain] -channel = "1.72.1" +channel = "1.73.0" profile = "default" # see https://rust-lang.github.io/rustup/concepts/profiles.html components = ["rust-analyzer", "rust-src"] # see https://rust-lang.github.io/rustup/concepts/components.html diff --git a/static/auth_config.json b/static/auth_config.json new file mode 100644 index 000000000..0103a3732 --- /dev/null +++ b/static/auth_config.json @@ -0,0 +1,12 @@ +{ + "version": "v1", + "definition": { + "allowRoleEmulationBy": "admin", + "mode": { + "webhook": { + "url": "http://localhost:3050/validate-request", + "method": "Post" + } + } + } +}