-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Endpoint customizer refresh #3308
base: main
Are you sure you want to change the base?
Endpoint customizer refresh #3308
Conversation
Also add CloudProvider interface.
isVerified, verificationErr := verifyArtifactory(ctx, client, resURLMatch, resMatch) | ||
s1.Verified = isVerified | ||
s1.SetVerificationError(verificationErr, resMatch) | ||
results = append(results, s1) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Shouldn't a verified token break the loop? A token can't be valid on more than one instance, AFAIK.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The idea is to capture the result of all URLs we verify against even if the verification passes or not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rgmz I believe these are access token. If yes, then from jfrog artifcatory documentation,
Cross-instance authentication
Access tokens can be used for authentication, not only by the instance or cluster where they were created but also for other instances and clusters that are all part of the same circle of trust.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Interesting. Just be careful: Artifactory cloud has aggressive rate limiting.
More than a few failed auth in a minute and you won't be able to hit it anymore, in my experience.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rgmz If Artifactory has any rate limiting, I believe that should be on the same endpoint. Here the endpoint will be changing for each request unless user pass same endpoint multiple times.
Description:
Updated Endpoint Customizer and Detectors using it.
Checklist:
make test-community
)?make lint
this requires golangci-lint)?