Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add task to create new public api keys #5826

Merged
merged 4 commits into from
May 28, 2024
Merged

Add task to create new public api keys #5826

merged 4 commits into from
May 28, 2024

Conversation

tmpayton
Copy link
Contributor

@tmpayton tmpayton commented May 9, 2024
edited

Summary (required)

This ticket adds a the new update_public_api_key task. The PMs decided that this task should only create a new API key and add it to our environment variables. After that, the developer can manually re-stage the app and disable the old key. Here is the wiki page.

The new command is:
cf run-task api --command "python cli.py update_public_api_key <space> <service_instance> '$(< token.txt)' <first_rate_limit> <first_rate_limit_duration> <second_rate_limit> <second_rate_limit_duration>" --name update_public_api_key

The arguments are:
space: [Required] the space that you want to update
service_instance: [Required] the user provided service you want to update
token: [Required] your cf oath token
first_rate_limit: [Optional] the limit of the first rate limit on the new key
first_rate_limit_duration [Optional] the duration of the first rate limit on the new key
second_rate_limit [Optional] the limit of the second rate limit on the new key
second_rate_limit_duration [Optional] the duration of the second rate limit on the new key

A typical example would be:
cf run-task api --command "python cli.py update_public_api_key dev tricia-test '$(< token.txt)' " --name update_public_api_key

I also added these new environment variables:
FEC_EMAIL: currently set to my email for testing purposes, I'll change this once testing is completed
UMBRELLA_ADMIN_AUTH_TOKEN: Auth token to access API Umbrella

Required reviewers 2 - 3 developers

Impacted areas of the application

General components of the application that this PR will affect:

  • tasks

How to test

Locally:

  • I recommend using this test branch for testing since it uses the #test-bot slack channel
  1. git checkout test-create-api-key
  2. pyenv activate <your virtual environment>
  3. Set the following env variables: SLACK_HOOK, UMBRELLA_ADMIN_AUTH_TOKEN, FEC_EMAIL, FEC_WEB_API_KEY_PUBLIC
  4. login to cf cli: cf login -a api.fr.cloud.gov --sso (space does not matter when testing locally)
  5. put oauth token in txt file named token.txt cf oauth-token > token.txt
  6. Run python cli.py update_public_api_key dev tricia-test "$(< token.txt)"

On Dev:

  1. Deploy this branch
  2. login to cloud.gov dev space cf login -a api.fr.cloud.gov --sso
  3. put oauth token in txt file named token.txt cf oauth-token > token.txt
  4. Run cf run-task api --command "python cli.py update_public_api_key dev tricia-test '$(< token.txt)' " --name update_public_api_key
  5. check logs and/or kibana

NOTE: Cf tokens last for about 4 minutes before needing another one

@codecov Codecov
Copy link

codecov bot commented May 9, 2024
edited

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 85.77%. Comparing base (3e9f5b8) to head (c13a39f).
Report is 19 commits behind head on develop.

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop    #5826   +/-   ##
========================================
  Coverage    85.77%   85.77%           
========================================
  Files           81       81           
  Lines         8624     8624           
========================================
  Hits          7397     7397           
  Misses        1227     1227

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@tmpayton tmpayton force-pushed the feature/5802-create-api-key branch from 05f43ba to 89914d8 Compare May 9, 2024 17:34
@tmpayton tmpayton requested review from pkfec, fec-jli and cnlucas May 9, 2024 17:47
@JonellaCulmer JonellaCulmer added this to the 25.1 milestone May 14, 2024
pkfec
pkfec reviewed May 15, 2024
View reviewed changes
Copy link
Contributor

@pkfec pkfec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tmpayton

  1. Finalize FEC_EMAIL we want to use while creating a API keys. Currently we use webappalerts@fec.gov to create API keys in the umbrella.
  2. Use the existing cms-creds-dev service instead of creating a new one
  3. Add the API key creation instructions to a wiki

pkfec
pkfec reviewed May 15, 2024
View reviewed changes
manage.py Outdated Show resolved Hide resolved
pkfec
pkfec reviewed May 15, 2024
View reviewed changes
Copy link
Contributor

@pkfec pkfec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tmpayton All the key/value pairs are exposed in api logs. We should update the logger to debug or remove these two lines of code. Your thoughts?

pkfec
pkfec reviewed May 23, 2024
View reviewed changes
manage.py Outdated Show resolved Hide resolved
@tmpayton
Copy link
Contributor Author

@pkfec thank you for the review, I implemented your changes!

@pkfec pkfec self-requested a review May 28, 2024 20:13
pkfec
pkfec approved these changes May 28, 2024
View reviewed changes
Copy link
Contributor

@pkfec pkfec left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @tmpayton for writing up a script to create keys programmatically. API key creation script works perfect!

@tmpayton tmpayton changed the base branch from develop to release/public-20240604 May 28, 2024 20:28
@pkfec pkfec merged commit bffa570 into release/public-20240604 May 28, 2024
3 checks passed
@pkfec pkfec mentioned this pull request May 28, 2024
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pkfec pkfec pkfec approved these changes

@fec-jli fec-jli Awaiting requested review from fec-jli

@cnlucas cnlucas Awaiting requested review from cnlucas

Assignees

@tmpayton tmpayton

Labels
Please review
Projects
Website project
Status: ✅ Done
Milestone
25.1
Development

Successfully merging this pull request may close these issues.

Create a manual task to make new public api keys
3 participants
@tmpayton @pkfec @JonellaCulmer