mirror of
https://github.com/sourcegraph/sourcegraph.git
synced 2026-02-06 17:51:57 +00:00
d7ab268385
Part of https://linear.app/sourcegraph/issue/CORE-211 This introduces authenticated proxies that allow dotcom site admins access to dev and production Enterprise Portal instances, authenticated with client credentials issued to the dotcom instance. The medium-term goal is to use this proxy so that we can use the existing subscriptions UI, backed by the new Enteprise Portal deployments (e.g. https://github.com/sourcegraph/sourcegraph/pull/63653, tracking issue: https://linear.app/sourcegraph/issue/CORE-100/enterprise-portal-migrate-away-from-dotcom-db-as-source-of-truth), until we have a dedicated UI for Enterprise Portal (https://linear.app/sourcegraph/project/kr-p-enterprise-portal-user-interface-dadd5ff28bd8) This is required until we ship https://linear.app/sourcegraph/project/kr-p1-streamlined-role-assignment-via-sams-and-entitle-2f118b3f9d4c/overview, which will allow SAMS to be the source-of-truth for who is a site admin in Sourcegraph.com. Once we have that information, we can use the user's SAMS session directly in Enterprise Portal to authorize access to Enterprise Portal data. ## Test plan Set up `dev-private` with dev credentials: https://github.com/sourcegraph/dev-private/pull/101 `sg start dotcom`, create a personal access token, and try to make ConnectRPC requests matching the spec to the new endpoints: ```sh # Local curl --header "Content-Type: application/json" --header "authorization: token sgp_local_..." --data '{"filters":[{"filter":{"is_archived":false}}]}' -v \ https://sourcegraph.test:3443/.api/enterpriseportal/local/enterpriseportal.subscriptions.v1.SubscriptionsService/ListEnterpriseSubscriptions # Dev curl --header "Content-Type: application/json" --header "authorization: token sgp_local_..." --data '{"filters":[{"filter":{"is_archived":false}}]}' -v \ https://sourcegraph.test:3443/.api/enterpriseportal/dev/enterpriseportal.subscriptions.v1.SubscriptionsService/ListEnterpriseSubscriptions ``` Note that the URL path after `/.api/enterpriseportal/dev/`, i.e. `/enterpriseportal.subscriptions.v1.SubscriptionsService/ListEnterpriseSubscriptions`, and the shape of the parameters, are all the same as if you curl'd the Enterprise Portal API directly, per the Connect protocol: https://connectrpc.com/docs/protocol/ Both local and dev reach out to the existing SAMS dev deployment for credentials, so the `dev-private` credentials work OOTB for both. --------- Co-authored-by: Andre Eleuterio <andreeleuterio@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| aws_codecommit.schema.json | ||
| azuredevops.schema.json | ||
| batch_spec.schema.json | ||
| bitbucket_cloud.schema.json | ||
| bitbucket_server_util.go | ||
| bitbucket_server.schema.json | ||
| bitbucketcloud_util.go | ||
| BUILD.bazel | ||
| changeset_spec.schema.json | ||
| extension_schema.go | ||
| gerrit.schema.json | ||
| github_util.go | ||
| github.schema.json | ||
| gitlab_util.go | ||
| gitlab.schema.json | ||
| gitolite.schema.json | ||
| go-modules.schema.json | ||
| json-schema-draft-07.schema.json | ||
| jvm-packages.schema.json | ||
| npm-packages.schema.json | ||
| onboardingtour.schema.json | ||
| opencodegraph-protocol.schema.json | ||
| opencodegraph.schema.json | ||
| other_external_service.schema.json | ||
| package.json | ||
| pagure.schema.json | ||
| perforce.schema.json | ||
| phabricator.schema.json | ||
| python-packages.schema.json | ||
| README.md | ||
| ruby-packages.schema.json | ||
| rust-packages.schema.json | ||
| schema.go | ||
| settings.schema.json | ||
| site.schema.json | ||
| stringdata.go | ||
| tsconfig.json | ||
| validation_test.go | ||
Sourcegraph JSON Schemas
JSON Schema is a way to define the structure of a JSON document. It enables typechecking and code intelligence on JSON documents.
Sourcegraph uses the following JSON Schemas:
Modifying a schema
- Edit the
*.schema.jsonfile in this directory. - Run
bazel run //schema:write_generated_schema. - Commit the changes to both files.
- Run
sg startto automatically update TypeScript schema files.
Known issues
- The JSON Schema IDs (URIs) are of the form
https://sourcegraph.com/v1/*.schema.json#, but these are not actually valid URLs. This means you generally need to supply them to JSON Schema validation libraries manually instead of having the validator fetch the schema from the web.