-
Notifications
You must be signed in to change notification settings - Fork 36
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(sessions): add allowlist for interactive session images (#582) #582
base: master
Are you sure you want to change the base?
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #582 +/- ##
==========================================
- Coverage 73.39% 73.38% -0.01%
==========================================
Files 15 15
Lines 1372 1413 +41
==========================================
+ Hits 1007 1037 +30
- Misses 365 376 +11
|
This works well also with reana-client, but there is currently no way to see which images are allowed directly from the CLI. Finally, the list of allowed images is now returned by |
b241587
to
40a128c
Compare
} | ||
""" | ||
|
||
REANA_INTERACTIVE_SESSIONS_RECOMMENDED_IMAGES = { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can we amend this to be ready for situations where the configuration is empty?
For example, some site may want to prevent opening of notebooks altogether by configuring:
interactive_sessions:
environments:
jupyter:
recommended:
allow_custom: false
This currently leads to a traceback when starting reana-workflow-controller:
Traceback (most recent call last):
File "/code/./reana_workflow_controller/app.py", line 17, in <module>
app = create_app()
File "/code/./reana_workflow_controller/factory.py", line 49, in create_app
app.config.from_object("reana_workflow_controller.config")
File "/usr/local/lib/python3.8/dist-packages/flask/config.py", line 227, in from_object
obj = import_string(obj)
File "/usr/local/lib/python3.8/dist-packages/werkzeug/utils.py", line 595, in import_string
__import__(import_name)
File "/code/./reana_workflow_controller/config.py", line 180, in <module>
REANA_INTERACTIVE_SESSIONS_RECOMMENDED_IMAGES = {
File "/code/./reana_workflow_controller/config.py", line 181, in <dictcomp>
type_: {recommended["image"] for recommended in config["recommended"]}
TypeError: 'NoneType' object is not iterable
This means that the REANA would be basically down if people misconfigure the recommended images section.
Can you make the YAML value detection more robust to prevent these cases? E.g. we could use something like config.get("recommended", [])
and such. We should also assume that "image" part might be misconfigured.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done, it should now be more robust in case of missing recommended images, missing allow_custom
, both here and in reana-ui
40a128c
to
b3dd893
Compare
b3dd893
to
4f0fc6c
Compare
Closes #569