Added verification of tasks/thinexecutions in DataflowOAuthIT. #5817
Conversation
| log.debug("Response is {}", response); | ||
| ok = !JsonPath.parse(response).read("$._links.self.href", String.class).isEmpty(); | ||
|
|
||
| // TODO add checks for new endpoints to check security |
There was a problem hiding this comment.
This does add coverage for the thin/executions endpoint but what is the expectation for newly added endpoints? How will we know to abide by this comment?
The issue that we ran into was that PRO was out of sync w/ OSS endpoint mappings. This does not fill that gap.
I would recommend removing this comment.
There was a problem hiding this comment.
This test is executed as part of ci-it-security.
The Pro will be covered by the endpoint test running in CF ATs.
There was a problem hiding this comment.
The Pro will be covered by the endpoint test running in CF ATs.
Which endpoint test? The point of https://github.com/pivotal/scdf-pro/issues/192 is to find out issues prior to CF ATs (in the PRO tests).
There was a problem hiding this comment.
I added ci-it-security to scdf-pro to perform similar checks on added endpoints to ensure they are protected.
...src/test/java/org/springframework/cloud/dataflow/integration/test/oauth/DataflowOAuthIT.java
Outdated
Show resolved
Hide resolved
| response = cmdResult.getStdout(); | ||
| log.debug("Response is {}", response); | ||
| ok = !JsonPath.parse(response).read("$._links.self.href", String.class).isEmpty(); | ||
| // TODO add checks for new endpoints to check security |
There was a problem hiding this comment.
I don't think this test is the place to add endpoints to. I still would like to remove this comment.
...src/test/java/org/springframework/cloud/dataflow/integration/test/oauth/DataflowOAuthIT.java
Show resolved
Hide resolved
corneil
force-pushed
the
main
branch
2 times, most recently
from
c0462f2 to
f0fb797
Compare
cppwfs
added
the
type/forwardport
|
Recreating from personal repo |
No description provided.