Use authlib #662 branch to fix token introspection endpoint (#219) #223
Conversation
|
It is interesting idea, but I'm not sure how much I like fixing a dependency to some git commit. We could miss some security updates. Another alternative is to replace |
|
Changed to use poetry. Ugh, I hate poetry. |
|
btw, the requirements.txt version did work, can't tell you how, but it did. I tested it. This is intended to only be temporary until the PR is merged. Upstream seems to move slow. Of course I can update the branch with anything else that is merged upstream, but I'd have to remember to do that, or we can use a branch you guys own and you can update it. |
|
I'm not sure whether that buildconfig is ever still used. In the imagestream definition we have both 'waiverdb' and 'waiverdb-upstream' entries. I think rolling out 'waiverdb' would roll out the image built by that buildconfig, rolling out 'waiverdb-upstream' rolls out the upstream image directly (usually from your quay.io repo, but currently I have staging set to use mine so I can mess with it). I've been rolling out waiverdb-upstream. I'm not actually sure what gets rolled out "by default". |
|
Actually I'm running |
|
I like this solution: quite small and elegant. Maybe add some TODO comment to change it back when the new authlib is released. |
|
the comment was already kinda meant to imply that, but I guess I can make it more explicit indeed. edit: oh, oops, and the comment got completely lost in moving from requirements.txt to pyproject.toml! putting it back... |
|
We've had this deployed in Fedora prod and staging for a while now (by deploying from my container remote instead of the official one). It's definitely working, I see that folks are filing waivers via Bodhi. Can we merge this and get the official container remote updated? Thanks! |
…engineering#219) Signed-off-by: Adam Williamson <[email protected]>
No description provided.