Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add support for multi user approval in suspend. fixes #12108 #13570

Draft
wants to merge 4 commits into
base: main
Choose a base branch
from
Draft

feat: add support for multi user approval in suspend. fixes #12108 #13570

wants to merge 4 commits into from

Conversation

rvandernoort
Copy link

@rvandernoort rvandernoort commented Sep 6, 2024
edited
Loading

Fixes #12108

Motivation

This feature adds support for multi approval in the suspend state instead of using the self-declared single-point enum strategy. This allows for better interactivity and fine-grained access to promotions for instance.

I'm publishing this already now as I am looking to catch some early feedback as this is my first time contributing to this project. This is also one of my first larger PRs (in Go) so I appreciate any feedback that you can provide me and I will try to address any comments as quickly and thoroughly as possible.

Modifications

Currently, the state of this PR is as follows:

  • introduce core including ApproverStatus field, an approve function, and two core test cases.
  • add ui changes to handle approvals
  • handle approvals
    • Currently functionality only accepts approval of your logged in account (in blue) (however this is hardcoded and untested)
  • use accounts instead of email string
    • (how do I do this correctly and how do I test it? I tried to use any auth method using the devcontainer but didn't manage to get it working.)
  • change timestamp to approved timestamp once approval is complete
  • cli cmds?

Screenshots

Single approval

single_approve
single_approval
single_approved
single_approved_pop

Multi approval

double_approve
double_approval
double_approved
double_approved_pop

Verification

  • unit tests
    • single approval
    • multi approval
    • missing approval (not working, could use help if even possible)
  • e2e tests
    • tbd... (suggestions welcome)

@rvandernoort
feat: add initial work on approvals. Fixes argoproj#12108
a2fd177 
Signed-off-by: Rover van der Noort <33723189+rvandernoort@users.noreply.github.com>
@rvandernoort
feat: add initial work on multiapproval. fixes argoproj#12108
99fe494 
Signed-off-by: Rover van der Noort <33723189+rvandernoort@users.noreply.github.com>
@rvandernoort
feat: add placeholder ui for multiapproval. Fixes argoproj#12108
7f5f645 
Signed-off-by: Rover van der Noort <33723189+rvandernoort@users.noreply.github.com>
@rvandernoort
feat: add handle functionality for multi approval. Fixes argoproj#12108
ce1d94b 
Signed-off-by: Rover van der Noort <33723189+rvandernoort@users.noreply.github.com>
@rvandernoort rvandernoort marked this pull request as ready for review September 10, 2024 13:48
@rvandernoort
Copy link
Author

Managed to get the core functionality working and looking pretty decent I think. However, I'm a bit stuck on authentication and linking the approvals to users or groups. Would appreciate some help if anyone is able.

agilgur5
agilgur5 reviewed Sep 13, 2024
View reviewed changes
Copy link
Member

@agilgur5 agilgur5 left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

However, I'm a bit stuck on authentication and linking the approvals to users or groups.

This can be done in the API, but the current approach is insecure in a few ways by relying on status. I detailed this more in the issue: #12108 (comment)

If you just want to implement a UI flow with auth only done there, I would suggest making a UI plugin for this #6945

@agilgur5 agilgur5 added type/security Security related area/ui area/spec Changes to the workflow specification. area/api Argo Server API labels Sep 13, 2024
@rvandernoort rvandernoort marked this pull request as draft September 27, 2024 14:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@agilgur5 agilgur5 agilgur5 left review comments

@terrytangyuan terrytangyuan Awaiting requested review from terrytangyuan terrytangyuan is a code owner

@sarabala1979 sarabala1979 Awaiting requested review from sarabala1979 sarabala1979 is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
area/api Argo Server API area/spec Changes to the workflow specification. area/ui type/security Security related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Second-person approval of a workflow
2 participants
@rvandernoort @agilgur5