action #159384
closedcoordination #154768: [saga][epic][ux] State-of-art user experience for openQA
coordination #159570: [epic] Better integration with other tooling
Add CORS headers size:S
Description
User story¶
Let's allow other web applications to use the openQA API.
Currently, web applications refuse to use the openQA API, because the CORS Access-Control-Allow-Origin
header is not set. See https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSMissingAllowOrigin
Acceptance criteria¶
- AC1: Web-Applications can access the openQA API from web browsers, e.g. accessing https://openqa.suse.de/api/v1/jobs/14165616
Suggestion¶
- Add
Access-Control-Allow-Origin: *
(or more restrictive) to the http header- Possibly at the nginx/Apache level
- On OSD just add it with https://ubiq.co/tech-blog/set-access-control-allow-origin-cors-headers-apache/ and ask fniederwanger for confirmation
- Implement it in the mojo web app follow https://docs.mojolicious.org/Mojo/Headers#access_control_allow_origin
- Ask the OP what "other web applications" don't work
Further details¶
Updated by okurz 9 months ago
- Status changed from New to Feedback
- Assignee set to okurz
Literally just a handful of days after our last workshop session with the topic 'What are "acceptance criteria" - hint: they are not tasks' you come up with this AC which is not an AC :D
Please update the ticket description with an actual acceptance criterion, examples of where this triggers problems so that we know what we can check with and a use case.
Updated by ph03nix 9 months ago
okurz wrote in #note-3:
Please update the ticket description with an actual acceptance criterion, examples of where this triggers problems so that we know what we can check with and a use case.
If you really need a formalized check you need to write a custom Web application that will fetch resources from within the browser. This currently fails due to https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSMissingAllowOrigin.
Updated by okurz 9 months ago
- Description updated (diff)
- Status changed from Feedback to New
- Assignee deleted (
okurz) - Priority changed from Normal to Low
Rephrased "Acceptance criteria" to be a checkable criterion, not a task: "Web-Applications can access the openQA API from web browsers, e.g. accessing https://openqa.suse.de/api/v1/jobs/14165616". I hope that still catches what you would like to see.
Updated by ph03nix 9 months ago
okurz wrote in #note-6:
Rephrased "Acceptance criteria" to be a checkable criterion, not a task: "Web-Applications can access the openQA API from web browsers, e.g. accessing https://openqa.suse.de/api/v1/jobs/14165616". I hope that still catches what you would like to see.
ack.
Updated by mkittler 9 months ago
- Status changed from In Progress to Feedback
Ask the OP what "other web applications" don't work
I asked on Slack.
Implement it in the mojo web app follow https://docs.mojolicious.org/Mojo/Headers#access_control_allow_origin
Updated by mkittler 9 months ago
I got the feedback that this is about http://container-dashboard.qe.suse.de and concerns OSD and o3.
The draft is now also ready to be merged.
Updated by mkittler 9 months ago ยท Edited
- Status changed from Feedback to In Progress
The PR has been merged. When trying to configure it I've noticed that one can only configure a single origin or *
. So I guess we need to extend the feature so it'll set the origin depending on the requesting origin.
I nevertheless created a draft for the configuration on OSD: https://gitlab.suse.de/openqa/salt-states-openqa/-/merge_requests/1175
Updated by mkittler 9 months ago
PR for specifying multiple origins: https://github.com/os-autoinst/openQA/pull/5626
Updated by mkittler 9 months ago
The change is deployed/configured on o3 and OSD so you can try it out. Note that I so far only added http://container-dashboard.qe.suse.de. You can add more allowed origins (e.g. https://container-dashboard.qe.suse.de) by creating a MR similar to https://gitlab.suse.de/openqa/salt-states-openqa/-/merge_requests/1175 and configuring things on ariel manually. (Additionally allowed origins need to be separated via a comma.)
Updated by mkittler 9 months ago
- Status changed from Feedback to Resolved
Probably it is not worth keeping this ticket open until @ph03nix finds time to test it out. So I'm considering this resolved.
@ph03nix You can re-open the ticket if it doesn't work after all. If you just need another host added you can also just ask on the chat (or follow #159384#note-14 yourself).
Updated by ph03nix 9 months ago
mkittler wrote in #note-16:
Probably it is not worth keeping this ticket open until @ph03nix finds time to test it out. So I'm considering this resolved.
@ph03nix You can re-open the ticket if it doesn't work after all. If you just need another host added you can also just ask on the chat (or follow #159384#note-14 yourself).
Thank you Marius, I'll try to run a simple test this week.