Page MenuHomePhabricator
Differential D13881

[services] Allow browsers to access prod identity from comm.software
ClosedPublic
Actions

Authored by ashoat on Nov 5 2024, 9:56 AM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Jan 21, 10:08 PM
Unknown Object (File)
Tue, Jan 21, 7:38 AM
Unknown Object (File)
Mon, Jan 20, 7:54 AM
Unknown Object (File)
Mon, Jan 13, 2:23 AM
Unknown Object (File)
Sun, Jan 12, 8:03 AM
Unknown Object (File)
Thu, Jan 9, 10:47 PM
Unknown Object (File)
Dec 27 2024, 4:09 AM
Unknown Object (File)
Dec 24 2024, 4:59 PM
View All 49 Files
Subscribers
tomek

Details

Reviewers
varun
will
bartek
Commits
rCOMMee0702380b37: Revert "[services] Fix missing port number in D13881"
rCOMMebc9cb17a879: [services] Allow browsers to access prod identity from comm.software
Summary

This diff updates the CORS config for the identity service in production to allow incoming connections from browsers rendering comm.software and www.comm.software.

Context for why we need this is in ENG-9862.

Test Plan

Terraform precommit hooks passed. Beyond that, not sure how to test this besides deploying to prod...

Diff Detail

Repository
rCOMM Comm
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

ashoat created this revision.Nov 5 2024, 9:56 AM
Herald added a subscriber: tomek. · View Herald TranscriptNov 5 2024, 9:56 AM
ashoat updated this revision to Diff 45622.Nov 5 2024, 9:57 AM

Don't include port in web.comm.app

ashoat published this revision for review.Nov 5 2024, 9:57 AM
ashoat edited the test plan for this revision. (Show Details)
varun accepted this revision.EditedNov 5 2024, 9:59 AM

do you need the www origin?

This revision is now accepted and ready to land.Nov 5 2024, 9:59 AM
ashoat added a comment.Nov 5 2024, 10:01 AM

For SLDs I've always included www.. Probably not as relevant anymore, but in the past it was something that some computers and some people would include when navigating to an SLD

This revision was landed with ongoing or failed builds.Nov 5 2024, 10:02 AM
Closed by commit rCOMMebc9cb17a879: [services] Allow browsers to access prod identity from comm.software (authored by ashoat). · Explain Why
This revision was automatically updated to reflect the committed changes.
ashoat added a commit: rCOMMebc9cb17a879: [services] Allow browsers to access prod identity from comm.software.
Harbormaster completed remote builds in B32550: Diff 45621.Nov 5 2024, 10:14 AM
Harbormaster completed remote builds in B32551: Diff 45622.Nov 5 2024, 10:19 AM
ashoat added a comment.Nov 5 2024, 10:26 AM

This was an unsafe change and is causing deployment failures in production. I think @varun was wrong in his assessment that the port could be skipped for web.comm.app.

ashoat mentioned this in rCOMMb0b1ffc3dd72: [services] Fix missing port number in D13881.Nov 5 2024, 10:29 AM
ashoat added a comment.EditedNov 5 2024, 10:30 AM

D13882

EDIT

Didn't work...

ashoat added a commit: rCOMMee0702380b37: Revert "[services] Fix missing port number in D13881".Nov 5 2024, 10:37 AM
ashoat added a reverting change: rCOMM3bd9f3da7f3b: Revert "[services] Allow browsers to access prod identity from comm.software".
ashoat mentioned this in D13885: [services] Bump production identity to 0.45.Nov 5 2024, 1:02 PM

Revision Contents
Changeset List

PathSize
services/
terraform/
remote/
6 lines

Diff 45623

View Options

services/terraform/remote/service_identity.tf

Loading...