AB#1351 - Explicitly validate pipeline access token

JupiterOne-Archives / graph-artifactory

A graph conversion tool for https://www.jfrog.com/confluence/display/JFROG/JFrog+Artifactory

Mozilla Public License 2.0

1 stars 5 forks source link

AB#1351 - Explicitly validate pipeline access token #12

Closed ndowmon closed 3 years ago

austinkelleher commented 3 years ago

Can none of the steps in this integration run without the second access token being valid? I'm not familiar with Artifactory, so just wanted to clarify.

ndowmon commented 3 years ago

@austinkelleher no, only the pipeline step cannot be run without the second access token. However, as of now clientPipelineAccessToken is a required field in the integration definition. IMO it's best to keep it required and validate it. If customers in the future have reasons to not want to add pipeline access tokens, we can make it optional and only validate when it's there.

ndowmon commented 3 years ago

@aiwilliams good suggestion. I've added the limit query param to reduce the load on validation functions.

As an aside, it doesn't look like these APIs use pagination at all. I opened #13 to track adding pagination in the future, in case this becomes an issue.