Disable authentication for license files

rjschwei commented 10 months ago

Description

We want to have a where the client, for example SUSEConnect, can display license information to the user prior to registering a specific module or product. With the intend to have this display prior to registration the license file to be displayed cannot be in a path that requires authentication. Update the nginx configuration for Public Cloud setup to skip authentication for the license path.

Fixes # (issue)

Change Type

Please select the correct option.

[x ] Bug Fix (a non-breaking change which fixes an issue)
[ ] New Feature (a non-breaking change which adds new functionality)
[ ] Documentation Update (a change which only updates documentation)

Checklist

Please check off each item if the requirement is met.

[ ] I have verified that my code follows RMT's coding standards with rubocop.
[ x] I have reviewed my own code and believe that it's ready for an external review.
[ ] I have provided comments for any hard-to-understand code.
[ ] I have documented the MANUAL.md file with any changes to the user experience.
[x ] RMT's test coverage remains at 100%.
[ ] If my changes are non-trivial, I have added a changelog entry to notify users at package/obs/rmt-server.changes.

Other Notes

Please use this space to provide notes or thoughts to the team, such as tips on how to review/demo your changes.

digitaltom commented 10 months ago

@jesusbv does this make https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 obsolete?

felixsch commented 10 months ago

Can I merge this to allow it to be released with 2.15? @rjschwei @jesusbv

rjschwei commented 10 months ago

Can I merge this to allow it to be released with 2.15? @rjschwei @jesusbv

@felixsch from my perspective yes. However, based on what @digitaltom found https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 this configuration change shouldn't be necessary. I think we should understand why the escape for authentication for the license path doesn't work already.

jesusbv commented 10 months ago

@jesusbv does this make https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 obsolete?

Yes, the auth error happened before reaching that code

rjschwei commented 10 months ago

OK, I think we have all the answers now. @felixsch can you please merge? We can have a conversation about whether or not we want to remove https://github.com/SUSE/rmt/blob/master/engines/strict_authentication/app/controllers/strict_authentication/authentication_controller.rb#L19 i and that can be handled in a separate PR. Hope this approach is amenable to everyone. Thanks

felixsch commented 10 months ago

sounds good! Will merge this PR when CI is green!

SUSE / rmt