Open shawnzhu opened 7 years ago
shawnzhu
commented
7 years ago I've managed to made option 2 via https://github.com/shawnzhu/travis-web/commit/3765ce41eaa537eb8c9fae2a19bdb4e5749dfc33
travis-web by configuring a private key in travis-webtravis-web will talk to the artifacts server via CORSSo far, the problem is user has to acquire a new JWT from travis-web after JWT expires.
shawnzhu
commented
7 years ago This is an important question needs an answer because the design that a Travis CI user interacts with artifacts data determines the architecture:
server-to-server JWT token.These are generated from internal feedback from Travis CI enterprise users.
joshk
commented
7 years ago Hey @shawnzhu
I'm sorry for my delayed feedback. Maybe we can setup a call to go over any remaining questions?
shawnzhu
commented
7 years ago @joshk suggests travis-web sends API calls to Artifacts server directly.
travis-api/repos/{repo-slug} of travis-api with the API token to do authentication and perform access control (whether user can access the repo associated with build job)travis-apiThere are also good inputs on improvements:
joshk
commented
7 years ago Thanks for writing this up @shawnzhu
I believe the URL would need to be /job/:id as that is the only thing kept in the DB
I've made travis-build to provide an addon to enable travis-worker uploading artifacts into artifacts server via a JWT token. There're two options in my mind to expose artifacts meta info to
travis-web:travis-apilike/api/jobs/<job-id>/artifactsso Travis web can pick up artifacts meta info via existing authentication oftravis-api. Then the architecture design is,travis-apiwill serve as gateway of artifacts server for all API traffic.travis-apitoday to this artifacts server so thattravis-webcan redirect user to artifacts server directly. Then the artifacture design is, artifacts-server needs to access Redis and/or Postgres database of Travis CI.@josh @meatballhat @rkh comments?