Conversation
- Introduced new API for managing ingestors, including registration, updates, and deletions. - Added support for individual API keys for ingestors, allowing for more granular access control. - Implemented version tracking for ingestors in the request headers. - Created admin routes for listing, creating, updating, and deleting ingestors. - Enhanced authorization checks for admin and ingestor API keys. - Added masking functionality for API keys in responses for security. - Updated configuration to enable or disable ingestor management features. - Added comprehensive tests for ingestor management functionality.
Codecov Report❌ Patch coverage is
📢 Thoughts on this report? Let us know! |
- Add HTTP route tests for all admin endpoints - Add ingestor token authentication tests - Add Config tests for ingestor_management_enabled? and admin_token - Add edge case tests for nil/empty parameters - Add Python tests for X-Ingestor-Version header
- Replace info_log calls with warn_log (info_log doesn't exist) - Fix list_ingestors ordering test by using different timestamps
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
apo-mak
force-pushed
the
feature/ingestor-management-481
branch
from
8521094 to
8bf1b04
Compare
|
I would prefer that we discuss significant changes like this before creating a PR. |
Of course — I agree, and I’m happy to discuss this first. I noticed this issue was already open: #481 I don’t have a strong opinion on the exact approach. My main goal is to enable onboarding as many ingestors as possible, with the aim of building a country-wide map view. P.S. I’m aware this is a significant change, which is why I opened the PR as a draft 🙂 |
|
3 participants
This pull request introduces a new ingestor management system, allowing external contributors to register and manage their own API keys for data ingestion, rather than using a shared API token. It adds a dedicated database schema, admin API endpoints, and supporting backend logic for tracking, authenticating, and managing ingestors. Documentation and code changes ensure the feature is configurable and secure.
Based on : #481
Ingestor Management Feature
INGESTOR_MANAGEMENTandADMIN_TOKENenvironment variables, with documentation explaining how to enable ingestor management and use the new admin API endpoints. [1] [2]data/ingestors.sql) to store ingestor registrations, API keys, metadata, and activity tracking.App::Ingestorsmodule (web/lib/potato_mesh/application/ingestors.rb) providing methods for ingestor CRUD operations, API key management, and request tracking.Mesh Ingestor Client Improvements