Deploy to stage #713
Merged
Deploy to stage #713
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [jsonapi-requests](https://github.com/socialwifi/jsonapi-requests) from 0.7.0 to 0.8.0. - [Changelog](https://github.com/socialwifi/jsonapi-requests/blob/master/CHANGELOG.md) - [Commits](socialwifi/jsonapi-requests@0.7.0...0.8.0) --- updated-dependencies: - dependency-name: jsonapi-requests dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
We'll be adding other audits, so it's clearer to have them in separate source files in an audit-specific directory.
The logging level for "root" is DEBUG in base.py, which makes pytest tests run with -s print out lots of unhelpful debug messages. Set the logging level in test.py to be INFO instead of DEBUG.
They are far from complete.
This means that the writers group associated with the RC of the workspace should be granted can_compute access. This indicator can be used in the audit.
These are determined based on the start and end dates.
This makes it easier to test the audits - we don't have to figure out the start and end dates for each upload cycle created in the audit tests. We can just use a parameter to set them appropriately.
Instead of running a sub-method based on temporality of the upload cycle, define sub-methods based on the group type. This will make the logic clearer. Add the sub-method for auditing the RC member group.
The field tracks the date when QC was completed. This will also be used in audits.
Previously I had started with the RC member group, but an upload workspace should never be shared directly with the member group; that will happen via sharing with the auth domain. Also start redoing tests such that the tests are split into different classes by UploadWorkspace stage. This is a little clearer to program and test, because different sharing is expected at different stages. The audits themselves are still set up to run sub-methods by group type, though.
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.5.7 to 0.6.1. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.5.7...0.6.1) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Note that this is before the combined workspace is shared; to add those checks, we'll need to add a flag on the upload cycle.
This field tracks if the data in the combined workspace is completed and ready to be shared with the consortium.
They should still have read access by being in the members group in the auth domain.
This one is easy - it should always be "read" access.
This is also easy - DCC admins should always be an owner.
Any other group not covered in the audit should never have direct access.
Combined PRs
There are no tests for this view yet, since I'm not done writing the audit class itself. However, we can use this to check the audit against prod data.
When run_upload_workspace_audit detects an error, it now prints out a link to the page to audit sharing/auth domain membership for all UploadWorkspaces.
Accidentally had an old data_access_audit in the template, so some records were not getting rendered.
I accidentally put a test in the wrong class; move it to the UploadCycleDetailTest class, and fix the code so that it creates the object instead of relying on the test class to have it.
RC uploaders should not have access until the upload cycle starts, and should lose access after QC is complete. Note that RC uploaders typically will have access via being in the member group. This commit likely breaks auditing for RC members groups, since we had to split the notes into separate notes for members vs. uploaders due to different access at different stages.
The RC members group should not be added to the auth domain until after the upload cycle starts.
RC non-members should only have access to the workspace after an upload cycle starts.
Mostly these affected the timing of the upload cycle and when to grant writer access to RC uploaders.
2 weeks and 4 weeks, respectively, are more in line with approximate timeframes for past upload cycles.
Custom audits
Bumps [factory-boy](https://github.com/FactoryBoy/factory_boy) from 3.3.0 to 3.3.1. - [Changelog](https://github.com/FactoryBoy/factory_boy/blob/master/docs/changelog.rst) - [Commits](FactoryBoy/factory_boy@3.3.0...3.3.1) --- updated-dependencies: - dependency-name: factory-boy dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [django-dbbackup](https://github.com/jazzband/django-dbbackup) from 4.1.0 to 4.2.1. - [Release notes](https://github.com/jazzband/django-dbbackup/releases) - [Changelog](https://github.com/jazzband/django-dbbackup/blob/master/docs/changelog.rst) - [Commits](jazzband/django-dbbackup@4.1.0...4.2.1) --- updated-dependencies: - dependency-name: django-dbbackup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Use sequences in factories for model unique fields
Bumps [mypy](https://github.com/python/mypy) from 1.11.1 to 1.11.2. - [Changelog](https://github.com/python/mypy/blob/master/CHANGELOG.md) - [Commits](python/mypy@v1.11.1...v1.11.2) --- updated-dependencies: - dependency-name: mypy dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.6.1 to 0.6.3. - [Release notes](https://github.com/astral-sh/ruff/releases) - [Changelog](https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md) - [Commits](astral-sh/ruff@0.6.1...0.6.3) --- updated-dependencies: - dependency-name: ruff dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Combined PRs
[pre-commit.ci] pre-commit autoupdate
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.