Page MenuHomePhabricator

Preparation for api for community-labs-monitoring
Open, MediumPublic

Description

This is a discussion ticket to coordinate integration between Striker and community-labs-monitoring with regard to monitoring Tools on Tool Labs. This is a followup to T53434: Implement a system to monitor tools on tool-labs

Striker would need to interface with my tool via an API. I was thinking an HTTP POST request to a specific endpoint. It would need to handle creation, update, delete, and reading on my end.

To secure, would a manually generated API key work? Or would something more secure be necessary?

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 11 2017, 12:37 AM
Matthewrbowker renamed this task from Preperation for api for CLM to Preperation for api for community-labs-monitoring.Feb 11 2017, 12:38 AM
bd808 added a subscriber: bd808.Feb 11 2017, 12:45 AM

To secure, would a manually generated API key work? Or would something more secure be necessary?

A shared secret and HTTPS are probably enough. If there is no other consumer of the API we may be able to do something that also requires the requests to come from a limited number of IP addresses which would make abuse more difficult if the secret leaked somehow.

Striker would need to interface with my tool via an API.

Do you have the Python/Django knowledge needed to write the code for the Striker side, or would you need to find someone to help with that? I can certainly do some design review and code review, but I can't sign up to do the user interface design and coding.

To secure, would a manually generated API key work? Or would something more secure be necessary?

A shared secret and HTTPS are probably enough. If there is no other consumer of the API we may be able to do something that also requires the requests to come from a limited number of IP addresses which would make abuse more difficult if the secret leaked somehow.

Okay, that sounds good.

Striker would need to interface with my tool via an API.

Do you have the Python/Django knowledge needed to write the code for the Striker side, or would you need to find someone to help with that? I can certainly do some design review and code review, but I can't sign up to do the user interface design and coding.

Let me take a look at the striker code and get back to you. I know some python, but no Django.

scfc triaged this task as Medium priority.Feb 16 2017, 5:51 PM
scfc moved this task from Triage to Backlog on the Toolforge board.
scfc renamed this task from Preperation for api for community-labs-monitoring to Preparation for api for community-labs-monitoring.Feb 26 2017, 2:31 AM
Restricted Application edited projects, added User-Matthewrbowker; removed Toolforge, Cloud-Services. · View Herald TranscriptNov 11 2018, 2:25 PM