Page MenuHomePhabricator
Create Task
Maniphest T157847

Preparation for api for community-labs-monitoring
Open, MediumPublic
Actions

Description

This is a discussion ticket to coordinate integration between Striker and community-labs-monitoring with regard to monitoring Tools on Tool Labs. This is a followup to T53434: Establish an internal system or a recommended external system for monitoring user-created Toolforge web services

Striker would need to interface with my tool via an API. I was thinking an HTTP POST request to a specific endpoint. It would need to handle creation, update, delete, and reading on my end.

To secure, would a manually generated API key work? Or would something more secure be necessary?

Related Objects
Search...

Event Timeline

Matthewrbowker created this task.Feb 11 2017, 12:37 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptFeb 11 2017, 12:37 AM
Matthewrbowker mentioned this in T53434: Establish an internal system or a recommended external system for monitoring user-created Toolforge web services.Feb 11 2017, 12:38 AM
bd808 added a parent task: T53434: Establish an internal system or a recommended external system for monitoring user-created Toolforge web services.Feb 11 2017, 12:38 AM
Matthewrbowker renamed this task from Preperation for api for CLM to Preperation for api for community-labs-monitoring.Feb 11 2017, 12:38 AM
bd808 subscribed.Feb 11 2017, 12:45 AM

To secure, would a manually generated API key work? Or would something more secure be necessary?

A shared secret and HTTPS are probably enough. If there is no other consumer of the API we may be able to do something that also requires the requests to come from a limited number of IP addresses which would make abuse more difficult if the secret leaked somehow.

Striker would need to interface with my tool via an API.

Do you have the Python/Django knowledge needed to write the code for the Striker side, or would you need to find someone to help with that? I can certainly do some design review and code review, but I can't sign up to do the user interface design and coding.

Matthewrbowker added a comment.Feb 11 2017, 12:48 AM
In T157847#3018722, @bd808 wrote:

To secure, would a manually generated API key work? Or would something more secure be necessary?

A shared secret and HTTPS are probably enough. If there is no other consumer of the API we may be able to do something that also requires the requests to come from a limited number of IP addresses which would make abuse more difficult if the secret leaked somehow.

Okay, that sounds good.

Striker would need to interface with my tool via an API.

Do you have the Python/Django knowledge needed to write the code for the Striker side, or would you need to find someone to help with that? I can certainly do some design review and code review, but I can't sign up to do the user interface design and coding.

Let me take a look at the striker code and get back to you. I know some python, but no Django.

scfc triaged this task as Medium priority.Feb 16 2017, 5:51 PM
scfc moved this task from Backlog to Ready to be worked on on the Toolforge board.
scfc renamed this task from Preperation for api for community-labs-monitoring to Preparation for api for community-labs-monitoring.Feb 26 2017, 2:31 AM
Framawiki subscribed.Nov 11 2018, 2:25 PM
Restricted Application edited projects, added User-Matthewrbowker; removed Toolforge, Cloud-Services. · View Herald TranscriptNov 11 2018, 2:25 PM
Matthewrbowker moved this task from Inbox to Defined on the User-Matthewrbowker board.Mar 16 2019, 5:31 PM
GTirloni added a project: cloud-services-team (Kanban).Mar 24 2019, 12:10 PM
bd808 removed a project: cloud-services-team (Kanban).Jul 9 2019, 9:32 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits