3c2e518c52
graphql queries (I77be4f16cf7eb5c8035ce0312f792f4e8d4c3e10) require authentication. Enqueueing changes from GitHub (including Depends-On) requires we run a graphql query. This means that Zuul must be able to authenticate either via an application or api_token to support features like Depends-On. If the app is setup (app_id in config) but we aren't installed with permissions on the project we're looking up, then fall back to using a specified api_token. This will make Depends-On work. Logging is updated to reflect whether or not we are able to fallback to the api_token if the application is not installed. We log the lack of an application installation at info level if we can fallback to the token, and log at error level if we're falling back to anonymous access. For backward compatibility we continue to fallback to anonymous access if neither an application install or api_token are present. The reason for this is features like Job required-projects: work fine anonymously, and there may be Zuul installations that don't need additional functionality. Keep in mind that authenticated requests to GitHub get larger API rate limits. Zuul installations should consider setting an API token even when using an application for this reason. This gives Zuul the best chance that fallback requests will not be rate limited. Documentation is updated, a changelog added and several test configuration files are padded with the required info. Story: #2008940 Change-Id: I2107aeafc55591eea790244701567569fa6e80d4 |
||
|---|---|---|
| .. | ||
| source | ||
| Makefile | ||
| requirements.txt | ||