Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Introduces support for documenting minimal command permissions. #6342

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

waldekmastykarz
Copy link
Member

@waldekmastykarz waldekmastykarz commented Sep 12, 2024

Here's the PR that introduces documenting minimal permissions for CLI commands.

How to run:

  1. Install latest beta of Dev Proxy
  2. Change working dir to permissions
  3. Get the list of commands to execute from our docs examples: npm run start:commands
  4. Get Dev Proxy mocks from our tests: npm run start:mocks
  5. Start Dev Proxy: npm run start:devproxy
  6. Start detecting minimal permissions: npm run start:permissions. This script updates the file generated in step 3 with minimal scopes for each command. Then, for our documentation, we'll need to combine the information from the different examples to present in our docs. In most cases the scopes will be the same for all examples but on an occasion that some examples require different scopes, we catch that too.

The script will stop on the first error it encounters. This is intentional as we're still developing it, so that we can easily find and address errors.

When updating a command to support documenting its minimal permissions:

  1. Export mocks (see example modified commands)
  2. Ensure that IDs/names from docs are aligned with mocks.
  3. Run the above steps
  4. If the permissions script successfully goes over the command you modified, you're ready to submit a PR

Also worth mentioning: this process right now only works with Graph-based commands. For other APIs, we'll need two things:

  1. Support for Dev Proxy to detect minimal permissions for custom APIs without API Center (Add support for checking minimal permissions for any API without APIC microsoft/dev-proxy#861)
  2. API specs describing the necessary scopes for other APIs (that's something that we'll need to build ourselves)

@martinlingstuyl
Copy link
Contributor

Hi @waldekmastykarz, This PR has been open for too long. Sorry for the holdup 😅 Could you maybe fix the merge conflicts? I'll try to review it after that.

@martinlingstuyl martinlingstuyl self-assigned this Jan 2, 2025
@waldekmastykarz
Copy link
Member Author

Will do! No problem

@waldekmastykarz waldekmastykarz marked this pull request as draft January 3, 2025 07:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants