Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow HTTP security options to be set via device settings #317

Open
knolleary opened this issue Sep 27, 2024 · 6 comments
Open

Allow HTTP security options to be set via device settings #317

knolleary opened this issue Sep 27, 2024 · 6 comments
Assignees
@Steve-Mcl
Labels
customer request requested by customer needs-triage Needs looking at to decide what to do story A user-oriented description of a feature
Milestone
2.10

Comments

@knolleary
Copy link
Member

knolleary commented Sep 27, 2024
edited
Loading

Description

As a: flow creator

I want to: secure http end points served by the device agent

So that: they are secured to the same standard as hosted-instances

We can easily provide the basic auth option as that is hardcoded into the settings file. Provided FF Team auth is trickier as it requires oauth bounce to the platform and all the bits that entails. Need to think about how to achieve that securely when the device is running outside the security boundary of the platform

Acceptance Criteria

  • Able to secure dashboard/http end points served by the device

Requested By
@knolleary knolleary added story A user-oriented description of a feature customer request requested by customer needs-triage Needs looking at to decide what to do labels Sep 27, 2024
@robmarcer
Copy link
Contributor

As a first iteration, just being able to do this via the settings file would be valuable.

This has just been requested by - https://app-eu1.hubspot.com/contacts/26586079/record/0-2/12971827644

@knolleary
Copy link
Member Author

We don't expose the settings file for the user to edit.

One quick iteration would be to allow those settings to be set via the device.yml file - the only file we let the user edit.

The bigger iteration is providing a more consistent UX in the platform UI for modifying these settings.

@robmarcer
Copy link
Contributor

robmarcer commented Oct 10, 2024
edited
Loading

Using the device.yml would work in this (https://app-eu1.hubspot.com/contacts/26586079/record/0-2/12971827644) customer's case @knolleary

@joepavitt
Copy link
Contributor

Duplication of: FlowFuse/flowfuse#4204

@joepavitt joepavitt added this to the 2.10 milestone Oct 11, 2024
@Steve-Mcl
Copy link
Contributor

@joepavitt can you clarify the task in this iteration pls?

Nick states:

One quick iteration would be to allow those settings to be set via the device.yml file - the only file we let the user edit.

and

The bigger iteration is providing a more consistent UX in the platform UI for modifying these settings.

@knolleary
Copy link
Member Author

The iterations are as stated:

  • First iteration (this milestone) is allowing the auth settings to be set via the device.yml file. This should be fairly self-contained and unlocks the capability quickly.
  • Second iteration (which we can scope and schedule for a future milestone) will be to have an appropriate settings UI.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Steve-Mcl Steve-Mcl

Labels
customer request requested by customer needs-triage Needs looking at to decide what to do story A user-oriented description of a feature
Projects
☁️ Product Planning
Status: Scheduled
🛠 Development
Status: Up Next
Milestone
2.10
Development

No branches or pull requests
4 participants
@knolleary @Steve-Mcl @robmarcer @joepavitt