-
Notifications
You must be signed in to change notification settings - Fork 72
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump fastapi[all] from 0.82.0 to 0.89.1 #2246
Conversation
8cdf888
to
23fdace
Compare
@dependabot rebase |
Bumps [fastapi[all]](https://github.com/tiangolo/fastapi) from 0.82.0 to 0.89.1. - [Release notes](https://github.com/tiangolo/fastapi/releases) - [Commits](fastapi/fastapi@0.82.0...0.89.1) --- updated-dependencies: - dependency-name: fastapi[all] dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
23fdace
to
2785c90
Compare
This one fails because the test client changed from using |
small bug fix from: fastapi/fastapi#5859 |
|
A newer version of fastapi[all] exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged. |
Passing run #635 ↗︎
Details:
This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. |
@adamsachs would you mind helping me take a look at the ops integration tests? The crux of the issue here is that the I'm debating on whether we can jank our way around the differences, or if we should attempt to also replace |
respx is the recommended Also maybe helpful, a compatibility guide with |
Oh, nice call on the compatibility guide! I don't think |
@adamsachs tagging you as reviewer here since I believe you were in the deepest on the fides client and that's where I had to make substantive changes, feel free to pull in anyone else you think would be helpful here though! |
Codecov ReportPatch coverage:
Additional details and impacted files@@ Coverage Diff @@
## main #2246 +/- ##
==========================================
+ Coverage 86.58% 86.71% +0.12%
==========================================
Files 290 291 +1
Lines 16210 16315 +105
Branches 2059 2067 +8
==========================================
+ Hits 14035 14147 +112
+ Misses 1792 1781 -11
- Partials 383 387 +4
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. ☔ View full report at Codecov. |
sounds good, i'm happy to take a look. i'll probably try to do some manual testing just to be sure, because although we tried to be as comprehensive as we could in automated tests, the fides client (and fides child/parent functionality in general) definitely pushed our limits, and executing some smoke tests will make me feel that much better about it. |
Excellent, sounds good! Can you comment here with any manual testing you do just so we know for the future where to potentially look for issues? |
yup, will do - as a reference, the "steps to confirm" on the original PR (#1861) for fides connector functionality gives the high-level smoke testing approach/setup. hopefully those commands and setup scripts still work - i'm sure it's been a while since we exercised them :) i'll do that here and make any updates as needed. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@ThomasLaPiana overall this looks good to me - only 2 comments at this point:
- i pointed out another place i know where we're using
requests
andrequests.Session
specifically - do we need to update that as well? your context on the motivation for the change will help here, i'm not 100% sure on why these changes are needed (though i am not doubting that they are needed!) - the addition of a timeout in the HTTP client used by
FidesClient
does introduce an unfortunately sneaky problem that came up in manual testing. i can push up a proposed improvement per my comment - i think it will actually make our code considerably better here. i also will look at whether we can try to get automated test coverage on this case, though it may be a bit tricky (and would be happy to hear suggestions!)
let me know what you think and if you'd like to sync up at all offline to discuss further.
and to document my testing steps (pretty much just pulled from "Steps to Confirm" on #1861):
-
nox -s dev -- child
-
docker exec -ti fides-fides-1 /bin/bash
and thenpython scripts/load_fides_child_examples.py
to configure the fides connector config on the "parent" fides -
configure any valid connector on the "child" fides via API (it should be accessible at http://0.0.0.0:8081 from a host machine) -- here i configured a client-specific ACS connector, which is a good use case because the connector experiences some latency in retrieving results (the real world!). more details for this can be provided offline if needed.
-
submit a privacy request against the "parent" fides and confirm that results are output to whatever storage location is configured on the policy
e.g.
--header 'Content-Type: application/json' \
--data-raw '[
{
"identity": {"email": "[email protected]"},
"policy_key": "default_access_policy"
}
]'```
@adamsachs if this looks good to you, can you approve it? Huge thanks again for the help here :) |
triggered the unsafe CI checks and -- looks like we've got a fundamental bug in our external test setup that prevents it from running at all, and it's gone undetected for over a month 😲 ?! (https://github.com/ethyca/fides/actions/runs/4326442166/jobs/7554058349#step:7:469) i think the fix should be quick - obviously unrelated to the direct scope of this PR but figure let's just fix it up here and get it merged. i pushed up a fix in 5c29021 that worked for me locally. |
OK - external saas integration tests were able to run, as were the other external tests. none fully completed successfully, but at least the saas ones did not seem to be impacted by the change in this PR. they completed ~85% of the tests, and most were successful, but the task got cancelled due to what seems like a 15 min timeout. we're used to some intermittent failures on these, so we have to take them with a grain of salt, and it seems very unlikely our changes in this PR have impacted anything negatively there. so i'm good on that front. but i am a bit concerned about some of the the sorry to keep holding this up @ThomasLaPiana, i'd just like your 👀 on the |
Thanks for the thorough checks here! The |
Tests are "fixed" up with one failing AWS test remaining that was known. Time is still too short for the external SaaS tests but I'm going to open up a follow-up PR to fix both of these |
Code Changes from humans
requests
withhttpx
in the fides client to enable proper mockinghttpx
Bumps fastapi[all] from 0.82.0 to 0.89.1.
Release notes
Sourced from fastapi[all]'s releases.
... (truncated)
Commits
5905c3f
🔖 Release version 0.89.100f3c83
📝 Update release notese84cb66
📝 Update release notesfb8e908
📝 Update docs and examples for Response Model with Return Type Annotations, a...6b83525
📝 Update release notesfba7493
🐛 Ignore Response classes on return annotation (#5855)53973f7
📝 Update release notes1562592
🌐 Add Turkish translation fordocs/tr/docs/tutorial/first_steps.md
(#5691)52a8417
📝 Update release notes929289b
📝 Add External Link: FastAPI lambda container: serverless simplified (#5784)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)