Conversation
- Create Flask application with comprehensive OAuth endpoints (login, callback, logout, session check). - Add route modules for proxying, health checks, and authentication workflows. - Define service layer helpers for managing authentication and token refresh. - Provide OpenAPI generation script and CI tasks to validate specification consistency. - Integrate Docker setup for local and containerized execution. - Include pytest configuration and fixtures for testing. - Add GitHub Actions workflow for CI tasks (test, OpenAPI spec drift check).
- Provide `.env.example` with default environment variables for BFF service configuration. - Adjust `.gitignore` to exclude `.env` files for ensuring local environment secrecy.
- Introduce `scripts/wefa_version.py` for unified version management across `vue`, `django`, and `bff` projects. - Update contribution and README guides to reference the new versioning workflow. - Enhance GitHub Actions to validate version alignment before publishing. - Standardize release processes and align tooling documentation.
- Include links to OAuth BFF architecture documentation for better conceptual understanding. - Update README to guide users toward detailed external resources.
- Introduce `publish-bff-image` job in GitHub Actions workflow to automate building, tagging, and publishing of BFF Docker images on releases. - Ensure compatibility with tag-based versioning and handle pre-releases appropriately.
- Require Python 3.12.x in `README.md` per `pyproject.toml`. - Remove `redis` dependency from `pyproject.toml` and `uv.lock` as it is no longer used.
…env` - Introduce `SettingsValidationError` to handle missing or blank required environment variables in `bff_app/settings.py`. - Update `bff.py` to fail fast on invalid configuration, improving runtime error detection during startup. - Adjust default OpenAPI generation settings in `generate.py` for better alignment with updated environment requirements.
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 992f38d101
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…o version-orchestrator # Conflicts: # .github/workflows/release.yml
…o backend-for-frontend
- Add error handling for upstream timeouts and invalid responses in `/proxy/api/auth/userinfo` route. - Clear session on 401/403 responses from upstream. - Enforce configurable request timeouts for user info proxy. - Enhance test coverage for user info error cases and session management.
- Add error handling for upstream logout timeouts and invalid responses. - Skip logout call if `id_token` is missing in session. - Introduce configurable timeouts for logout requests. - Enhance test coverage for logout scenarios, including timeouts and missing tokens.
- Introduced encrypted cookies for OAuth tokens, replacing in-session storage. - Updated settings to include `TOKEN_COOKIE_ENCRYPTION_KEY` for encryption. - Enhanced `/auth/session`, `/auth/logout`, and `/proxy/api` routes to operate with token cookies. - Updated tests and fixtures to align with the new cookie-based approach. - Documented changes in `.env.example` and `README.md`.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 090a707e67
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…trator # Conflicts: # .github/workflows/release.yml
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 3ff67b7492
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…ishing - Adjusted `release.yml` to push BFF container images to GitHub Container Registry (GHCR). - Updated authentication to leverage `GITHUB_TOKEN` and repository-specific image paths. - Documented new image publishing process in README, including tag conventions.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: dc9228da8f
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
- Introduce functions to convert and validate SemVer and PEP 440 formats. - Implement transactional updates with rollback in case of failure. - Update version handling logic to support format-specific validation. - Add comprehensive test coverage for versioning scenarios. - Document versioning rules and conversions in README and contributor guides. - Configure CI workflow for scripts and unit test execution.
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b5a6d0f442
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
…n in release workflow - Canonicalize prerelease labels to lowercase in `build_version_targets` to align with SemVer conventions. - Add a test case for lowercase normalization of supported prerelease labels. - Update `release.yml` to normalize release tags for consistent SemVer validation.
As number of tools of this monorepo is increasing and might increase further, this PR introduces a version orchestrator script that helps maintaining a unified version for the releases of the WeFa tools, and add a check during the release to ensure versions are aligned and correspond to the tag that is being published.
Example usage: