[DDO-3868] Faster break-glass propagation #655

jack-r-warren · 2024-09-06T20:57:25Z

Three-pronged approach:

1. Composite/plural grants are now supported. More plainly, this means that the following now does what you'd expect:

{
  "name": "my-fun-fancy-role",
  "grantsProdFirecloudGroup": "first-group-to-grant@firecloud.org, second-group-to-grant@firecloud.org"
}

This plural grant support is implemented for all existing propagated-grant fields just as comma separation (with whitespace trimming) so it's backwards compatible. This can potentially help propagation in that I think group nesting may take longer than direct group membership.

If we add Firecloud account creation or GitHub org membership in the future, plural grants might not make much sense (suppose the grant might just be indicated by a boolean, not a string). That's okay, we'd just configure the propagator like this:

// Hypothetical! This engine and grant type don't exist yet
&propagatorImpl[bool, ..., ...]{
  configKey: "devFirecloudAccount",
  getGrants: func(role models.Role) []*bool { return []*bool{ role.GrantsDevFirecloudAccount } },
  engine:    &propagation_engines.ImaginaryHypotheticalFirecloudAccountEngine{},
}

2. Can now grant dev/qa/prod Firecloud accounts roles/owner on Google Cloud folders (new propagation engine + new role grant fields). More plainly, the following is now supported:

{
  "name": "my-fun-fancy-role",
  "grantsProdFirecloudFolderOwner": "folders/abc123, folders/def456"
}

The folders can be in any organization -- the reference to Firecloud just describes what accounts will be given the access. Sherlock's SA will need resourcemanager.folders.get/setIamPolicy on the folders.

When Sherlock targets a folder it assumes no other system will give user @firecloud.org accounts roles/owner. Service accounts, groups, users from other domains, or user @firecloud.org accounts with roles other than roles/owner will be unaffected. Identiteam has confirmed that no Terra system ever grants anyone roles/owner so we've got multiple layers between us and a conflict.

3. Propagators now run in parallel for a given role. The sequencing and parallelization of different propagators is easily changed from the role propagation package's init function.

Right now, full parallelization is fine, but this design explicitly allows for sequential steps still so we can have any future Firecloud account creation or GitHub org membership propagator run first.

Testing

Tests written for all of this. For parts 1 and 3 especially the existing tests provide excellent regression coverage.

Part 2 can be enabled in dev before prod, and even in prod we can target it at dev or qa Firecloud before prod.

Risk

Moderate. 1 and 3 are under the hood changes that regression testing fully captures.

2 is risky as Sherlock will begin modifying IAM directly instead of indirectly. The overall design of the system isn't changing -- whereas Sherlock currently modifies IAM by adding people to a group that has an IAM grant, Sherlock will begin modifying IAM by adding people to it directly.

The code isn't zero risk but the vast majority of the logic is already inherited by the propagation system. I'd judge that the larger risk comes from the potential for super-admins setting incorrect configuration. Putting a folder grant on the wrong role would be bad... but it's entirely possible for someone to typo the group in a Google IAM panel too. Somewhere in the stack we have to have the danger button.

github-actions · 2024-09-06T20:58:24Z

What's Changed

`GET` /api/roles/v3

Parameters:

Added: grantsDevFirecloudFolderOwner in query

Added: grantsProdFirecloudFolderOwner in query

Added: grantsQaFirecloudFolderOwner in query

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Added property grantsDevFirecloudFolderOwner (string)
- Added property grantsProdFirecloudFolderOwner (string)
- Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/roles/v3

Request:

Changed content type : application/json

Added property grantsDevFirecloudFolderOwner (string)
Added property grantsProdFirecloudFolderOwner (string)
Added property grantsQaFirecloudFolderOwner (string)

Return Type:

Changed response : 201 Created

Changed content type : application/json
- Added property grantsDevFirecloudFolderOwner (string)
- Added property grantsProdFirecloudFolderOwner (string)
- Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/roles/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Added property grantsDevFirecloudFolderOwner (string)
- Added property grantsProdFirecloudFolderOwner (string)
- Added property grantsQaFirecloudFolderOwner (string)

`DELETE` /api/roles/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Added property grantsDevFirecloudFolderOwner (string)
- Added property grantsProdFirecloudFolderOwner (string)
- Added property grantsQaFirecloudFolderOwner (string)

`PATCH` /api/roles/v3/{selector}

Request:

Changed content type : application/json

Added property grantsDevFirecloudFolderOwner (string)
Added property grantsProdFirecloudFolderOwner (string)
Added property grantsQaFirecloudFolderOwner (string)

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Added property grantsDevFirecloudFolderOwner (string)
- Added property grantsProdFirecloudFolderOwner (string)
- Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/clusters/v3

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/clusters/v3

Return Type:

Changed response : 201 Created

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/clusters/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`DELETE` /api/clusters/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`PATCH` /api/clusters/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/environments/v3

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/environments/v3

Return Type:

Changed response : 201 Created

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/environments/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`DELETE` /api/environments/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`PATCH` /api/environments/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property requiredRoleInfo (object)
  - Added property grantsDevFirecloudFolderOwner (string)
  - Added property grantsProdFirecloudFolderOwner (string)
  - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/changesets/procedures/v3/apply

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/changesets/procedures/v3/chart-release-history/{chart-release}

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/changesets/procedures/v3/plan

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

Changed response : 201 Created

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/changesets/procedures/v3/plan-and-apply

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

Changed response : 201 Created

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/changesets/procedures/v3/version-history/{version-type}/{chart}/{version}

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/changesets/v3

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/changesets/v3/{id}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/chart-releases/v3

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property clusterInfo (object)
  - Changed property requiredRoleInfo (object)
    - Added property grantsDevFirecloudFolderOwner (string)
    - Added property grantsProdFirecloudFolderOwner (string)
    - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/chart-releases/v3

Return Type:

Changed response : 201 Created

Changed content type : application/json
- Changed property clusterInfo (object)
  - Changed property requiredRoleInfo (object)
    - Added property grantsDevFirecloudFolderOwner (string)
    - Added property grantsProdFirecloudFolderOwner (string)
    - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/chart-releases/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property clusterInfo (object)
  - Changed property requiredRoleInfo (object)
    - Added property grantsDevFirecloudFolderOwner (string)
    - Added property grantsProdFirecloudFolderOwner (string)
    - Added property grantsQaFirecloudFolderOwner (string)

`DELETE` /api/chart-releases/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property clusterInfo (object)
  - Changed property requiredRoleInfo (object)
    - Added property grantsDevFirecloudFolderOwner (string)
    - Added property grantsProdFirecloudFolderOwner (string)
    - Added property grantsQaFirecloudFolderOwner (string)

`PATCH` /api/chart-releases/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property clusterInfo (object)
  - Changed property requiredRoleInfo (object)
    - Added property grantsDevFirecloudFolderOwner (string)
    - Added property grantsProdFirecloudFolderOwner (string)
    - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/database-instances/v3

Return Type:

Changed response : 200 OK

Changed content type : application/json

Changed items (object):
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`PUT` /api/database-instances/v3

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

Changed response : 201 Created

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`POST` /api/database-instances/v3

Return Type:

Changed response : 201 Created

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`GET` /api/database-instances/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`DELETE` /api/database-instances/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

`PATCH` /api/database-instances/v3/{selector}

Return Type:

Changed response : 200 OK

Changed content type : application/json
- Changed property chartReleaseInfo (object)
  - Changed property clusterInfo (object)
    - Changed property requiredRoleInfo (object)
      - Added property grantsDevFirecloudFolderOwner (string)
      - Added property grantsProdFirecloudFolderOwner (string)
      - Added property grantsQaFirecloudFolderOwner (string)

github-actions · 2024-09-06T21:03:58Z

Published image from a38f377 (merge b88fb89):

us-central1-docker.pkg.dev/dsp-artifact-registry/sherlock/sherlock:v1.5.49-b88fb89
us-central1-docker.pkg.dev/dsp-devops-super-prod/sherlock/sherlock:v1.5.49-b88fb89

codecov · 2024-09-06T21:07:43Z

Codecov Report

Attention: Patch coverage is 56.32653% with 107 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
...opagation_engines/google_workspace_folder_owner.go	22.77%	78 Missing ⚠️
sherlock/internal/role_propagation/boot.go	0.00%	17 Missing ⚠️
sherlock/internal/role_propagation/propagate.go	0.00%	4 Missing and 2 partials ⚠️
...ernal/role_propagation/parallelizing_propagator.go	92.85%	1 Missing and 1 partial ⚠️
sherlock/internal/role_propagation/propagator.go	0.00%	2 Missing ⚠️
...pagation/role_propagation_mocks/mock_propagator.go	66.66%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #655      +/-   ##
==========================================
- Coverage   69.22%   69.05%   -0.18%     
==========================================
  Files         284      287       +3     
  Lines       12843    13021     +178     
==========================================
+ Hits         8891     8992     +101     
- Misses       3059     3129      +70     
- Partials      893      900       +7

Files with missing lines	Coverage Δ
sherlock/internal/api/sherlock/roles_v3.go	`95.12% <100.00%> (+0.38%)`	⬆️
sherlock/internal/models/role.go	`63.46% <ø> (ø)`
sherlock/internal/models/test_data.go	`98.20% <100.00%> (+<0.01%)`	⬆️
...ation/propagator_calculate_alignment_operations.go	`100.00% <100.00%> (ø)`
...le_propagation/propagator_get_and_filter_grants.go	`100.00% <100.00%> (ø)`
.../internal/role_propagation/propagator_propagate.go	`100.00% <100.00%> (ø)`
...role_propagation/split_string_pointer_on_commas.go	`100.00% <100.00%> (ø)`
...ernal/role_propagation/parallelizing_propagator.go	`92.85% <92.85%> (ø)`
sherlock/internal/role_propagation/propagator.go	`0.00% <0.00%> (-100.00%)`	⬇️
...pagation/role_propagation_mocks/mock_propagator.go	`51.89% <66.66%> (+25.31%)`	⬆️
... and 3 more

This reverts commit 63704be.

…-faster-propagation

sonarcloud · 2024-09-09T15:05:40Z

Quality Gate passed

Issues
18 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
2.6% Duplication on New Code

See analysis details on SonarCloud

jack-r-warren added 6 commits September 5, 2024 14:20

re-order propagators in case it helps delay

194cdfa

use pointer receiver (lint issue)

51e93a5

allow comma-separated grants

f8736e0

add google workspace folder owner engine

b87d098

add parallelizing propagator

0325424

wire up dev/qa/prod folder owner grants

73b4723

jack-r-warren requested a review from a team as a code owner September 6, 2024 20:57

choover-broad approved these changes Sep 9, 2024

View reviewed changes

katiewelch approved these changes Sep 9, 2024

View reviewed changes

jack-r-warren added 5 commits September 9, 2024 10:45

fix lint + binding remove issue

1c1a2a8

bump dependencies to handle #656

63704be

Revert "bump dependencies to handle #656"

77b3ed8

This reverts commit 63704be.

Merge branch 'main' of github.com:broadinstitute/sherlock into DDO-3868…

92db514

…-faster-propagation

bump dependencies to handle #656

a38f377

jack-r-warren merged commit 8d29a01 into main Sep 9, 2024
20 checks passed

jack-r-warren deleted the DDO-3868-faster-propagation branch September 9, 2024 17:39

jack-r-warren mentioned this pull request Sep 9, 2024

[DDO-3868] Expose folder owner fields and composite grants broadinstitute/beehive#519

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[DDO-3868] Faster break-glass propagation #655

[DDO-3868] Faster break-glass propagation #655

jack-r-warren commented Sep 6, 2024 •

edited

Loading

github-actions bot commented Sep 6, 2024

github-actions bot commented Sep 6, 2024 •

edited

Loading

codecov bot commented Sep 6, 2024 •

edited

Loading

sonarcloud bot commented Sep 9, 2024

[DDO-3868] Faster break-glass propagation #655

[DDO-3868] Faster break-glass propagation #655

Conversation

jack-r-warren commented Sep 6, 2024 • edited Loading

Testing

Risk

github-actions bot commented Sep 6, 2024

What's Changed

GET /api/roles/v3

Parameters:

Return Type:

POST /api/roles/v3

Request:

Return Type:

GET /api/roles/v3/{selector}

Return Type:

DELETE /api/roles/v3/{selector}

Return Type:

PATCH /api/roles/v3/{selector}

Request:

Return Type:

GET /api/clusters/v3

Return Type:

POST /api/clusters/v3

Return Type:

GET /api/clusters/v3/{selector}

Return Type:

DELETE /api/clusters/v3/{selector}

Return Type:

PATCH /api/clusters/v3/{selector}

Return Type:

GET /api/environments/v3

Return Type:

POST /api/environments/v3

Return Type:

GET /api/environments/v3/{selector}

Return Type:

DELETE /api/environments/v3/{selector}

Return Type:

PATCH /api/environments/v3/{selector}

Return Type:

POST /api/changesets/procedures/v3/apply

Return Type:

GET /api/changesets/procedures/v3/chart-release-history/{chart-release}

Return Type:

POST /api/changesets/procedures/v3/plan

Return Type:

POST /api/changesets/procedures/v3/plan-and-apply

Return Type:

GET /api/changesets/procedures/v3/version-history/{version-type}/{chart}/{version}

Return Type:

GET /api/changesets/v3

Return Type:

GET /api/changesets/v3/{id}

Return Type:

GET /api/chart-releases/v3

Return Type:

POST /api/chart-releases/v3

Return Type:

GET /api/chart-releases/v3/{selector}

Return Type:

DELETE /api/chart-releases/v3/{selector}

Return Type:

PATCH /api/chart-releases/v3/{selector}

Return Type:

GET /api/database-instances/v3

Return Type:

PUT /api/database-instances/v3

Return Type:

POST /api/database-instances/v3

Return Type:

GET /api/database-instances/v3/{selector}

Return Type:

DELETE /api/database-instances/v3/{selector}

Return Type:

PATCH /api/database-instances/v3/{selector}

Return Type:

github-actions bot commented Sep 6, 2024 • edited Loading

codecov bot commented Sep 6, 2024 • edited Loading

Codecov Report

jack-r-warren commented Sep 6, 2024 •

edited

Loading

`GET` /api/roles/v3

`POST` /api/roles/v3

`GET` /api/roles/v3/{selector}

`DELETE` /api/roles/v3/{selector}

`PATCH` /api/roles/v3/{selector}

`GET` /api/clusters/v3

`POST` /api/clusters/v3

`GET` /api/clusters/v3/{selector}

`DELETE` /api/clusters/v3/{selector}

`PATCH` /api/clusters/v3/{selector}

`GET` /api/environments/v3

`POST` /api/environments/v3

`GET` /api/environments/v3/{selector}

`DELETE` /api/environments/v3/{selector}

`PATCH` /api/environments/v3/{selector}

`POST` /api/changesets/procedures/v3/apply

`GET` /api/changesets/procedures/v3/chart-release-history/{chart-release}

`POST` /api/changesets/procedures/v3/plan

`POST` /api/changesets/procedures/v3/plan-and-apply

`GET` /api/changesets/procedures/v3/version-history/{version-type}/{chart}/{version}

`GET` /api/changesets/v3

`GET` /api/changesets/v3/{id}

`GET` /api/chart-releases/v3

`POST` /api/chart-releases/v3

`GET` /api/chart-releases/v3/{selector}

`DELETE` /api/chart-releases/v3/{selector}

`PATCH` /api/chart-releases/v3/{selector}

`GET` /api/database-instances/v3

`PUT` /api/database-instances/v3

`POST` /api/database-instances/v3

`GET` /api/database-instances/v3/{selector}

`DELETE` /api/database-instances/v3/{selector}

`PATCH` /api/database-instances/v3/{selector}

github-actions bot commented Sep 6, 2024 •

edited

Loading

codecov bot commented Sep 6, 2024 •

edited

Loading