Skip to content

Test a fully closed instance using API keys#1080

Merged
jviotti merged 1 commit into
mainfrom
auth-full-api-key
Jun 23, 2026
Merged

Test a fully closed instance using API keys#1080
jviotti merged 1 commit into
mainfrom
auth-full-api-key

Conversation

@jviotti

@jviotti jviotti commented Jun 23, 2026
edited by cubic-dev-ai Bot
Loading

Copy link
Copy Markdown
Member

Signed-off-by: Juan Cruz Viotti jv@jviotti.com

Review in cubic

github-actions[bot]
github-actions Bot reviewed Jun 23, 2026
View reviewed changes

@github-actions github-actions Bot left a comment
edited
Loading

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Benchmark Index (enterprise)

Details
Benchmark suite Current: 6c6c49d Previous: 4969c72 Ratio
Add one schema (0 existing) 380 ms 380 ms 1
Add one schema (100 existing) 32 ms 31 ms 1.03
Add one schema (1000 existing) 81 ms 83 ms 0.98
Add one schema (10000 existing) 623 ms 633 ms 0.98
Update one schema (1 existing) 24 ms 24 ms 1
Update one schema (101 existing) 31 ms 31 ms 1
Update one schema (1001 existing) 81 ms 83 ms 0.98
Update one schema (10001 existing) 637 ms 635 ms 1.00
Cached rebuild (1 existing) 7 ms 7 ms 1
Cached rebuild (101 existing) 10 ms 10 ms 1
Cached rebuild (1001 existing) 29 ms 30 ms 0.97
Cached rebuild (10001 existing) 242 ms 247 ms 0.98
Index 100 schemas 670 ms 675 ms 0.99
Index 1000 schemas 1386 ms 1368 ms 1.01
Index 10000 schemas 13891 ms 14039 ms 0.99
Index 10000 schemas (custom meta-schema) 16528 ms 16705 ms 0.99
Index 10000 schemas ($ref fan-out) 16624 ms 16656 ms 1.00

This comment was automatically generated by workflow using github-action-benchmark.

github-actions[bot]
github-actions Bot reviewed Jun 23, 2026
View reviewed changes

@github-actions github-actions Bot left a comment
edited
Loading

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Benchmark Index (community)

Details
Benchmark suite Current: 6c6c49d Previous: 4969c72 Ratio
Add one schema (0 existing) 407 ms 387 ms 1.05
Add one schema (100 existing) 40 ms 30 ms 1.33
Add one schema (1000 existing) 84 ms 88 ms 0.95
Add one schema (10000 existing) 675 ms 707 ms 0.95
Update one schema (1 existing) 21 ms 22 ms 0.95
Update one schema (101 existing) 28 ms 30 ms 0.93
Update one schema (1001 existing) 84 ms 91 ms 0.92
Update one schema (10001 existing) 678 ms 739 ms 0.92
Cached rebuild (1 existing) 6 ms 7 ms 0.86
Cached rebuild (101 existing) 8 ms 9 ms 0.89
Cached rebuild (1001 existing) 29 ms 32 ms 0.91
Cached rebuild (10001 existing) 249 ms 277 ms 0.90
Index 100 schemas 641 ms 471 ms 1.36
Index 1000 schemas 1538 ms 1514 ms 1.02
Index 10000 schemas 13697 ms 13337 ms 1.03
Index 10000 schemas (custom meta-schema) 16541 ms 15992 ms 1.03
Index 10000 schemas ($ref fan-out) 16640 ms 16477 ms 1.01

This comment was automatically generated by workflow using github-action-benchmark.

@jviotti
Test a fully closed instance using API keys
6c6c49d 
Signed-off-by: Juan Cruz Viotti <jv@jviotti.com>
@jviotti jviotti force-pushed the auth-full-api-key branch from 569cde3 to 6c6c49d Compare June 23, 2026 15:27
@jviotti jviotti marked this pull request as ready for review June 23, 2026 15:27
@augmentcode

augmentcode Bot commented Jun 23, 2026

Copy link
Copy Markdown
🤖 Augment PR Summary

Summary: This PR adds a new end-to-end scenario to validate a fully closed Sourcemeta One instance that is protected entirely by a single root API key policy.

Changes:

  • Introduces a new Enterprise e2e fixture (enterprise/e2e/auth-full-api-key) with its own one.json, schemas, compose setup, and Hurl probes.
  • Adds comprehensive Hurl coverage for both “deny everything without credentials” and “unlock everything with the root key” across schema content, listings, search, evaluate, MCP, and static assets.
  • Updates the top-level Makefile to run the new e2e suite in both native and docker e2e targets (Enterprise-only).
  • Adjusts the default v1 router root handling so that when the root HTML artifact is denied, the response is a canonical 401 (HTML page for browsers, problem+json for JSON clients) instead of falling through to a 404.

Technical Notes: The root-path change aligns the HTTP surface with the “gate before existence check” rule that the new e2e suite asserts for fully private registries.

🤖 Was this summary useful? React with 👍 or 👎

augmentcode[bot]
augmentcode Bot reviewed Jun 23, 2026
View reviewed changes

@augmentcode augmentcode Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Review completed. No suggestions at this time.

Comment augment review to trigger a new review at any time.

cubic-dev-ai[bot]
cubic-dev-ai Bot reviewed Jun 23, 2026
View reviewed changes

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No issues found across 12 files

Re-trigger cubic

@jviotti jviotti merged commit a6f74b0 into main Jun 23, 2026
5 checks passed
@jviotti jviotti deleted the auth-full-api-key branch June 23, 2026 15:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@augmentcode augmentcode[bot] augmentcode[bot] left review comments

@cubic-dev-ai cubic-dev-ai[bot] cubic-dev-ai[bot] left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jviotti