Skip to content
This repository has been archived by the owner on Jun 13, 2024. It is now read-only.

Bug: CORS failures when loading a config.yml that includes private orbs #284

Open
2 of 4 tasks
adamdmharvey opened this issue Sep 14, 2022 · 2 comments
Open
2 of 4 tasks

Bug: CORS failures when loading a config.yml that includes private orbs #284

adamdmharvey opened this issue Sep 14, 2022 · 2 comments
Labels
bug Something isn't working

Comments

@adamdmharvey
Copy link
Contributor

adamdmharvey commented Sep 14, 2022
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Current behavior

When trying to load an existing config.yml for one of our pipelines, the end user experience is that nothing happens. It seems as though the VCE simply doesn't work or "do anything".

If I pull up the Web Console, I can see multiple CORS failures for calling a Heroku app that is trying to load data about my company's private orbs.

image

I've tried in both Safari and Firebox, and both return CORS HTTP 503 (just to make sure).

Minimum reproduction code

Not publicly available, but I may be able to provide a sanitized version

Steps to reproduce

  1. Identify a config.yml that includes private orbs from a specific CircleCI organization
  2. Open VCE: https://circleci-public.github.io/visual-config-editor/
  3. Click the blue upload config file icon
  4. Upload your config.yml
  5. ...wait...
  6. Pull up the JavaScript console to see the CORS HTTP 503 errors.

Expected behavior

Ideally, it would be great if the VCE supported private orbs but I know that is likely a complicated scenario.

In the immediate term, I would recommend orbs which are not public to be checked first, and if an orb is identified as private ("not available to be loaded into VCE at this time"), I believe maybe the step could be loaded but perhaps be identified as greyed out and maybe without details when clicking it, but at least it should show the sequence of the commands it infers even if it doesn't actually know what they do? (if that's possible)

CircleCI Config SDK version

n/a

Node.js version

n/a

In which operating systems have you tested?

  • macOS
  • Windows
  • Linux

Other

Safari 15.6.1
Firebox 104.0.2
@adamdmharvey adamdmharvey added the bug Something isn't working label Sep 14, 2022
@Jaryt
Copy link
Contributor

Jaryt commented Sep 22, 2022

We can certainly make an exception for when the orb is private. It may also be possible to add the ability to manually upload private orb manifests, which are pretty easy to obtain. Not optimal, but a decent enough work around until we have auth integration.

@Jaryt Jaryt self-assigned this Sep 22, 2022
@adamdmharvey
Copy link
Contributor Author

A quick add on to this. For any config file that fails with this private orb error, if you comment out the orb import definitions, the file continues on and then properly through the normal UI warns the user commands can't be parsed. (as I'd expect since they weren't loaded!)

So definitely would be nice if the private orb HTTP 503 returned from the Heroku orb endpoint was trapped somehow and elevated to the UI for the user as a stop gap. (ideally with a polite warning: this app doesn't support private orbs yet, or some such)

image

@Jaryt Jaryt removed their assignment Oct 10, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Jaryt @adamdmharvey