The GitHub Actions job "prek" on airflow-steward.git/apache-id-config has failed. Run started by GitHub user potiuk (triggered by potiuk).
Head commit for run: 747ac48845a2c98169aec53f19f753a40f7f6a35 / Jarek Potiuk <[email protected]> feat(vulnogram-api): require @apache.org from-address on ASF hosts; prompt if missing The Apache Vulnogram instance at \`cveprocess.apache.org\` is gated behind ASF OAuth — the session cookie is only valid when captured from an \`<id>@apache.org\` login. Before this change, \`vulnogram-api-setup\` accepted any auto-detected from-address (typically the personal email of the operator), which led to two failure modes: 1. The walkthrough's "log in normally" instruction did not tell the operator *which* identity to authenticate with, so they could log in with the wrong account and only discover the mistake at probe time (a 302 to oauth.apache.org). 2. The credentials file recorded the personal address, so \`vulnogram-api-check\` could not surface a meaningful audit trail of which @apache.org account the cookie belonged to. \`setup_session.resolve_from_address(host, auto_detected, *, prompter)\` now enforces an \`@apache.org\` address whenever the host is \`cveprocess.apache.org\` or any other \`*.apache.org\` Vulnogram deployment. Three outcomes: - Auto-detected value already ends in \`@apache.org\` -> passthrough. - Auto-detected value missing or [email protected] -> prompt interactively; bare names (e.g. \`potiuk\`) get \`@apache.org\` appended; [email protected] responses are rejected up to 3 attempts before aborting cleanly before any cookie is captured. - Non-ASF host -> no enforcement; auto-detected value passes through as before. The walkthrough then names the resolved address explicitly so the operator knows which identity to authenticate with. \`check.py\` surfaces the address on a second line after \`valid\` for audit-trail visibility (first line stays a bare \`valid\` so exact-match parsers in \`security-issue-sync\` Step 5b are unaffected). Six new unit tests cover the resolver branches. Generated-by: Claude Code (Opus 4.7) Report URL: https://github.com/apache/airflow-steward/actions/runs/25710544914 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
