The GitHub Actions job "Tests (AMD)" on airflow.git/backport-67435-v3-2-test has succeeded. Run started by GitHub user vatsrahul1001 (triggered by vatsrahul1001).
Head commit for run: bde52613decdff484289c6b8f201a7751d9d15a3 / Jarek Potiuk <[email protected]> Docs: refresh JWT and security model for v3.2 with mermaid diagrams (#67435) * Docs: refresh JWT and security model for v3.2 with mermaid diagrams Catch up the public security documentation to match the security-relevant changes flowing into the 3.2 release branch. Adds six mermaid diagrams (four in jwt_token_authentication.rst, two in security_model.rst) and documents: - Typed TIClaims Pydantic schema validation of Execution API tokens. - Unconditional revoke_token() on /auth/logout so external IdP redirects no longer leave the Airflow JWT valid. - Router-level Depends(get_user) as a defense-in-depth backstop on /api/v2 and /ui. - ExecutionAPISecretsBackend raising PermissionError on 401/403 so a deny no longer falls through to less-restrictive backends. - Tightened deserialization allowlist regex (full-string match). Registers sphinxcontrib-mermaid as a new docs dependency in devel-common and BASIC_SPHINX_EXTENSIONS. * Docs: improve security-diagram readability and add credential matrix - Replace the arrow-spaghetti credential-distribution mermaid with a component-grouped layout (least- to most-privileged left-to-right) plus an explicit RST table for true matrix lookup. - Bump all six security-diagram color palettes from very-pale tints to medium-saturation fills with explicit black text and 2px strokes, so labels stay readable in both light and dark mode renderers. * Fix HTTP verb in JWT auth mermaid diagram (PATCH, not POST) The /run endpoint is PATCH /{task_instance_id}/run, not POST. Spotted in review of #67435. (cherry picked from commit 0a506b18b9dd1e86df52302677c41f0c078f8de2) Report URL: https://github.com/apache/airflow/actions/runs/26396740629 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
