Skip to content

Adding encryption example using a KMS and JWT-based auth #138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 30 commits into
base: main
Choose a base branch
from
Open

Adding encryption example using a KMS and JWT-based auth #138

wants to merge 30 commits into from

Conversation

phillipskevin
Copy link

No description provided.

@CLAassistant
Copy link

CLAassistant commented Aug 28, 2024
edited
Loading

CLA assistant check
All committers have signed the CLA.

cretz
cretz reviewed Aug 28, 2024
View reviewed changes
@cretz
Copy link
Member

cretz commented Aug 28, 2024
edited
Loading

Thanks! Added some review comments. Also may want to poe format and poe lint-types. Also may need to sign the CLI. Feel free to add a test or two, but not required.

@phillipskevin
Copy link
Author

Thanks @cretz for all of the great feedback. I'll make these updates in the next day or two and will let you know!

@phillipskevin
Copy link
Author

Thanks for all the suggestions, @cretz. I think I've addressed everything. Let me know if you have any more feedback.

cretz
cretz reviewed Oct 1, 2024
View reviewed changes
@cretz
Copy link
Member

cretz commented Oct 1, 2024

Make need to run poe lint to confirm type checking.

@phillipskevin
Copy link
Author

Should be good to go now, @cretz. Thanks again!

@cretz
Copy link
Member

cretz commented Oct 2, 2024
edited
Loading

@phillipskevin - Looks like there's a type error. Specifically, since we allow our Python samples to run in in all non-EOL Python versions, you have to change things like tuple[bytes, bytes] to typing.Tuple[bytes, bytes] for 3.8 to work.

For this error:

Library stubs not installed for "requests" (or incompatible with Python 3.8)

You may need to add a dependency for https://pypi.org/project/types-requests. Have not investigated this.

cretz
cretz reviewed Oct 3, 2024
View reviewed changes
@phillipskevin
Copy link
Author

Looks like CI is still failing after adding the types-requests dependency. I'll try to look into why.

@cretz
Copy link
Member

cretz commented Oct 15, 2024

Looks like it's still complaining on 3.8. I admittedly have not spent time digging into this.

@phillipskevin
Copy link
Author

Python 3.8 went end of life last week, so having some trouble testing it now. Will the versions used in CI be updated? Or will you continue to support 3.8 for some time?

@cretz
Copy link
Member

cretz commented Oct 15, 2024
edited
Loading

I suspect we will EOL it too soon, though no specific timeline. EDIT: Opened temporalio/sdk-python#672 for dropping 3.8 support.

@dlee-bitovi dlee-bitovi requested a review from a team as a code owner May 23, 2025 20:01
@dlee-bitovi
Copy link

Hey @cretz , Happy Friday!

Here's some screenshots of my recent commits to this PR that successfully run the below commands locally - would you be willing to approve the workflows to run (when you get a chance)?

  1. uv sync
  2. poe lint
  3. poe test

Thanks!
image

@cretz
Copy link
Member

cretz commented May 27, 2025
edited
Loading

Approved to run CI now, thanks for sticking with this! Also, if possible, any kind of tests to confirm this remains working would be helpful (we have had some contributed samples become stale and stop working for one reason or another).

Mattchewone
Mattchewone reviewed Jun 3, 2025
View reviewed changes
encryption_jwt/codec_server.py
logger = logging.getLogger(__name__)
app.add_routes(
[
web.post("/encode", make_handler("encode")),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need to expose the encode over http?

Copy link
Member

@cretz cretz Jun 3, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's a good idea to. Our web UI and CLI use the encode side when you are starting workflows, sending queries, etc from those interfaces.

cretz
cretz reviewed Jun 3, 2025
View reviewed changes
Copy link
Member

@cretz cretz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If possible, any tests would help here, though I know it can be a bit difficult since the cloud JWKS is hardcoded. We can discuss merging without tests if they are too hard to write or they need to be done after merge. (we know many of our samples like the encryption sample don't have tests and we keep getting burned by not having them)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cretz cretz cretz left review comments

@Mattchewone Mattchewone Mattchewone approved these changes

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
8 participants
@phillipskevin @CLAassistant @cretz @dlee-bitovi @Mattchewone @mickmcgrath13 @rlmcneary2 @cherifGsoul