Add Auth Platform tester management#888
Conversation
|
Codex review: needs real behavior proof before merge. Reviewed June 29, 2026, 10:57 PM ET / 02:57 UTC. Summary Reproducibility: yes. for the PR-introduced blockers: source inspection shows the root flag diff removes the existing Review metrics: 2 noteworthy metrics.
Merge readiness Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch. Rank-up moves:
Proof guidance:
Risk before merge
Maintainer options:
Next step before merge
Security Review findings
Review detailsBest possible solution: Land only after maintainers approve the private Auth Platform backend surface, preserve or explicitly migrate the global alias, keep readonly listing usable, and add redacted live CLI proof. Do we have a high-confidence way to reproduce the issue? Yes for the PR-introduced blockers: source inspection shows the root flag diff removes the existing Is this the best way to solve the issue? No: the feature direction may be useful, but this is not the best merge shape until global flag compatibility and readonly safety are fixed or explicitly accepted by maintainers. Full review comments:
Overall correctness: patch is incorrect AGENTS.md: found and applied where relevant. Codex review notes: model internal, reasoning high; reviewed against 213ddb60d7d1. Label changesLabel justifications:
Evidence reviewedWhat I checked:
Likely related people:
What the crustacean ranks mean
Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics. How this review workflow works
|
|
Thank you for the contribution, @IAMSamuelRodda. I rebased and repaired the branch at Code proof is clean: full local CI and autoreview pass, and exact-head hosted CI plus Docker are green. The feature still cannot satisfy gog's live-provider contract. An authenticated read-only call against an owned active project reaches the repaired provider path, then Google returns 403 Closing because an unavailable private Console backend is not a reliable public CLI contract. The repaired head remains available for reference, and we would be glad to revisit this when Google publishes a supported, live-provable tester-management endpoint. Thanks again for exploring the gap and documenting the Console behavior. |
Adds a narrow Auth Platform operator command for OAuth beta/test users.
Summary:
gog auth-platform testers list/add/removewithoauthalias--cloud-projectso the shipped global--projectJSON-projection alias remains compatibleMaintainer repairs
main; contributor commit and authorship preserved.--projectalias; the new command uses--cloud-project.GetTrustedUserListPOST readonly-safe; add/remove remain blocked by--readonly.projectNumberstring decoding and remove success output.example.comfixtures.Exact-head proof
Candidate:
68b3bfa1b38cd80c70a26dd148f729614f67bf84make ci: pass.v0.31.1-11-g68b3bfa1, SHA-2561d12e3e7daada8ef6b36bc46ef524859746e1b97e677e11b22e9ed995981d192.Terminal provider blocker
An authenticated, read-only exact-head list against an owned active Google Cloud project resolves the string project ID correctly, then Google returns 403
SERVICE_DISABLEDforCloud Client Private API(cloudclient-pa.googleapis.com). The original contributor reported the same block independently.Google's official documentation exposes
oauthconfig.testusers.get/oauthconfig.testusers.updateIAM permissions and the Console UI, but no supported public REST or Discovery tester-list API. This implementation hard-codes an undocumented Console GraphQL endpoint, operation signatures, and request metadata that can change without notice.The code is locally coherent, but this is not a reliable public CLI contract and cannot meet gog's live-proof requirement. The PR should be closed until Google publishes a supported tester-management endpoint; the repaired branch remains available for reference.