Brh update

[cgmeyer]

No description provided.

[PlanXCyborg]

brh.data-commons.org/manifest.json

⚠️ Services on branch

• hatchery

Deployment changes

• arborist
  • Replace Travis with a GitHub workflow for CI (Fix lint CI + replace travis with GH workflow arborist#150)
• fence
  • Requires database migration for a new table to Fence, google Access expiration to add new expires column, and to create iss_sub_pair_to_user table Update manifest.json #968 updated BRAIN production data model to 1.0.0 #963 feat(stage-tiered-access): Updated portal versions to fix tiered acce… #973 (Feat/passport fence#964)
  • Requires Arborist >= 2022.04 OR >=3.4.0 (PXP-9480): Support merge param for PUT /resource endpoint arborist#143 (Feat/passport fence#964)
  • To enable Passports -> DRS in an environment you must update Fence Configuration to at a minimum specify GA4GH_PASSPORTS_TO_DRS_ENABLED: true (only do this after coordinating with the environment owner as this has several requirements before it can be enabled, including the need to use Indexd's authz field in ALL records rather than acl) (Feat/passport fence#964)
• wts
  • This version of WTS requires a DB migration (in cloud-automation deployments, the DB should be migrated automatically) (PXP-9499 Encrypt refresh tokens workspace-token-service#40)

Breaking changes

• fence
  • URL Signing when no_force_sign query param is provided: Previously Fence would make a decision based off if the data was public and no_force_sign provided. Fence will now NEVER sign if no_force_sign is provided (since the concept of "public" data has been abstracted out of Fence. Data access - public or not - is the sole responsibility of the policy engine). In other words, if no_force_sign is provided at the API level, Fence will respect that regardless of whether the resulting URL will actually work. The default Fence behavior should remain the same. chore(jupyter-nde1.1.0) #988 (Feat/passport fence#964)

[PlanXCyborg]

brh.data-commons.org/manifest.json

Deployment changes

• arborist
  • Replace Travis with a GitHub workflow for CI (Fix lint CI + replace travis with GH workflow arborist#150)
• fence
  • Requires database migration for a new table to Fence, google Access expiration to add new expires column, and to create iss_sub_pair_to_user table Update manifest.json #968 updated BRAIN production data model to 1.0.0 #963 feat(stage-tiered-access): Updated portal versions to fix tiered acce… #973 (Feat/passport fence#964)
  • Requires Arborist >= 2022.04 OR >=3.4.0 (PXP-9480): Support merge param for PUT /resource endpoint arborist#143 (Feat/passport fence#964)
  • To enable Passports -> DRS in an environment you must update Fence Configuration to at a minimum specify GA4GH_PASSPORTS_TO_DRS_ENABLED: true (only do this after coordinating with the environment owner as this has several requirements before it can be enabled, including the need to use Indexd's authz field in ALL records rather than acl) (Feat/passport fence#964)
• wts
  • This version of WTS requires a DB migration (in cloud-automation deployments, the DB should be migrated automatically) (PXP-9499 Encrypt refresh tokens workspace-token-service#40)

Breaking changes

• fence
  • URL Signing when no_force_sign query param is provided: Previously Fence would make a decision based off if the data was public and no_force_sign provided. Fence will now NEVER sign if no_force_sign is provided (since the concept of "public" data has been abstracted out of Fence. Data access - public or not - is the sole responsibility of the policy engine). In other words, if no_force_sign is provided at the API level, Fence will respect that regardless of whether the resulting URL will actually work. The default Fence behavior should remain the same. chore(jupyter-nde1.1.0) #988 (Feat/passport fence#964)

[PlanXCyborg]

brh.data-commons.org/manifest.json

Deployment changes

• arborist
  • Replace Travis with a GitHub workflow for CI (Fix lint CI + replace travis with GH workflow arborist#150)
• fence
  • Requires database migration for a new table to Fence, google Access expiration to add new expires column, and to create iss_sub_pair_to_user table Update manifest.json #968 updated BRAIN production data model to 1.0.0 #963 feat(stage-tiered-access): Updated portal versions to fix tiered acce… #973 (Feat/passport fence#964)
  • Requires Arborist >= 2022.04 OR >=3.4.0 (PXP-9480): Support merge param for PUT /resource endpoint arborist#143 (Feat/passport fence#964)
  • To enable Passports -> DRS in an environment you must update Fence Configuration to at a minimum specify GA4GH_PASSPORTS_TO_DRS_ENABLED: true (only do this after coordinating with the environment owner as this has several requirements before it can be enabled, including the need to use Indexd's authz field in ALL records rather than acl) (Feat/passport fence#964)
• wts
  • This version of WTS requires a DB migration (in cloud-automation deployments, the DB should be migrated automatically) (PXP-9499 Encrypt refresh tokens workspace-token-service#40)

Breaking changes

• fence
  • URL Signing when no_force_sign query param is provided: Previously Fence would make a decision based off if the data was public and no_force_sign provided. Fence will now NEVER sign if no_force_sign is provided (since the concept of "public" data has been abstracted out of Fence. Data access - public or not - is the sole responsibility of the policy engine). In other words, if no_force_sign is provided at the API level, Fence will respect that regardless of whether the resulting URL will actually work. The default Fence behavior should remain the same. chore(jupyter-nde1.1.0) #988 (Feat/passport fence#964)

[PlanXCyborg]

brh.data-commons.org/manifest.json

Deployment changes

• arborist
  • Replace Travis with a GitHub workflow for CI (Fix lint CI + replace travis with GH workflow arborist#150)
• fence
  • Requires database migration for a new table to Fence, google Access expiration to add new expires column, and to create iss_sub_pair_to_user table Update manifest.json #968 updated BRAIN production data model to 1.0.0 #963 feat(stage-tiered-access): Updated portal versions to fix tiered acce… #973 (Feat/passport fence#964)
  • Requires Arborist >= 2022.04 OR >=3.4.0 (PXP-9480): Support merge param for PUT /resource endpoint arborist#143 (Feat/passport fence#964)
  • To enable Passports -> DRS in an environment you must update Fence Configuration to at a minimum specify GA4GH_PASSPORTS_TO_DRS_ENABLED: true (only do this after coordinating with the environment owner as this has several requirements before it can be enabled, including the need to use Indexd's authz field in ALL records rather than acl) (Feat/passport fence#964)
• wts
  • This version of WTS requires a DB migration (in cloud-automation deployments, the DB should be migrated automatically) (PXP-9499 Encrypt refresh tokens workspace-token-service#40)

Breaking changes

• fence
  • URL Signing when no_force_sign query param is provided: Previously Fence would make a decision based off if the data was public and no_force_sign provided. Fence will now NEVER sign if no_force_sign is provided (since the concept of "public" data has been abstracted out of Fence. Data access - public or not - is the sole responsibility of the policy engine). In other words, if no_force_sign is provided at the API level, Fence will respect that regardless of whether the resulting URL will actually work. The default Fence behavior should remain the same. chore(jupyter-nde1.1.0) #988 (Feat/passport fence#964)