-
Notifications
You must be signed in to change notification settings - Fork 28
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Autocreate Zenodo DOIs and create shared access links #5879
base: develop
Are you sure you want to change the base?
Conversation
@@ -87,33 +261,25 @@ public static ZenodoDoiResult registerZenodoDOI(ApiClient zenodoClient, Workflow | |||
returnDeposit = depositApi.createDeposit(deposit); | |||
depositionID = returnDeposit.getId(); | |||
depositMetadata = returnDeposit.getMetadata(); | |||
// Set the attribute that will reserve a DOI before publishing |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removed this because the DOI is automatically reserved the first time a deposit is created eblondel/zen4R#37 (comment)
// Retrieve the DOI so we can use it to create a Dockstore alias | ||
// to the workflow; we will add that alias as a Zenodo related identifier | ||
// TODO clean this after https://github.com/dockstore/swagger-java-zenodo-client/pull/20/files is merged and released |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tackled this TODO comment due to updating the zenodo swagger version
I think this makes sense, basically allowing users to go from automatic to user-created but not vice versa
A good observation, I guess we basically had this problem in some way already.
I think we should allow this, there's a good chance the user may not know about the automatic doi feature until after it issues one, so we need to allow for this direction (automatic to end-user created) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will double-back, but starting the conversation
@@ -30,6 +30,8 @@ public class Service12 extends AbstractYamlService implements Workflowish { | |||
|
|||
private DescriptorLanguageSubclass subclass; | |||
|
|||
private boolean enableAutomaticDoiCreation = true; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nitpick, since this is the default, maybe this should be flipped to disableAutomaticDoiCreation
or enableEndUserDoiCreation
@@ -108,7 +108,7 @@ | |||
<dependency> | |||
<groupId>io.dockstore</groupId> | |||
<artifactId>swagger-java-zenodo-client</artifactId> | |||
<version>2.0.2</version> | |||
<version>2.0.3-zeta.0</version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just setting reminder to fix before merging
@@ -78,6 +78,14 @@ public class VersionMetadata { | |||
@Enumerated(EnumType.STRING) | |||
protected Version.DOIStatus doiStatus; | |||
|
|||
@Column() | |||
@Schema(description = "The token for the Zenodo access link to edit the Dockstore-owned DOI") | |||
protected String doiEditAccessLinkToken; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a relationship between these two columns that can be enforced through a check constraint
Whatever the editing mechanism, if it "leaks" (as the above link sounds like it could), it'd be great if there was a way to neutralize it. |
Regarding the concept of auto-snapshotting before generating the DOI, some thoughts: Will automatically snapshotting all tags mess up anyone's release flow? Once the version is snapshotted, it's frozen. Our assumption is that a github tag is a permanent fixture, but does everyone use it that way? For example, imagine a repo where the If the answer to the last question above is yes, we might need to figure out what to do if a user accidentally/inadvertently freezes a version before they opt-out. |
@@ -667,6 +680,10 @@ private boolean createWorkflowsAndVersionsFromDockstoreYml(List<? extends Workfl | |||
Workflow workflow = createOrGetWorkflow(workflowType, repository, user, workflowName, wf, gitHubSourceCodeRepo); | |||
WorkflowVersion version = addDockstoreYmlVersionToWorkflow(repository, gitReference, dockstoreYml, gitHubSourceCodeRepo, workflow, latestTagAsDefault, yamlAuthors); | |||
|
|||
// Automatically register a DOI if it's enabled and the workflow is published and the version is a valid tag | |||
if (canAutomaticallyCreateDockstoreOwnedDoi(workflow, version)) { | |||
automaticallyRegisterDockstoreOwnedZenodoDOI(workflow, version, user, this); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This new DOI creation code appears to run in the same database transaction that will create the version. So, if the transaction is rolled back or fails, a DOI will be created that references a version that doesn't exist in the Dockstore database. Recommend that the DOI creation code is executed after successful version creation.
Regarding multiple DOIs, we've been discussing at least three sources of DOIs:
If you count "generate our own" custom DOIs, four sources. :) Would be great if we could track all of them. Time for a new "DOI" database entity? |
This reverts commit 78a7a52.
protected String doiURL; | ||
|
||
@ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a many to many relationship because I recall during the DOI harvesting storytime that @denis-yuen said we shouldn't have duplicate DOIs if we assign multiple workflows to a single DOI
Does not seem like it, we can schedule a 1.16.1 ticket for example to delete the old columns |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
some initial questions, this one is a big one so will probably do one (at least) more pass
@@ -46,6 +48,7 @@ | |||
@ExtendWith(SystemStubsExtension.class) | |||
@ExtendWith(MuteForSuccessfulTests.class) | |||
@ExtendWith(TestStatus.class) | |||
@Tag(HoverflyTest.NAME) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is there a reason this is tagged when there are no other changes in the file?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's a test in the file that uses hoverfly, but I realized it's an ORCID test so I'm going to move it to ORCIDIT
dockstore-integration-testing/src/test/java/io/dockstore/webservice/TokenResourceIT.java
Show resolved
Hide resolved
dockstore-integration-testing/src/test/java/io/dockstore/webservice/ZenodoIT.java
Show resolved
Hide resolved
assertTrue(workflow.getConceptDois().isEmpty()); | ||
assertTrue(tagVersion.getDois().isEmpty()); | ||
|
||
// Publish workflow, should automatically create DOIs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How many versions does this go back?
Will likely be answered later
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
On publish, it will look at all versions
dockstore/dockstore-webservice/src/main/java/io/dockstore/webservice/resources/WorkflowResource.java
Line 760 in 7d1b34a
publishedWorkflow.getWorkflowVersions().forEach(version -> automaticallyRegisterDockstoreOwnedZenodoDOI(workflow, version, user, this)); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment elsewhere, can be follow-up ticket
@@ -108,7 +108,7 @@ | |||
<dependency> | |||
<groupId>io.dockstore</groupId> | |||
<artifactId>swagger-java-zenodo-client</artifactId> | |||
<version>2.0.2</version> | |||
<version>2.0.3-zeta.2</version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Probably need a real release for this
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Reminder for this before merging
private DoiCreator creator; | ||
|
||
@Column(nullable = false) | ||
@Schema(description = "The DOI name", requiredMode = RequiredMode.REQUIRED) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can add examples to openapi, I think this is the 10.1080/10509585.2015.1092083
bit?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, I'll add an example. I think the existing DOI column calls it doiUrl
which is a little misleading because it's not a URL. Figured name
was more appropriate based on the description on doi.org
A DOI name is a digital identifier of an object, any object — physical, digital, or abstract. DOIs solve a common problem: keeping track of things. Things can be matter, material, content, or activities.
dockstore-webservice/src/main/java/io/dockstore/webservice/core/Entry.java
Outdated
Show resolved
Hide resolved
protected String doiURL; | ||
|
||
@ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does it also work out to a limit of three here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you please elaborate on https://github.com/dockstore/dockstore/pull/5879/files/6333c924f9561b0443c2134ca3993a16c58adaa1#r1612139110 with a concrete example maybe? Want to make sure I understand what we're trying to prevent...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you please elaborate on https://github.com/dockstore/dockstore/pull/5879/files/6333c924f9561b0443c2134ca3993a16c58adaa1#r1612139110 with a concrete example maybe? Want to make sure I understand what we're trying to prevent...
With @coverbeck's GitHub DOI harvesting work, if a multi-workflow repository has a GitHub DOI then we are going to assign it to all workflows in the repository.
Suppose that the DOI is 10.foo/bar and we have workflow A and workflow B that belong to the same repository. I believe the scenario we are trying to prevent is having duplicate DOI entities in our table, like two instances of DOI 10.foo/bar, one for workflow A and one for workflow B. We want a single DOI entity that is referenced by both workflow A and workflow B
@@ -17,7 +17,7 @@ | |||
|
|||
<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |||
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.5.xsd" | |||
context="1.15.0"> | |||
context="1.16.0"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmmm, wonder if this means we will need to re-migrate qa
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hmm, I'm not sure, but doesn't hurt. Realized while writing the migrations that this value wasn't accurate
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These changes do mean we'll have downtime when we deploy 1.16, right? The old web service couldn't run against the new schema? If yes, please update the 1.16 checklist.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These changes do mean we'll have downtime when we deploy 1.16, right? The old web service couldn't run against the new schema? If yes, please update the 1.16 checklist.
I don't think there should be any downtime because the old DOI columns still exist (they're just deprecated in this PR)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My comment about the number of DOIs that could get issued by Zenodo might require a bit work if we decide to tackle it, so I sort skimmed the rest of the PR. I'll do a more thorough review once we decide how to handle that.
dockstore-webservice/src/main/java/io/dockstore/webservice/core/Entry.java
Outdated
Show resolved
Hide resolved
private static String checkAndGetDockstoreVersionDoiName(Workflow workflow) { | ||
Optional<String> existingDockstoreVersionDoiURL = getAnExistingDOIForWorkflow(workflow, DoiCreator.DOCKSTORE); | ||
if (existingDockstoreVersionDoiURL.isEmpty()) { | ||
LOG.error(NO_DOCKSTORE_DOI); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It could be useful to log the workflow, although maybe we'll already know it from earlier in the logs.
dockstore-webservice/src/main/java/io/dockstore/webservice/helpers/ZenodoHelper.java
Outdated
Show resolved
Hide resolved
@@ -0,0 +1,34 @@ | |||
{ | |||
"conceptrecid": {{ randomIntegerRange 10000 99999 }}, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Neat (and the Request.Path[3]
further as well)! How did I not know about this? Where is the documented? I couldn't find it in a quick google search.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's documented here 🙂 https://docs.hoverfly.io/en/latest/pages/keyconcepts/templating/templating.html
@@ -17,7 +17,7 @@ | |||
|
|||
<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |||
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.5.xsd" | |||
context="1.15.0"> | |||
context="1.16.0"> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
These changes do mean we'll have downtime when we deploy 1.16, right? The old web service couldn't run against the new schema? If yes, please update the 1.16 checklist.
dockstore-webservice/src/main/java/io/dockstore/webservice/core/Entry.java
Outdated
Show resolved
Hide resolved
protected String doiURL; | ||
|
||
@ManyToMany(fetch = FetchType.EAGER, cascade = CascadeType.ALL) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could you please elaborate on https://github.com/dockstore/dockstore/pull/5879/files/6333c924f9561b0443c2134ca3993a16c58adaa1#r1612139110 with a concrete example maybe? Want to make sure I understand what we're trying to prevent...
WorkflowVersion version = addDockstoreYmlVersionToWorkflow(repository, gitReference, dockstoreYml, gitHubSourceCodeRepo, workflow, latestTagAsDefault, yamlAuthors); | ||
|
||
workflowVersionId.set(version.getId()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As part of https://ucsc-cgl.atlassian.net/browse/SEAB-6449, I can modify TransactionHelper
to include a method that allows us to run a method in a transaction that returns a result. Then, we don't need to track the ids with the AtomicLongs if we opt not to.
@@ -304,7 +307,6 @@ public void setDirtyBit(boolean dirtyBit) { | |||
void updateByUser(final Version<?> version) { | |||
this.getVersionMetadata().hidden = version.isHidden(); | |||
this.setDoiStatus(version.getDoiStatus()); | |||
this.setDoiURL(version.getDoiURL()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This code allows user to modify the DOI URL. I don't believe this is used and we probably shouldn't allow the user to edit DOI data so I removed this line
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good as a first past, will be good to iterate/extend
@@ -398,6 +374,10 @@ private Workflow refreshWorkflow(User user, Long workflowId, Optional<String> ve | |||
// Update file formats in each version and then the entry | |||
FileFormatHelper.updateFileFormats(existingWorkflow, newWorkflow.getWorkflowVersions(), fileFormatDAO, true); | |||
|
|||
for (WorkflowVersion workflowVersion: existingWorkflow.getWorkflowVersions()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm a little doubtful about the utility of automatically creating a DOI for all versions of a workflow without limit.
Thinking things like a hard limit of the most recent 30 versions, or 20 tags (since only tags should be eligible), etc.
Partly a performance thing, can be a follow-up ticket. Think manually testing with a fork of the gatk repo for example.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I changed it so it only looks at the 10 most recent tags
@@ -807,6 +757,7 @@ public Workflow publish(@ApiParam(hidden = true) @Parameter(hidden = true, name | |||
checkNotArchived(workflow); | |||
|
|||
Workflow publishedWorkflow = publishWorkflow(workflow, request.getPublish(), userDAO.findById(user.getId())); | |||
publishedWorkflow.getWorkflowVersions().forEach(version -> automaticallyRegisterDockstoreOwnedZenodoDOI(workflow, version, user, this)); | |||
Hibernate.initialize(publishedWorkflow.getWorkflowVersions()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ditto with above comment
assertTrue(workflow.getConceptDois().isEmpty()); | ||
assertTrue(tagVersion.getDois().isEmpty()); | ||
|
||
// Publish workflow, should automatically create DOIs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
See comment elsewhere, can be follow-up ticket
dockstore-webservice/src/main/java/io/dockstore/webservice/core/Doi.java
Show resolved
Hide resolved
registerZenodoDOI(zenodoClient, workflow, workflowVersion, workflowOwner, authenticatedResourceInterface, | ||
DoiCreator.DOCKSTORE); | ||
} catch (CustomWebApplicationException e) { | ||
LOG.error("Could not automatically register DOI for {}", workflowNameAndVersion(workflow, workflowVersion), e); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is going to fail silently for the end user and we probably won't notice it either. I wonder if it's worth capturing this somehow?
- A CloudWatch Alarm based on this message?
- Add it as a warning to validations, if possible?
dockstore-webservice/src/main/java/io/dockstore/webservice/helpers/ZenodoHelper.java
Outdated
Show resolved
Hide resolved
dockstore-webservice/src/main/java/io/dockstore/webservice/core/Entry.java
Outdated
Show resolved
Hide resolved
dockstore-webservice/src/main/java/io/dockstore/webservice/core/Doi.java
Show resolved
Hide resolved
|
||
public enum DoiType { | ||
CONCEPT, | ||
VERSION |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I understand correctly, "concept" and "version" are Zenodo concepts. The DOI standard has no such abstractions, you can point a DOI at whatever you want. No change necessary here.
@MapKeyEnumerated(EnumType.STRING) | ||
@Size(max = MAX_NUMBER_OF_DOI_CREATORS) | ||
@Schema(description = "The Digital Object Identifier (DOI) representing all of the versions of your workflow") | ||
private Map<DoiCreator, Doi> conceptDois = new HashMap<>(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
From a maintainability/extensibility point of view, I'd probably make this a Set
, because the above Map
implementation forecloses supporting a future scheme where an entry/version could have multiple DOIs from the same creator (could happen someday, maybe an "UNKNOWN" creator). But, it's not wired into the database representation, which wouldn't make it super hard to change. I'm registering this thought here more to document it, less to press for a change...
Quality Gate failedFailed conditions |
@@ -839,6 +844,11 @@ public static void checkCanRegisterDoi(Workflow workflow, WorkflowVersion workfl | |||
throw new CustomWebApplicationException(String.format("Could not generate DOI for %s. %s", workflowNameAndVersion, FROZEN_VERSION_REQUIRED), HttpStatus.SC_BAD_REQUEST); | |||
} | |||
|
|||
if (workflowVersion.isHidden()) { | |||
LOG.error("{}: Could not generate DOI for {}. {}", user.getUsername(), workflowNameAndVersion, UNHIDDEN_VERSION_REQUIRED); | |||
throw new CustomWebApplicationException(String.format("Could not generate DOI for %s. %s", workflowNameAndVersion, UNHIDDEN_VERSION_REQUIRED), HttpStatus.SC_BAD_REQUEST); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could add the explanation for the user message though we'll have it in the logs. UI requires a snapshot anyway, so not big deal
Description
Updated PR Description
Zenodo swagger PR: https://github.com/dockstore/swagger-java-zenodo-client/pull/21This PR has been updated with the feedback from the story time discussion.
This PR requires the creation of a Dockstore-owned personal access token on Zenodo as well as a Dockstore community on Zenodo. This personal access token is used to automatically create DOIs.
Automatic DOI Creation Behaviour
Workflow
-based entries on refresh, GitHub App release, and on publish. During automatic DOI creation, we skip creating a snapshot.Doi
entity is added so that we can track multiple DOIs from multiple sources (user, GitHub, Dockstore). This means that users can have both user-generated and Dockstore-generated DOIs, along with GitHub DOIs.Dockstore Zenodo Community
Shared Access Links
Hoverfly Tests
Follow-up
Draft PR Description
Currently in draft mode to get feedback as I figure out some Hoverfly test weirdness in CircleCI.Zenodo swagger PR: dockstore/swagger-java-zenodo-client#21
This PR adds a
enableAutomaticDoiCreation
boolean toEntry
that is set totrue
by default.When set to true, it automatically creates DOIs using Dockstore's own Zenodo personal access token, specified in the web.yml. The auto-creation occurs during refresh and GitHub App release for valid, published tags and involves snapshotting the version prior to creating the DOI. This boolean can be updated using a new endpoint, allowing users to opt-out in the UI. For GitHub app entries, they will need to specify it in their .dockstore.yml.
This boolean can be updated using a new endpoint, allowing users to opt-out in the UI. For GitHub app entries, they will need to specify it in their .dockstore.yml.
This PR also adds an endpoint to create a shared access link with edit permissions so entry owners can modify their DOIs if they want. There is an option to set an expiration date, but I set it to never expire. The idea is that in the UI, the entry owner can click a button that creates this shared access link. After the first time, the UI can display this link somewhere so the user can modify their DOI. UI PR will be in follow-up ticket.
This PR also adds DOIs to the Dockstore community, using the community ID specified in the web.yml. This is for all DOIs, whether Dockstore-created or end-user-created.
Some questions and thoughts
There is a potential exception if an end user has already requested a DOI for an entry version and our Dockstore user tries to create a DOI for a different version because our Dockstore user does not have permissions to modify some one else's DOI. Due to this, there is a check to see if the entry has 0 DOIs or if all DOIs are Dockstore-owned to ensure that no exception occurs. I think there's a bigger conversation here about how we want to handle this situation so this PR takes the simplest route for now, i.e., not allowing the mixing of end-user-created and Dockstore-created DOIs. Below are some thoughts about it, but I think we should have a follow-up ticket to decide what to do.
Review Instructions
Describe if this ticket needs review and if so, how one may go about it in qa and/or staging environments.
For example, a ticket based on Security Hub, Snyk, or Dependabot may not need review since those services
will generate new warnings if the issue has not been resolved properly. On the other hand, an infrastructure
ticket that results in visible changes to the end-user will definitely require review.
Many tickets will likely be between these two extremes, so some judgement may be required.
Issue
https://ucsc-cgl.atlassian.net/browse/SEAB-5929
https://ucsc-cgl.atlassian.net/browse/SEAB-6371
Security and Privacy
If there are any concerns that require extra attention from the security team, highlight them here and check the box when complete.
e.g. Does this change...
Please make sure that you've checked the following before submitting your pull request. Thanks!
mvn clean install
@RolesAllowed
annotation