implementing endpoint for approval submission

[blublinsky]

Description

Type of change

• Refactor
• New feature
• Bug fix
• CVE fix
• Optimization
• Documentation Update
• Configuration Update
• Bump-up dependent library
• Bump-up library or tool used for development (does not change the final image)
• CI configuration change
• Konflux configuration change

Related Tickets & Documents

• Related Issue #
  OLS-2659
• Closes #
  OLS-2659

Checklist before requesting a review

• I have performed a self-review of my code.
• PR has passed all pre-merge test jobs.
• If it is a core feature, I have added thorough tests.

Testing

• Please provide detailed steps to perform tests related to this code change.
• How were the fix/results from this change verified? Please provide relevant screenshots or results.

[onmete]

Only the same user should be able to approve its own pending approvals.
We should also use user_id here and raise if a different user is trying to approve pending approvals from someone else.

[blublinsky]

Not really, approval ID is unique and is reported back to the user as a response. A different user just will not know the ID

[onmete]

So it is "security by obscurity".
We have all the information, it's just about adding user_id as an extra key. Do you have any particular reason why you don't want to do it?

[blublinsky]

This requires changes in approval implementation. Currently, it does not have a user ID. We can do this. but it will make the overall implementation heavier. Right now, the approval event does not have a user ID. I would like to at least commit what exists now and then do another PR to add the user ID into this. I am open to having an additional PR if we need this, but at the moment I want to have what I am doing for the last month completed.

[blublinsky]

I really prefer to complete the initial implementation first

[xrajesh]

LGTM - @blublinsky - Ready to merge once the test pass.

[xrajesh]

/lgtm
/approve

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: xrajesh

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [xrajesh]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

@blublinsky: all tests passed!

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.