allow custom cors headers for stac #599

mishaschwartz · 2025-10-20T19:26:21Z

Overview

Allow each service to specify values for Access-Control-Allow-Origin

Previously, if a location block in the nginx configuration for a given service included the cors helper
configuration (with include /etc/nginx/conf.d/cors.include;) then all origins were allowed by default.

This was done by setting the header Access-Control-Allow-Origin: * which works well but is a bit too permissive
since it allowed all origins.

This change introduces a mechanism to specify specific additional allowed origins by setting the
$access_control_allow_origin nginx variable in the location block before including the cors.include file.

For example:
```
set $access_control_allow_origin http://example.com;
include /etc/nginx/conf.d/cors.include;
```
will set the value of the Access-Control-Allow-Origin response header to http://example.com.

By default, the header value will be * if $access_control_allow_origin is not set (to maintain backwards
compatibility).

To specify multiple allowed origins, use a map directive (see the implementation for components/stac for an
example).
Set allowed CORS origins for stac through an environment variable

This change implements this flexibility for the components/stac component. By setting the STAC_CORS_ORIGINS
variable a user can specify allowed origins for responses from the components/stac component.

For example, setting the following:
```
export STAC_CORS_ORIGINS='https://example.com ~^https?://(www\.)?other\.example\.com$' 
```
then requests from https://example.com and http://other.example.com will get a response with the
Access-Control-Allow-Origin header set to their origin, but http://example.ca will not.

Note that this breaks backwards compatibility slightly since previously all origins were allowed for /stac by
default. To keep the backwards compatible behaviour you can set:
```
export STAC_CORS_ORIGINS='~.*' 
```
to match all origins.

Changes

Non-breaking changes

Adds mechanism to allow services to have more control over CORS headers

Breaking changes

responses from /stac no longer set Access-Control-Allow-Origin: * by default

Related Issue / Discussion

As discussed in DISCUSSION: proxy: add CORS headers to /twitcher/, affect all services behind it #450

Additional Information

CI Operations

birdhouse_daccs_configs_branch: master
birdhouse_skip_ci: false

crim-jenkins-bot · 2025-10-20T20:59:30Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3755/
Result ❌ FAILURE

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-216.rdext.crim.ca

PAVICS-e2e-workflow-tests Pipeline Results

Tests URL : http://daccs-jenkins.crim.ca:80/job/PAVICS-e2e-workflow-tests/job/master/491/

NOTEBOOK TEST RESULTS

    
[2025-10-20T19:39:27.373Z] ============================= test session starts ==============================
[2025-10-20T19:39:27.373Z] platform linux -- Python 3.11.12, pytest-8.3.5, pluggy-1.5.0
[2025-10-20T19:39:27.373Z] rootdir: /home/jenkins/agent/workspace/PAVICS-e2e-workflow-tests_master
[2025-10-20T19:39:27.373Z] plugins: anyio-4.9.0, dash-3.0.3, nbval-0.11.0, tornasync-0.6.0.post2, xdist-3.6.1
[2025-10-20T19:39:27.373Z] collected 537 items
[2025-10-20T19:39:27.373Z] 
[2025-10-20T19:39:35.385Z] notebooks-auth/geoserver.ipynb ..................                        [  3%]
[2025-10-20T19:40:46.409Z] notebooks-auth/test_cowbird_jupyter.ipynb ..........                     [  5%]
[2025-10-20T19:40:49.259Z] notebooks-auth/test_thredds.ipynb ...........                            [  7%]
[2025-10-20T19:42:49.087Z] pavics-sdi-master/docs/source/notebooks/CaSR_basic.ipynb ......          [  8%]
[2025-10-20T20:02:47.059Z] pavics-sdi-master/docs/source/notebooks/FAQ_dask_parallel.ipynb ..s..... [  9%]
[2025-10-20T20:03:54.770Z] .                                                                        [ 10%]
[2025-10-20T20:03:59.818Z] pavics-sdi-master/docs/source/notebooks/WCS_example.ipynb ......         [ 11%]
[2025-10-20T20:04:06.212Z] pavics-sdi-master/docs/source/notebooks/WFS_example.ipynb .....          [ 12%]
[2025-10-20T20:20:07.832Z] pavics-sdi-master/docs/source/notebooks/climex.ipynb ...........         [ 14%]
[2025-10-20T20:20:07.833Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-climate-stations.ipynb . [ 14%]
[2025-10-20T20:20:15.824Z] ...............                                                          [ 17%]
[2025-10-20T20:20:26.486Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-xclim.ipynb .....    [ 18%]
[2025-10-20T20:20:35.607Z] pavics-sdi-master/docs/source/notebooks/esgf-dap.ipynb ....              [ 18%]
[2025-10-20T20:20:51.433Z] pavics-sdi-master/docs/source/notebooks/forecasts.ipynb ......           [ 19%]
[2025-10-20T20:20:57.316Z] pavics-sdi-master/docs/source/notebooks/opendap.ipynb .......            [ 21%]
[2025-10-20T20:21:01.793Z] pavics-sdi-master/docs/source/notebooks/pavics_thredds.ipynb .....       [ 22%]
[2025-10-20T20:24:04.137Z] pavics-sdi-master/docs/source/notebooks/regridding.ipynb ............... [ 24%]
[2025-10-20T20:25:13.117Z] .............                                                            [ 27%]
[2025-10-20T20:25:15.659Z] pavics-sdi-master/docs/source/notebooks/rendering.ipynb ....             [ 28%]
[2025-10-20T20:25:17.560Z] pavics-sdi-master/docs/source/notebooks/subset-user-input.ipynb ........ [ 29%]
[2025-10-20T20:25:48.875Z] .................                                                        [ 32%]
[2025-10-20T20:25:56.205Z] pavics-sdi-master/docs/source/notebooks/subsetting.ipynb .....           [ 33%]
[2025-10-20T20:25:57.589Z] pavics-sdi-master/docs/source/notebook-components/weaver_example.ipynb . [ 33%]
[2025-10-20T20:26:07.834Z] .........                                                                [ 35%]
[2025-10-20T20:26:19.222Z] finch-main/docs/source/notebooks/dap_subset.ipynb ...........            [ 37%]
[2025-10-20T20:26:29.472Z] finch-main/docs/source/notebooks/finch-usage.ipynb ......                [ 38%]
[2025-10-20T20:26:30.848Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-1DataAccess.ipynb . [ 38%]
[2025-10-20T20:26:37.419Z] .....                                                                    [ 39%]
[2025-10-20T20:27:45.179Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-2Subsetting.ipynb . [ 40%]
[2025-10-20T20:28:36.234Z] ............                                                             [ 42%]
[2025-10-20T20:29:32.492Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-3Climate-Indicators.ipynb . [ 42%]
[2025-10-20T20:30:53.960Z] .....s.                                                                  [ 43%]
[2025-10-20T20:30:57.256Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-4Ensembles.ipynb . [ 43%]
[2025-10-20T20:31:03.352Z] ..                                                                       [ 44%]
[2025-10-20T20:31:13.340Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-5Visualization.ipynb . [ 44%]
[2025-10-20T20:32:17.258Z] .........                                                                [ 46%]
[2025-10-20T20:32:27.275Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-6Regridding_Conversion.ipynb . [ 46%]
[2025-10-20T20:34:54.724Z] ....                                                                     [ 47%]
[2025-10-20T20:34:54.725Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-01_Intro.ipynb . [ 47%]
[2025-10-20T20:34:54.725Z] ....                                                                     [ 48%]
[2025-10-20T20:34:58.023Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-02_Calibration.ipynb . [ 48%]
[2025-10-20T20:35:07.108Z] .....                                                                    [ 49%]
[2025-10-20T20:35:11.303Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-03_Watershed_properties.ipynb . [ 49%]
[2025-10-20T20:35:17.105Z] .............                                                            [ 51%]
[2025-10-20T20:35:22.384Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-04_Time_series_analysis.ipynb . [ 51%]
[2025-10-20T20:35:22.644Z] ......                                                                   [ 53%]
[2025-10-20T20:35:35.085Z] raven-main/docs/source/notebooks/Region_selection.ipynb .........        [ 54%]
[2025-10-20T20:35:36.464Z] raven-main/docs/source/notebooks/Subset_climate_data_over_watershed.ipynb . [ 54%]
[2025-10-20T20:35:59.175Z] ......                                                                   [ 56%]
[2025-10-20T20:36:00.817Z] RavenPy-main/docs/notebooks/00_Introduction_to_JupyterLab.ipynb ......   [ 57%]
[2025-10-20T20:36:13.331Z] RavenPy-main/docs/notebooks/01_Getting_watershed_boundaries.ipynb ...... [ 58%]
[2025-10-20T20:36:13.331Z] ..                                                                       [ 58%]
[2025-10-20T20:36:18.603Z] RavenPy-main/docs/notebooks/02_Extract_geographical_watershed_properties.ipynb . [ 58%]
[2025-10-20T20:36:23.519Z] .............                                                            [ 61%]
[2025-10-20T20:38:00.603Z] RavenPy-main/docs/notebooks/03_Extracting_forcing_data.ipynb ........... [ 63%]
[2025-10-20T20:38:00.604Z]                                                                          [ 63%]
[2025-10-20T20:38:05.849Z] RavenPy-main/docs/notebooks/04_Emulating_hydrological_models.ipynb ..... [ 64%]
[2025-10-20T20:38:13.435Z] ...............                                                          [ 67%]
[2025-10-20T20:38:18.726Z] RavenPy-main/docs/notebooks/05_Advanced_RavenPy_configuration.ipynb .... [ 67%]
[2025-10-20T20:38:26.814Z] .........                                                                [ 69%]
[2025-10-20T20:38:39.541Z] RavenPy-main/docs/notebooks/06_Raven_calibration.ipynb ......            [ 70%]
[2025-10-20T20:38:47.310Z] RavenPy-main/docs/notebooks/07_Making_and_using_hotstart_files.ipynb ... [ 71%]
[2025-10-20T20:38:50.158Z] ...                                                                      [ 71%]
[2025-10-20T20:38:56.719Z] RavenPy-main/docs/notebooks/08_Getting_and_bias_correcting_CMIP6_data.ipynb . [ 71%]
[2025-10-20T20:46:34.405Z] ...............                                                          [ 74%]
[2025-10-20T20:46:40.981Z] RavenPy-main/docs/notebooks/09_Hydrological_impacts_of_climate_change.ipynb . [ 74%]
[2025-10-20T20:46:46.805Z] ....                                                                     [ 75%]
[2025-10-20T20:47:26.155Z] RavenPy-main/docs/notebooks/10_Data_assimilation.ipynb ........          [ 77%]
[2025-10-20T20:47:37.375Z] RavenPy-main/docs/notebooks/11_Climatological_ESP_forecasting.ipynb .... [ 77%]
[2025-10-20T20:48:03.640Z] ....                                                                     [ 78%]
[2025-10-20T20:48:10.214Z] RavenPy-main/docs/notebooks/12_Performing_hindcasting_experiments.ipynb . [ 78%]
[2025-10-20T20:48:20.708Z] .......                                                                  [ 80%]
[2025-10-20T20:48:44.841Z] RavenPy-main/docs/notebooks/Assess_probabilistic_flood_risk.ipynb ...... [ 81%]
[2025-10-20T20:48:45.776Z] .                                                                        [ 81%]
[2025-10-20T20:48:53.896Z] RavenPy-main/docs/notebooks/Comparing_hindcasts_and_ESP_forecasts.ipynb . [ 81%]
[2025-10-20T20:49:15.108Z] .......                                                                  [ 82%]
[2025-10-20T20:49:22.541Z] RavenPy-main/docs/notebooks/Distributed_hydrological_modelling.ipynb ... [ 83%]
[2025-10-20T20:49:42.002Z] ....                                                                     [ 84%]
[2025-10-20T20:49:53.694Z] RavenPy-main/docs/notebooks/Hydrological_realtime_forecasting.ipynb .... [ 84%]
[2025-10-20T20:50:00.525Z] ..                                                                       [ 85%]
[2025-10-20T20:50:28.019Z] RavenPy-main/docs/notebooks/Managing_Jupyter_Environments.ipynb ...      [ 85%]
[2025-10-20T20:50:59.375Z] RavenPy-main/docs/notebooks/Perform_Regionalization.ipynb .......        [ 87%]
[2025-10-20T20:51:02.667Z] RavenPy-main/docs/notebooks/Running_HMETS_with_CANOPEX_dataset.ipynb ... [ 87%]
[2025-10-20T20:51:20.422Z] ..........                                                               [ 89%]
[2025-10-20T20:51:43.809Z] RavenPy-main/docs/notebooks/Sensitivity_analysis.ipynb ......            [ 90%]
[2025-10-20T20:51:47.948Z] RavenPy-main/docs/notebooks/time_series_analysis.ipynb ...........       [ 92%]
[2025-10-20T20:51:56.074Z] RavenPy-main/docs/notebooks/paper/Perform_a_climate_change_impact_study_on_a_watershed.ipynb . [ 92%]
[2025-10-20T20:56:31.042Z] .............Fxxxxxx                                                     [ 96%]
[2025-10-20T20:56:31.042Z] notebooks/hummingbird.ipynb ............                                 [ 98%]
[2025-10-20T20:59:01.543Z] notebooks/stress-tests.ipynb ......                                      [100%]
[2025-10-20T20:59:01.544Z] 
[2025-10-20T20:59:01.544Z] =================================== FAILURES ===================================

fmigneault

Thanks for testing it. Looks about right with minor tweaks.

fmigneault · 2025-10-21T14:32:55Z

birdhouse/components/stac/config/proxy/conf.extra-service.d/stac.conf.template

-        include /etc/nginx/conf.d/cors.include;
+        proxy_hide_header 'Access-Control-Allow-Origin';
+        add_header Access-Control-Allow-Origin $stac_origin_allowed;


I think the cors.include should still be there since it adds other definitions (allowed headers, allowed methods, etc.) which are also required (and extra ones might be needed as well since it was actually very limited, while STAC API allows PUT, DELETE, etc.).

I think proxy_hide_header 'Access-Control-Allow-Origin'; will remove it.
Does add_header automatically reapply? I was under the impression explicit proxy_pass_header was needed to undo the hide.

On top of this header, an add_header Vary Origin; would be required to advertise (as required by the standard) that it is Origin-dependant.

I think the cors.include should still be there since it adds other definitions
I think proxy_hide_header 'Access-Control-Allow-Origin'; will remove it.

I agree that we should include the rest of cors.include but proxy_hide_header wasn't working for me. I tried a few combinations of things but maybe I did it wrong. I gave up in the end but I can try again with fresh eyes.

So the issue is that proxy_hide_header will hide a header that is set from the upstream server (ie. the stac container) but it won't unset the header that is explicitly set by nginx.

To get around this, I modified cors.include slightly to allow for different behaviour depending on whether a variable was set.

fmigneault · 2025-10-21T14:35:07Z

birdhouse/components/stac/default.env

 # This must match the "stac_version" value in the current STAC catalog.
 export PYSTAC_STAC_VERSION_OVERRIDE=1.0.0

+export _STAC_ADDITIONAL_CORS_ORIGINS='$(for origin in $STAC_ADDITIONAL_CORS_ORIGINS; do echo "$origin \$http_origin;"; done;)'


I am not 100% sure, but I think the first part ($origin) is some kind of regex to match a given origin. If using https://geojson.io, is it sufficient to match the full request that has other path/query/anchors?

It can either be a regex (if it starts with ~) or just a string to match. Theoretically we could use either one.

birdhouse/components/stac/default.env

fmigneault · 2025-10-21T14:38:17Z

birdhouse/components/stac-browser/default.env

 #   - https://github.com/radiantearth/stac-browser/blob/main/docs/docker.md
 export STAC_BROWSER_PATH_PREFIX='/stac-browser/'

+export STAC_ADDITIONAL_CORS_ORIGINS='https://geojson.io'


I assume space delimited based on the for loop?
Would need to be indicated since ,/; are common variants when dealing with headers.

I think it might also need the ${BIRDHOUSE_FQDN_PUBLIC} since stac-browser self-pings the stac API.

Should this parameter be in stac/default.env, or this one should update the variable additively?

Yeah I'll need to update comments and documentation explaining the format of everything.

I think it might also need the ${BIRDHOUSE_FQDN_PUBLIC} since stac-browser self-pings the stac API.

${BIRDHOUSE_FQDN_PUBLIC} is always allowed because it is the default value for the nginx map. So by default, requests from all domains (including ${BIRDHOUSE_FQDN_PUBLIC}) will allow it.

Should this parameter be in stac/default.env, or this one should update the variable additively?

It doesn't need to be. The default (withouth stac-browser) is that it is empty/unset.

crim-jenkins-bot · 2025-10-21T22:04:19Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3758/
Result ❌ FAILURE

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-91.rdext.crim.ca

PAVICS-e2e-workflow-tests Pipeline Results

Tests URL : http://daccs-jenkins.crim.ca:80/job/PAVICS-e2e-workflow-tests/job/master/493/

NOTEBOOK TEST RESULTS

    
[2025-10-21T19:39:30.047Z] ============================= test session starts ==============================
[2025-10-21T19:39:30.047Z] platform linux -- Python 3.11.12, pytest-8.3.5, pluggy-1.5.0
[2025-10-21T19:39:30.047Z] rootdir: /home/jenkins/agent/workspace/PAVICS-e2e-workflow-tests_master@2
[2025-10-21T19:39:30.047Z] plugins: anyio-4.9.0, dash-3.0.3, nbval-0.11.0, tornasync-0.6.0.post2, xdist-3.6.1
[2025-10-21T19:39:30.047Z] collected 537 items
[2025-10-21T19:39:30.047Z] 
[2025-10-21T19:39:40.826Z] notebooks-auth/geoserver.ipynb ..................                        [  3%]
[2025-10-21T19:41:06.459Z] notebooks-auth/test_cowbird_jupyter.ipynb ........F.                     [  5%]
[2025-10-21T19:41:09.738Z] notebooks-auth/test_thredds.ipynb ...........                            [  7%]
[2025-10-21T19:43:36.289Z] pavics-sdi-master/docs/source/notebooks/CaSR_basic.ipynb ......          [  8%]
[2025-10-21T20:04:22.678Z] pavics-sdi-master/docs/source/notebooks/FAQ_dask_parallel.ipynb ..s..... [  9%]
[2025-10-21T20:05:30.358Z] .                                                                        [ 10%]
[2025-10-21T20:05:35.287Z] pavics-sdi-master/docs/source/notebooks/WCS_example.ipynb ......         [ 11%]
[2025-10-21T20:05:41.856Z] pavics-sdi-master/docs/source/notebooks/WFS_example.ipynb .....          [ 12%]
[2025-10-21T20:16:31.514Z] pavics-sdi-master/docs/source/notebooks/climex.ipynb ...........         [ 14%]
[2025-10-21T20:16:31.514Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-climate-stations.ipynb . [ 14%]
[2025-10-21T20:16:37.026Z] ...............                                                          [ 17%]
[2025-10-21T20:16:48.451Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-xclim.ipynb .....    [ 18%]
[2025-10-21T20:16:58.488Z] pavics-sdi-master/docs/source/notebooks/esgf-dap.ipynb ....              [ 18%]
[2025-10-21T20:17:13.446Z] pavics-sdi-master/docs/source/notebooks/forecasts.ipynb ......           [ 19%]
[2025-10-21T20:17:20.185Z] pavics-sdi-master/docs/source/notebooks/opendap.ipynb .......            [ 21%]
[2025-10-21T20:17:24.497Z] pavics-sdi-master/docs/source/notebooks/pavics_thredds.ipynb .....       [ 22%]
[2025-10-21T20:21:34.386Z] pavics-sdi-master/docs/source/notebooks/regridding.ipynb ............... [ 24%]
[2025-10-21T20:22:51.789Z] .............                                                            [ 27%]
[2025-10-21T20:22:58.167Z] pavics-sdi-master/docs/source/notebooks/rendering.ipynb ....             [ 28%]
[2025-10-21T20:23:01.011Z] pavics-sdi-master/docs/source/notebooks/subset-user-input.ipynb ........ [ 29%]
[2025-10-21T20:23:43.597Z] .................                                                        [ 32%]
[2025-10-21T20:23:55.599Z] pavics-sdi-master/docs/source/notebooks/subsetting.ipynb .....           [ 33%]
[2025-10-21T20:23:58.132Z] pavics-sdi-master/docs/source/notebook-components/weaver_example.ipynb . [ 33%]
[2025-10-21T20:24:26.373Z] ..FF.....                                                                [ 35%]
[2025-10-21T20:24:37.395Z] finch-main/docs/source/notebooks/dap_subset.ipynb ...........            [ 37%]
[2025-10-21T20:24:50.918Z] finch-main/docs/source/notebooks/finch-usage.ipynb ......                [ 38%]
[2025-10-21T20:24:52.827Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-1DataAccess.ipynb . [ 38%]
[2025-10-21T20:25:07.965Z] .....                                                                    [ 39%]
[2025-10-21T20:26:29.417Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-2Subsetting.ipynb . [ 40%]
[2025-10-21T20:29:36.681Z] ............                                                             [ 42%]
[2025-10-21T20:32:13.204Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-3Climate-Indicators.ipynb . [ 42%]
[2025-10-21T20:36:49.814Z] .....s.                                                                  [ 43%]
[2025-10-21T20:36:55.090Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-4Ensembles.ipynb . [ 43%]
[2025-10-21T20:37:01.836Z] ..                                                                       [ 44%]
[2025-10-21T20:37:11.812Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-5Visualization.ipynb . [ 44%]
[2025-10-21T20:38:24.682Z] .........                                                                [ 46%]
[2025-10-21T20:38:34.668Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-6Regridding_Conversion.ipynb . [ 46%]
[2025-10-21T20:44:25.602Z] ....                                                                     [ 47%]
[2025-10-21T20:44:25.602Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-01_Intro.ipynb . [ 47%]
[2025-10-21T20:44:27.112Z] ....                                                                     [ 48%]
[2025-10-21T20:44:31.323Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-02_Calibration.ipynb . [ 48%]
[2025-10-21T20:44:42.330Z] .....                                                                    [ 49%]
[2025-10-21T20:44:47.614Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-03_Watershed_properties.ipynb . [ 49%]
[2025-10-21T20:44:59.947Z] .............                                                            [ 51%]
[2025-10-21T20:45:05.229Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-04_Time_series_analysis.ipynb . [ 51%]
[2025-10-21T20:45:06.318Z] ......                                                                   [ 53%]
[2025-10-21T20:46:16.609Z] raven-main/docs/source/notebooks/Region_selection.ipynb .........        [ 54%]
[2025-10-21T20:46:16.609Z] raven-main/docs/source/notebooks/Subset_climate_data_over_watershed.ipynb . [ 54%]
[2025-10-21T20:46:37.794Z] ......                                                                   [ 56%]
[2025-10-21T20:46:39.427Z] RavenPy-main/docs/notebooks/00_Introduction_to_JupyterLab.ipynb ......   [ 57%]
[2025-10-21T20:47:49.670Z] RavenPy-main/docs/notebooks/01_Getting_watershed_boundaries.ipynb ....FF [ 58%]
[2025-10-21T20:47:49.670Z] FF                                                                       [ 58%]
[2025-10-21T20:47:49.670Z] RavenPy-main/docs/notebooks/02_Extract_geographical_watershed_properties.ipynb . [ 58%]
[2025-10-21T20:48:09.222Z] .............                                                            [ 61%]
[2025-10-21T20:49:58.530Z] RavenPy-main/docs/notebooks/03_Extracting_forcing_data.ipynb ........... [ 63%]
[2025-10-21T20:49:58.530Z]                                                                          [ 63%]
[2025-10-21T20:50:02.005Z] RavenPy-main/docs/notebooks/04_Emulating_hydrological_models.ipynb ..... [ 64%]
[2025-10-21T20:50:09.036Z] ...............                                                          [ 67%]
[2025-10-21T20:50:14.567Z] RavenPy-main/docs/notebooks/05_Advanced_RavenPy_configuration.ipynb .... [ 67%]
[2025-10-21T20:50:23.050Z] .........                                                                [ 69%]
[2025-10-21T20:50:35.968Z] RavenPy-main/docs/notebooks/06_Raven_calibration.ipynb ......            [ 70%]
[2025-10-21T20:50:44.056Z] RavenPy-main/docs/notebooks/07_Making_and_using_hotstart_files.ipynb ... [ 71%]
[2025-10-21T20:50:46.643Z] ...                                                                      [ 71%]
[2025-10-21T20:50:53.221Z] RavenPy-main/docs/notebooks/08_Getting_and_bias_correcting_CMIP6_data.ipynb . [ 71%]
[2025-10-21T21:42:39.031Z] ............FXX                                                          [ 74%]
[2025-10-21T21:42:39.031Z] RavenPy-main/docs/notebooks/09_Hydrological_impacts_of_climate_change.ipynb . [ 74%]
[2025-10-21T21:42:41.569Z] ....                                                                     [ 75%]
[2025-10-21T21:43:21.577Z] RavenPy-main/docs/notebooks/10_Data_assimilation.ipynb ........          [ 77%]
[2025-10-21T21:43:32.582Z] RavenPy-main/docs/notebooks/11_Climatological_ESP_forecasting.ipynb .... [ 77%]
[2025-10-21T21:44:00.685Z] ....                                                                     [ 78%]
[2025-10-21T21:44:08.811Z] RavenPy-main/docs/notebooks/12_Performing_hindcasting_experiments.ipynb . [ 78%]
[2025-10-21T21:44:21.382Z] .......                                                                  [ 80%]
[2025-10-21T21:44:48.602Z] RavenPy-main/docs/notebooks/Assess_probabilistic_flood_risk.ipynb ...... [ 81%]
[2025-10-21T21:44:48.602Z] .                                                                        [ 81%]
[2025-10-21T21:44:56.730Z] RavenPy-main/docs/notebooks/Comparing_hindcasts_and_ESP_forecasts.ipynb . [ 81%]
[2025-10-21T21:45:20.026Z] .......                                                                  [ 82%]
[2025-10-21T21:45:27.459Z] RavenPy-main/docs/notebooks/Distributed_hydrological_modelling.ipynb ... [ 83%]
[2025-10-21T21:45:47.468Z] ....                                                                     [ 84%]
[2025-10-21T21:46:00.656Z] RavenPy-main/docs/notebooks/Hydrological_realtime_forecasting.ipynb .... [ 84%]
[2025-10-21T21:46:07.500Z] ..                                                                       [ 85%]
[2025-10-21T21:50:45.038Z] RavenPy-main/docs/notebooks/Managing_Jupyter_Environments.ipynb ...      [ 85%]
[2025-10-21T21:51:03.122Z] RavenPy-main/docs/notebooks/Perform_Regionalization.ipynb .......        [ 87%]
[2025-10-21T21:51:09.372Z] RavenPy-main/docs/notebooks/Running_HMETS_with_CANOPEX_dataset.ipynb ... [ 87%]
[2025-10-21T21:51:22.403Z] ..........                                                               [ 89%]
[2025-10-21T21:51:44.124Z] RavenPy-main/docs/notebooks/Sensitivity_analysis.ipynb ......            [ 90%]
[2025-10-21T21:51:51.069Z] RavenPy-main/docs/notebooks/time_series_analysis.ipynb ...........       [ 92%]
[2025-10-21T21:51:59.190Z] RavenPy-main/docs/notebooks/paper/Perform_a_climate_change_impact_study_on_a_watershed.ipynb . [ 92%]
[2025-10-21T22:01:18.239Z] .....FF.F....Fxxxxxx                                                     [ 96%]
[2025-10-21T22:01:18.239Z] notebooks/hummingbird.ipynb ............                                 [ 98%]
[2025-10-21T22:03:50.988Z] notebooks/stress-tests.ipynb ...FF.                                      [100%]
[2025-10-21T22:03:50.988Z] 
[2025-10-21T22:03:50.988Z] =================================== FAILURES ===================================

fmigneault

Mostly editing stuff to review. Feature wise looks good.

CHANGES.md

fmigneault · 2025-10-24T16:41:30Z

CHANGES.md

+  Note that this breaks backwards compatibility slightly since previously all origins were allowed for `/stac` by
+  default. To keep the backwards compatible behaviour you can set:
+
+  ```
+  export STAC_CORS_ORIGINS='~.*' 
+  ```


Can't export STAC_CORS_ORIGINS='~.*' be set in components/stac/default.env to make it work like the other components?

I think the https://geojson.io case could simply be documented in comment around the default value to indicate that, if * is not desired to be more strict, that specific Origin might need to be considered for stac-browser. It is not required given that stac-browser is not combined with stac anymore.

The backward incompatibility note might be slightly misleading due to the subtlety of CORS. Before, Access-Control-Allow-Origin was omitted entirely, rather than Access-Control-Allow-Origin: *, so CORS was not applied at all. If * was the default, it would behave the same for clients that don't consider it, but it impacts where CORS are actually considered, which is relevant for some Origins like https://geojson.io.

Sure I can update that to keep the default. I've also updated the STAC and STAC Browser documentation since it was out of date.

The backward incompatibility note might be slightly misleading due to the subtlety of CORS

I don't think so. Previously, the cors.include file was enabled so the Access-Control-Allow-Origin was already set to * (it was not omitted)

Even if it was included and set with *, wasn't it omitted because of ˋproxy_hide_header`?

Maybe that was the intention originally but it wasn't actually hidden. proxy_hide_header only hides header values set by the upstream server, not by nginx (#599 (comment)).

Would you rather that we remain backwards compatible with the intended behaviour (no Access-Control-Allow-Origin) or with the actual behaviour (Access-Control-Allow-Origin=*)?

It is fine with Access-Control-Allow-Origin=*.

CHANGES.md

crim-jenkins-bot · 2025-10-27T15:47:36Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3767/
Result ❌ FAILURE

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-216.rdext.crim.ca

PAVICS-e2e-workflow-tests Pipeline Results

Tests URL : http://daccs-jenkins.crim.ca:80/job/PAVICS-e2e-workflow-tests/job/master/499/

NOTEBOOK TEST RESULTS

    
[2025-10-27T13:18:26.960Z] ============================= test session starts ==============================
[2025-10-27T13:18:26.960Z] platform linux -- Python 3.11.12, pytest-8.3.5, pluggy-1.5.0
[2025-10-27T13:18:26.960Z] rootdir: /home/jenkins/agent/workspace/PAVICS-e2e-workflow-tests_master
[2025-10-27T13:18:26.960Z] plugins: anyio-4.9.0, dash-3.0.3, nbval-0.11.0, tornasync-0.6.0.post2, xdist-3.6.1
[2025-10-27T13:18:26.960Z] collected 537 items
[2025-10-27T13:18:26.960Z] 
[2025-10-27T13:18:35.000Z] notebooks-auth/geoserver.ipynb ..................                        [  3%]
[2025-10-27T13:19:59.747Z] notebooks-auth/test_cowbird_jupyter.ipynb ........F.                     [  5%]
[2025-10-27T13:19:59.747Z] notebooks-auth/test_thredds.ipynb ...........                            [  7%]
[2025-10-27T13:20:55.990Z] pavics-sdi-master/docs/source/notebooks/CaSR_basic.ipynb FFFFFF          [  8%]
[2025-10-27T13:26:26.763Z] pavics-sdi-master/docs/source/notebooks/FAQ_dask_parallel.ipynb .FsFFFFF [  9%]
[2025-10-27T13:27:13.455Z] F                                                                        [ 10%]
[2025-10-27T13:27:25.030Z] pavics-sdi-master/docs/source/notebooks/WCS_example.ipynb ......         [ 11%]
[2025-10-27T13:27:59.678Z] pavics-sdi-master/docs/source/notebooks/WFS_example.ipynb .FFFF          [ 12%]
[2025-10-27T13:29:10.500Z] pavics-sdi-master/docs/source/notebooks/climex.ipynb FFFFFFFFFFF         [ 14%]
[2025-10-27T13:29:12.408Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-climate-stations.ipynb . [ 14%]
[2025-10-27T13:29:20.634Z] ...............                                                          [ 17%]
[2025-10-27T13:29:31.349Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-xclim.ipynb .....    [ 18%]
[2025-10-27T13:29:39.823Z] pavics-sdi-master/docs/source/notebooks/esgf-dap.ipynb ....              [ 18%]
[2025-10-27T13:31:01.276Z] pavics-sdi-master/docs/source/notebooks/forecasts.ipynb FFFFFF           [ 19%]
[2025-10-27T13:31:01.276Z] pavics-sdi-master/docs/source/notebooks/opendap.ipynb .......            [ 21%]
[2025-10-27T13:31:01.276Z] pavics-sdi-master/docs/source/notebooks/pavics_thredds.ipynb .....       [ 22%]
[2025-10-27T13:35:08.942Z] pavics-sdi-master/docs/source/notebooks/regridding.ipynb ...FF.FF.FFF.FF [ 24%]
[2025-10-27T13:35:41.044Z] FFFFFFFFFFFFF                                                            [ 27%]
[2025-10-27T13:35:43.207Z] pavics-sdi-master/docs/source/notebooks/rendering.ipynb ....             [ 28%]
[2025-10-27T13:35:45.110Z] pavics-sdi-master/docs/source/notebooks/subset-user-input.ipynb ........ [ 29%]
[2025-10-27T13:51:44.628Z] ....FFFFFF.FFFFFF                                                        [ 32%]
[2025-10-27T13:51:53.260Z] pavics-sdi-master/docs/source/notebooks/subsetting.ipynb .....           [ 33%]
[2025-10-27T13:51:54.641Z] pavics-sdi-master/docs/source/notebook-components/weaver_example.ipynb . [ 33%]
[2025-10-27T13:52:05.424Z] .........                                                                [ 35%]
[2025-10-27T13:52:17.248Z] finch-main/docs/source/notebooks/dap_subset.ipynb ...........            [ 37%]
[2025-10-27T13:52:27.009Z] finch-main/docs/source/notebooks/finch-usage.ipynb ......                [ 38%]
[2025-10-27T14:08:34.114Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-1DataAccess.ipynb F [ 38%]
[2025-10-27T14:24:11.184Z] FFFF.                                                                    [ 39%]
[2025-10-27T14:25:07.481Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-2Subsetting.ipynb F [ 40%]
[2025-10-27T14:26:03.724Z] FFF.FFFFFFFF                                                             [ 42%]
[2025-10-27T14:41:55.806Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-3Climate-Indicators.ipynb F [ 42%]
[2025-10-27T14:58:34.837Z] FFFF.s.                                                                  [ 43%]
[2025-10-27T14:58:42.961Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-4Ensembles.ipynb . [ 43%]
[2025-10-27T14:58:49.361Z] ..                                                                       [ 44%]
[2025-10-27T14:58:59.346Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-5Visualization.ipynb . [ 44%]
[2025-10-27T15:15:35.397Z] .....F.FF                                                                [ 46%]
[2025-10-27T15:15:45.374Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-6Regridding_Conversion.ipynb . [ 46%]
[2025-10-27T15:17:32.549Z] ..F.                                                                     [ 47%]
[2025-10-27T15:17:32.549Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-01_Intro.ipynb . [ 47%]
[2025-10-27T15:17:32.549Z] ....                                                                     [ 48%]
[2025-10-27T15:17:36.751Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-02_Calibration.ipynb . [ 48%]
[2025-10-27T15:17:46.516Z] .....                                                                    [ 49%]
[2025-10-27T15:17:50.705Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-03_Watershed_properties.ipynb . [ 49%]
[2025-10-27T15:18:55.752Z] ....FFFF.FFFF                                                            [ 51%]
[2025-10-27T15:18:58.289Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-04_Time_series_analysis.ipynb . [ 51%]
[2025-10-27T15:18:59.327Z] ......                                                                   [ 53%]
[2025-10-27T15:19:34.004Z] raven-main/docs/source/notebooks/Region_selection.ipynb .......FF        [ 54%]
[2025-10-27T15:19:36.547Z] raven-main/docs/source/notebooks/Subset_climate_data_over_watershed.ipynb . [ 54%]
[2025-10-27T15:20:12.876Z] ..FFFF                                                                   [ 56%]
[2025-10-27T15:20:13.809Z] RavenPy-main/docs/notebooks/00_Introduction_to_JupyterLab.ipynb ......   [ 57%]
[2025-10-27T15:20:48.534Z] RavenPy-main/docs/notebooks/01_Getting_watershed_boundaries.ipynb .....F [ 58%]
[2025-10-27T15:20:48.534Z] FF                                                                       [ 58%]
[2025-10-27T15:20:55.099Z] RavenPy-main/docs/notebooks/02_Extract_geographical_watershed_properties.ipynb . [ 58%]
[2025-10-27T15:21:59.546Z] ....FFFF.FFFF                                                            [ 61%]
[2025-10-27T15:23:36.680Z] RavenPy-main/docs/notebooks/03_Extracting_forcing_data.ipynb ........... [ 63%]
[2025-10-27T15:23:36.680Z]                                                                          [ 63%]
[2025-10-27T15:23:43.430Z] RavenPy-main/docs/notebooks/04_Emulating_hydrological_models.ipynb ..... [ 64%]
[2025-10-27T15:23:49.882Z] ...............                                                          [ 67%]
[2025-10-27T15:23:55.163Z] RavenPy-main/docs/notebooks/05_Advanced_RavenPy_configuration.ipynb .... [ 67%]
[2025-10-27T15:24:02.395Z] .........                                                                [ 69%]
[2025-10-27T15:24:14.573Z] RavenPy-main/docs/notebooks/06_Raven_calibration.ipynb ......            [ 70%]
[2025-10-27T15:24:22.339Z] RavenPy-main/docs/notebooks/07_Making_and_using_hotstart_files.ipynb ... [ 71%]
[2025-10-27T15:24:25.226Z] ...                                                                      [ 71%]
[2025-10-27T15:24:30.503Z] RavenPy-main/docs/notebooks/08_Getting_and_bias_correcting_CMIP6_data.ipynb . [ 71%]
[2025-10-27T15:32:12.703Z] ...............                                                          [ 74%]
[2025-10-27T15:32:16.004Z] RavenPy-main/docs/notebooks/09_Hydrological_impacts_of_climate_change.ipynb . [ 74%]
[2025-10-27T15:32:22.611Z] ....                                                                     [ 75%]
[2025-10-27T15:33:01.317Z] RavenPy-main/docs/notebooks/10_Data_assimilation.ipynb ........          [ 77%]
[2025-10-27T15:33:11.597Z] RavenPy-main/docs/notebooks/11_Climatological_ESP_forecasting.ipynb .... [ 77%]
[2025-10-27T15:33:36.504Z] ....                                                                     [ 78%]
[2025-10-27T15:33:43.066Z] RavenPy-main/docs/notebooks/12_Performing_hindcasting_experiments.ipynb . [ 78%]
[2025-10-27T15:34:39.313Z] FF.FFFF                                                                  [ 80%]
[2025-10-27T15:35:03.208Z] RavenPy-main/docs/notebooks/Assess_probabilistic_flood_risk.ipynb ...... [ 81%]
[2025-10-27T15:35:04.036Z] .                                                                        [ 81%]
[2025-10-27T15:35:14.016Z] RavenPy-main/docs/notebooks/Comparing_hindcasts_and_ESP_forecasts.ipynb . [ 81%]
[2025-10-27T15:36:22.559Z] ....FFF                                                                  [ 82%]
[2025-10-27T15:36:24.506Z] RavenPy-main/docs/notebooks/Distributed_hydrological_modelling.ipynb ... [ 83%]
[2025-10-27T15:36:41.574Z] ....                                                                     [ 84%]
[2025-10-27T15:37:45.941Z] RavenPy-main/docs/notebooks/Hydrological_realtime_forecasting.ipynb .F.F [ 84%]
[2025-10-27T15:37:45.941Z] FF                                                                       [ 85%]
[2025-10-27T15:38:04.615Z] RavenPy-main/docs/notebooks/Managing_Jupyter_Environments.ipynb ...      [ 85%]
[2025-10-27T15:38:33.147Z] RavenPy-main/docs/notebooks/Perform_Regionalization.ipynb .......        [ 87%]
[2025-10-27T15:38:41.105Z] RavenPy-main/docs/notebooks/Running_HMETS_with_CANOPEX_dataset.ipynb ... [ 87%]
[2025-10-27T15:38:59.724Z] ..........                                                               [ 89%]
[2025-10-27T15:39:23.358Z] RavenPy-main/docs/notebooks/Sensitivity_analysis.ipynb ......            [ 90%]
[2025-10-27T15:39:27.993Z] RavenPy-main/docs/notebooks/time_series_analysis.ipynb ...........       [ 92%]
[2025-10-27T15:39:36.154Z] RavenPy-main/docs/notebooks/paper/Perform_a_climate_change_impact_study_on_a_watershed.ipynb . [ 92%]
[2025-10-27T15:44:41.064Z] ......FFF.....FFFFFF                                                     [ 96%]
[2025-10-27T15:44:41.065Z] notebooks/hummingbird.ipynb ............                                 [ 98%]
[2025-10-27T15:47:04.689Z] notebooks/stress-tests.ipynb ......                                      [100%]
[2025-10-27T15:47:04.689Z] 
[2025-10-27T15:47:04.689Z] =================================== FAILURES ===================================

fmigneault · 2025-10-28T15:39:38Z

birdhouse/components/README.rst

+read-only access to STAC API resources while members of the `stac-admin` group can create and modify 
+resources if the ``optional-components/stac-public-access`` component is enabled.


The wording makes it seem like the optional component is needed for stac-admin to create/modify resources, but they always have access to do it. The component mention should be placed after the "Unauthenticated users will have read-only access" part.

It is needed. The magpie permissions set by components/stac give write permissions to the administrators group. The stac-admin group is created by the optional-components/stac-public-access component.

Oh true! It should be moved to components/stac. The stac-admin group could be relevant even when used for fully-protected API, while restricting the member's permission scope only to editing the STAC API resources.

As the comment mentions, administrators is used just because a user/group must be provided (for the config to be valid and work), but the intent is just to make sure the resource exists. The admins do not need the explicit permission to access, they always can anyway.

birdhouse-deploy/birdhouse/components/stac/config/magpie/config.yml.template

Lines 20 to 28 in 4a897ce

permissions:

# create a default 'stac' resource under 'stac' service

# because of the '/stac/stac' path prefix required to resolve the API links properly,

# all permissions must be nested under this 'stac' resource for requests and permissions to be resolved accordingly

- service: stac

resource: /stac

permission: read

group: administrator # they already have access, just using admins to create the resource by default

action: create

tlvu

I am not very familiar with all this CORS headers stuff although I had to deal with it in the past, but I forgot the details.

So I trust you guys with all this. Just please ensure the behavior is backward-compatible with other components already using proxy/conf.d/cors.include.

As for how this CORS header should behave for stac, I'll follow your lead.

I have a few very minor change requested. The rest looks good.

tlvu · 2025-10-30T17:38:02Z

birdhouse/components/stac/config/proxy/conf.extra-directives.d/stac.conf.template

@@ -0,0 +1,7 @@
+    map $http_origin $stac_origin_allowed {


Remind me what the Nginx map directive do again?

This block means if the http_origin variable exists, create stac_origin_allowed variable with value ${BIRDHOUSE_PROXY_SCHEME}://${BIRDHOUSE_FQDN_PUBLIC}; ${STAC_ADDITIONAL_CORS_ORIGINS} ?

That's mostly right...

This block creates a new variable stac_origin_allowed whose value is based on the value of the http_origin variable.
If the value of http_origin matches any of the patterns defined in ${STAC_ADDITIONAL_CORS_ORIGINS} then the stac_origin_allowed value will be set to http_origin.
Otherwise stac_origin_allowed will be set to ${BIRDHOUSE_PROXY_SCHEME}://${BIRDHOUSE_FQDN_PUBLIC} (the default).

tlvu · 2025-10-30T17:39:18Z

birdhouse/components/stac/config/proxy/conf.extra-service.d/stac.conf.template

        proxy_buffering off;
+        set $access_control_allow_origin $stac_origin_allowed;
        include /etc/nginx/conf.d/cors.include;
+        add_header Vary Origin;


What does the Vary header do again? Why we need to add it here?

It tells the client that the Origin header influences the content of the response (see https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Vary and https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Access-Control-Allow-Origin#cors_and_caching)

Oh interesting so as soon as we do not return Access-Control-Allow-Origin with value * but with a specific list of domain, then this Vary header is needed ! So should this Vary be moved to proxy/conf.d/cors.include? I fear we will forget to add this manually for other components.

The thing though is that Vary should be added only if the Origin (or any other header) actually affects the response (assuming no other header already distinguishes the response like the Content-Type). Adding it systematically (eg: when Access-Control-Allow-Origin: *) could result in duplicate cache entries for each domain accessing the server although nothing changes between them. It is used purposely to generate a "diff" in the cached response according to its domain-specific value, so that each domain is managed separately. I think we don't have a choice to apply it on case-by-case basis.

Adding it systematically (eg: when Access-Control-Allow-Origin: *)

I was suggesting to add Vary only when Access-Control-Allow-Origin is not *. Hopefully the if-statement in Nginx allows this. Otherwise we should put a big reminder somewhere so other users notice it.

@fmigneault @tlvu What about 942cc07 ?

Looks good.

What about 942cc07 ?

Looks good too. So I assume when $vary_origin is "" (empty), we return add_header Vary $vary_origin; ==> add_header Vary ""; the empty value won't cause any side-effect and is a legit value allowed by HTTP?

add_header Vary ""; the empty value won't cause any side-effect and is a legit value allowed by HTTP?

I just re-read Francis response earlier (#599 (comment)) ? "nginx omits header if empty". Could you add this comment to the change so it is clear for other readers too.

For sure! Added in 2aa0cae

tlvu · 2025-10-30T17:42:28Z

birdhouse/components/stac/default.env

  \$STAC_MIGRATION_DOCKER
  \$STAC_MIGRATION_IMAGE
+  \$STAC_ADDITIONAL_CORS_ORIGINS
+  \$STAC_CORS_ORIGIN_ALLOW_ALL


STAC_CORS_ORIGIN_ALLOW_ALL not used anywhere in this PR, ancien relic of some renaming in this PR that you forgot to remove?

tlvu · 2025-10-30T17:46:25Z

birdhouse/components/README.rst


 Calls to the STAC API pass through Twitcher in order to validate authorization. Unauthenticated users will have 
-read-only access by default to STAC API resources while members of the `stac-admin` group can create and modify 
-resources. STAC Browser is not protected by any authorization mechanism.


"STAC Browser is not protected by any authorization mechanism", this part is not true anymore, that's why it is removed?

It's technically true but it's misleading. Access to the stac-browser endpoint is not checked by twitcher but if the user doesn't have permissions to read the stac data (because the stac endpoint is protected by twitcher) then the stac-browser page shows a 403 error anyway.

So from the user's perspective it is protected by an authorization mechanism, it's the same one that protects the stac endpoint.

crim-jenkins-bot · 2025-10-30T20:49:52Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3776/
Result ❌ FAILURE

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-91.rdext.crim.ca

PAVICS-e2e-workflow-tests Pipeline Results

Tests URL : http://daccs-jenkins.crim.ca:80/job/PAVICS-e2e-workflow-tests/job/master/504/

NOTEBOOK TEST RESULTS

    
[2025-10-30T19:41:48.778Z] ============================= test session starts ==============================
[2025-10-30T19:41:48.778Z] platform linux -- Python 3.11.12, pytest-8.3.5, pluggy-1.5.0
[2025-10-30T19:41:48.778Z] rootdir: /home/jenkins/agent/workspace/PAVICS-e2e-workflow-tests_master@2
[2025-10-30T19:41:48.778Z] plugins: anyio-4.9.0, dash-3.0.3, nbval-0.11.0, tornasync-0.6.0.post2, xdist-3.6.1
[2025-10-30T19:41:48.778Z] collected 537 items
[2025-10-30T19:41:48.778Z] 
[2025-10-30T19:41:56.244Z] notebooks-auth/geoserver.ipynb ..................                        [  3%]
[2025-10-30T19:42:38.583Z] notebooks-auth/test_cowbird_jupyter.ipynb ..........                     [  5%]
[2025-10-30T19:42:43.781Z] notebooks-auth/test_thredds.ipynb ...........                            [  7%]
[2025-10-30T19:44:14.677Z] pavics-sdi-master/docs/source/notebooks/CaSR_basic.ipynb ......          [  8%]
[2025-10-30T19:58:46.116Z] pavics-sdi-master/docs/source/notebooks/FAQ_dask_parallel.ipynb ..s..... [  9%]
[2025-10-30T19:59:53.810Z] .                                                                        [ 10%]
[2025-10-30T20:00:01.489Z] pavics-sdi-master/docs/source/notebooks/WCS_example.ipynb ......         [ 11%]
[2025-10-30T20:00:08.800Z] pavics-sdi-master/docs/source/notebooks/WFS_example.ipynb .....          [ 12%]
[2025-10-30T20:12:25.154Z] pavics-sdi-master/docs/source/notebooks/climex.ipynb ...........         [ 14%]
[2025-10-30T20:12:25.154Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-climate-stations.ipynb . [ 14%]
[2025-10-30T20:12:32.332Z] ...............                                                          [ 17%]
[2025-10-30T20:12:44.006Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-xclim.ipynb .....    [ 18%]
[2025-10-30T20:12:53.787Z] pavics-sdi-master/docs/source/notebooks/esgf-dap.ipynb ....              [ 18%]
[2025-10-30T20:13:08.427Z] pavics-sdi-master/docs/source/notebooks/forecasts.ipynb ......           [ 19%]
[2025-10-30T20:13:14.338Z] pavics-sdi-master/docs/source/notebooks/opendap.ipynb .......            [ 21%]
[2025-10-30T20:13:18.373Z] pavics-sdi-master/docs/source/notebooks/pavics_thredds.ipynb .....       [ 22%]
[2025-10-30T20:15:48.474Z] pavics-sdi-master/docs/source/notebooks/regridding.ipynb ............... [ 24%]
[2025-10-30T20:17:03.691Z] .............                                                            [ 27%]
[2025-10-30T20:17:06.761Z] pavics-sdi-master/docs/source/notebooks/rendering.ipynb ....             [ 28%]
[2025-10-30T20:17:08.648Z] pavics-sdi-master/docs/source/notebooks/subset-user-input.ipynb ........ [ 29%]
[2025-10-30T20:17:28.924Z] .................                                                        [ 32%]
[2025-10-30T20:17:37.258Z] pavics-sdi-master/docs/source/notebooks/subsetting.ipynb .....           [ 33%]
[2025-10-30T20:17:38.194Z] pavics-sdi-master/docs/source/notebook-components/weaver_example.ipynb . [ 33%]
[2025-10-30T20:17:48.719Z] .........                                                                [ 35%]
[2025-10-30T20:18:00.332Z] finch-main/docs/source/notebooks/dap_subset.ipynb ...........            [ 37%]
[2025-10-30T20:18:11.019Z] finch-main/docs/source/notebooks/finch-usage.ipynb ......                [ 38%]
[2025-10-30T20:18:11.959Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-1DataAccess.ipynb . [ 38%]
[2025-10-30T20:18:17.149Z] .....                                                                    [ 39%]
[2025-10-30T20:18:55.863Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-2Subsetting.ipynb . [ 40%]
[2025-10-30T20:19:24.839Z] ............                                                             [ 42%]
[2025-10-30T20:19:46.789Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-3Climate-Indicators.ipynb . [ 42%]
[2025-10-30T20:20:57.196Z] .....s.                                                                  [ 43%]
[2025-10-30T20:21:05.330Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-4Ensembles.ipynb . [ 43%]
[2025-10-30T20:21:10.270Z] ..                                                                       [ 44%]
[2025-10-30T20:21:20.265Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-5Visualization.ipynb . [ 44%]
[2025-10-30T20:22:42.800Z] .........                                                                [ 46%]
[2025-10-30T20:22:52.787Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-6Regridding_Conversion.ipynb . [ 46%]
[2025-10-30T20:24:40.000Z] ....                                                                     [ 47%]
[2025-10-30T20:24:40.000Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-01_Intro.ipynb . [ 47%]
[2025-10-30T20:24:41.763Z] ....                                                                     [ 48%]
[2025-10-30T20:24:45.951Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-02_Calibration.ipynb . [ 48%]
[2025-10-30T20:24:56.336Z] .....                                                                    [ 49%]
[2025-10-30T20:25:01.612Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-03_Watershed_properties.ipynb . [ 49%]
[2025-10-30T20:25:06.094Z] .............                                                            [ 51%]
[2025-10-30T20:25:11.361Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-04_Time_series_analysis.ipynb . [ 51%]
[2025-10-30T20:25:12.711Z] ......                                                                   [ 53%]
[2025-10-30T20:25:23.384Z] raven-main/docs/source/notebooks/Region_selection.ipynb .........        [ 54%]
[2025-10-30T20:25:25.284Z] raven-main/docs/source/notebooks/Subset_climate_data_over_watershed.ipynb . [ 54%]
[2025-10-30T20:25:47.153Z] ......                                                                   [ 56%]
[2025-10-30T20:25:49.059Z] RavenPy-main/docs/notebooks/00_Introduction_to_JupyterLab.ipynb ......   [ 57%]
[2025-10-30T20:25:59.617Z] RavenPy-main/docs/notebooks/01_Getting_watershed_boundaries.ipynb ...... [ 58%]
[2025-10-30T20:25:59.617Z] ..                                                                       [ 58%]
[2025-10-30T20:26:06.193Z] RavenPy-main/docs/notebooks/02_Extract_geographical_watershed_properties.ipynb . [ 58%]
[2025-10-30T20:26:10.852Z] .............                                                            [ 61%]
[2025-10-30T20:27:48.094Z] RavenPy-main/docs/notebooks/03_Extracting_forcing_data.ipynb ........... [ 63%]
[2025-10-30T20:27:48.094Z]                                                                          [ 63%]
[2025-10-30T20:27:52.343Z] RavenPy-main/docs/notebooks/04_Emulating_hydrological_models.ipynb ..... [ 64%]
[2025-10-30T20:27:58.663Z] ...............                                                          [ 67%]
[2025-10-30T20:28:04.196Z] RavenPy-main/docs/notebooks/05_Advanced_RavenPy_configuration.ipynb .... [ 67%]
[2025-10-30T20:28:12.146Z] .........                                                                [ 69%]
[2025-10-30T20:28:23.772Z] RavenPy-main/docs/notebooks/06_Raven_calibration.ipynb ......            [ 70%]
[2025-10-30T20:28:30.935Z] RavenPy-main/docs/notebooks/07_Making_and_using_hotstart_files.ipynb ... [ 71%]
[2025-10-30T20:28:33.510Z] ...                                                                      [ 71%]
[2025-10-30T20:28:38.798Z] RavenPy-main/docs/notebooks/08_Getting_and_bias_correcting_CMIP6_data.ipynb . [ 71%]
[2025-10-30T20:36:25.027Z] ...............                                                          [ 74%]
[2025-10-30T20:36:25.972Z] RavenPy-main/docs/notebooks/09_Hydrological_impacts_of_climate_change.ipynb . [ 74%]
[2025-10-30T20:36:32.553Z] ....                                                                     [ 75%]
[2025-10-30T20:37:12.178Z] RavenPy-main/docs/notebooks/10_Data_assimilation.ipynb ........          [ 77%]
[2025-10-30T20:37:22.536Z] RavenPy-main/docs/notebooks/11_Climatological_ESP_forecasting.ipynb .... [ 77%]
[2025-10-30T20:37:50.620Z] ....                                                                     [ 78%]
[2025-10-30T20:37:58.747Z] RavenPy-main/docs/notebooks/12_Performing_hindcasting_experiments.ipynb . [ 78%]
[2025-10-30T20:38:09.531Z] .......                                                                  [ 80%]
[2025-10-30T20:38:37.026Z] RavenPy-main/docs/notebooks/Assess_probabilistic_flood_risk.ipynb ...... [ 81%]
[2025-10-30T20:38:37.027Z] .                                                                        [ 81%]
[2025-10-30T20:38:43.606Z] RavenPy-main/docs/notebooks/Comparing_hindcasts_and_ESP_forecasts.ipynb . [ 81%]
[2025-10-30T20:39:04.555Z] .......                                                                  [ 82%]
[2025-10-30T20:39:11.407Z] RavenPy-main/docs/notebooks/Distributed_hydrological_modelling.ipynb ... [ 83%]
[2025-10-30T20:39:31.410Z] ....                                                                     [ 84%]
[2025-10-30T20:39:43.452Z] RavenPy-main/docs/notebooks/Hydrological_realtime_forecasting.ipynb .... [ 84%]
[2025-10-30T20:39:49.926Z] ..                                                                       [ 85%]
[2025-10-30T20:40:13.242Z] RavenPy-main/docs/notebooks/Managing_Jupyter_Environments.ipynb ...      [ 85%]
[2025-10-30T20:40:41.403Z] RavenPy-main/docs/notebooks/Perform_Regionalization.ipynb .......        [ 87%]
[2025-10-30T20:40:47.626Z] RavenPy-main/docs/notebooks/Running_HMETS_with_CANOPEX_dataset.ipynb ... [ 87%]
[2025-10-30T20:41:01.027Z] ..........                                                               [ 89%]
[2025-10-30T20:41:24.413Z] RavenPy-main/docs/notebooks/Sensitivity_analysis.ipynb ......            [ 90%]
[2025-10-30T20:41:29.049Z] RavenPy-main/docs/notebooks/time_series_analysis.ipynb ...........       [ 92%]
[2025-10-30T20:41:35.617Z] RavenPy-main/docs/notebooks/paper/Perform_a_climate_change_impact_study_on_a_watershed.ipynb . [ 92%]
[2025-10-30T20:46:07.223Z] .............Fxxxxxx                                                     [ 96%]
[2025-10-30T20:46:07.223Z] notebooks/hummingbird.ipynb ............                                 [ 98%]
[2025-10-30T20:48:37.464Z] notebooks/stress-tests.ipynb ......                                      [100%]
[2025-10-30T20:48:37.464Z] 
[2025-10-30T20:48:37.464Z] =================================== FAILURES ===================================

crim-jenkins-bot · 2025-11-11T04:47:48Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3793/
Result ❌ FAILURE

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-216.rdext.crim.ca

PAVICS-e2e-workflow-tests Pipeline Results

Tests URL : http://daccs-jenkins.crim.ca:80/job/PAVICS-e2e-workflow-tests/job/master/518/

NOTEBOOK TEST RESULTS

    
[2025-11-11T03:44:30.057Z] ============================= test session starts ==============================
[2025-11-11T03:44:30.057Z] platform linux -- Python 3.11.12, pytest-8.3.5, pluggy-1.5.0
[2025-11-11T03:44:30.057Z] rootdir: /home/jenkins/agent/workspace/PAVICS-e2e-workflow-tests_master
[2025-11-11T03:44:30.057Z] plugins: anyio-4.9.0, dash-3.0.3, nbval-0.11.0, tornasync-0.6.0.post2, xdist-3.6.1
[2025-11-11T03:44:30.057Z] collected 537 items
[2025-11-11T03:44:30.057Z] 
[2025-11-11T03:44:37.258Z] notebooks-auth/geoserver.ipynb ..................                        [  3%]
[2025-11-11T03:46:02.922Z] notebooks-auth/test_cowbird_jupyter.ipynb ........F.                     [  5%]
[2025-11-11T03:46:02.922Z] notebooks-auth/test_thredds.ipynb ...........                            [  7%]
[2025-11-11T03:47:28.244Z] pavics-sdi-master/docs/source/notebooks/CaSR_basic.ipynb ......          [  8%]
[2025-11-11T04:00:21.400Z] pavics-sdi-master/docs/source/notebooks/FAQ_dask_parallel.ipynb ..s..... [  9%]
[2025-11-11T04:01:17.637Z] .                                                                        [ 10%]
[2025-11-11T04:01:20.442Z] pavics-sdi-master/docs/source/notebooks/WCS_example.ipynb ......         [ 11%]
[2025-11-11T04:01:27.210Z] pavics-sdi-master/docs/source/notebooks/WFS_example.ipynb .....          [ 12%]
[2025-11-11T04:11:01.019Z] pavics-sdi-master/docs/source/notebooks/climex.ipynb ...........         [ 14%]
[2025-11-11T04:11:01.019Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-climate-stations.ipynb . [ 14%]
[2025-11-11T04:11:06.133Z] ...............                                                          [ 17%]
[2025-11-11T04:11:17.051Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-xclim.ipynb .....    [ 18%]
[2025-11-11T04:11:26.670Z] pavics-sdi-master/docs/source/notebooks/esgf-dap.ipynb ....              [ 18%]
[2025-11-11T04:11:40.788Z] pavics-sdi-master/docs/source/notebooks/forecasts.ipynb ......           [ 19%]
[2025-11-11T04:11:46.673Z] pavics-sdi-master/docs/source/notebooks/opendap.ipynb .......            [ 21%]
[2025-11-11T04:11:51.152Z] pavics-sdi-master/docs/source/notebooks/pavics_thredds.ipynb .....       [ 22%]
[2025-11-11T04:14:45.759Z] pavics-sdi-master/docs/source/notebooks/regridding.ipynb ............... [ 24%]
[2025-11-11T04:15:53.078Z] .............                                                            [ 27%]
[2025-11-11T04:15:56.183Z] pavics-sdi-master/docs/source/notebooks/rendering.ipynb ....             [ 28%]
[2025-11-11T04:15:58.501Z] pavics-sdi-master/docs/source/notebooks/subset-user-input.ipynb ........ [ 29%]
[2025-11-11T04:16:21.560Z] .................                                                        [ 32%]
[2025-11-11T04:16:29.877Z] pavics-sdi-master/docs/source/notebooks/subsetting.ipynb .....           [ 33%]
[2025-11-11T04:16:31.263Z] pavics-sdi-master/docs/source/notebook-components/weaver_example.ipynb . [ 33%]
[2025-11-11T04:16:41.767Z] .........                                                                [ 35%]
[2025-11-11T04:16:52.526Z] finch-main/docs/source/notebooks/dap_subset.ipynb ...........            [ 37%]
[2025-11-11T04:17:02.993Z] finch-main/docs/source/notebooks/finch-usage.ipynb ......                [ 38%]
[2025-11-11T04:17:04.371Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-1DataAccess.ipynb . [ 38%]
[2025-11-11T04:17:09.306Z] .....                                                                    [ 39%]
[2025-11-11T04:17:55.996Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-2Subsetting.ipynb . [ 40%]
[2025-11-11T04:18:28.528Z] F.F..F......                                                             [ 42%]
[2025-11-11T04:18:50.480Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-3Climate-Indicators.ipynb . [ 42%]
[2025-11-11T04:19:29.735Z] .....s.                                                                  [ 43%]
[2025-11-11T04:19:37.862Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-4Ensembles.ipynb . [ 43%]
[2025-11-11T04:19:43.698Z] ..                                                                       [ 44%]
[2025-11-11T04:19:53.698Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-5Visualization.ipynb . [ 44%]
[2025-11-11T04:21:00.287Z] .........                                                                [ 46%]
[2025-11-11T04:21:10.280Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-6Regridding_Conversion.ipynb . [ 46%]
[2025-11-11T04:23:08.944Z] ....                                                                     [ 47%]
[2025-11-11T04:23:08.944Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-01_Intro.ipynb . [ 47%]
[2025-11-11T04:23:08.944Z] ....                                                                     [ 48%]
[2025-11-11T04:23:10.321Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-02_Calibration.ipynb . [ 48%]
[2025-11-11T04:23:21.338Z] .....                                                                    [ 49%]
[2025-11-11T04:23:24.641Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-03_Watershed_properties.ipynb . [ 49%]
[2025-11-11T04:23:30.084Z] .............                                                            [ 51%]
[2025-11-11T04:23:35.363Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-04_Time_series_analysis.ipynb . [ 51%]
[2025-11-11T04:23:36.147Z] ......                                                                   [ 53%]
[2025-11-11T04:23:46.716Z] raven-main/docs/source/notebooks/Region_selection.ipynb .........        [ 54%]
[2025-11-11T04:23:48.622Z] raven-main/docs/source/notebooks/Subset_climate_data_over_watershed.ipynb . [ 54%]
[2025-11-11T04:24:11.318Z] ......                                                                   [ 56%]
[2025-11-11T04:24:13.482Z] RavenPy-main/docs/notebooks/00_Introduction_to_JupyterLab.ipynb ......   [ 57%]
[2025-11-11T04:24:24.141Z] RavenPy-main/docs/notebooks/01_Getting_watershed_boundaries.ipynb ...... [ 58%]
[2025-11-11T04:24:24.142Z] ..                                                                       [ 58%]
[2025-11-11T04:24:30.714Z] RavenPy-main/docs/notebooks/02_Extract_geographical_watershed_properties.ipynb . [ 58%]
[2025-11-11T04:24:35.082Z] .............                                                            [ 61%]
[2025-11-11T04:26:14.349Z] RavenPy-main/docs/notebooks/03_Extracting_forcing_data.ipynb ........... [ 63%]
[2025-11-11T04:26:14.349Z]                                                                          [ 63%]
[2025-11-11T04:26:18.578Z] RavenPy-main/docs/notebooks/04_Emulating_hydrological_models.ipynb ..... [ 64%]
[2025-11-11T04:26:24.924Z] ...............                                                          [ 67%]
[2025-11-11T04:26:30.552Z] RavenPy-main/docs/notebooks/05_Advanced_RavenPy_configuration.ipynb .... [ 67%]
[2025-11-11T04:26:39.299Z] .........                                                                [ 69%]
[2025-11-11T04:26:52.609Z] RavenPy-main/docs/notebooks/06_Raven_calibration.ipynb ......            [ 70%]
[2025-11-11T04:26:59.405Z] RavenPy-main/docs/notebooks/07_Making_and_using_hotstart_files.ipynb ... [ 71%]
[2025-11-11T04:27:02.239Z] ...                                                                      [ 71%]
[2025-11-11T04:27:08.822Z] RavenPy-main/docs/notebooks/08_Getting_and_bias_correcting_CMIP6_data.ipynb . [ 71%]
[2025-11-11T04:34:50.520Z] ...............                                                          [ 74%]
[2025-11-11T04:34:53.806Z] RavenPy-main/docs/notebooks/09_Hydrological_impacts_of_climate_change.ipynb . [ 74%]
[2025-11-11T04:35:00.396Z] ....                                                                     [ 75%]
[2025-11-11T04:35:39.714Z] RavenPy-main/docs/notebooks/10_Data_assimilation.ipynb ........          [ 77%]
[2025-11-11T04:35:49.217Z] RavenPy-main/docs/notebooks/11_Climatological_ESP_forecasting.ipynb .... [ 77%]
[2025-11-11T04:36:15.707Z] ....                                                                     [ 78%]
[2025-11-11T04:36:25.739Z] RavenPy-main/docs/notebooks/12_Performing_hindcasting_experiments.ipynb . [ 78%]
[2025-11-11T04:36:35.333Z] .......                                                                  [ 80%]
[2025-11-11T04:37:00.526Z] RavenPy-main/docs/notebooks/Assess_probabilistic_flood_risk.ipynb ...... [ 81%]
[2025-11-11T04:37:01.353Z] .                                                                        [ 81%]
[2025-11-11T04:37:09.480Z] RavenPy-main/docs/notebooks/Comparing_hindcasts_and_ESP_forecasts.ipynb . [ 81%]
[2025-11-11T04:37:30.710Z] .......                                                                  [ 82%]
[2025-11-11T04:37:37.539Z] RavenPy-main/docs/notebooks/Distributed_hydrological_modelling.ipynb ... [ 83%]
[2025-11-11T04:37:54.894Z] ....                                                                     [ 84%]
[2025-11-11T04:38:07.716Z] RavenPy-main/docs/notebooks/Hydrological_realtime_forecasting.ipynb .... [ 84%]
[2025-11-11T04:38:14.291Z] ..                                                                       [ 85%]
[2025-11-11T04:38:37.607Z] RavenPy-main/docs/notebooks/Managing_Jupyter_Environments.ipynb ...      [ 85%]
[2025-11-11T04:39:04.848Z] RavenPy-main/docs/notebooks/Perform_Regionalization.ipynb .......        [ 87%]
[2025-11-11T04:39:11.073Z] RavenPy-main/docs/notebooks/Running_HMETS_with_CANOPEX_dataset.ipynb ... [ 87%]
[2025-11-11T04:39:26.226Z] ..........                                                               [ 89%]
[2025-11-11T04:39:47.950Z] RavenPy-main/docs/notebooks/Sensitivity_analysis.ipynb ......            [ 90%]
[2025-11-11T04:39:55.069Z] RavenPy-main/docs/notebooks/time_series_analysis.ipynb ...........       [ 92%]
[2025-11-11T04:40:03.194Z] RavenPy-main/docs/notebooks/paper/Perform_a_climate_change_impact_study_on_a_watershed.ipynb . [ 92%]
[2025-11-11T04:44:47.949Z] .............Fxxxxxx                                                     [ 96%]
[2025-11-11T04:44:49.306Z] notebooks/hummingbird.ipynb ............                                 [ 98%]
[2025-11-11T04:47:20.918Z] notebooks/stress-tests.ipynb ......                                      [100%]
[2025-11-11T04:47:20.918Z] 
[2025-11-11T04:47:20.918Z] =================================== FAILURES ===================================

fmigneault

Looks good. There is one comment remaining about the stac-admin magpie group, but that can be done in another PR if desired.

mishaschwartz · 2025-11-12T14:04:17Z

Thanks @fmigneault I missed that last comment I guess. Do you mind checking out the change in 2aa0cae before I merge this.

crim-jenkins-bot · 2025-11-12T15:20:35Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3798/
Result ❌ FAILURE

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-216.rdext.crim.ca

PAVICS-e2e-workflow-tests Pipeline Results

Tests URL : http://daccs-jenkins.crim.ca:80/job/PAVICS-e2e-workflow-tests/job/master/524/

NOTEBOOK TEST RESULTS

    
[2025-11-12T14:16:31.476Z] ============================= test session starts ==============================
[2025-11-12T14:16:31.476Z] platform linux -- Python 3.11.12, pytest-8.3.5, pluggy-1.5.0
[2025-11-12T14:16:31.476Z] rootdir: /home/jenkins/agent/workspace/PAVICS-e2e-workflow-tests_master
[2025-11-12T14:16:31.476Z] plugins: anyio-4.9.0, dash-3.0.3, nbval-0.11.0, tornasync-0.6.0.post2, xdist-3.6.1
[2025-11-12T14:16:31.476Z] collected 537 items
[2025-11-12T14:16:31.476Z] 
[2025-11-12T14:16:39.596Z] notebooks-auth/geoserver.ipynb ..................                        [  3%]
[2025-11-12T14:17:50.618Z] notebooks-auth/test_cowbird_jupyter.ipynb ..........                     [  5%]
[2025-11-12T14:17:53.014Z] notebooks-auth/test_thredds.ipynb ...........                            [  7%]
[2025-11-12T14:19:26.763Z] pavics-sdi-master/docs/source/notebooks/CaSR_basic.ipynb ......          [  8%]
[2025-11-12T14:32:07.953Z] pavics-sdi-master/docs/source/notebooks/FAQ_dask_parallel.ipynb ..s..... [  9%]
[2025-11-12T14:32:54.647Z] .                                                                        [ 10%]
[2025-11-12T14:33:03.379Z] pavics-sdi-master/docs/source/notebooks/WCS_example.ipynb ......         [ 11%]
[2025-11-12T14:33:10.184Z] pavics-sdi-master/docs/source/notebooks/WFS_example.ipynb .....          [ 12%]
[2025-11-12T14:42:43.981Z] pavics-sdi-master/docs/source/notebooks/climex.ipynb ...........         [ 14%]
[2025-11-12T14:42:43.981Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-climate-stations.ipynb . [ 14%]
[2025-11-12T14:42:44.814Z] ...............                                                          [ 17%]
[2025-11-12T14:42:54.437Z] pavics-sdi-master/docs/source/notebooks/eccc-geoapi-xclim.ipynb .....    [ 18%]
[2025-11-12T14:43:03.220Z] pavics-sdi-master/docs/source/notebooks/esgf-dap.ipynb ....              [ 18%]
[2025-11-12T14:43:16.664Z] pavics-sdi-master/docs/source/notebooks/forecasts.ipynb ......           [ 19%]
[2025-11-12T14:43:22.544Z] pavics-sdi-master/docs/source/notebooks/opendap.ipynb .......            [ 21%]
[2025-11-12T14:43:27.280Z] pavics-sdi-master/docs/source/notebooks/pavics_thredds.ipynb .....       [ 22%]
[2025-11-12T14:47:08.274Z] pavics-sdi-master/docs/source/notebooks/regridding.ipynb ............... [ 24%]
[2025-11-12T14:48:09.345Z] .............                                                            [ 27%]
[2025-11-12T14:48:12.136Z] pavics-sdi-master/docs/source/notebooks/rendering.ipynb ....             [ 28%]
[2025-11-12T14:48:13.637Z] pavics-sdi-master/docs/source/notebooks/subset-user-input.ipynb ........ [ 29%]
[2025-11-12T14:48:41.562Z] .................                                                        [ 32%]
[2025-11-12T14:48:48.569Z] pavics-sdi-master/docs/source/notebooks/subsetting.ipynb .....           [ 33%]
[2025-11-12T14:48:49.948Z] pavics-sdi-master/docs/source/notebook-components/weaver_example.ipynb . [ 33%]
[2025-11-12T14:49:07.174Z] .........                                                                [ 35%]
[2025-11-12T14:49:17.435Z] finch-main/docs/source/notebooks/dap_subset.ipynb ...........            [ 37%]
[2025-11-12T14:49:27.431Z] finch-main/docs/source/notebooks/finch-usage.ipynb ......                [ 38%]
[2025-11-12T14:49:28.812Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-1DataAccess.ipynb . [ 38%]
[2025-11-12T14:49:34.641Z] .....                                                                    [ 39%]
[2025-11-12T14:50:21.334Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-2Subsetting.ipynb . [ 40%]
[2025-11-12T14:50:56.780Z] F.F..F......                                                             [ 42%]
[2025-11-12T14:51:35.524Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-3Climate-Indicators.ipynb . [ 42%]
[2025-11-12T14:52:11.299Z] .....s.                                                                  [ 43%]
[2025-11-12T14:52:19.476Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-4Ensembles.ipynb . [ 43%]
[2025-11-12T14:52:25.054Z] ..                                                                       [ 44%]
[2025-11-12T14:52:35.046Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-5Visualization.ipynb . [ 44%]
[2025-11-12T14:53:40.637Z] .........                                                                [ 46%]
[2025-11-12T14:53:50.612Z] PAVICS-landing-master/content/notebooks/climate_indicators/PAVICStutorial_ClimateDataAnalysis-6Regridding_Conversion.ipynb . [ 46%]
[2025-11-12T14:55:49.346Z] ....                                                                     [ 47%]
[2025-11-12T14:55:49.346Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-01_Intro.ipynb . [ 47%]
[2025-11-12T14:55:53.463Z] ....                                                                     [ 48%]
[2025-11-12T14:55:57.659Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-02_Calibration.ipynb . [ 48%]
[2025-11-12T14:56:07.563Z] .....                                                                    [ 49%]
[2025-11-12T14:56:11.753Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-03_Watershed_properties.ipynb . [ 49%]
[2025-11-12T14:56:17.069Z] .............                                                            [ 51%]
[2025-11-12T14:56:22.349Z] PAVICS-landing-master/content/notebooks/hydrology/PAVICStutorial_Hydrology-04_Time_series_analysis.ipynb . [ 51%]
[2025-11-12T14:56:22.874Z] ......                                                                   [ 53%]
[2025-11-12T14:56:33.528Z] raven-main/docs/source/notebooks/Region_selection.ipynb .........        [ 54%]
[2025-11-12T14:56:35.433Z] raven-main/docs/source/notebooks/Subset_climate_data_over_watershed.ipynb . [ 54%]
[2025-11-12T14:56:58.767Z] ......                                                                   [ 56%]
[2025-11-12T14:57:00.671Z] RavenPy-main/docs/notebooks/00_Introduction_to_JupyterLab.ipynb ......   [ 57%]
[2025-11-12T14:57:10.966Z] RavenPy-main/docs/notebooks/01_Getting_watershed_boundaries.ipynb ...... [ 58%]
[2025-11-12T14:57:10.966Z] ..                                                                       [ 58%]
[2025-11-12T14:57:17.574Z] RavenPy-main/docs/notebooks/02_Extract_geographical_watershed_properties.ipynb . [ 58%]
[2025-11-12T14:57:22.008Z] .............                                                            [ 61%]
[2025-11-12T14:58:56.909Z] RavenPy-main/docs/notebooks/03_Extracting_forcing_data.ipynb ........... [ 63%]
[2025-11-12T14:58:56.909Z]                                                                          [ 63%]
[2025-11-12T14:59:01.700Z] RavenPy-main/docs/notebooks/04_Emulating_hydrological_models.ipynb ..... [ 64%]
[2025-11-12T14:59:08.028Z] ...............                                                          [ 67%]
[2025-11-12T14:59:13.307Z] RavenPy-main/docs/notebooks/05_Advanced_RavenPy_configuration.ipynb .... [ 67%]
[2025-11-12T14:59:21.521Z] .........                                                                [ 69%]
[2025-11-12T14:59:34.201Z] RavenPy-main/docs/notebooks/06_Raven_calibration.ipynb ......            [ 70%]
[2025-11-12T14:59:41.341Z] RavenPy-main/docs/notebooks/07_Making_and_using_hotstart_files.ipynb ... [ 71%]
[2025-11-12T14:59:44.167Z] ...                                                                      [ 71%]
[2025-11-12T14:59:50.740Z] RavenPy-main/docs/notebooks/08_Getting_and_bias_correcting_CMIP6_data.ipynb . [ 71%]
[2025-11-12T15:07:23.465Z] ...............                                                          [ 74%]
[2025-11-12T15:07:28.739Z] RavenPy-main/docs/notebooks/09_Hydrological_impacts_of_climate_change.ipynb . [ 74%]
[2025-11-12T15:07:36.213Z] ....                                                                     [ 75%]
[2025-11-12T15:08:12.894Z] RavenPy-main/docs/notebooks/10_Data_assimilation.ipynb ........          [ 77%]
[2025-11-12T15:08:23.908Z] RavenPy-main/docs/notebooks/11_Climatological_ESP_forecasting.ipynb .... [ 77%]
[2025-11-12T15:08:50.177Z] ....                                                                     [ 78%]
[2025-11-12T15:08:58.297Z] RavenPy-main/docs/notebooks/12_Performing_hindcasting_experiments.ipynb . [ 78%]
[2025-11-12T15:09:08.986Z] .......                                                                  [ 80%]
[2025-11-12T15:09:33.547Z] RavenPy-main/docs/notebooks/Assess_probabilistic_flood_risk.ipynb ...... [ 81%]
[2025-11-12T15:09:34.483Z] .                                                                        [ 81%]
[2025-11-12T15:09:42.606Z] RavenPy-main/docs/notebooks/Comparing_hindcasts_and_ESP_forecasts.ipynb . [ 81%]
[2025-11-12T15:10:04.472Z] .......                                                                  [ 82%]
[2025-11-12T15:10:11.303Z] RavenPy-main/docs/notebooks/Distributed_hydrological_modelling.ipynb ... [ 83%]
[2025-11-12T15:10:30.773Z] ....                                                                     [ 84%]
[2025-11-12T15:10:40.890Z] RavenPy-main/docs/notebooks/Hydrological_realtime_forecasting.ipynb .... [ 84%]
[2025-11-12T15:10:47.984Z] ..                                                                       [ 85%]
[2025-11-12T15:11:10.888Z] RavenPy-main/docs/notebooks/Managing_Jupyter_Environments.ipynb ...      [ 85%]
[2025-11-12T15:11:39.386Z] RavenPy-main/docs/notebooks/Perform_Regionalization.ipynb .......        [ 87%]
[2025-11-12T15:11:46.490Z] RavenPy-main/docs/notebooks/Running_HMETS_with_CANOPEX_dataset.ipynb ... [ 87%]
[2025-11-12T15:12:03.153Z] ..........                                                               [ 89%]
[2025-11-12T15:12:26.562Z] RavenPy-main/docs/notebooks/Sensitivity_analysis.ipynb ......            [ 90%]
[2025-11-12T15:12:31.146Z] RavenPy-main/docs/notebooks/time_series_analysis.ipynb ...........       [ 92%]
[2025-11-12T15:12:39.272Z] RavenPy-main/docs/notebooks/paper/Perform_a_climate_change_impact_study_on_a_watershed.ipynb . [ 92%]
[2025-11-12T15:17:26.448Z] ....................                                                     [ 96%]
[2025-11-12T15:17:28.465Z] notebooks/hummingbird.ipynb ............                                 [ 98%]
[2025-11-12T15:20:08.018Z] notebooks/stress-tests.ipynb ......                                      [100%]
[2025-11-12T15:20:08.018Z] 
[2025-11-12T15:20:08.018Z] =================================== FAILURES ===================================

fmigneault · 2025-11-12T16:35:05Z

Thanks @fmigneault I missed that last comment I guess. Do you mind checking out the change in 2aa0cae before I merge this.

All good.

crim-jenkins-bot · 2025-11-12T17:47:34Z

E2E Test Results

DACCS-iac Pipeline Results

Build URL : http://daccs-jenkins.crim.ca:80/job/DACCS-iac-birdhouse/3800/
Result 🆘 ABORTED

BIRDHOUSE_DEPLOY_BRANCH : stac-cors-flexible
DACCS_IAC_BRANCH : master
DACCS_CONFIGS_BRANCH : master
PAVICS_E2E_WORKFLOW_TESTS_BRANCH : master
PAVICS_SDI_BRANCH : master

DESTROY_INFRA_ON_EXIT : true
PAVICS_HOST : https://host-140-216.rdext.crim.ca

⚠️ Infrastructure deployment failed. ⚠️
Instance destroyed due to CI execution.
To debug, launch an instance manually with PR reference stac-cors-flexible.

allow custom cors headers for stac

7c2a5a9

github-actions bot added the component/STAC Features or components related to STAC label Oct 20, 2025

mishaschwartz mentioned this pull request Oct 20, 2025

DISCUSSION: proxy: add CORS headers to /twitcher/, affect all services behind it #450

Open

fmigneault reviewed Oct 21, 2025

View reviewed changes

review feedback

d1b9f73

github-actions bot added the documentation Improvements or additions to documentation label Oct 21, 2025

mishaschwartz marked this pull request as ready for review October 21, 2025 19:26

mishaschwartz requested a review from tlvu as a code owner October 21, 2025 19:26

mishaschwartz requested a review from fmigneault October 21, 2025 19:27

fmigneault reviewed Oct 24, 2025

View reviewed changes

review updates

aae7483

mishaschwartz requested a review from fmigneault October 27, 2025 13:05

fmigneault reviewed Oct 28, 2025

View reviewed changes

tlvu requested changes Oct 30, 2025

View reviewed changes

mishaschwartz added 2 commits October 30, 2025 15:23

review update [ci skip]

5369091

Merge branch 'master' into stac-cors-flexible

8da406a

automatically add Vary header if needed

942cc07

mishaschwartz requested review from fmigneault and tlvu November 11, 2025 03:32

fmigneault approved these changes Nov 11, 2025

View reviewed changes

tlvu approved these changes Nov 11, 2025

View reviewed changes

review updates

2aa0cae

github-actions bot added the component/magpie Related to https://github.com/Ouranosinc/Magpie label Nov 12, 2025

mishaschwartz added 2 commits November 12, 2025 12:25

Merge branch 'master' into stac-cors-flexible

7d21fd9

Bump version: 2.18.9 → 2.18.10

b1c62a2

github-actions bot added the ci/operations Continuous Integration components label Nov 12, 2025

mishaschwartz merged commit 2a38097 into master Nov 12, 2025
4 of 5 checks passed

mishaschwartz deleted the stac-cors-flexible branch November 12, 2025 17:28

fmigneault mentioned this pull request Nov 27, 2025

add BIRDHOUSE_PROXY_CORS_ALLOW_ORIGIN setting #611

Open

		read-only access to STAC API resources while members of the `stac-admin` group can create and modify
		resources if the ``optional-components/stac-public-access`` component is enabled.

	permissions:
	# create a default 'stac' resource under 'stac' service
	# because of the '/stac/stac' path prefix required to resolve the API links properly,
	# all permissions must be nested under this 'stac' resource for requests and permissions to be resolved accordingly
	- service: stac
	resource: /stac
	permission: read
	group: administrator # they already have access, just using admins to create the resource by default
	action: create

allow custom cors headers for stac #599

allow custom cors headers for stac #599

Uh oh!

Conversation

mishaschwartz commented Oct 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Overview

Changes

Related Issue / Discussion

Additional Information

CI Operations

Uh oh!

crim-jenkins-bot commented Oct 20, 2025

E2E Test Results

DACCS-iac Pipeline Results

PAVICS-e2e-workflow-tests Pipeline Results

Uh oh!

fmigneault left a comment

Choose a reason for hiding this comment

Uh oh!

fmigneault Oct 21, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

crim-jenkins-bot commented Oct 21, 2025

E2E Test Results

DACCS-iac Pipeline Results

PAVICS-e2e-workflow-tests Pipeline Results

Uh oh!

fmigneault left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

crim-jenkins-bot commented Oct 27, 2025

E2E Test Results

DACCS-iac Pipeline Results

PAVICS-e2e-workflow-tests Pipeline Results

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

tlvu left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

mishaschwartz commented Oct 20, 2025 •

edited

Loading

fmigneault Oct 21, 2025 •

edited

Loading

mishaschwartz Nov 11, 2025 •

edited

Loading