Stage #642
Stage #642
Conversation
Feature/bidding and auction
Documentation Updates: The bidding-and-auction.md file has been updated to clarify the demo's goals, assumptions, and key exclusions. The steps have been revised to provide more precise instructions for users. Console Logging: Console log messages in ssp-a, ssp-x, and ssp-y components have been modified to provide more context about the auction configurations. Code Cleanup: Unnecessary code related to encoding requests has been removed from ssp-y/construct-component-auction.ts.
* [docker-compose] ad network configuration Setting network configuration to allow integration with bidding and auction demo. Privacy Sandbox Demos will use 172.16.128.0/24 range to not collide with Bidding and Auction services with fixed ips on 172.16.0.0/24 * package.json scripts - update start command to be able to refresh a specific service. use `npm run start -- [service-name]` - update stop command to remove volumes - update build command to build without cache * docker-compose : fix race condition on ad-tech services ad-tech services are using the same codebase and were all mounting the local ./services/ad-tech folder causing race conditions. Often one of the ad-tech services would not start properly. as a temporary workaround we are removing the filesystem mounted volume.
* add xxx-news services in firebase for Multi Touch Attribution Demo * multi-touch attribution demo doc : update link * fix firebase_deploy.sh
* demo docs fixes : - fix issue #624 - fix issue #623 - fix issue #622 - fix issue #621 Documentation Fixes: The PR resolves multiple documentation issues by fixing relative file paths and URLs in the markdown files. It also updates image links to use relative paths instead of absolute URLs. Docusaurus Configuration: The Docusaurus configuration is updated to throw an exception when Markdown links are broken, ensuring link integrity. The trailingSlash option is enabled to add trailing slashes to URLs. Nginx Configuration: The Nginx configuration is strengthened by upgrading Nginx to version 1.27.5-alpine and adding directives for security and optimization. The configuration file is now directly copied to /etc/nginx/nginx.conf instead of using a template. Docker Compose Update: The docker-compose.yml file is updated to use the newer Nginx image version 1.27.5-alpine. Markdown file paths are preferred. see https://docusaurus.io/docs/next/markdown-features/links updated docusaurus config to throw an exception when Markdown links are broken * [home] strenghten nginx configuration upgrade nginx add nginx.conf directives for security and optimization * fix docs link to full sized image hosted on Github
Allows env vars (PORT) in nginx conf
Privacy Sandbox attestation files for Service Provider
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hello @sinnew, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
Summary of Changes
This pull request updates the privacy sandbox attestations for both the development and production environments. It replaces placeholder content with JSON configurations that specify details about the privacy sandbox API attestations, including attestation versions, privacy policies, ownership tokens, enrollment IDs, and platform-specific attestations for Chrome and Android.
Highlights
- Attestation Configuration: The pull request introduces detailed JSON configurations for privacy sandbox API attestations in both development and production environments.
- Environment-Specific Settings: Different ownership tokens, enrollment IDs, and enrollment sites are used for the development and production environments.
- Platform Attestations: The configurations include platform-specific attestations for Chrome, indicating that the service is not used for identifying users across sites for various APIs (Attribution Reporting, Protected Audience, Topics, Shared Storage, and Private Aggregation).
Changelog
- cicd/attestations/privacy-sandbox-attestations.json.service-provide.prod
- Removed placeholder content.
- The file is now populated with the JSON configuration for the production environment's privacy sandbox API attestations.
- cicd/attestations/privacy-sandbox-attestations.json.service-provider.dev
- Replaced placeholder content with a JSON configuration for the development environment's privacy sandbox API attestations.
- Added details such as attestation version, privacy policy URL, ownership token 'aa1ec2f0ee90815659f69e6e08be10599009e70b54954627f5de9fa145c1f92e', issued seconds since epoch '1745231350969', enrollment ID 'BG8PE', and enrollment site 'https://privacy-sandcastle-dev-services.web.app'.
- Configured platform attestations for Chrome, specifying that the service is not used for identifying users across sites for Attribution Reporting, Protected Audience, Topics, Shared Storage, and Private Aggregation APIs.
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
In JSON's embrace, attestations reside,
For sandbox's privacy, where truths confide.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
The pull request updates the privacy sandbox attestations for the service provider in both the development and production environments. The changes involve replacing placeholder files with JSON configurations containing details about the attestation parser version, privacy policy, ownership token, issued seconds since epoch, enrollment ID, enrollment site, and platform attestations. The attestations indicate that the services are not used for identifying users across sites for various APIs.
Merge Readiness
The pull request appears to be updating configuration files with new attestation data. Given the sensitive nature of privacy attestations, it's crucial to ensure the accuracy and validity of the data. Since I am unable to directly approve the pull request, I recommend having another reviewer verify the correctness of the JSON configurations and the implications of these changes before merging. It would also be useful to have some automated validation of these files to ensure that they are valid JSON and that the values are within expected ranges. If the data is incorrect, it could lead to incorrect behavior of the privacy sandbox features. Since there are no critical or high severity issues, the pull request is likely ready to be merged after another review.
update the fixes