Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: add dummy jwt secret #6780

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore: add dummy jwt secret #6780

wants to merge 1 commit into from

Conversation

shivanshuraj1333
Copy link
Member

@shivanshuraj1333 shivanshuraj1333 commented Jan 8, 2025
edited
Loading

fixes: #6763

Currently if JWT_SECRET is not setup through env variable, it breaks the frontend.

Important

Adds a dummy JWT secret to be used if no JWT secret is specified, with warnings logged for production environments.

  • Behavior:
    • Adds a dummy JWT secret SIGNOZ_JWT_SECRET in auth.go to be used if no JWT secret is specified.
    • Updates main.go in both ee/query-service and pkg/query-service to set auth.JwtSecret to SIGNOZ_JWT_SECRET if the environment variable SIGNOZ_JWT_SECRET is not set.
    • Logs a warning if the dummy JWT secret is used, advising to specify a secret in production.

This description was created by Ellipsis for 9f4af9f. It will automatically update as commits are pushed.

@request-info Request Info
Copy link

request-info bot commented Jan 8, 2025

We would appreciate it if you could provide us with more info about this issue/pr!

ellipsis-dev[bot]
ellipsis-dev bot reviewed Jan 8, 2025
View reviewed changes
Copy link
Contributor

@ellipsis-dev ellipsis-dev bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍 Looks good to me! Reviewed everything up to 9f4af9f in 1 minute and 43 seconds

More details
  • Looked at 46 lines of code in 3 files
  • Skipped 0 files when reviewing.
  • Skipped posting 3 drafted comments based on config settings.
1. ee/query-service/main.go:184
  • Draft comment:
    Using a hardcoded dummy JWT secret is a security risk. Ensure this is only used for development and not in production environments.
  • Reason this comment was not posted:
    Comment did not seem useful.
2. pkg/query-service/main.go:102
  • Draft comment:
    Using a hardcoded dummy JWT secret is a security risk. Ensure this is only used for development and not in production environments.
  • Reason this comment was not posted:
    Marked as duplicate.
3. pkg/query-service/constants/auth.go:7
  • Draft comment:
    Use design tokens or predefined color constants instead of hardcoding color values to maintain consistency in design and theming.
  • Reason this comment was not posted:
    Comment was on unchanged code.

Workflow ID: wflow_nViP1FFGdflnenDl

You can customize Ellipsis with 👍 / 👎 feedback, review rules, user-specific overrides, quiet mode, and more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ellipsis-dev ellipsis-dev[bot] ellipsis-dev[bot] left review comments

@vikrantgupta25 vikrantgupta25 Awaiting requested review from vikrantgupta25

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
request-more-info
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

v0.66.0-oss errors after login
1 participant
@shivanshuraj1333