Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use secret in .env instead of hard-coded one #2718

Merged
merged 1 commit into from
Dec 21, 2023
Merged

Use secret in .env instead of hard-coded one #2718

merged 1 commit into from
Dec 21, 2023

Conversation

hivivo
Copy link
Member

@hivivo hivivo commented Dec 20, 2023

Description

  • Here are some details about my PR, including screenshots of any UI changes:

We have a predefined secret in .env file called SECRET_TOKEN. User is supposed to override the value with the environment variable. We were not use the secret in our helix-front server side. This PR is to apply the logic, so secret can be generated by the user to align with the security requirements.

Tests

Manually tested with the secret override.

  • The following is the result of the "mvn test" command on the appropriate module:

(If CI test fails due to known issue, please specify the issue and test PR locally. Then copy & paste the result of "mvn test" to here.)

Changes that Break Backward Compatibility (Optional)

  • My PR contains changes that break backward compatibility or previous assumptions for certain methods or API. They include:

(Consider including all behavior changes for public methods or API. Also include these changes in merge description so that other developers are aware of these changes. This allows them to make relevant code changes in feature branches accounting for the new method/API behavior.)

Documentation (Optional)

  • In case of new functionality, my PR adds documentation in the following wiki page:

(Link the GitHub wiki you added)

Commits

  • My commits all reference appropriate Apache Helix GitHub issues in their subject lines. In addition, my commits follow the guidelines from "How to write a good git commit message":
    1. Subject is separated from body by a blank line
    2. Subject is limited to 50 characters (not including Jira issue reference)
    3. Subject does not end with a period
    4. Subject uses the imperative mood ("add", not "adding")
    5. Body wraps at 72 characters
    6. Body explains "what" and "why", not "how"

Code Quality

  • My diff has been formatted using helix-style.xml
    (helix-style-intellij.xml if IntelliJ IDE is used)

junkaixue
junkaixue approved these changes Dec 20, 2023
View reviewed changes
Copy link
Contributor

@junkaixue junkaixue left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if it user does not set up? So will the null work here? Overall, lgtm.

@hivivo
Copy link
Member Author

hivivo commented Dec 21, 2023

What if it user does not set up? So will the null work here? Overall, lgtm.

there's a default value set in .env file. the default value will be used instead of null.

@hivivo hivivo merged commit d751046 into apache:master Dec 21, 2023
2 checks passed
Marcosrico pushed a commit to Marcosrico/helix that referenced this pull request Jan 2, 2024
@hivivo
use secret in .env instead of hard coded one (apache#2718)
5cec443
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@junkaixue junkaixue junkaixue approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@hivivo @junkaixue