Skip to content

fix: set the pat to context for audit #4007

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 28, 2025
Merged

fix: set the pat to context for audit #4007

merged 1 commit into from
Apr 28, 2025

Conversation

chlins
Copy link
Member

@chlins chlins commented Apr 28, 2025
edited
Loading

This pull request refactors the PersonalAccessToken middleware in manager/middlewares/personal_access_token.go to improve the handling of the personal access token within the request context. The key change involves moving the context-setting logic for the token to an earlier point in the function for better auditability.

Middleware improvements:

  • manager/middlewares/personal_access_token.go: Moved the c.Set("pat", &token) call to an earlier point in the PersonalAccessToken function, ensuring the personal access token is set in the context immediately after it is retrieved. This change supports better audit logging and context management. [1] [2]

Description

Related Issue

Motivation and Context

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Documentation Update (if none of the other choices apply)

Checklist

  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes.

@chlins chlins requested a review from a team as a code owner April 28, 2025 08:11
@chlins chlins added the bug label Apr 28, 2025
@chlins chlins enabled auto-merge (squash) April 28, 2025 08:14
@codecov Codecov
Copy link

codecov bot commented Apr 28, 2025
edited
Loading

Codecov Report

Attention: Patch coverage is 0% with 2 lines in your changes missing coverage. Please review.

Project coverage is 34.26%. Comparing base (4d74f17) to head (5ab5c48).
Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
manager/middlewares/personal_access_token.go 0.00% 2 Missing ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #4007      +/-   ##
==========================================
- Coverage   34.27%   34.26%   -0.01%     
==========================================
  Files         343      343              
  Lines       40197    40199       +2     
==========================================
- Hits        13777    13775       -2     
- Misses      25512    25514       +2     
- Partials      908      910       +2
Flag Coverage Δ
unittests 34.26% <0.00%> (-0.01%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
manager/middlewares/personal_access_token.go 0.00% <0.00%> (ø)

... and 2 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

gaius-qi
gaius-qi approved these changes Apr 28, 2025
View reviewed changes
Copy link
Member

@gaius-qi gaius-qi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@gaius-qi gaius-qi added this to the v2.3.0 milestone Apr 28, 2025
Liam-Zhao
Liam-Zhao approved these changes Apr 28, 2025
View reviewed changes
Copy link

@Liam-Zhao Liam-Zhao left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@chlins chlins merged commit 5126b25 into main Apr 28, 2025
29 of 31 checks passed
@chlins chlins deleted the fix/set-pat branch April 28, 2025 09:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gaius-qi gaius-qi gaius-qi approved these changes

@Liam-Zhao Liam-Zhao Liam-Zhao approved these changes

@hhhhsdxxxx hhhhsdxxxx Awaiting requested review from hhhhsdxxxx hhhhsdxxxx is a code owner automatically assigned from dragonflyoss/dragonfly2-reviewers

@yxxhero yxxhero Awaiting requested review from yxxhero yxxhero is a code owner automatically assigned from dragonflyoss/dragonfly2-reviewers

Assignees

@xujihui1985 xujihui1985

@gaius-qi gaius-qi

@CormickKneey CormickKneey

Labels
bug
Projects
None yet
Milestone
v2.3.0
Development

Successfully merging this pull request may close these issues.
5 participants
@chlins @gaius-qi @Liam-Zhao @xujihui1985 @CormickKneey