Skip to content

Disable CSRF check for PAT authentication #7353

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 20, 2025
Merged

Disable CSRF check for PAT authentication #7353

merged 2 commits into from
Apr 20, 2025

Conversation

JohnNiang
Copy link
Member

@JohnNiang JohnNiang commented Apr 18, 2025
edited
Loading

What type of PR is this?

/kind improvement
/area core
/milestone 2.20.x

What this PR does / why we need it:

This PR disables CSRF check for PAT authentication because the authentication won't pass any cookies to server.

Does this PR introduce a user-facing change?

None

@f2c-ci-robot f2c-ci-robot bot added the release-note-none Denotes a PR that doesn't merit a release note. label Apr 18, 2025
@f2c-ci-robot f2c-ci-robot bot added this to the 2.20.x milestone Apr 18, 2025
@f2c-ci-robot f2c-ci-robot bot added the kind/improvement Categorizes issue or PR as related to a improvement. label Apr 18, 2025
@f2c-ci-robot f2c-ci-robot
Copy link

f2c-ci-robot bot commented Apr 18, 2025

@JohnNiang: The label(s) area/corer cannot be applied, because the repository doesn't have them.

In response to this:

What type of PR is this?

/kind improvement
/area corer
/milestone 2.20.x

What this PR does / why we need it:

This PR disables CSRF check for PAT authentication because the authentication won't pass any cookies to server.

Does this PR introduce a user-facing change?

None

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@f2c-ci-robot f2c-ci-robot bot requested review from guqing and wan92hen April 18, 2025 09:01
@codecov Codecov
Copy link

codecov bot commented Apr 18, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 57.51%. Comparing base (60c2009) to head (4e1c570).
Report is 16 commits behind head on main.

Additional details and impacted files 
@@             Coverage Diff              @@
##               main    #7353      +/-   ##
============================================
+ Coverage     57.18%   57.51%   +0.32%     
- Complexity     4066     4123      +57     
============================================
  Files           721      725       +4     
  Lines         24546    24736     +190     
  Branches       1612     1637      +25     
============================================
+ Hits          14036    14226     +190     
+ Misses         9882     9857      -25     
- Partials        628      653      +25

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@JohnNiang JohnNiang added the area/core Issues or PRs related to the Halo Core label Apr 18, 2025
ruibaby
ruibaby reviewed Apr 18, 2025
View reviewed changes
Copy link
Member

@ruibaby ruibaby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@f2c-ci-robot f2c-ci-robot bot added the lgtm Indicates that a PR is ready to be merged. label Apr 18, 2025
@f2c-ci-robot f2c-ci-robot bot removed the lgtm Indicates that a PR is ready to be merged. label Apr 20, 2025
ruibaby
ruibaby approved these changes Apr 20, 2025
View reviewed changes
Copy link
Member

@ruibaby ruibaby left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@f2c-ci-robot f2c-ci-robot
Copy link

f2c-ci-robot bot commented Apr 20, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ruibaby

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@f2c-ci-robot f2c-ci-robot bot added lgtm Indicates that a PR is ready to be merged. approved Indicates a PR has been approved by an approver from all required OWNERS files. labels Apr 20, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@f2c-ci-robot f2c-ci-robot bot merged commit 222e955 into halo-dev:main Apr 20, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ruibaby ruibaby ruibaby approved these changes

@guqing guqing Awaiting requested review from guqing

@wan92hen wan92hen Awaiting requested review from wan92hen

Assignees

@ruibaby ruibaby

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. area/core Issues or PRs related to the Halo Core kind/improvement Categorizes issue or PR as related to a improvement. lgtm Indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note.
Projects
None yet
Milestone
2.20.x
Development

Successfully merging this pull request may close these issues.
2 participants
@JohnNiang @ruibaby