Skip to content

chore: Use internal secret for JWT key #686

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 4 commits into
base: main
Choose a base branch
from
Open

chore: Use internal secret for JWT key #686

wants to merge 4 commits into from

Conversation

adwk67
Copy link
Member

@adwk67 adwk67 commented Sep 10, 2025
edited
Loading

Description

Fixes #639

This change is non-breaking as the secret is created and used only "internally". The user does not have to create a secret themselves. The sample applies for the connections.secretKey that is part of the credentials secret used for DB connection information: this has been removed from all code (incl. examples, tests) and replaced with an internal secret. If the field is still provided it will be ignored.

Definition of Done Checklist

  • Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
  • Please make sure all these things are done and tick the boxes

Author

  • Changes are OpenShift compatible 🟢 tests
  • CRD changes approved
  • CRD documentation for all fields, following the style guide.
  • Helm chart can be installed and deployed operator works
  • Integration tests passed (for non trivial changes)
  • Changes need to be "offline" compatible
  • Links to generated (nightly) docs added
  • Release note snippet added

Reviewer

  • Code contains useful comments
  • Code contains useful logging statements
  • (Integration-)Test cases added
  • Documentation added or updated. Follows the style guide.
  • Changelog updated
  • Cargo.toml only contains references to git tags (not specific commits or branches)

Acceptance

  • Feature Tracker has been updated
  • Proper release label has been added
  • Links to generated (nightly) docs added
  • Release note snippet added
  • Add type/deprecation label & add to the deprecation schedule
  • Add type/experimental label & add to the experimental features tracker

@adwk67 adwk67 moved this to Development: In Progress in Stackable Engineering Sep 10, 2025
@adwk67 adwk67 self-assigned this Sep 10, 2025
@adwk67 adwk67 marked this pull request as ready for review September 10, 2025 15:41
@adwk67 adwk67 moved this from Development: In Progress to Development: Waiting for Review in Stackable Engineering Sep 10, 2025
@adwk67 adwk67 requested a review from a team September 10, 2025 16:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@adwk67 adwk67

Labels
None yet
Projects
Stackable Engineering
Status: Development: Waiting for Review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Airflow 3.x: replace hard-coded JWT secret key with one read from a secret (or auto-generated)
1 participant
@adwk67