Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove headers from signature verification if gitlab invocation method #29

Merged
merged 9 commits into from
Aug 8, 2024
Merged

Remove headers from signature verification if gitlab invocation method #29

merged 9 commits into from
Aug 8, 2024

Conversation

omby8888
Copy link
Contributor

@omby8888 omby8888 commented Aug 5, 2024
edited
Loading

Description

What - Remove headers from signature verification if gitlab invocation method
Why - Gitlab invocation method doesn't send other headers than port's headers

Type of change

Please leave one option from the following and delete the rest:

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Non-breaking change (fix of existing functionality that will not change current behavior)
  • Documentation (added/updated documentation)

Tankilevitch
Tankilevitch requested changes Aug 7, 2024
View reviewed changes
Copy link
Contributor

@Tankilevitch Tankilevitch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would rather add CONTRIBUTING.md on how to test it with environment variables

app/invokers/webhook_invoker.py Outdated
@@ -295,8 +297,12 @@ def validate_incoming_signature(self, msg: dict) -> bool:
return False

# Remove the headers to avoid them being used in the signature verification
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lets update the comment

Tankilevitch
Tankilevitch reviewed Aug 7, 2024
View reviewed changes
app/core/config.py Outdated
Comment on lines 15 to 16
load_dotenv()

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would do it if specific env variable is specified . e.g. if ENV_RUNTIME='DEBUG'

matan84
matan84 requested changes Aug 7, 2024
View reviewed changes
Copy link
Member

@matan84 matan84 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

left 1 comment

app/invokers/webhook_invoker.py Outdated Show resolved Hide resolved
matan84
matan84 approved these changes Aug 7, 2024
View reviewed changes
Copy link
Member

@matan84 matan84 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Tankilevitch
Tankilevitch approved these changes Aug 8, 2024
View reviewed changes
Copy link
Contributor

@Tankilevitch Tankilevitch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

love that, great job with the CONTRIBUTING.md

@omby8888 omby8888 merged commit 0ee3af6 into main Aug 8, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@matan84 matan84 matan84 approved these changes

@Tankilevitch Tankilevitch Tankilevitch approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@omby8888 @matan84 @Tankilevitch