Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add sensitive env var clearing and e2e tests for session launcher #2701

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

feat: add sensitive env var clearing and e2e tests for session launcher #2701

wants to merge 2 commits into from
+139 −16

Conversation

yomybaby
Copy link
Member

@yomybaby yomybaby commented Sep 10, 2024
edited
Loading

TL;DR

Added functionality to empty sensitive environment variables and updated form value synchronization.

What changed?

  • Introduced sensitivePatterns array with regular expressions to identify sensitive environment variables.
  • Added isSensitiveEnv function to check if an environment variable is sensitive.
  • Implemented emptySensitiveEnv function to clear values of sensitive environment variables.
  • Updated VFolderTableFormValues interface to include autoMountedFolderNames.
  • Modified form value synchronization in SessionLauncherPage to omit specific fields and empty sensitive environment variables.
  • Unit test and E2E test for this change.

How to test?

  1. Navigate to the Session Launcher page.
  2. Add environment variables with sensitive names (e.g., PASSWORD, SECRET_KEY).
  3. Verify that sensitive environment variables are properly identified and their values are cleared when reloading browser.
  4. Check if the URL updates correctly without including sensitive information.

image.png

Why make this change?

This change enhances security by preventing sensitive information from being exposed in URLs or unintended locations. It also improves the handling of environment variables, ensuring that sensitive data is properly managed throughout the application.

@github-actions github-actions bot added the size:M 30~100 LoC label Sep 10, 2024
@yomybaby Graphite App
Copy link
Member Author

This stack of pull requests is managed by Graphite. Learn more about stacking.

Join @yomybaby and the rest of your teammates on Graphite Graphite

@graphite-app Graphite App
Copy link

graphite-app bot commented Sep 10, 2024

Your org requires the Graphite merge queue for merging into main

Add the label “flow:merge-queue” to the PR and Graphite will automatically add it to the merge queue when it’s ready to merge. Or use the label “flow:hotfix” to add to the merge queue as a hot fix.

You must have a Graphite account and log in to Graphite in order to use the merge queue. Sign up using this link.

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 10, 2024
edited
Loading

Coverage report for ./react

St.
 Category Percentage Covered / Total
🔴 Statements
5.6% (+0.12% 🔼)
 345/6165
🔴 Branches
5.15% (+0.09% 🔼)
 218/4236
🔴 Functions
3.31% (+0.19% 🔼)
 67/2027
🔴 Lines
5.48% (+0.11% 🔼)
 330/6020

Test suite run success

93 tests passing in 12 suites.

Report generated by 🧪jest coverage report action from a9992f4

@yomybaby yomybaby marked this pull request as ready for review September 10, 2024 09:50
@yomybaby yomybaby force-pushed the feature/empty-sensitive-envs-value branch from ca56621 to 8b70b8a Compare September 11, 2024 00:56
@github-actions github-actions bot added size:L 100~500 LoC and removed size:M 30~100 LoC labels Sep 11, 2024
@yomybaby yomybaby changed the title feat: empty sensitive envs values in Neo Session Launcher feat: add sensitive env var clearing and e2e tests for session launcher Sep 11, 2024
@yomybaby yomybaby force-pushed the feature/empty-sensitive-envs-value branch from 8b70b8a to c1dfc10 Compare September 11, 2024 01:02
lizable
lizable reviewed Sep 11, 2024
View reviewed changes
Copy link
Contributor

@lizable lizable left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Found typo error in test module file(session-luancher.test.ts -> session-launcher.test.ts). Except that, It works fine.

lizable
lizable approved these changes Sep 11, 2024
View reviewed changes
Copy link
Contributor

@lizable lizable left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lizable lizable lizable approved these changes

@ironAiken2 ironAiken2 Awaiting requested review from ironAiken2

Assignees

@yomybaby yomybaby

Labels
size:L 100~500 LoC
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yomybaby @lizable