Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Empty environment variable is catch like empty string and cause 200 OK response when no header is send #53

Closed
42atomys opened this issue Mar 13, 2022 · 0 comments · Fixed by #54
Closed

fix: Empty environment variable is catch like empty string and cause 200 OK response when no header is send #53

42atomys opened this issue Mar 13, 2022 · 0 comments · Fixed by #54
Labels
aspect/dex 🤖 Concerns developers' experience with the codebase domain/obvious 🟩 Represents the "known knowns" issue. It's Obviously priority/medium 🟨 Priority 3 - Not blocking but should be fixed soon state/triage 🚦 Has not been triaged & therefore, not ready for work type/bug 🔥 Something isn't working
Milestone
1.0

Comments

@42atomys
Copy link
Owner

Describe the bug
When the configuration of a webhook entry is defined to load a value from an environment variable and the env variable is not set, we can pass the security with an empty header or no header.

To Reproduce
Steps to reproduce the behavior:

  1. My config is
- name: exampleHook
  entrypointUrl: /webhooks/example
  security:
  - header:
      inputs:
      - name: headerName
        value: X-Hook-Secret
  - compare:
      inputs:
      - name: first
        value: '{{ .Outputs.header.value }}'
      - name: second
        valueFrom:
          envRef: HOOK_SECRET
  1. Try to store following payload '....'
curl --request POST \
  --url http://atomys.atomys.lab:8080/v1alpha1/webhooks/example \
  --header 'Content-Type: application/json' \
  --header 'X-Hook-Secret: ' \
  --data '{
	"type": 42,
	"payload": {
		"nested": "amazing"
	}
}'

Expected behavior
Check if the environment variable is correctly set before get it. Its usefull to prevent misspell or typo error
@42atomys 42atomys added aspect/dex 🤖 Concerns developers' experience with the codebase state/confirmed 💜 priority/medium 🟨 Priority 3 - Not blocking but should be fixed soon domain/obvious 🟩 Represents the "known knowns" issue. It's Obviously type/bug 🔥 Something isn't working labels Mar 13, 2022
@42atomys 42atomys added this to the 1.0 milestone Mar 13, 2022
@42atomys 42atomys moved this to Triage 🚦 in Stud42 V3 Mar 13, 2022
@github-actions github-actions bot added the state/triage 🚦 Has not been triaged & therefore, not ready for work label Mar 13, 2022
@42atomys 42atomys linked a pull request Mar 13, 2022 that will close this issue
fix(configuration): Validate the valuable object when decode it to lookup env variable #54
Merged
4 tasks
@42atomys 42atomys mentioned this issue Mar 13, 2022
Merged
4 tasks
Repository owner moved this from Triage 🚦 to Done 🎉 in Stud42 V3 Mar 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
aspect/dex 🤖 Concerns developers' experience with the codebase domain/obvious 🟩 Represents the "known knowns" issue. It's Obviously priority/medium 🟨 Priority 3 - Not blocking but should be fixed soon state/triage 🚦 Has not been triaged & therefore, not ready for work type/bug 🔥 Something isn't working
Projects
Stud42 V3
Archived in project
Milestone
1.0
1 participant
@42atomys