Issues
- Update the UI to not expose the Github PAT in the Namespace Admin pageCDAP-20904Resolved issue: CDAP-20904Ganesh Sahoo
- [SCM] Remove or Mask Auth Credentials from Repo Configuration GET APICDAP-20859Resolved issue: CDAP-20859Samik Gupta
- [SCM] Store Auth Config in System Namespace of SecureStoreCDAP-20581Dennis Li
- SCM Performance Testing for 6.9.1CDAP-20578Resolved issue: CDAP-20578Samik Gupta
- Performance metrics for SCMCDAP-20536Resolved issue: CDAP-20536Arjan Bal
- SCM: Username field in repository config form gets cleared automaticallyCDAP-20532Resolved issue: CDAP-20532De Lan
- validate on github repo without any branch passedCDAP-20516Resolved issue: CDAP-20516Arjan Bal
- pushing pipeline hangsCDAP-20515Resolved issue: CDAP-20515De Lan
- UI hangs on `REMOTE PIPELINES` tab after syncing pipelines with an empty repoCDAP-20513Resolved issue: CDAP-20513De Lan
- Add repo permissions in IAMCDAP-20498Resolved issue: CDAP-20498De Lan
- Map repo permissions in GobCDAP-20497Resolved issue: CDAP-20497De Lan
- Add REPO_WRITE/READ/METADATA_UPDATE permissions in cdap-protoCDAP-20496Resolved issue: CDAP-20496De Lan
- git config override for jgitCDAP-20482Resolved issue: CDAP-20482Arjan Bal
- SCM: Git integration improvementCDAP-20473Resolved issue: CDAP-20473De Lan
- Improve source control management config textsCDAP-20462Resolved issue: CDAP-20462Sumeng Wang
- History button brokenCDAP-20460Resolved issue: CDAP-20460De Lan
- Use "Connected" status in UICDAP-20459Resolved issue: CDAP-20459De Lan
- The error message overflows the box when push no changesCDAP-20450Resolved issue: CDAP-20450Sumeng Wang
- SCM: Add the test creds and set up the test repoCDAP-20444Resolved issue: CDAP-20444De Lan
- SCM: End to End TestingCDAP-20432Resolved issue: CDAP-20432Samik Gupta
- Get the fileHash after commit but before pushCDAP-20412Resolved issue: CDAP-20412De Lan
- Create a single parent exception class for source control operationsCDAP-20410Resolved issue: CDAP-20410Samik Gupta
- Source Control Management: Use latest remote HEAD on clone & ensure required commit is fetchedCDAP-20386Resolved issue: CDAP-20386Arjan Bal
- In memory operation runner: pullCDAP-20367Resolved issue: CDAP-20367Arjan Bal
- Don't extend AbstractIdleService in RepositoryManagerCDAP-20366Resolved issue: CDAP-20366Arjan Bal
- Rename tokenName to passwordNameCDAP-20364Resolved issue: CDAP-20364De Lan
- SourceControlManager: Get File HashCDAP-20343Resolved issue: CDAP-20343Arjan Bal
- Improvements to RepositoryManager class for Git integrationCDAP-20341Resolved issue: CDAP-20341Arjan Bal
- In memory operation runner: pullCDAP-20325Resolved issue: CDAP-20325Arjan Bal
- Git operations serviceCDAP-20323Resolved issue: CDAP-20323
- Git operations runnerCDAP-20320Resolved issue: CDAP-20320Samik Gupta
- SourceControlManager: Validate ConnectionCDAP-20313Resolved issue: CDAP-20313Arjan Bal
- HTTP handlers for SCMCDAP-20241Resolved issue: CDAP-20241De Lan
- Git operations source-control moduleCDAP-20240Resolved issue: CDAP-20240Arjan Bal
- SCM UI workCDAP-20231Resolved issue: CDAP-20231Sumeng Wang
- Add FF for git integrationCDAP-20229Resolved issue: CDAP-20229Samik Gupta
- SCM: CDF Git IntegrationCDAP-20228Resolved issue: CDAP-20228De Lan
37 of 37
Update the UI to not expose the Github PAT in the Namespace Admin page
Fixed
Description
Release Notes
None
Pinned fields
Click on the next to a field label to start pinning.
Details
Details
Assignee
Ganesh Sahoo
Ganesh SahooReporter
Ganesh Sahoo
Ganesh SahooDocs Impact
No
UX Impact
No
Affects versions
Triaged
Yes
Size
M
Components
Fix versions
Priority
MajorCreated November 22, 2023 at 7:27 AM
Updated January 11, 2024 at 12:56 AM
Resolved November 24, 2023 at 8:11 AM
Activity
Show:
Ganesh Sahoo
changed the StatusJanuary 11, 2024 at 12:56 AMResolved
Closed
Ganesh Sahoo
changed the StatusNovember 24, 2023 at 8:11 AMOpen
Resolved
Ganesh Sahoo
updated the ResolutionNovember 24, 2023 at 8:11 AMNone
Fixed
Ganesh Sahoo
updated the ParentNovember 22, 2023 at 7:27 AMNone
CDAP-20581
Ganesh Sahoo
changed the ParentNovember 22, 2023 at 7:27 AMNone
CDAP-20581
Ganesh Sahoo
created the IssueNovember 22, 2023 at 7:27 AM
Currently, in the UI, we fetch and display the Github PAT in the namespace admin page. This is not required, as the PAT is not used in the UI for any operations. Also, this is not a secure practice. The following steps are needed to fix this:
Do not fetch the Github PAT and do not display it in the UI.
Also, do not autofill the Github PAT in the form to edit the repository config. If no PAT is provided in the edit form, then the PAT should not be updated in the secure store.
During creation of the repository config, the PAT must be mandatory (as it is currently), however during edits to the repository config the PAT must be optional.