Skip to content

Pass UAA JWT public key to integration sandbox components#2791

Open
aramprice wants to merge 1 commit into
mainfrom
integration-specs-fix-decode-warning
Open

Pass UAA JWT public key to integration sandbox components#2791
aramprice wants to merge 1 commit into
mainfrom
integration-specs-fix-decode-warning

Conversation

@aramprice

@aramprice aramprice commented Jul 17, 2026

Copy link
Copy Markdown
Member

Add a uaa_jwt_public_key helper to Sandbox that reads the RSA public key from the asymmetric uaa.yml test fixture. Wire it into the sandbox config templates so the Director (config_server.uaa and user_management.uaa) and Health Monitor receive the key and can verify token signatures, eliminating the "Decoding token without verifying" warning during integration tests.

@coderabbitai

coderabbitai Bot commented Jul 17, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: b5dced76-9a65-4cca-9db6-0d391f4572b4

📥 Commits

Reviewing files that changed from the base of the PR and between b46f800 and 5137347.

📒 Files selected for processing (6)
  • src/spec/assets/sandbox/director_test.yml.erb
  • src/spec/assets/sandbox/health_monitor.yml.erb
  • src/spec/assets/sandbox/health_monitor_with_json_logging.yml.erb
  • src/spec/integration_support/config_server_helper.rb
  • src/spec/integration_support/director_config.rb
  • src/spec/integration_support/sandbox.rb

Walkthrough

The sandbox now loads the UAA JWT public key from the asymmetric UAA configuration asset through memoized helpers. Director, Config Server, and Health Monitor templates render the key dynamically as indented YAML multiline values, and Config Server authentication receives it as public_key.

Suggested reviewers: ragaskar, mkocher

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name Status Explanation Resolution
Description check ⚠️ Warning The description states the change, but it omits most required template sections like context, tests, release notes, breaking change, and tagging. Add the missing template sections: context, tests run, release note text, breaking-change status, tags, and AI review feedback.
✅ Passed checks (4 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly matches the main change: adding the UAA JWT public key to sandbox integration components.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch integration-specs-fix-decode-warning

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@aramprice
aramprice requested a review from Copilot July 17, 2026 21:18

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.

coderabbitai[bot]
coderabbitai Bot previously approved these changes Jul 17, 2026
@github-project-automation github-project-automation Bot moved this from Inbox to Pending Merge | Prioritized in Foundational Infrastructure Working Group Jul 17, 2026
@aramprice
aramprice force-pushed the integration-specs-fix-decode-warning branch from 1d03fea to 09c7499 Compare July 17, 2026 22:11
coderabbitai[bot]
coderabbitai Bot previously approved these changes Jul 17, 2026

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@src/spec/integration_support/sandbox.rb`:
- Around line 703-709: Extract the duplicated uaa_jwt_public_key logic from
sandbox.rb and director_config.rb into a shared helper or existing shared
utility, then have both callers reuse it. Ensure the shared implementation
explicitly loads YAML with require 'yaml' rather than relying on incidental load
order.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 0292c164-c7ad-4f49-b6cd-e3d48dfd1220

📥 Commits

Reviewing files that changed from the base of the PR and between 09c7499 and b46f800.

📒 Files selected for processing (6)
  • src/spec/assets/sandbox/director_test.yml.erb
  • src/spec/assets/sandbox/health_monitor.yml.erb
  • src/spec/assets/sandbox/health_monitor_with_json_logging.yml.erb
  • src/spec/integration_support/config_server_helper.rb
  • src/spec/integration_support/director_config.rb
  • src/spec/integration_support/sandbox.rb

Comment thread src/spec/integration_support/sandbox.rb
@github-project-automation github-project-automation Bot moved this from Pending Merge | Prioritized to Waiting for Changes | Open for Contribution in Foundational Infrastructure Working Group Jul 17, 2026
Add a uaa_jwt_public_key helper to Sandbox that reads the RSA public key
from the asymmetric uaa.yml test fixture. Wire it into the sandbox config
templates so the Director (config_server.uaa and user_management.uaa) and
Health Monitor receive the key and can verify token signatures, eliminating
the "Decoding token without verifying" warning during integration tests.
@aramprice
aramprice force-pushed the integration-specs-fix-decode-warning branch from b46f800 to 5137347 Compare July 17, 2026 23:51
@aramprice
aramprice requested review from a team, ay901246 and beyhan and removed request for a team July 18, 2026 00:58
@github-project-automation github-project-automation Bot moved this from Waiting for Changes | Open for Contribution to Pending Merge | Prioritized in Foundational Infrastructure Working Group Jul 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Pending Merge | Prioritized

Development

Successfully merging this pull request may close these issues.

2 participants