Skip to content

🐛 fix: restore auth smoke test by fixing gitops package build#18012

Merged
kubestellar-hive[bot] merged 1 commit into
mainfrom
scanner/fix-18011
Jun 12, 2026
Merged

🐛 fix: restore auth smoke test by fixing gitops package build#18012
kubestellar-hive[bot] merged 1 commit into
mainfrom
scanner/fix-18011

Conversation

@kubestellar-hive

@kubestellar-hive kubestellar-hive Bot commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Fixes #18011

The auth smoke test was failing at the build step due to missing functions and constants in the gitops sub-package after PR #17978 refactored it into a separate package.

Changes

  • Add pkg/api/handlers/gitops/helpers.go with functions moved from parent handlers package:
    • requireAdmin, isDemoMode, errNoClusterAccess, waitWithDeadline
    • writeSSEEvent, streamDemoSSE, handleK8sError
    • maxResponseDeadline, maxK8sNameLen constants
  • Define maxK8sNameLen in pkg/api/handlers/validation.go

What the auth smoke test validates

  • /auth/refresh body contains { refreshed: true, onboarded } only
  • Refreshed JWT is in the HttpOnly kc_auth cookie, NOT in the response body
  • kc-agent rejects requests without KC_AGENT_TOKEN (401)
  • kc-agent accepts requests with the correct token
  • /api/agent/token returns the same token kc-agent was started with
  • /api/agent/token requires authentication (no token leak)
  • End-to-end: token from backend → kc-agent auth succeeds
  • kc-agent rejects unauthenticated WebSocket upgrades
  • /auth/refresh rejects expired/invalid cookies
  • No raw fetch() calls to agent URLs bypass agentFetch()

Build and lint validation will be performed by CI.

Copilot AI review requested due to automatic review settings June 12, 2026 09:35
Copilot AI reviewed Jun 12, 2026

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@kubestellar-prow kubestellar-prow Bot added the dco-signoff: yes Indicates the PR's author has signed the DCO. label Jun 12, 2026
@kubestellar-prow

kubestellar-prow Bot commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign mikespreitzer for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@netlify

netlify Bot commented Jun 12, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for kubestellarconsole canceled.

Name Link
🔨 Latest commit 4fd3caa
🔍 Latest deploy log https://app.netlify.com/projects/kubestellarconsole/deploys/6a2bda0fb2feaf000822dc84

@github-actions

github-actions Bot commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

👋 Hey @kubestellar-hive[bot] — thanks for opening this PR!

🤖 This project is developed exclusively using AI coding assistants.

Please do not attempt to code anything for this project manually.
All contributions should be authored using an AI coding tool such as:

This ensures consistency in code style, architecture patterns, test coverage,
and commit quality across the entire codebase.

This is an automated message.

@github-actions github-actions Bot added the ai-generated Pull request generated by AI label Jun 12, 2026
@kubestellar-prow kubestellar-prow Bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Jun 12, 2026
🌱 [scanner] fix: restore auth smoke test contract
4fd3caa 
Add missing helper functions for GitOps handlers package.

The auth smoke test was failing during build due to undefined functions
in the gitops subpackage. This fix adds a helpers.go file that provides
the required functions that were available in the parent handlers package.

Fixed undefined symbols:
- requireAdmin (argo.go:69)
- waitWithDeadline, maxResponseDeadline (handler.go:614)
- isDemoMode, streamDemoSSE, errNoClusterAccess (operators.go:112-117)
- writeSSEEvent, handleK8sError (operators.go:131-147)
- maxK8sNameLen (validation.go:45)

Signed-off-by: Scanner Bot <scanner@kubestellar.io>
@kubestellar-hive kubestellar-hive Bot mentioned this pull request Jun 12, 2026
Open
@kubestellar-hive kubestellar-hive Bot merged commit b3525b1 into main Jun 12, 2026
21 of 32 checks passed
@kubestellar-prow kubestellar-prow Bot deleted the scanner/fix-18011 branch June 12, 2026 10:33
@github-actions

github-actions Bot commented Jun 12, 2026

Copy link
Copy Markdown
Contributor

Thank you for your contribution! Your PR has been merged.

Check out what's new:

Stay connected: Slack #kubestellar-dev | Multi-Cluster Survey

@github-actions github-actions Bot mentioned this pull request Jun 12, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

ai-generated Pull request generated by AI dco-signoff: yes Indicates the PR's author has signed the DCO. size/L Denotes a PR that changes 100-499 lines, ignoring generated files. tier/2-standard

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Auth smoke test failed — login or agent token contract may be broken

1 participant