fix: Provide default JWT secret for CI tests on fork PRs#282
Merged
nbhansen merged 1 commit intoaau-giraf:dev-mainfrom Feb 4, 2026
Merged
fix: Provide default JWT secret for CI tests on fork PRs#282nbhansen merged 1 commit intoaau-giraf:dev-mainfrom
nbhansen merged 1 commit intoaau-giraf:dev-mainfrom
Conversation
nbhansen
force-pushed
the
fix/ci-jwt-secret
branch
4 times, most recently
from
f2bc9be to
c7b5e83
Compare
GitHub Actions doesn't expose secrets to fork PRs for security reasons. The workflow sets JWT_SECRET from secrets, but for forks it becomes an empty string (not null). The ?? operator only checks for null, so empty strings passed through and caused "key length is zero" errors. Changes to Program.cs: - Remove duplicate ConfigurationBuilder, use builder.Configuration - Handle empty/whitespace strings explicitly with IsNullOrWhiteSpace() Changes to UsersController.cs: - Fix GenerateJwt() to handle empty strings the same way - This was the actual source of the "key length is zero" error Changes to CustomApplicationFactory.cs: - Use static constructor to set JWT_SECRET before any host creation - Remove unused JwtSecretConfig class - Add AddInMemoryCollection for config-based injection This allows fork PRs to pass CI without requiring GitHub secrets access.
nbhansen
force-pushed
the
fix/ci-jwt-secret
branch
from
c7b5e83 to
a816321
Compare
github-project-automation
bot
moved this from Backlog
to Done
in Visual Tangible Artefacts - 2025
3 tasks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
GitHub Actions doesn't expose secrets to fork PRs for security reasons. The workflow sets
JWT_SECRETfrom secrets, but for forks it resolves to an empty string (not null). The??operator only checks for null, so empty strings were passing through and causing "key length is zero" errors at runtime.Changes
Program.cs:
IsNullOrWhiteSpace()UsersController.cs:
GenerateJwt()to handle empty strings the same wayCustomApplicationFactory.cs:
Test Plan
Note
This PR should be merged first before other fork PRs, as it fixes CI for all fork contributions.