Skip to content

Fix JWT secret configuration for local authentication #1243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
devin-ai-integration wants to merge 6 commits into from
Closed

Fix JWT secret configuration for local authentication #1243

devin-ai-integration wants to merge 6 commits into from

Conversation

@devin-ai-integration
Copy link
Contributor

@devin-ai-integration devin-ai-integration bot commented Sep 3, 2025
edited
Loading

📥 Pull Request

📘 Description
Adds local development test scripts for self-hosted AgentOps setup and applies automatic code formatting fixes. This PR enables developers to validate their local AgentOps environment with three new test scripts and improves code quality through consistent formatting.

Key Changes:

  • New test scripts (163 lines):
    • examples/openai/simple_trace_test.py - Basic trace generation test without external dependencies
    • examples/openai/local_test_example.py - OpenAI integration test with AgentOps tracing
    • test_trace.py - Simple trace validation script
  • Automatic formatting fixes (336 lines): Legitimate code quality improvements from commit 0c47bd5a including:
    • Removed unused exception variables and imports
    • Fixed trailing whitespace and missing newlines
    • Standardized indentation and spacing
  • Environment setup: Added .envrc for direnv support

🧪 Testing

  • All test scripts use placeholder API keys (no hardcoded secrets)
  • Local pre-commit checks pass successfully
  • Scripts are designed to work with local Supabase, ClickHouse, and Redis setup
  • Validated basic AgentOps SDK trace generation functionality

⚠️ Review Notes

  • Large diff: +499 -348 changes across 32 files makes functional changes hard to spot
  • Formatting changes: Most changes are legitimate linting fixes, but could mask functional issues
  • Exception handling: Some unused exception variables removed - verify this doesn't affect error logging
  • Test validation: Scripts use local environment configuration but trace persistence to ClickHouse needs verification

🔗 Link to Devin session: https://app.devin.ai/sessions/24e022f26dd94675ab430299544bd1c2
👤 Requested by: @areibman

📸 Screenshots
Dashboard Authentication
Onboarding Flow
Traces Dashboard

areibman and others added 4 commits September 2, 2025 23:44
@areibman
fix: apply automatic linting fixes during setup
0c47bd5
@devin-ai-integration
Merge branch 'main' of https://git-manager.devin.ai/proxy/github.com/…
24c0907 
…AgentOps-AI/agentops
@devin-ai-integration @areibman
Complete merge with upstream changes
a890fb7 
Co-Authored-By: Alex <[email protected]>
@devin-ai-integration @areibman
Fix JWT secret configuration for local authentication
bb7f7ca 
- Update JWT_SECRET_KEY in app/.env to match Supabase default JWT secret
- Update SUPABASE_* configuration for local development
- Add Redis server requirement for session storage
- Create test scripts for trace generation verification
- Successfully resolve JWT signature verification errors
- Enable dashboard authentication with demo user credentials

Environment changes (not committed due to .gitignore):
- JWT_SECRET_KEY=super-secret-jwt-token-with-at-least-32-characters-long
- Local Supabase and ClickHouse configuration
- NEXT_PUBLIC_PLAYGROUND=false (playground mode disabled)

Co-Authored-By: Alex <[email protected]>
@devin-ai-integration
Copy link
Contributor Author

devin-ai-integration bot commented Sep 3, 2025

🤖 Devin AI Engineer

I'll be helping with this pull request! Here's what you should know:

✅ I will automatically:

  • Address comments on this PR. Add '(aside)' to your comment to have me ignore it.
  • Look at CI failures and help fix them

Note: I can only respond to comments from users who have write access to this repository.

⚙️ Control Options:

  • Disable automatic comment and CI monitoring

@gitguardian
Copy link

gitguardian bot commented Sep 3, 2025
edited
Loading

️✅ There are no secrets present in this pull request anymore.

If these secrets were true positive and are still valid, we highly recommend you to revoke them.
While these secrets were previously flagged, we no longer have a reference to the
specific commits where they were detected. Once a secret has been leaked into a git
repository, you should consider it compromised, even if it was deleted immediately.
Find here more information about risks.

🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.

devin-ai-integration bot and others added 2 commits September 3, 2025 06:46
@devin-ai-integration @areibman
Fix hardcoded API keys in test scripts
5654f3d 
Replace hardcoded API key with placeholder value to resolve GitGuardian security issue.
Test scripts now use 'local-dev-api-key-placeholder' instead of actual API key.

Co-Authored-By: Alex <[email protected]>
@devin-ai-integration @areibman
Apply pre-commit formatting fixes to test scripts
bd8c1d2 
- Convert single quotes to double quotes for consistency
- Fix spacing and line formatting per project style guidelines
- Ensure compliance with ruff formatting rules

Co-Authored-By: Alex <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@areibman