Skip to content

feat: local auth disabled mode and dev images#4325

Merged
mnafees merged 48 commits into
mainfrom
nafees/local-no-auth
Jul 9, 2026
Merged

feat: local auth disabled mode and dev images#4325
mnafees merged 48 commits into
mainfrom
nafees/local-no-auth

Conversation

@mnafees

@mnafees mnafees commented Jul 1, 2026

Copy link
Copy Markdown
Member

Description

Introduces the local auth disabled mode. Partially fulfills #3680.

Type of change

  • Documentation change (pure documentation change)
  • New feature (non-breaking change which adds functionality)

What's Changed

  • Add auth disabled build tags to build -dev prefixed images
  • Add warnings about dev local usage only
  • Add documentation
  • Add new --disable-auth flag to hatchet server start

Checklist

Changes have been:

  • Tested (unit, integration, or manually with steps specified)
  • Linted and formatted
  • Documented (where applicable)

🤖 AI Disclosure
  • I acknowledge that an LLM was used in the creation of this Pull Request, in accordance with Hatchet's AI_POLICY.md.
  • Details: [e.g. generating tests, writing docs]

@mnafees mnafees self-assigned this Jul 1, 2026
@vercel

vercel Bot commented Jul 1, 2026

Copy link
Copy Markdown

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
hatchet-docs Ready Ready Preview, Comment Jul 9, 2026 1:56pm

Request Review

@github-actions github-actions Bot added the engine Related to the core Hatchet engine label Jul 1, 2026
@mnafees mnafees changed the title initial commit for no-auth local mode feat: local no-auth mode Jul 1, 2026
@github-actions github-actions Bot added documentation Improvements or additions to documentation dashboard Related to the Hatchet dashboard labels Jul 1, 2026
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=false). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

Comment thread api/v1/server/authn/middleware.go Outdated
@mnafees mnafees added the cli Related to the Hatchet CLI label Jul 1, 2026
@mnafees mnafees requested a review from abelanger5 July 1, 2026 12:15
@mnafees mnafees marked this pull request as ready for review July 1, 2026 12:15
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=true). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The old-engine-new-sdk (TypeScript) job failed on this PR. This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=false). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=false). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=false). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@mrkaye97 mrkaye97 left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left some small comments, but generally this looks good.

One thing I'm a bit nervous about is polluting the frontend with more conditional rendering based on this state, but I'm not sure of other ways around it, unfortunately

Comment thread api/v1/server/authn/middleware.go
Comment thread api/v1/server/authz/middleware.go
}

func (a *AuthZ) authorizeTenantOperations(tenantMemberRole sqlcv1.TenantMemberRole, r *middleware.RouteInfo) error {
func (a *AuthZ) authorizeTenantOperations(roleName string, r *middleware.RouteInfo) error {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what's the reason for this change?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we now have an internal-only NOAUTH role which does not conform to a sqlcv1.TenantMemberRole anymore

Comment thread api/v1/server/handlers/metadata/get.go Outdated
configLoader := loader.NewConfigLoader(configDirectory)

cleanup, server, err := configLoader.CreateServerFromConfig("", func(scf *server.ServerConfigFile) {
cleanup, srv, err := configLoader.CreateServerFromConfig("", func(scf *server.ServerConfigFile) {

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit, but do we need this naming change? imo, server is more clear than srv

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

so I chose to do this since the package name is also server and it was confusing me while I was revisiting this code 😅

Comment thread frontend/app/src/components/layout/auth-disabled-banner.tsx Outdated
@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=false). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The old-engine-new-sdk (Python) job failed on this PR. This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The old-engine-new-sdk (Python) job failed on this PR. This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The old-engine-new-sdk (Python) job failed on this PR. This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The old-engine-new-sdk (Python) job failed on this PR. This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The old-engine-new-sdk (Python) job failed on this PR. This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=true). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@mnafees mnafees merged commit 160cb92 into main Jul 9, 2026
67 of 69 checks passed
@mnafees mnafees deleted the nafees/local-no-auth branch July 9, 2026 14:05
@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=true). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

⚠️ Optional test failure: The load-deadlock job failed on this PR (optimistic-scheduling=false). This check is non-mandatory and does not block merging, but may be worth investigating. View logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

cli Related to the Hatchet CLI dashboard Related to the Hatchet dashboard documentation Improvements or additions to documentation engine Related to the core Hatchet engine github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants