From cccbc3f3c287e06c62271245dc7ae03c8f46753b Mon Sep 17 00:00:00 2001
From: miner <yminer@vmware.com>
Date: Thu, 21 Nov 2024 00:21:00 +0800
Subject: [PATCH] add comment for CSRF key setting (#1868)

Signed-off-by: yminer <miner.yang@broadcom.com>
Co-authored-by: yminer <miner.yang@broadcom.com>
---
 values.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/values.yaml b/values.yaml
index c862337d0..98206b0f4 100644
--- a/values.yaml
+++ b/values.yaml
@@ -625,6 +625,8 @@ core:
   # If tokenKey is set, the value of tokenCert must be set as a PEM-encoded certificate signed by tokenKey, and supplied as a multiline string, indented one more than tokenCert on the following line.
   tokenCert: |
   # The XSRF key. Will be generated automatically if it isn't specified
+  # While you specified, Please make sure it is 32 characters, otherwise would have validation issue at the harbor-core runtime
+  # https://github.com/goharbor/harbor/pull/21154 
   xsrfKey: ""
   # If using existingSecret, the key is defined by core.existingXsrfSecretKey
   existingXsrfSecret: ""