From 1922515afa54ad54b6a31823c151a69a54e2da1d Mon Sep 17 00:00:00 2001
From: yminer <miner.yang@broadcom.com>
Date: Wed, 20 Nov 2024 10:55:03 +0000
Subject: [PATCH] add comment for CSRF key setting

Signed-off-by: yminer <miner.yang@broadcom.com>
---
 values.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/values.yaml b/values.yaml
index c862337d0..98206b0f4 100644
--- a/values.yaml
+++ b/values.yaml
@@ -625,6 +625,8 @@ core:
   # If tokenKey is set, the value of tokenCert must be set as a PEM-encoded certificate signed by tokenKey, and supplied as a multiline string, indented one more than tokenCert on the following line.
   tokenCert: |
   # The XSRF key. Will be generated automatically if it isn't specified
+  # While you specified, Please make sure it is 32 characters, otherwise would have validation issue at the harbor-core runtime
+  # https://github.com/goharbor/harbor/pull/21154 
   xsrfKey: ""
   # If using existingSecret, the key is defined by core.existingXsrfSecretKey
   existingXsrfSecret: ""