Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add additional validation to secret_suffix in Kubernetes backend #35666

Merged
merged 11 commits into from
Oct 4, 2024
Merged

Add additional validation to secret_suffix in Kubernetes backend #35666

merged 11 commits into from
Oct 4, 2024

Conversation

bschaatsbergen
Copy link
Member

Addresses an issue with the secret_suffix attribute in the Kubernetes backend. It adds a check to prevent suffixes from ending with a -<number>, as this conflicts with the backend’s chunking mechanism that appends numeric indices to secret names.

Details on the exact underlying issue and chunking mechanism can be found here : #35641 (comment)

Fixes #35641

@bschaatsbergen bschaatsbergen requested a review from a team as a code owner September 2, 2024 18:50
@bschaatsbergen bschaatsbergen mentioned this pull request Sep 2, 2024
Closed
alexsomesan
alexsomesan reviewed Sep 4, 2024
View reviewed changes
Copy link
Member

@alexsomesan alexsomesan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me, following our conversation in Slack.

Deferring to @jrhouston for a second pair of eyes and final approval as he's more familiar with this code than I am.

jrhouston
jrhouston approved these changes Sep 19, 2024
View reviewed changes
Copy link
Contributor

@jrhouston jrhouston left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for adding validation for this @bschaatsbergen – I'm going to approve, but I've left you some comments proposing some cosmetic changes to the code.

internal/backend/remote-state/kubernetes/backend.go Outdated Show resolved Hide resolved
internal/backend/remote-state/kubernetes/backend.go Outdated Show resolved Hide resolved
internal/backend/remote-state/kubernetes/backend.go Outdated Show resolved Hide resolved
@bschaatsbergen bschaatsbergen merged commit 7d579e8 into hashicorp:main Oct 4, 2024
6 of 7 checks passed
@bschaatsbergen bschaatsbergen deleted the b/fix-secret-suffix branch October 4, 2024 08:42
@github-actions GitHub Actions
Copy link

github-actions bot commented Oct 4, 2024

Reminder for the merging maintainer: if this is a user-visible change, please update the changelog on the appropriate release branch.

@bschaatsbergen bschaatsbergen mentioned this pull request Oct 4, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexsomesan alexsomesan alexsomesan left review comments

@jrhouston jrhouston jrhouston approved these changes

Assignees
No one assigned
Labels
backend/k8s bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Terraform Crash
4 participants
@bschaatsbergen @alexsomesan @jrhouston @crw