From 55f10865b500f44a3449d449d0f7e95b4b3ceedc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wenkai=20Yin=28=E5=B0=B9=E6=96=87=E5=BC=80=29?= Date: Mon, 6 Nov 2023 16:16:38 +0800 Subject: [PATCH] Truncate the credential file to avoid the change of secret content messing it up MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Truncate the credential file to avoid the change of secret content messing it up Signed-off-by: Wenkai Yin(尹文开) --- changelogs/unreleased/7071-ywk253100 | 1 + internal/credentials/file_store.go | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) create mode 100644 changelogs/unreleased/7071-ywk253100 diff --git a/changelogs/unreleased/7071-ywk253100 b/changelogs/unreleased/7071-ywk253100 new file mode 100644 index 00000000000..2a6faffe3f4 --- /dev/null +++ b/changelogs/unreleased/7071-ywk253100 @@ -0,0 +1 @@ +Truncate the credential file to avoid the change of secret content messing it up \ No newline at end of file diff --git a/internal/credentials/file_store.go b/internal/credentials/file_store.go index 1332d4f8d82..4b5d2566422 100644 --- a/internal/credentials/file_store.go +++ b/internal/credentials/file_store.go @@ -71,7 +71,7 @@ func (n *namespacedFileStore) Path(selector *corev1api.SecretKeySelector) (strin keyFilePath := filepath.Join(n.fsRoot, fmt.Sprintf("%s-%s", selector.Name, selector.Key)) - file, err := n.fs.OpenFile(keyFilePath, os.O_RDWR|os.O_CREATE, 0644) + file, err := n.fs.OpenFile(keyFilePath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644) if err != nil { return "", errors.Wrap(err, "unable to open credentials file for writing") }