-
Notifications
You must be signed in to change notification settings - Fork 544
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ignore malformed secrets when creating keychain #1834
base: main
Are you sure you want to change the base?
Conversation
@imjasonh , @jonjohnsonjr wdyt? |
This Pull Request is stale because it has been open for 90 days with |
It would be great to have a review here 🙏 |
@@ -186,7 +187,8 @@ func NewFromPullSecrets(ctx context.Context, secrets []corev1.Secret) (authn.Key | |||
} | |||
parsed, err := url.Parse(value) | |||
if err != nil { | |||
return nil, fmt.Errorf("Entry %q in dockercfg invalid (%w)", value, err) | |||
logs.Warn.Printf("entry %q in dockercfg secret %s/%s invalid (%s); ignoring", secret.Namespace, secret.Name, value, err) | |||
continue |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of continuing.
Can we throw an error if none of the secrets work? May be thats a failure mode?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done!
This changes the behavior of the NewFromPullSecrets function to ignore secrets that contain malformed data. This allows processing of the other secrets which may be sufficient for authentication. Resolves google#1833 Signed-off-by: Luiz Carvalho <[email protected]>
6701ddb
to
7a717a1
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1834 +/- ##
=======================================
Coverage 71.67% 71.67%
=======================================
Files 123 123
Lines 9935 9935
=======================================
Hits 7121 7121
Misses 2115 2115
Partials 699 699 ☔ View full report in Codecov by Sentry. |
/approve |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for these changes!
This Pull Request is stale because it has been open for 90 days with |
This Pull Request is stale because it has been open for 90 days with |
This Pull Request is stale because it has been open for 90 days with |
This changes the behavior of the NewFromPullSecrets function to ignore secrets that contain malformed data. This allows processing of the other secrets which may be sufficient for authentication.
Resolves #1833.