hide sensitive data for GetPackageRepoDetail and UpdatePackageRepository with kubeapps managed secrets #4652
Conversation
…datePackageRepository/
| @@ -45,6 +45,7 @@ const ( | |||
| var ( | |||
| // default poll interval is 10 min | |||
| defaultPollInterval = metav1.Duration{Duration: 10 * time.Minute} | |||
| redactedString = "REDACTED" | |||
There was a problem hiding this comment.
This should be a const rather than a package-global variable shouldn't it?
| }), | ||
| } | ||
| if _, err := secretsInterface.Update(ctx, secret, metav1.UpdateOptions{}); err != nil { | ||
| return statuserror.FromK8sError("update", "secrets", secret.Name, err) |
There was a problem hiding this comment.
Nice - so the main change to this file is just the return type of validateUserManagedRepoSecret and so that the arg to setOwnerReferencesForRepoSecret can include the secret (and avoid an extra lookup?)
There was a problem hiding this comment.
Nice - so the main change to this file is just the return type of
validateUserManagedRepoSecretand so that the arg tosetOwnerReferencesForRepoSecretcan include the secret (and avoid an extra lookup?)
Well, I would say the 'redacted' string handling, is the main change to this file. What you mention is just a small unrelated performance improvement, an icing on the cake, so to speak.
Thanks for the review
Greg
Documented behavior in the spec (under GetPackageRepositoryDetail
https://docs.google.com/document/d/1z03msZRGsRvcRaom-yrvEwIWcEfNy6fSA5Zg28gjYvA/edit#heading=h.ou8mya83exsw and UpdatePackageRepository https://docs.google.com/document/d/1z03msZRGsRvcRaom-yrvEwIWcEfNy6fSA5Zg28gjYvA/edit#heading=h.gd8t5sfz32li) as per agreement with team
Implemented according to spec in the flux plugin