Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: Add format-specific annotations to override secret file names #572

Draft
wants to merge 7 commits into
base: main
Choose a base branch
from
Draft

feat: Add format-specific annotations to override secret file names #572

wants to merge 7 commits into from

Conversation

Techassi
Copy link
Member

@Techassi Techassi commented Mar 18, 2025
edited by NickLarsenNZ
Loading

Caution

Blocked on 25.3.0 release.
A check to prevent path traversal was introduced in a7718e0, integration tests still need to be added.

This PR adds support to customize the secret file names using secrets.stackable.tech annotations on the volume. The following attributes were added:

  • secrets.stackable.tech/format.tls-pkcs12.keystore-name
  • secrets.stackable.tech/format.tls-pkcs12.truststore-name
  • secrets.stackable.tech/format.tls-pem.cert-name
  • secrets.stackable.tech/format.tls-pem.key-name
  • secrets.stackable.tech/format.tls-pem.ca-name

This came up in demo testing during the 25.3.0 SPD release, see stackabletech/demos#157 (comment).

This PR adds a new test dimension which is used in the tls tests. All adjusted tests pass:

--- PASS: kuttl (86.98s)
    --- PASS: kuttl/harness (0.00s)
        --- PASS: kuttl/harness/tls_openshift-false_rsa-key-length-3072_custom-secret-names-False (58.78s)
        --- PASS: kuttl/harness/tls_openshift-false_rsa-key-length-2048_custom-secret-names-True (7.52s)
        --- PASS: kuttl/harness/tls_openshift-false_rsa-key-length-2048_custom-secret-names-False (7.32s)
        --- PASS: kuttl/harness/cert-manager-tls_openshift-false (81.10s)
        --- PASS: kuttl/harness/tls_openshift-false_rsa-key-length-3072_custom-secret-names-True (13.35s)
PASS

@Techassi Techassi self-assigned this Mar 18, 2025
@Techassi Techassi marked this pull request as draft March 18, 2025 13:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nightkr nightkr nightkr left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@Techassi Techassi

Labels
scheduled-for/25.7.0 status/blocked
Projects
Stackable Engineering
Status: Development: In Progress
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Techassi @nightkr @NickLarsenNZ