-
Notifications
You must be signed in to change notification settings - Fork 589
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(konnect) avoid collisions when redacting #5964
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #5964 +/- ##
======================================
Coverage ? 68.0%
======================================
Files ? 179
Lines ? 18307
Branches ? 0
======================================
Hits ? 12464
Misses ? 4868
Partials ? 975 ☔ View full report in Codecov by Sentry. |
When generating sanitized configuration for Konnect, use random values to redact unique fields. Internally, go-database-reconciler builds an in-memory database with certain fields as primary keys. Using static redacted values for these results in collisions in that database.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM, but is the KeyAuth
the only credential part that we need to de-deplecate in consumers?
So far as we know now, yeah. It seems the only one likely due to its (I think) unique "primary key is the one and only value" situation, though we could potentially have others. I opted for the more targeted fix given the havoc that random values play with tests. If we find that others are affected we may want to randomize everything and refactor tests to accommodate that. |
E2E (targeted) tests with KIND-based clusters were started at https://github.com/Kong/kubernetes-ingress-controller/actions/runs/8978822226 |
Co-authored-by: Grzegorz Burzyński <czeslavo@gmail.com>
@rainest Please check the linter comments on import section of |
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-release/3.1.x release/3.1.x
# Navigate to the new working tree
cd .worktrees/backport-release/3.1.x
# Create a new branch
git switch --create backport-5964-to-release/3.1.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 4b60bf8cd8074fb310b8270e623fe8f080cdd934
# Push it to GitHub
git push --set-upstream origin backport-5964-to-release/3.1.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-release/3.1.x Then, create a pull request where the |
@rainest The backport to 3.1 has failed. |
When generating sanitized configuration for Konnect, use random values to redact unique fields. Internally, go-database-reconciler builds an in-memory database with certain fields as primary keys. Using static redacted values for these results in collisions in that database. (cherry picked from commit 4b60bf8)
Added manual backport PR: #6001 |
When generating sanitized configuration for Konnect, use random values to redact unique fields. Internally, go-database-reconciler builds an in-memory database with certain fields as primary keys. Using static redacted values for these results in collisions in that database. (cherry picked from commit 4b60bf8)
…#6001) * fix(konnect) avoid collisions when redacting (#5964) When generating sanitized configuration for Konnect, use random values to redact unique fields. Internally, go-database-reconciler builds an in-memory database with certain fields as primary keys. Using static redacted values for these results in collisions in that database. (cherry picked from commit 4b60bf8) * add CHANGELOG entry to backport --------- Co-authored-by: Travis Raines <571832+rainest@users.noreply.github.com>
What this PR does / why we need it:
Change the static redacted pretend Vault string to a function that generates a random pretend Vault string.
This avoids collisions for certain types of values when go-database-reconciler builds configuration. It uses an in-memory database that looks up Kong entities by unique fields. If these fields aren't actually unique, go-database-reconciler will detect a conflict and abort.
Which issue this PR fixes:
Reported by @mheap in chat.
Special notes for your reviewer:
Manual smoke testing: creating a key-auth with
{vault://04a84f95-91f0-4caa-87d1-91a2caa2a6ca}
as thekey
value to validate that UUIDs are valid Vault keys.Originally did this for all redacted strings, but turns out that the random stuff needs accounting for in tests in less than intuitive ways, so limited to the resources we know have this problem for certain. key-auth is probably alone there, as one of the few (only?) things where the primary key has to be sensitive.
PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR