util: set defaults for Vault config before converting #2602
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
When using UPPER_CASE formatting for the HashiCorp Vault KMS configuration, a missing `VAULT_DESTROY_KEYS` will cause the option to be set to "false". The default for the option is intended for be "true". This is a difference in behaviour between the `vaultDestroyKeys` and `VAULT_DESTROY_KEYS` options. Both should use a default of "true" when the configuration does not set the option explicitly. By setting the default options in the `standardVault` struct before unmarshalling the configuration in it, the default values will be retained for the missing configuration options. Reported-by: Rachael George <rgeorge@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com>
nixpanic
added
bug
|
/retest ci/centos/mini-e2e/k8s-1.22 |
Madhu-1
approved these changes
Oct 28, 2021
This was referenced Oct 28, 2021
humblec
reviewed
Oct 29, 2021
| @@ -43,7 +43,7 @@ const ( | |||
| vaultDefaultRole = "csi-kubernetes" | |||
| vaultDefaultNamespace = "" | |||
| vaultDefaultPassphrasePath = "" | |||
| vaultDefaultCAVerify = "true" | |||
| vaultDefaultCAVerify = true | |||
There was a problem hiding this comment.
@nixpanic this is bit confusing actually, vaultDefaultCAVerify take it as bool and DestroyKeys with string but in form form of boolean "true". Cant we make it in uniform manner?
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
When using UPPER_CASE formatting for the HashiCorp Vault KMS
configuration, a missing
VAULT_DESTROY_KEYSwill cause the option tobe set to "false". The default for the option is intended for be "true".
This is a difference in behaviour between the
vaultDestroyKeysandVAULT_DESTROY_KEYSoptions. Both should use a default of "true" whenthe configuration does not set the option explicitly.
By setting the default options in the
standardVaultstruct beforeunmarshalling the configuration in it, the default values will be
retained for the missing configuration options.
Show available bot commands
These commands are normally not required, but in case of issues, leave any of
the following bot commands in an otherwise empty comment in this PR:
/retest ci/centos/<job-name>: retest the<job-name>after unrelatedfailure (please report the failure too!)
/retest all: run this in case the CentOS CI failed to start/report any testprogress or results