Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix: add validation constraints to ExternalSecretRewrite to enforce single property selection (#5006)

Signed-off-by: Aakkash-Suresh <i-aakkash.s@devrev.ai>
Aakkash Suresh 8 months ago
parent
308712f10f
commit
6f12eb909d
5 changed files with 20 additions and 0 deletions
Split View Show Diff Stats
  1. 2 0
      apis/externalsecrets/v1/externalsecret_types.go
  2. 2 0
      apis/externalsecrets/v1beta1/externalsecret_types.go
  3. 4 0
      config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml
  4. 4 0
      config/crds/bases/external-secrets.io_externalsecrets.yaml
  5. 8 0
      deploy/crds/bundle.yaml

+ 2 - 0
apis/externalsecrets/v1/externalsecret_types.go
View File 

@@ -304,6 +304,8 @@ type ExternalSecretDataFromRemoteRef struct {
 
 	SourceRef *StoreGeneratorSourceRef `json:"sourceRef,omitempty"`
 
 }
 
 
+// +kubebuilder:validation:MinProperties=1
 
+// +kubebuilder:validation:MaxProperties=1
 
 type ExternalSecretRewrite struct {
 
 
 	// Used to merge key/values in one single Secret

+ 2 - 0
apis/externalsecrets/v1beta1/externalsecret_types.go
View File 

@@ -304,6 +304,8 @@ type ExternalSecretDataFromRemoteRef struct {
 
 	SourceRef *StoreGeneratorSourceRef `json:"sourceRef,omitempty"`
 
 }
 
 
+// +kubebuilder:validation:MinProperties=1
 
+// +kubebuilder:validation:MaxProperties=1
 
 type ExternalSecretRewrite struct {
 
 	// Used to rewrite with regular expressions.
 
 	// The resulting key will be the output of a regexp.ReplaceAll operation.

+ 4 - 0
config/crds/bases/external-secrets.io_clusterexternalsecrets.yaml
View File 

@@ -301,6 +301,8 @@ spec:
 
                             Used to rewrite secret Keys after getting them from the secret Provider
 
                             Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                           items:
 
+                            maxProperties: 1
 
+                            minProperties: 1
 
                             properties:
 
                               merge:
 
                                 description: |-
 
@@ -1089,6 +1091,8 @@ spec:
 
                             Used to rewrite secret Keys after getting them from the secret Provider
 
                             Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                           items:
 
+                            maxProperties: 1
 
+                            minProperties: 1
 
                             properties:
 
                               regexp:
 
                                 description: |-

+ 4 - 0
config/crds/bases/external-secrets.io_externalsecrets.yaml
View File 

@@ -281,6 +281,8 @@ spec:
 
                         Used to rewrite secret Keys after getting them from the secret Provider
 
                         Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                       items:
 
+                        maxProperties: 1
 
+                        minProperties: 1
 
                         properties:
 
                           merge:
 
                             description: |-
 
@@ -927,6 +929,8 @@ spec:
 
                         Used to rewrite secret Keys after getting them from the secret Provider
 
                         Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                       items:
 
+                        maxProperties: 1
 
+                        minProperties: 1
 
                         properties:
 
                           regexp:
 
                             description: |-

+ 8 - 0
deploy/crds/bundle.yaml
View File 

@@ -286,6 +286,8 @@ spec:
 
                               Used to rewrite secret Keys after getting them from the secret Provider
 
                               Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                             items:
 
+                              maxProperties: 1
 
+                              minProperties: 1
 
                               properties:
 
                                 merge:
 
                                   description: |-
 
@@ -1030,6 +1032,8 @@ spec:
 
                               Used to rewrite secret Keys after getting them from the secret Provider
 
                               Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                             items:
 
+                              maxProperties: 1
 
+                              minProperties: 1
 
                               properties:
 
                                 regexp:
 
                                   description: |-
 
@@ -10768,6 +10772,8 @@ spec:
 
                           Used to rewrite secret Keys after getting them from the secret Provider
 
                           Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                         items:
 
+                          maxProperties: 1
 
+                          minProperties: 1
 
                           properties:
 
                             merge:
 
                               description: |-
 
@@ -11388,6 +11394,8 @@ spec:
 
                           Used to rewrite secret Keys after getting them from the secret Provider
 
                           Multiple Rewrite operations can be provided. They are applied in a layered order (first to last)
 
                         items:
 
+                          maxProperties: 1
 
+                          minProperties: 1
 
                           properties:
 
                             regexp:
 
                               description: |-