Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fix: skip none-existing keys (#4517)

* fix: skip none-existing keys

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

* remove empty key from the secret map

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>

---------

Signed-off-by: Gergely Brautigam <182850+Skarlso@users.noreply.github.com>
Gergely Brautigam 1 year ago
parent
6189fb3cf4
commit
ccb3e6c532
2 changed files with 10 additions and 5 deletions
Split View Show Diff Stats
  1. 3 3
      pkg/controllers/externalsecret/externalsecret_controller_secret.go
  2. 7 2
      pkg/utils/utils.go

+ 3 - 3
pkg/controllers/externalsecret/externalsecret_controller_secret.go
View File 

@@ -170,7 +170,7 @@ func (r *Reconciler) handleGenerateSecrets(ctx context.Context, namespace string
 
 	}
 
 
 	// validate the keys
 
-	err = utils.ValidateKeys(secretMap)
 
+	err = utils.ValidateKeys(r.Log, secretMap)
 
 	if err != nil {
 
 		return nil, fmt.Errorf(errInvalidKeys, err)
 
 	}
 
@@ -210,7 +210,7 @@ func (r *Reconciler) handleExtractSecrets(ctx context.Context, externalSecret *e
 
 	}
 
 
 	// validate the keys
 
-	err = utils.ValidateKeys(secretMap)
 
+	err = utils.ValidateKeys(r.Log, secretMap)
 
 	if err != nil {
 
 		return nil, fmt.Errorf(errInvalidKeys, err)
 
 	}
 
@@ -250,7 +250,7 @@ func (r *Reconciler) handleFindAllSecrets(ctx context.Context, externalSecret *e
 
 	}
 
 
 	// validate the keys
 
-	err = utils.ValidateKeys(secretMap)
 
+	err = utils.ValidateKeys(r.Log, secretMap)
 
 	if err != nil {
 
 		return nil, fmt.Errorf(errInvalidKeys, err)
 
 	}

+ 7 - 2
pkg/utils/utils.go
View File 

@@ -34,6 +34,7 @@ import (
 
 	"time"
 
 	"unicode"
 
 
+	"github.com/go-logr/logr"
 
 	corev1 "k8s.io/api/core/v1"
 
 	apiextensionsv1 "k8s.io/apiextensions-apiserver/pkg/apis/apiextensions/v1"
 
 	"sigs.k8s.io/controller-runtime/pkg/client"
 
@@ -193,11 +194,15 @@ func Decode(strategy esv1beta1.ExternalSecretDecodingStrategy, in []byte) ([]byt
 
 }
 
 
 // ValidateKeys checks if the keys in the secret map are valid keys for a Kubernetes secret.
 
-func ValidateKeys(in map[string][]byte) error {
 
+func ValidateKeys(log logr.Logger, in map[string][]byte) error {
 
 	for key := range in {
 
 		keyLength := len(key)
 
 		if keyLength == 0 {
 
-			return fmt.Errorf("found empty key")
 
+			delete(in, key)
 
+
 
+			log.V(1).Info("key was deleted from the secret output because it did not exist upstream", "key", key)
 
+
 
+			continue
 
 		}
 
 		if keyLength > 253 {
 
 			return fmt.Errorf("key has length %d but max is 253: (following is truncated): %s", keyLength, key[:253])