search

3scale-ops / saas-operator

3scale SaaS Operator - www.3scale.net
Apache License 2.0
8 stars 2 forks source link

Feat/Add decodingStrategy field to ExternalSecret with current default value #262

Closed slopezz closed 1 year ago

slopezz commented 1 year ago

Since a few versions ago, ESO has added a new field called decodingStrategy whose default value is None.

https://external-secrets.io/v0.8.2/guides/decoding-strategy/

The External Secrets Operator has the feature to allow multiple decoding strategies during an object generation.

The decodingStrategy field allows the user to set the following Decoding Strategies based on their needs. decodingStrategy can be placed under spec.data.remoteRef, spec.dataFrom.extract or spec.dataFrom.find. It will configure the decoding strategy for that specific operation, leaving others with the default behavior if not set.

None (default)
ESO will not try to decode the secret value.

Base64
ESO will try to decode the secret value using [base64](https://datatracker.ietf.org/doc/html/rfc4648#section-4) method. If the decoding fails, an error is produced.

Base64URL
ESO will try to decode the secret value using [base64url](https://datatracker.ietf.org/doc/html/rfc4648#section-5) method. If the decoding fails, an error is produced.

Auto
ESO will try to decode using Base64/Base64URL strategies. If the decoding fails, ESO will apply decoding strategy None. No error is produced to the user.

This is causing constant differences in our reconcile logic for every deployed ExternalSecret, making saas-operator logs unsable. So this PR harcodes current default value on the ExternalSecret template (as other current fields that we are not interested into using another value).

It has been tested through an alpha release in staging, so a stable release v0.19.8 has been created.

/kind feature /kind release /priority important-soon /assign

3scale-robot commented 1 year ago

LGTM label has been added.

Git tree hash: ef06d6ac493473c6d7eb4c2d35b1da0422157cc7

slopezz commented 1 year ago

/approve

3scale-robot commented 1 year ago

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: slopezz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/3scale-ops/saas-operator/blob/main/OWNERS)~~ [slopezz] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment