search

kubernetes / client-go

Go client for Kubernetes.
Apache License 2.0
8.78k stars 2.9k forks source link

secrets: merging string secret map into the binary secret map #1356

Closed drev74 closed 1 month ago

drev74 commented 1 month ago

I recognize merging binary and string secrets, which is not correct:

Debugf("*** create secrets: %s", req.Secret)

// storing a secret
secret := &corev1.Secret{
  ObjectMeta: metav1.ObjectMeta{
    Namespace:   ns,
    Name:        name, 
    Labels:      req.Meta.Labels,
    Annotations: req.Meta.Annotations,
  },
  Data:       binData,
  StringData: req.Secret.StringData,
}
res, err := s.cs.CoreV1().Secrets(ns).Create(context.TODO(), secret, metav1.CreateOptions{})
...
// reading a secret
res, err := s.cs.CoreV1().Secrets(ns).Get(context.TODO(), name, metav1.GetOptions{})
Debugf("*** read data: %s, string data: %s", res.Data, res.StringData)
// results
*** create secrets: data:{key:"one" value:"00one"} string_data:{key:"two" value:"00two"} 
*** read data: map[one:00one two:00two], string data: map[]

Versions: k8s.io/client-go v0.30.1 go 1.22.3

liggitt commented 1 month ago

The stringData field is defined as a write only field that is merged into the data field.