This PR replaces the TrimLeft function with TrimPrefix during the decode phase of base64 secrets (prepended with the base64: string).
The problem of TrimLeft is that it replaces all the occurrences of the characters defined in base64:, which is not desired. For instance, base64("h") = "aA==". Then, strings.TrimPrefix(s, "base64:") = "A==". This results in a an error when trying to decode secrets of this kind (illegal base64 data at input byte).
The added test case fails without this fix:
--- FAIL: TestDecode (0.00s)
--- FAIL: TestDecode/base64_encoded#01 (0.00s)
main_test.go:34:
Error Trace: main_test.go:34
Error: Received unexpected error:
illegal base64 data at input byte 1
Test: TestDecode/base64_encoded#01
main_test.go:35:
Error Trace: main_test.go:35
Error: Not equal:
expected: "h"
actual : ""
Diff:
--- Expected
+++ Actual
@@ -1 +1 @@
-h
+
Test: TestDecode/base64_encoded#01
FAIL
exit status 1
FAIL github.com/postfinance/vault-kubernetes/cmd/synchronizer 0.409s
This PR replaces the
TrimLeftfunction withTrimPrefixduring the decode phase of base64 secrets (prepended with thebase64:string).The problem of
TrimLeftis that it replaces all the occurrences of the characters defined inbase64:, which is not desired. For instance,base64("h")= "aA==". Then,strings.TrimPrefix(s, "base64:")= "A==". This results in a an error when trying to decode secrets of this kind (illegal base64 data at input byte).The added test case fails without this fix: