Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make code checking for secret --replace cleaner #1995

Merged
merged 1 commit into from
May 16, 2024
Merged

Make code checking for secret --replace cleaner #1995

merged 1 commit into from
May 16, 2024

Conversation

rhatdan
Copy link
Member

@rhatdan rhatdan commented May 14, 2024
edited

Add some tests to make sure secrets do not regress.

@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

Luap99
Luap99 reviewed May 15, 2024
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The commit could need some explanation would the actual logic change in the code is because it was really not obvious to me.

pkg/secrets/secrets_test.go
Comment on lines +170 to +182
_, data, err := manager.LookupSecretData("mysecret")
require.NoError(t, err)
require.Equal(t, string(data), "mydata.diff")

_, err = manager.Store("nonexistingsecret", []byte("mydata"), drivertype, storeOpts)
require.NoError(t, err)

storeOpts.Replace = false
_, err = manager.Store("nonexistingsecret", []byte("newdata"), drivertype, storeOpts)
require.Error(t, err)

_, err = manager.Delete("nonexistingsecret")
require.NoError(t, err)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unless I am doing something wrong this test passes with and without your changes so it does not check what you think it does I guess

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are good things to check, but I agree, I don't see a fix in my code.

@rhatdan
Copy link
Member Author

rhatdan commented May 15, 2024

This is fixing:

$ echo hi | /bin/podman secret create --replace foobar -
Error: deleting secret : : no secret data with ID
$ echo hi | ./bin/podman secret create --replace foobar -
WARN[0000] Failed to decode the keys ["storage.options.thinpool"] from "/usr/share/containers/storage.conf"
f75f44da8edafdb23700424fc

But I can not get it to fail in common. Basically if the first Delete

@Luap99
Copy link
Member

Luap99 commented May 16, 2024

This is fixing:

$ echo hi | /bin/podman secret create --replace foobar - Error: deleting secret : : no secret data with ID $ echo hi | ./bin/podman secret create --replace foobar - WARN[0000] Failed to decode the keys ["storage.options.thinpool"] from "/usr/share/containers/storage.conf" f75f44da8edafdb23700424fc

But I can not get it to fail in common. Basically if the first Delete

What podman version are you using? Seems to work fine on podman main branch for me?

$ bin/podman secret ls
ID          NAME        DRIVER      CREATED     UPDATED
$ echo hi | ./bin/podman secret create --replace foobar -
62a02695feee451a8cbd2c526
$ echo hi | ./bin/podman secret create --replace foobar -
681045a705eee529bfb04d382

@rhatdan
Copy link
Member Author

rhatdan commented May 16, 2024

I went and looked and sadly (for me) i fixed this in previous common patches, and forgot. So this PR does not really fix the issue, but I think adds some decent tests and makes the code easier to understand in my opinion. I will change the commit message.

@rhatdan
Make code checking for secret --replace cleaner
3383cbf 
Add some tests to make sure secrets do not regress.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
@rhatdan rhatdan changed the title podman secret create --replace nonexistant should not fail Make code checking for secret --replace cleaner May 16, 2024
@rhatdan
Copy link
Member Author

rhatdan commented May 16, 2024

@edsantiago @lsm5 @Luap99 @mheon @giuseppe PTAL

Luap99
Luap99 approved these changes May 16, 2024
View reviewed changes
Copy link
Member

@Luap99 Luap99 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I don't think the code change matters much but at least we now have a different error for both cases so we can at least tell which call failed if a users ever reports a bug so that seems good.

@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented May 16, 2024

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: Luap99, rhatdan

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@mheon
Copy link
Member

mheon commented May 16, 2024

/lgtm

@openshift-ci openshift-ci bot added the lgtm label May 16, 2024
@openshift-merge-bot openshift-merge-bot bot merged commit 8b4f2cf into containers:main May 16, 2024
11 of 12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Luap99 Luap99 Luap99 approved these changes

Assignees

@mheon mheon

Labels
approved lgtm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rhatdan @Luap99 @mheon