Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The indent function strips empty lines that might be required #650

Open
PascalVA opened this issue Jun 28, 2024 · 0 comments
Open

The indent function strips empty lines that might be required #650

PascalVA opened this issue Jun 28, 2024 · 0 comments

Comments

@PascalVA
Copy link

PascalVA commented Jun 28, 2024
edited
Loading

Describe the bug

The indent function strips empty lines that might be required. In our example the issue occurs while trying to print a PGP public key block. The empty line is required for the PGP PUBLIC KEY BLOCK to be considered valid.

To Reproduce

  1. Create a secret on HashiCorp Vault with the following content

    -----BEGIN PGP PUBLIC KEY BLOCK-----

TmV2ZXIgZ29ubmEgZ2l2ZSB5b3UgdXAKTmV2ZXIgZ29ubmEgbGV0IHlvdSBkb3duCk5ldmVyIGdv
bm5hIHJ1biBhcm91bmQgYW5kIGRlc2VydCB5b3UKTmV2ZXIgZ29ubmEgbWFrZSB5b3UgY3J5Ck5l
dmVyIGdvbm5hIHNheSBnb29kYnllCk5ldmVyIGdvbm5hIHRlbGwgYSBsaWUgYW5kIGh1cnQgeW91
Cg==
-----END PGP PUBLIC KEY BLOCK-----

  2. Create a ConfigMap file with the following content and replace the HashiCorp Vault path. (NOTE: the config key here is a multiline-string. Indentation in a yaml structure is not necessary since is already handled corretly by the plugin)

    ---
apiVersion: v1
kind: ConfigMap
data:
  config: |
    pgp_key: |
      <path:/mount_point/data/path/to/secret#key | indent 2>

  3. Run the argocd-vault-plugin to template the file

    # Version we have deployed
argocd-vault-plugin_1.17.0_linux_amd64 generate configmap.yaml

# Latest version
argocd-vault-plugin_1.18.1_linux_amd64 generate configmap.yaml

Expected behavior

We expect to have all content returned with proper indentation as below:

apiVersion: v1
data:
  config: |
    pgp_key: |
      -----BEGIN PGP PUBLIC KEY BLOCK-----
      
      TmV2ZXIgZ29ubmEgZ2l2ZSB5b3UgdXAKTmV2ZXIgZ29ubmEgbGV0IHlvdSBkb3duCk5ldmVyIGdv
      bm5hIHJ1biBhcm91bmQgYW5kIGRlc2VydCB5b3UKTmV2ZXIgZ29ubmEgbWFrZSB5b3UgY3J5Ck5l
      dmVyIGdvbm5hIHNheSBnb29kYnllCk5ldmVyIGdvbm5hIHRlbGwgYSBsaWUgYW5kIGh1cnQgeW91
      Cg==
      -----END PGP PUBLIC KEY BLOCK-----
kind: ConfigMap

Screenshots/Verbose output

We receive the output with the empty line removed by the indent plugin.

apiVersion: v1
data:
  config: |
    pgp_key: |
      -----BEGIN PGP PUBLIC KEY BLOCK-----
      TmV2ZXIgZ29ubmEgZ2l2ZSB5b3UgdXAKTmV2ZXIgZ29ubmEgbGV0IHlvdSBkb3duCk5ldmVyIGdv
      bm5hIHJ1biBhcm91bmQgYW5kIGRlc2VydCB5b3UKTmV2ZXIgZ29ubmEgbWFrZSB5b3UgY3J5Ck5l
      dmVyIGdvbm5hIHNheSBnb29kYnllCk5ldmVyIGdvbm5hIHRlbGwgYSBsaWUgYW5kIGh1cnQgeW91
      Cg==
      -----END PGP PUBLIC KEY BLOCK-----
kind: ConfigMap

Additional Infromation

I assume the problem comes from here:

argocd-vault-plugin/pkg/kube/modifiers.go

Lines 49 to 57 in 810f1fe

if len(lines[i]) > 0 {
for j := 0; int64(j) < level; j += 1 {
builder.WriteString(" ")
}
builder.WriteString(strings.TrimSpace(lines[i]))
if i < len(lines)-1 {
builder.WriteString("\n")
}
}

I think the function should always write the trailing newline and not only if the length of the line is greater than 0.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@PascalVA