-
Notifications
You must be signed in to change notification settings - Fork 591
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix: run basic credentials validation despite relation with consumers #4887
Conversation
50564ef
to
2a7749c
Compare
3df29b0
to
193476a
Compare
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #4887 +/- ##
=======================================
- Coverage 77.7% 77.7% -0.1%
=======================================
Files 164 164
Lines 18443 18459 +16
=======================================
+ Hits 14340 14346 +6
- Misses 3283 3290 +7
- Partials 820 823 +3
☔ View full report in Codecov by Sentry. |
193476a
to
ee99694
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since 2.12 is an LTS and this change targets 3.0 I believe this is worth back porting to 2.12.
bf4318b
to
a6e060e
Compare
a6e060e
to
2c5a5f6
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If I understand this correctly, this might have a small performance penalty due to validating more secrets (which is sort of an obvious cost for the validation) right?
Until we remove the old way - field - (which was deprecated now in favor of a label - introduced in #4825 - which should make it more efficient (checking only those with a label
The backport to
To backport manually, run these commands in your terminal: # Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add .worktrees/backport-release/2.12.x release/2.12.x
# Navigate to the new working tree
cd .worktrees/backport-release/2.12.x
# Create a new branch
git switch --create backport-4887-to-release/2.12.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 f7361dae5b5322501477715826cfc292ce02cf14
# Push it to GitHub
git push --set-upstream origin backport-4887-to-release/2.12.x
# Go back to the original working tree
cd ../..
# Delete the working tree
git worktree remove .worktrees/backport-release/2.12.x Then, create a pull request where the |
@czeslavo Note that since this PR has a changelog entry the backport failed 😢 |
What this PR does / why we need it:
Runs
credsvalidation.ValidateCredentials
just after ensuring theSecret
has thekongCredType
key. It will make the admission webhook validate credentials' Secrets' schema even if they're not associated with anyKongConsumer
yet.Which issue this PR fixes:
Fix for #4885.
Special notes for your reviewer:
PR Readiness Checklist:
Complete these before marking the PR as
ready to review
:CHANGELOG.md
release notes have been updated to reflect any significant (and particularly user-facing) changes introduced by this PR