This ensures we signal early that we will be unable to fulfill the
request, instead of letting the underlying keysource implementation
run into mayhem. Which can be problematic for e.g. PGP, which has
assumptions about things being located relative to the given home
directory, resulting in possible unexpected behavior if an empty path
is given.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This ensures data used for decryption is not exposed widely after
constructing the Server, and prevents a bypass to the default server
fallback.
Signed-off-by: Hidde Beydals <hello@hidde.co>
These bits of code have a history of accidents around the fallback
behavior. By simplifying it, the fallback should generally always work,
unless you put in instructions to take another route.
Signed-off-by: Hidde Beydals <hello@hidde.co>
The original keyservice implementation was forked from SOPS, keeping
the prompt capabilities intact. However, since the implementations have
started to grow, it is better to remove this capability and resort to
a hardcoded `false` default for the fallback server. As the controller
is never expected to have an interactive TTY/shell.
Signed-off-by: Hidde Beydals <hello@hidde.co>
When the flag --default-service-account was added it changed
slightly the behaviour of the spec.KubeConfig field. It forces
the impersonation to always take place, either via the contents
of spec.ServiceAccountName or its fallback at controller level.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
Two new flags were added to allow users to enable the
use of user.Exec and InsecureTLS in the kubeconfigs
provided remote apply reconciliations.
Breaking change: both functionalities are no longer
enabled by default.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
Some tests requires the sops CLI to be installed,
by adding it as a requirement of the Makefile tests
target we make it easier for new contributors to
engage with the codebase.
Signed-off-by: Paulo Gomes <paulo.gomes@weave.works>
To please the older Azure SDK, the upstream SOPS implementation base64
URL encodes data before encryption, and decodes it afterwards. With the
new SDK, this has changed, requiring us to do the opposite to ensure
compatibility.
Signed-off-by: Hidde Beydals <hello@hidde.co>
Add integration tests to ensure compatibility between our own Azure
keyservice implementation and upstream.
Tests are enabled to only run for `main`.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This solves a regression bug introduced in `v0.22.0`, which caused the
keyservice to not properly fall back to the default for Azure Key Vault
decryption requests.
A couple of nitpicks that I ran into while inspecting the code have
been adressed as well.
Signed-off-by: Hidde Beydals <hello@hidde.co>
This to facilitate improvements on the notification-controller side,
where annotations prefixed with the FQDN of the Group of the Involved
Object will be transformed into "fields".
Signed-off-by: Hidde Beydals <hello@hidde.co>
Hidde Beydals