298cf1beec
This change updates NewPrefixTransformers to not short-circuit on the first transformer that has a matching prefix. If the same type of encryption ProviderConfiguration is used more than once, they will share the same prefix. A failure in the first one should not prevent a later match from being attempted. Added TestCBCKeyRotationWithOverlappingProviders unit test to prevent regressions. Note that this test explicitly exercises this flow using an EncryptionConfiguration object as the structure of the resulting transformer is an important part of the check. Signed-off-by: Monis Khan <mkhan@redhat.com> Kubernetes-commit: 4dc16f29a7285a4bcaff1915728953d8a55e1b6e |
||
|---|---|---|
| .. | ||
| admission | ||
| apis | ||
| audit | ||
| authentication | ||
| authorization | ||
| endpoints | ||
| features | ||
| registry | ||
| server | ||
| storage | ||
| util | ||