Fix bug when adding multiple built-in users (#729)
There was a problem with the root credentials being added as a user, and the name of the built in users had collisions with the root credentials Signed-off-by: Daniel Valdivia <hola@danielvaldivia.com>
This commit is contained in:
Daniel Valdivia
GitHub
@@ -560,33 +560,35 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
|
|||||||
}
|
}
|
||||||
|
|
||||||
tenantName := *tenantReq.Name
|
tenantName := *tenantReq.Name
|
||||||
secretName := fmt.Sprintf("%s-secret", tenantName)
|
|
||||||
imm := true
|
imm := true
|
||||||
var instanceSecret corev1.Secret
|
var instanceSecret corev1.Secret
|
||||||
var users []*corev1.LocalObjectReference
|
var users []*corev1.LocalObjectReference
|
||||||
if !(len(tenantReq.Idp.Keys) > 0) {
|
|
||||||
instanceSecret = corev1.Secret{
|
// Create the secret for the root credentials
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
secretName := fmt.Sprintf("%s-secret", tenantName)
|
||||||
Name: secretName,
|
instanceSecret = corev1.Secret{
|
||||||
Labels: map[string]string{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
miniov2.TenantLabel: tenantName,
|
Name: secretName,
|
||||||
},
|
Labels: map[string]string{
|
||||||
|
miniov2.TenantLabel: tenantName,
|
||||||
},
|
},
|
||||||
Immutable: &imm,
|
},
|
||||||
Data: map[string][]byte{
|
Immutable: &imm,
|
||||||
"accesskey": []byte(accessKey),
|
Data: map[string][]byte{
|
||||||
"secretkey": []byte(secretKey),
|
"accesskey": []byte(accessKey),
|
||||||
},
|
"secretkey": []byte(secretKey),
|
||||||
}
|
},
|
||||||
_, err = clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{})
|
}
|
||||||
if err != nil {
|
_, err = clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{})
|
||||||
return nil, prepareError(err)
|
if err != nil {
|
||||||
}
|
return nil, prepareError(err)
|
||||||
} else {
|
}
|
||||||
users = append(users, &corev1.LocalObjectReference{Name: secretName})
|
// Create the secret any built-in user passed
|
||||||
|
if len(tenantReq.Idp.Keys) > 0 {
|
||||||
for i := 0; i < len(tenantReq.Idp.Keys); i++ {
|
for i := 0; i < len(tenantReq.Idp.Keys); i++ {
|
||||||
users = append(users, &corev1.LocalObjectReference{Name: fmt.Sprintf("%s%d", secretName, i)})
|
users = append(users, &corev1.LocalObjectReference{Name: fmt.Sprintf("%s-user-%d", tenantName, i)})
|
||||||
instanceSecret = corev1.Secret{
|
userSecret := corev1.Secret{
|
||||||
ObjectMeta: metav1.ObjectMeta{
|
ObjectMeta: metav1.ObjectMeta{
|
||||||
Name: fmt.Sprintf("%s%d", secretName, i),
|
Name: fmt.Sprintf("%s%d", secretName, i),
|
||||||
Labels: map[string]string{
|
Labels: map[string]string{
|
||||||
@@ -599,7 +601,7 @@ func getTenantCreatedResponse(session *models.Principal, params admin_api.Create
|
|||||||
"CONSOLE_SECRET_KEY": []byte(*tenantReq.Idp.Keys[i].SecretKey),
|
"CONSOLE_SECRET_KEY": []byte(*tenantReq.Idp.Keys[i].SecretKey),
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
_, err := clientSet.CoreV1().Secrets(ns).Create(ctx, &instanceSecret, metav1.CreateOptions{})
|
_, err := clientSet.CoreV1().Secrets(ns).Create(ctx, &userSecret, metav1.CreateOptions{})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, prepareError(err)
|
return nil, prepareError(err)
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user