Skip to content

make sure to drop item from secret cache after default duration if calculated duration is equal or less than 0 #9049

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 21, 2025
Merged

make sure to drop item from secret cache after default duration if calculated duration is equal or less than 0 #9049

merged 1 commit into from
Feb 21, 2025

Conversation

carlo-blohm
Copy link
Contributor

@carlo-blohm carlo-blohm commented Jan 6, 2025
edited by taylorsilva
Loading

Changes proposed by this PR

closes #8705

The current implementation causes the secret cache not to be cleared for the object and it is saved for ever.

Checking the itemDuration if it is greater than 0 fixed this issue and sets the default duration.
Also changed the test duration as the tests needed 5 seconds, now they are done in 1 second.

Notes to reviewer

hope the shortened timing does not break CI or other non local systems

Release Notes

  • Fix a bug in credential caching where a secret would be cached forever

@carlo-blohm
In case of Vault, the duration can be 0 or less
8a2cccc 
This causes the secret cache not to be cleared for the object and it is
saved for ever.
Checking the itemDuration if it is greater than 0 fixed this issue and
sets the default duration.
Also changed the test duration as the tests needed 5 seconds, no they
are 1 second.

Signed-off-by: Carlo Blohm <carlo.blohm@solarisbank.de>
@carlo-blohm carlo-blohm changed the title In case of Vault, the duration can be 0 or less make sure to drop item from secret cache after default duration if calculated duration is equal or less than 0 Jan 6, 2025
@carlo-blohm carlo-blohm marked this pull request as ready for review January 6, 2025 16:23
@carlo-blohm carlo-blohm requested a review from a team as a code owner January 6, 2025 16:23
@taylorsilva taylorsilva added the bug label Jan 7, 2025
taylorsilva
taylorsilva approved these changes Feb 21, 2025
View reviewed changes
Copy link
Member

@taylorsilva taylorsilva left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @carlo-blohm! Sorry it took a while getting to it. Thanks for including a test as well.

@taylorsilva taylorsilva merged commit 1865c66 into concourse:master Feb 21, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@taylorsilva taylorsilva taylorsilva approved these changes

Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Credentials returned from Vault with lease_duration of 0 stay in cache forever
2 participants
@carlo-blohm @taylorsilva