fix: hash should be lower than 63 limit characters (#78)

* fix: hash should be lower than 63 limit characters * bump chart to 0.14.1 * fix label name
OlympusGG · Aug 28, 2023 · 42d8a97 · 42d8a97
1 parent 2403cc4
commit 42d8a97
Show file tree

Hide file tree

Showing 5 changed files with 47 additions and 15 deletions.
diff --git a/charts/bitwarden-secret-operator/Chart.yaml b/charts/bitwarden-secret-operator/Chart.yaml
@@ -4,9 +4,9 @@ description: Deploy the Bitwarden Secret Operator
 
 type: application
 
-version: "0.14.0"
+version: "0.14.1"
 
-appVersion: "0.14.0"
+appVersion: "0.14.1"
 
 keywords:
   - operator

diff --git a/src/Bitwarden.SecretOperator/CRDs/Secret/BitWardenHelper.cs b/src/Bitwarden.SecretOperator/CRDs/Secret/BitWardenHelper.cs
@@ -8,7 +8,7 @@ namespace Bitwarden.SecretOperator.CRDs.Secret;
 
 public static class BitWardenHelper
 {
-    public const string HashAnnotation = "bitwarden-operator/hash";
+    public const string HASH_LABEL_KEY = "bitwarden-secret-operator.io/hash";
     public static async Task<V1Secret> GetSecretAsync(this BitwardenSecretCrd entity, BitwardenCliWrapper wrapper)
     {
         BitwardenSecretSpec spec = entity.Spec;
@@ -63,7 +63,7 @@ public static async Task<V1Secret> GetSecretAsync(this BitwardenSecretCrd entity
         }
 
         spec.Labels ??= new Dictionary<string, string>();
-        spec.Labels[HashAnnotation] = secrets.ComputeHash();
+        spec.Labels[HASH_LABEL_KEY] = secrets.ComputeHash();
 
         string? destinationName = spec.Name ?? entity.Name();
         string? destinationNamespace = spec.Namespace ?? entity.Namespace();

diff --git a/src/Bitwarden.SecretOperator/CRDs/Secret/BitwardenSecretController.cs b/src/Bitwarden.SecretOperator/CRDs/Secret/BitwardenSecretController.cs
@@ -1,6 +1,7 @@
 using System.Security.Cryptography;
 using System.Text;
 using Bitwarden.SecretOperator.CliWrapping;
+using k8s.Autorest;
 using k8s.Models;
 using KubeOps.KubernetesClient;
 using KubeOps.Operator.Controller;
@@ -50,6 +51,7 @@ public BitwardenSecretController(ILogger<BitwardenSecretController> logger, Kube
                 secret = await entity.GetSecretAsync(_cliWrapper);
                 secret.WithOwnerReference(entity);
 
+
                 secret = await _kubernetesClient.Create<V1Secret>(secret);
 
                 // created events
@@ -65,18 +67,21 @@ public BitwardenSecretController(ILogger<BitwardenSecretController> logger, Kube
                 V1Secret newSecret = await entity.GetSecretAsync(_cliWrapper);
 
                 // avoid updating if not needed
-                string? expectedHash = newSecret.GetLabel(BitWardenHelper.HashAnnotation);
-                string? hash = secret.GetLabel(BitWardenHelper.HashAnnotation);
+                string? expectedHash = newSecret.GetLabel(BitWardenHelper.HASH_LABEL_KEY);
+                string? hash = secret.GetLabel(BitWardenHelper.HASH_LABEL_KEY);
                 if (hash is not null && expectedHash is not null && hash == expectedHash)
                 {
                     return null;
                 }
-
-                if (secret.FindOwnerReference(s => s.Name == entity.Name() && s.Uid == entity.Uid()) < 1)
+
+                secret.WithOwnerReference(entity);
+
+                if (hash is null)
                 {
-                    secret.AddOwnerReference(entity.MakeOwnerReference());
+                    secret.SetLabel(BitWardenHelper.HASH_LABEL_KEY, expectedHash);
                 }
-
+
+
                 // update data
                 secret.Data = newSecret.Data;
                 secret.StringData = newSecret.StringData;
@@ -92,6 +97,18 @@ public BitwardenSecretController(ILogger<BitwardenSecretController> logger, Kube
             // success
             return null;
         }
+        catch (HttpOperationException e)
+        {
+            await _eventManager.PublishAsync(entity, "Failed", $"Secret {destinationName} in namespace {destinationNamespace}, failed to create, check operator logs", EventType.Warning);
+            _logger.LogError(e, "[{Method}] Failed, response: {ResponseContent}", nameof(ReconcileAsync), e.Response.Content);
+            // requeue the event in 15 seconds
+            if (_operatorOptions.DelayAfterFailedWebhook is null)
+            {
+                throw;
+            }
+
+            return ResourceControllerResult.RequeueEvent(_operatorOptions.DelayAfterFailedWebhook.Value);
+        }
         catch (Exception e)
         {
             await _eventManager.PublishAsync(entity, "Failed", $"Secret {destinationName} in namespace {destinationNamespace}, failed to create, check operator logs", EventType.Warning);

diff --git a/src/Bitwarden.SecretOperator/Helpers/DictionaryHelper.cs b/src/Bitwarden.SecretOperator/Helpers/DictionaryHelper.cs
@@ -16,9 +16,13 @@ public static string ComputeHash(this Dictionary<string, string> dict)
         string concatenatedString = string.Join("|", combinedPairs);
 
         byte[] inputBytes = Encoding.UTF8.GetBytes(concatenatedString);
-        byte[] hashedBytes = SHA256.HashData(inputBytes);
+
+        // sha256
+        // byte[] hash = SHA256.HashData(inputBytes);
+        // return Convert.ToBase64String(hash).ToLower();
 
-        return BitConverter.ToString(hashedBytes).Replace("-", "").ToLower();
+        byte[] hash = SHA1.HashData(inputBytes);
+        return BitConverter.ToString(hash).Replace("-", "").ToLower();
     }
 
     public  static string ComputeHash(this Dictionary<string, byte[]> dict)
@@ -34,7 +38,13 @@ public  static string ComputeHash(this Dictionary<string, byte[]> dict)
             stream.WriteByte((byte)'|');
             stream.Write(pair.Value, 0, pair.Value.Length);
         }
-
-        return BitConverter.ToString(SHA256.HashData(stream.ToArray())).Replace("-", "").ToLower();
+
+        // sha256
+        // byte[] hash = SHA256.HashData(stream.ToArray());
+        // return Convert.ToBase64String(hash);
+
+
+        byte[] hash = SHA1.HashData(stream.ToArray());
+        return BitConverter.ToString(hash).Replace("-", "").ToLower();
     }
 }
diff --git a/tests/Bitwarden.SecretOperator.Tests/DictionaryHashComputation.cs b/tests/Bitwarden.SecretOperator.Tests/DictionaryHashComputation.cs
@@ -37,14 +37,19 @@ public void ComputeHashDictionaryStringByteArray()
             {"test1", "test2"u8.ToArray()},
             {"test2", "test3"u8.ToArray()}
         };
+        var dico3 = new Dictionary<string, byte[]>()
+        {
+            {"test1", "test2"u8.ToArray()},
+            {"test2", "test3"u8.ToArray()}
+        };
         var dico2 = new Dictionary<string, byte[]>()
         {
             {"test1", "test3"u8.ToArray()},
             {"test2", "test2"u8.ToArray()}
         };
 
         string hash1 = dico1.ComputeHash();
-        string hash1Bis = dico1.ComputeHash();
+        string hash1Bis = dico3.ComputeHash();
         Check.That(hash1).IsEqualTo(hash1Bis);
 
         string hash2 = dico2.ComputeHash();