From ce9b00fda5730b6345d434959cdae67b47147718 Mon Sep 17 00:00:00 2001 From: kabicin <37311900+kabicin@users.noreply.github.com> Date: Mon, 16 Sep 2024 10:32:12 -0400 Subject: [PATCH] Use shortname prefixed name in internal encryption secret --- internal/controller/ltpa_keys_sharing.go | 4 ++-- internal/controller/password_encryption_key_sharing.go | 2 +- utils/utils.go | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/internal/controller/ltpa_keys_sharing.go b/internal/controller/ltpa_keys_sharing.go index d99e12f3..7524bb05 100644 --- a/internal/controller/ltpa_keys_sharing.go +++ b/internal/controller/ltpa_keys_sharing.go @@ -439,7 +439,7 @@ func (r *ReconcileOpenLiberty) generateLTPAKeys(instance *olv1.OpenLibertyApplic ConfigMapName: ltpaKeysCreationScriptConfigMap.Name, JobRequestConfigMapName: ltpaJobRequest.Name, FileName: lutils.LTPAKeysFileName, - EncryptionKeySecretName: lutils.PasswordEncryptionKeyRootName + passwordEncryptionMetadata.Name + "-internal", + EncryptionKeySecretName: lutils.LocalPasswordEncryptionKeyRootName + passwordEncryptionMetadata.Name + "-internal", EncryptionKeySharingEnabled: r.isUsingPasswordEncryptionKeySharing(instance, passwordEncryptionMetadata), // fix LTPA to use the default password encryption key (no suffix) } lutils.CustomizeLTPAKeysJob(generateLTPAKeysJob, instance, ltpaConfig, r.GetClient()) @@ -734,7 +734,7 @@ func (r *ReconcileOpenLiberty) generateLTPAConfig(instance *olv1.OpenLibertyAppl ConfigMapName: ltpaConfigCreationScriptConfigMap.Name, JobRequestConfigMapName: ltpaJobRequest.Name, FileName: lutils.LTPAKeysFileName, - EncryptionKeySecretName: lutils.PasswordEncryptionKeyRootName + passwordEncryptionMetadata.Name + "-internal", + EncryptionKeySecretName: lutils.LocalPasswordEncryptionKeyRootName + passwordEncryptionMetadata.Name + "-internal", EncryptionKeySharingEnabled: r.isUsingPasswordEncryptionKeySharing(instance, passwordEncryptionMetadata), // fix LTPA to use the default password encryption key (no suffix) } lutils.CustomizeLTPAConfigJob(generateLTPAConfigJob, instance, ltpaConfig, r.GetClient()) diff --git a/internal/controller/password_encryption_key_sharing.go b/internal/controller/password_encryption_key_sharing.go index 3fe6fb4f..a884b218 100644 --- a/internal/controller/password_encryption_key_sharing.go +++ b/internal/controller/password_encryption_key_sharing.go @@ -145,7 +145,7 @@ func (r *ReconcileOpenLiberty) isUsingPasswordEncryptionKeySharing(instance *olv // Returns the Secret that contains the password encryption key used internally by the operator func (r *ReconcileOpenLiberty) hasInternalEncryptionKeySecret(instance *olv1.OpenLibertyApplication, passwordEncryptionMetadata *lutils.PasswordEncryptionMetadata) (*corev1.Secret, error) { - return r.getSecret(instance, lutils.PasswordEncryptionKeyRootName+passwordEncryptionMetadata.Name+"-internal") + return r.getSecret(instance, lutils.LocalPasswordEncryptionKeyRootName+passwordEncryptionMetadata.Name+"-internal") } // Returns the Secret that contains the password encryption key provided by the user diff --git a/utils/utils.go b/utils/utils.go index a0895845..dfab8b75 100644 --- a/utils/utils.go +++ b/utils/utils.go @@ -57,6 +57,7 @@ const overridesMountPath = "/config/configDropins/overrides" const ManagedEncryptionServerXML = "-managed-encryption-server-xml" const ManagedEncryptionMountServerXML = "-managed-encryption-mount-server-xml" const PasswordEncryptionKeyRootName = "wlp-password-encryption-key" +const LocalPasswordEncryptionKeyRootName = "olo-wlp-password-encryption-key" const EncryptionKeyXMLFileName = "encryptionKey.xml" const EncryptionKeyMountXMLFileName = "encryptionKeyMount.xml"