[backport -> release/3.6.x] fix(vault): use global query when finding a vault by prefix #12576
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### Summary In FTI-5762 it was reported that there is a problem with secret rotation when vaults are stored inside a workspace. This commit will fix it by passing `workspace = null` aka making a call a global call which will not then use the possibly incorrect workspace (default) to find vault entity (the vault config). The vault entity prefix is unique across workspaces. Signed-off-by: Aapo Talvensaari <[email protected]> (cherry picked from commit 2fb898d)
team-gateway-bot
added
cherry-pick kong-ee
3 tasks
bungle
approved these changes
Feb 16, 2024
bungle
approved these changes
Feb 16, 2024
tzssangglass
approved these changes
Mar 4, 2024
|
Cherry-pick failed for |
|
Cherry-pick failed for Please cherry-pick the changes locally. git remote add upstream https://github.com/kong/kong-ee
git fetch upstream release/3.6.x
git worktree add -d .worktree/cherry-pick-12576-to-release/3.6.x-to-upstream upstream/release/3.6.x
cd .worktree/cherry-pick-12576-to-release/3.6.x-to-upstream
git checkout -b cherry-pick-12576-to-release/3.6.x-to-upstream
ancref=$(git merge-base 510b137268703dece7d0f1a00a439375d2ff9311 cdb1a4b463516e226bc37b697fa6fa7a4ff24363)
git cherry-pick -x $ancref..cdb1a4b463516e226bc37b697fa6fa7a4ff24363 |
AndyZhang0707
removed
the
cherry-pick kong-ee
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Automated backport to
release/3.6.x, triggered by a label in #12572.Original description
Summary
In FTI-5762 it was reported that there is a problem with secret rotation when vaults are stored inside a workspace. This commit will fix it by passing
workspace = nullaka making a call a global call which will not then use the possibly incorrect workspace (default) to find vault entity (the vault config). The vault entity prefix is unique across workspaces.Checklist
changelog/unreleased/kongorskip-changeloglabel added on PR if changelog is unnecessary. README.mdIssue reference
Fix FTI-5762