[8.19] (backport #17351) Improve the key validation in secret identifier. #17587
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
![mergify[bot]](https://avatars.githubusercontent.com/in/10562?s=80&v=4){kind=small}
* Improve the key validation in secret identifier. * Restrict adding invalid (from ConfigVariableExpander point of view) key names to the keystore through keystore CLI. Keystore now warns on invalid keys if they were already added. * Key pattern is moved to a central config expander class with its description. Co-authored-by: Rye Biesemeyer <yaauie@users.noreply.github.com> (cherry picked from commit d24675a) # Conflicts: # docs/reference/keystore.md
| Cherry-pick of d24675a has failed: To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally |
3 tasks
| 📃 DOCS PREVIEW ✨ https://logstash_bk_17587.docs-preview.app.elstc.co/diff |
|
| Rendered doc: |
💚 Build Succeeded
cc @mashhurs |
kaisecheng approved these changes Apr 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
Release notes
${...}).What does this PR do?
Before this change, key-value can be added to keystore but it might impossible to reference the key because
ConfigVariableExpanderignores if key name doesn't align withSUBSTITUTION_PLACEHOLDER_REGEXImproves user experience with the secret store CLI that when providing key name, LS validates to accept a value which can be used in pipeline (aligns with
ConfigVariableExpander#SUBSTITUTION_PLACEHOLDER_REGEX).If already invalid key(s) were added, it warns to remove/replace the keys.
Why is it important/What is the impact to the user?
No user impact. Keystore CLI restricts adding meaningless keys to keystore.
Checklist
[] I have made corresponding changes to the documentation[] I have made corresponding change to the default configuration files (and/or docker env variables)Author's Checklist
How to test this PR locally
Related issues
Use cases
Screenshots
Logs
This is an automatic backport of pull request #17351 done by [Mergify](https://mergify.com).