Skip to content

Commit

Permalink
fix: Hashicorp Vault PKI doesn't fail with due to KeyPair mismatch (#…
Browse files Browse the repository at this point in the history
…6029)

Signed-off-by: Jorge Turrado <jorge.turrado@scrm.lidl>
  • Loading branch information
JorTurFer authored Aug 5, 2024
1 parent a7eceab commit 53e015a
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
2 changes: 1 addition & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ Here is an overview of all new **experimental** features:

### Fixes

- TODO ([#XXX](https://github.com/kedacore/keda/issues/XXX))
- **General**: Hashicorp Vault PKI doesn't fail with due to KeyPair mismatch ([#6028](https://github.com/kedacore/keda/issues/6028))

### Deprecations

Expand Down
6 changes: 3 additions & 3 deletions pkg/scaling/resolver/hashicorpvault_handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -277,7 +277,7 @@ func (vh *HashicorpVaultHandler) getSecretValue(secret *kedav1alpha1.VaultSecret
type SecretGroup struct {
path string
secretType kedav1alpha1.VaultSecretType
vaultPkiData *kedav1alpha1.VaultPkiData
vaultPkiData kedav1alpha1.VaultPkiData
}

// fetchSecret returns the vaultSecret at a given vault path. If the secret is a pki, then the secret will use the
Expand Down Expand Up @@ -314,15 +314,15 @@ func (vh *HashicorpVaultHandler) ResolveSecrets(secrets []kedav1alpha1.VaultSecr
grouped := make(map[SecretGroup][]kedav1alpha1.VaultSecret)
vaultSecrets := make(map[SecretGroup]*vaultapi.Secret)
for _, e := range secrets {
group := SecretGroup{secretType: e.Type, path: e.Path, vaultPkiData: &e.PkiData}
group := SecretGroup{secretType: e.Type, path: e.Path, vaultPkiData: e.PkiData}
if _, ok := grouped[group]; !ok {
grouped[group] = make([]kedav1alpha1.VaultSecret, 0)
}
grouped[group] = append(grouped[group], e)
}
// For each group fetch the secret from vault
for group := range grouped {
vaultSecret, err := vh.fetchSecret(group.secretType, group.path, group.vaultPkiData)
vaultSecret, err := vh.fetchSecret(group.secretType, group.path, &group.vaultPkiData)
if err != nil {
// could not fetch secret, skipping group
continue
Expand Down

0 comments on commit 53e015a

Please sign in to comment.