Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

secret: add different formats #1957

Open
Codelax opened this issue May 26, 2023 · 1 comment
Open

secret: add different formats #1957

Codelax opened this issue May 26, 2023 · 1 comment
Assignees
@tbellavia
Labels
enhancement priority:medium Improvements that are not the main priority secret Managed Secret Manager issues, bugs and feature requests

Comments

@Codelax
Copy link
Member

Codelax commented May 26, 2023

This present an idea to improve secret api by adding new fields.

The first one would be adding a base64 field to allow uploading files or anything that is not valid utf-8

resource scaleway_secret_version version {
  data = "string"
  data_base64 = "base64encoded_string"
}

For the datasource, we could add a type field that default to base64.

data scaleway_secret_version version_base64 {
  # type = "base64"
  # data = "base64"
}

data scaleway_secret_version version_base64 {
  type = "string"
  # data = "valid string"
}
@Codelax Codelax added enhancement secret Managed Secret Manager issues, bugs and feature requests labels May 26, 2023
@remyleone remyleone added the priority:medium Improvements that are not the main priority label Oct 23, 2023
@jgalais
Copy link

jgalais commented May 28, 2024
edited
Loading

Hello,

I had the same problem today.
I have multiple passwords.

If i check my password 3 passwords are encoded in base64 and 3 not.

It seems that if the password have no special char in this case "scaleway_secret_version" send the password without base64 encoding.

output "password_test" {
  value = [ for password in [ 
  local.secret_fields_information["password1"].data,
  local.secret_fields_information["password2"].data,
  local.secret_fields_information["password3"].data,
  local.secret_fields_information["password4"].data,
  local.secret_fields_information["password5"].data,
  local.secret_fields_information["password6"].data
   ] : password]
}

Output:

  + password_test = [
      + "BASE64ENCODED",                # Special char inside password
      + "NOBASE64ENCODED",          # No special char inside password
      + "NOBASE64ENCODED",          # No special char inside password
      + "NOBASE64ENCODED",          # No special char inside password
      + "BASE64ENCODED",                # Special char inside password
      + "BASE64ENCODED",                # Special char inside password
    ]

For Terraform error "the result of decoding the provided string is not valid UTF-8.":

╷
│ Error: Error in function call
│ Call to function "base64decode" failed: the result of decoding the provided string is not valid UTF-8.

This error is present because Terraform wants to have base64 encoded text but the text is on clear.
It's just a side effect of scaleway_secret_version problem.
If the resource "scaleway_secret_version" is fixed your error will disappear.

The solution i think is to convert in base64 all passwords even if no special char is present to avoid different behaviors.

Regards,

@remyleone remyleone assigned tbellavia and unassigned Codelax Jun 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tbellavia tbellavia

Labels
enhancement priority:medium Improvements that are not the main priority secret Managed Secret Manager issues, bugs and feature requests
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@remyleone @Codelax @tbellavia @jgalais