upstream/kubectl
1
0
Fork 0
mirror of https://github.com/kubernetes/kubectl.git synced 2026-06-09 08:51:18 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

kubectl: sort secrets alphabetically to avoid random order

Browse source 
Kubernetes-commit: 7d6f86594fc0a7d09710c643de63b24cdcb98e65
This commit is contained in:
Harald Nordgren 2025-02-20 13:28:55 +01:00 committed by Kubernetes Publisher
parent 265eadfda5
commit 3a69c59961
2 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
pkg/describe/describe.go
View file

@ -22,9 +22,11 @@ import (
"crypto/x509"
"fmt"
"io"
"maps"
"net"
"net/url"
"reflect"
"slices"
"sort"
"strconv"
"strings"
@ -2580,12 +2582,12 @@ func describeSecret(secret *corev1.Secret) (string, error) {
w.Write(LEVEL_0, "\nType:\t%s\n", secret.Type)
w.Write(LEVEL_0, "\nData\n====\n")
for k, v := range secret.Data {
for _, k := range slices.Sorted(maps.Keys(secret.Data)) {
switch {
case k == corev1.ServiceAccountTokenKey && secret.Type == corev1.SecretTypeServiceAccountToken:
w.Write(LEVEL_0, "%s:\t%s\n", k, string(v))
w.Write(LEVEL_0, "%s:\t%s\n", k, string(secret.Data[k]))
default:
w.Write(LEVEL_0, "%s:\t%d bytes\n", k, len(v))
w.Write(LEVEL_0, "%s:\t%d bytes\n", k, len(secret.Data[k]))
}
}

3
pkg/describe/describe_test.go
View file

@ -372,6 +372,9 @@ func TestDescribeSecret(t *testing.T) {
if strings.Contains(out, "YWRtaW4=") || strings.Contains(out, "MWYyZDFlMmU2N2Rm") {
t.Errorf("sensitive data should not be shown, unexpected out: %s", out)
}
expectedOut := "Name: bar\nNamespace: foo\nLabels: <none>\nAnnotations: <none>\n\nType: \n\nData\n====\npassword: 16 bytes\nusername: 8 bytes\n"
assert.Equal(t, expectedOut, out)
}
func TestDescribeNamespace(t *testing.T) {