From 3a69c599612005bf7f35a86c008583b768c0b016 Mon Sep 17 00:00:00 2001 From: Harald Nordgren Date: Thu, 20 Feb 2025 13:28:55 +0100 Subject: [PATCH] kubectl: sort secrets alphabetically to avoid random order Kubernetes-commit: 7d6f86594fc0a7d09710c643de63b24cdcb98e65 --- pkg/describe/describe.go | 8 +++++--- pkg/describe/describe_test.go | 3 +++ 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/pkg/describe/describe.go b/pkg/describe/describe.go index e1a7b1363..a721a21f8 100644 --- a/pkg/describe/describe.go +++ b/pkg/describe/describe.go @@ -22,9 +22,11 @@ import ( "crypto/x509" "fmt" "io" + "maps" "net" "net/url" "reflect" + "slices" "sort" "strconv" "strings" @@ -2580,12 +2582,12 @@ func describeSecret(secret *corev1.Secret) (string, error) { w.Write(LEVEL_0, "\nType:\t%s\n", secret.Type) w.Write(LEVEL_0, "\nData\n====\n") - for k, v := range secret.Data { + for _, k := range slices.Sorted(maps.Keys(secret.Data)) { switch { case k == corev1.ServiceAccountTokenKey && secret.Type == corev1.SecretTypeServiceAccountToken: - w.Write(LEVEL_0, "%s:\t%s\n", k, string(v)) + w.Write(LEVEL_0, "%s:\t%s\n", k, string(secret.Data[k])) default: - w.Write(LEVEL_0, "%s:\t%d bytes\n", k, len(v)) + w.Write(LEVEL_0, "%s:\t%d bytes\n", k, len(secret.Data[k])) } } diff --git a/pkg/describe/describe_test.go b/pkg/describe/describe_test.go index 8003354f5..02c17b583 100644 --- a/pkg/describe/describe_test.go +++ b/pkg/describe/describe_test.go @@ -372,6 +372,9 @@ func TestDescribeSecret(t *testing.T) { if strings.Contains(out, "YWRtaW4=") || strings.Contains(out, "MWYyZDFlMmU2N2Rm") { t.Errorf("sensitive data should not be shown, unexpected out: %s", out) } + + expectedOut := "Name: bar\nNamespace: foo\nLabels: \nAnnotations: \n\nType: \n\nData\n====\npassword: 16 bytes\nusername: 8 bytes\n" + assert.Equal(t, expectedOut, out) } func TestDescribeNamespace(t *testing.T) {