diff --git a/pkg/cosi/provisioner.go b/pkg/cosi/provisioner.go index 13114e257..9208189e3 100644 --- a/pkg/cosi/provisioner.go +++ b/pkg/cosi/provisioner.go @@ -476,8 +476,8 @@ func (r *APIRequest) DeleteBucket() error { func fetchUserCredentials(accessKeys nb.S3AccessKeys) map[string]*cosi.CredentialDetails { s3Keys := make(map[string]string) - s3Keys["accessKeyID"] = accessKeys.AccessKey - s3Keys["accessSecretKey"] = accessKeys.SecretKey + s3Keys["accessKeyID"] = string(accessKeys.AccessKey) + s3Keys["accessSecretKey"] = string(accessKeys.SecretKey) creds := &cosi.CredentialDetails{ Secrets: s3Keys, } diff --git a/pkg/nb/types.go b/pkg/nb/types.go index 7d2472f43..7b11db706 100644 --- a/pkg/nb/types.go +++ b/pkg/nb/types.go @@ -223,8 +223,8 @@ type PoolHostsInfo struct { // S3AccessKeys is a struct holding S3 access and secret keys type S3AccessKeys struct { - AccessKey string `json:"access_key"` - SecretKey string `json:"secret_key"` + AccessKey MaskedString `json:"access_key"` + SecretKey MaskedString `json:"secret_key"` } // ReadAuthReply is the reply of auth_api.read_auth() diff --git a/pkg/noobaaaccount/noobaaaccount.go b/pkg/noobaaaccount/noobaaaccount.go index 69cc2b5ca..cf16981fa 100644 --- a/pkg/noobaaaccount/noobaaaccount.go +++ b/pkg/noobaaaccount/noobaaaccount.go @@ -653,14 +653,14 @@ func GenerateAccountKeys(name string) error { accessKeys = accountInfo.AccessKeys[0] secret.StringData = map[string]string{} - secret.StringData["AWS_ACCESS_KEY_ID"] = accessKeys.AccessKey - secret.StringData["AWS_SECRET_ACCESS_KEY"] = accessKeys.SecretKey + secret.StringData["AWS_ACCESS_KEY_ID"] = string(accessKeys.AccessKey) + secret.StringData["AWS_SECRET_ACCESS_KEY"] = string(accessKeys.SecretKey) // If we will not be able to update the secret we will print the credentials as they already been changed by the RPC if !util.KubeUpdate(secret) { log.Printf(`❌ Please write the new credentials for account %s:`, name) - fmt.Printf("\nAWS_ACCESS_KEY_ID : %s\n", accessKeys.AccessKey) - fmt.Printf("AWS_SECRET_ACCESS_KEY : %s\n\n", accessKeys.SecretKey) + fmt.Printf("\nAWS_ACCESS_KEY_ID : %s\n", string(accessKeys.AccessKey)) + fmt.Printf("AWS_SECRET_ACCESS_KEY : %s\n\n", string(accessKeys.SecretKey)) log.Fatalf(`❌ Failed to update the secret %s with the new accessKeys`, secret.Name) } diff --git a/pkg/noobaaaccount/reconciler.go b/pkg/noobaaaccount/reconciler.go index a3320f0dc..90eac5364 100644 --- a/pkg/noobaaaccount/reconciler.go +++ b/pkg/noobaaaccount/reconciler.go @@ -365,8 +365,8 @@ func (r *Reconciler) CreateNooBaaAccount() error { accessKeys = accountInfo.AccessKeys[0] } r.Secret.StringData = map[string]string{} - r.Secret.StringData["AWS_ACCESS_KEY_ID"] = accessKeys.AccessKey - r.Secret.StringData["AWS_SECRET_ACCESS_KEY"] = accessKeys.SecretKey + r.Secret.StringData["AWS_ACCESS_KEY_ID"] = string(accessKeys.AccessKey) + r.Secret.StringData["AWS_SECRET_ACCESS_KEY"] = string(accessKeys.SecretKey) r.Own(r.Secret) err = r.Client.Create(r.Ctx, r.Secret) if err != nil { diff --git a/pkg/obc/obc.go b/pkg/obc/obc.go index 07e134ddf..8324654b1 100644 --- a/pkg/obc/obc.go +++ b/pkg/obc/obc.go @@ -558,14 +558,14 @@ func GenerateAccountKeys(name, accountName, appNamespace string) error { accessKeys = accountInfo.AccessKeys[0] secret.StringData = map[string]string{} - secret.StringData["AWS_ACCESS_KEY_ID"] = accessKeys.AccessKey - secret.StringData["AWS_SECRET_ACCESS_KEY"] = accessKeys.SecretKey + secret.StringData["AWS_ACCESS_KEY_ID"] = string(accessKeys.AccessKey) + secret.StringData["AWS_SECRET_ACCESS_KEY"] = string(accessKeys.SecretKey) - //If we will not be able to update the secret we will print the credentials as they allready been changed by the RPC + //If we will not be able to update the secret we will print the credentials as they already been changed by the RPC if !util.KubeUpdate(secret) { log.Printf(`❌ Please write the new credentials for OBC %s:`, name) - fmt.Printf("\nAWS_ACCESS_KEY_ID : %s\n", accessKeys.AccessKey) - fmt.Printf("AWS_SECRET_ACCESS_KEY : %s\n\n", accessKeys.SecretKey) + fmt.Printf("\nAWS_ACCESS_KEY_ID : %s\n", string(accessKeys.AccessKey)) + fmt.Printf("AWS_SECRET_ACCESS_KEY : %s\n\n", string(accessKeys.SecretKey)) log.Fatalf(`❌ Failed to update the secret %s with the new accessKeys`, secret.Name) } diff --git a/pkg/obc/provisioner.go b/pkg/obc/provisioner.go index a3385b487..aeb90558f 100644 --- a/pkg/obc/provisioner.go +++ b/pkg/obc/provisioner.go @@ -594,8 +594,8 @@ func (r *BucketRequest) CreateAccount() error { r.OB.Spec.Authentication = &nbv1.ObjectBucketAuthentication{ AccessKeys: &nbv1.ObjectBucketAccessKeys{ - AccessKeyID: accessKeys.AccessKey, - SecretAccessKey: accessKeys.SecretKey, + AccessKeyID: string(accessKeys.AccessKey), + SecretAccessKey: string(accessKeys.SecretKey), }, } diff --git a/pkg/system/phase4_configuring.go b/pkg/system/phase4_configuring.go index 4fc81d115..b7ecef266 100644 --- a/pkg/system/phase4_configuring.go +++ b/pkg/system/phase4_configuring.go @@ -226,8 +226,8 @@ func (r *Reconciler) SetDesiredSecretAdminAccountInfo() error { return fmt.Errorf("admin account has no access keys yet") } - r.SecretAdmin.StringData["AWS_ACCESS_KEY_ID"] = account.AccessKeys[0].AccessKey - r.SecretAdmin.StringData["AWS_SECRET_ACCESS_KEY"] = account.AccessKeys[0].SecretKey + r.SecretAdmin.StringData["AWS_ACCESS_KEY_ID"] = string(account.AccessKeys[0].AccessKey) + r.SecretAdmin.StringData["AWS_SECRET_ACCESS_KEY"] = string(account.AccessKeys[0].SecretKey) return nil }