csigrpc: only overwrite secret fields if already set

pohly · pohly · commit 111cbbab2c6e · 2018-11-29T11:08:39.000+01:00
The previous version was adding "secrets: *** strippped ***"
even when the "secrets" field was unset.
diff --git a/pkg/csigrpc/csigrpc_test.go b/pkg/csigrpc/csigrpc_test.go
@@ -55,6 +55,7 @@ func TestStripSecrets(t *testing.T) {
 		{"hello world", `"hello world"`},
 		{true, "true"},
 		{false, "false"},
+		{&csi.CreateVolumeRequest{}, `{}`},
 		{createVolume, `{"capacity_range":{"required_bytes":1024},"name":"foo","secrets":"***stripped***","volume_capabilities":[{"AccessType":{"Mount":{"fs_type":"ext4"}}}]}`},
 
 		// There is currently no test case that can verify
diff --git a/pkg/csigrpc/secrets.go b/pkg/csigrpc/secrets.go
@@ -93,7 +93,10 @@ func strip(parsed interface{}, msg interface{}) {
 		for _, field := range fields {
 			ex, err := proto.GetExtension(field.Options, csi.E_CsiSecret)
 			if err == nil && ex != nil && *ex.(*bool) {
-				parsedFields[field.GetName()] = "***stripped***"
+				// Overwrite only if already set.
+				if _, ok := parsedFields[field.GetName()]; ok {
+					parsedFields[field.GetName()] = "***stripped***"
+				}
 			} else if field.GetType() == protobuf.FieldDescriptorProto_TYPE_MESSAGE {
 				// When we get here,
 				// the type name is something like ".csi.v1.CapacityRange" (leading dot!)
