Fix: only one of trust_bundle_path, trust_bundle_url, or insecure_bootstrap can be set #4532
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SilvaMatteus
requested review from
evan2645,
amartinezfayo,
azdagron,
MarcosDY and
rturner3
as code owners
SilvaMatteus
force-pushed
the
matteus/address-issue-4530
branch
from
4f1a92c to
59fc39c
Compare
MarcosDY
reviewed
Oct 9, 2023
SilvaMatteus
force-pushed
the
matteus/address-issue-4530
branch
from
59fc39c to
66897f7
Compare
|
Hey @MarcosDY, thank you for the review. I addressed your comments. Could you take a second look at it? |
SilvaMatteus
force-pushed
the
matteus/address-issue-4530
branch
from
66897f7 to
d8be6af
Compare
…tstrap can be set @mnp reported in issue 4530 that it was possible to set trust_bundle_url and insecure_bootstrap in the Agent configuration. There was a test for this case. However, the test was just checking if there was an error. There was an error but not the expected one. This commit also adds expectErrorContains to the test case struct so tests can check the expected error message. Also, more tests added. Signed-off-by: Matteus Silva <silvamatteus@lsd.ufcg.edu.br>
SilvaMatteus
force-pushed
the
matteus/address-issue-4530
branch
from
d8be6af to
fbf4c14
Compare
faisal-memon
pushed a commit
to faisal-memon/spire
that referenced
this pull request
Dec 2, 2023
…tstrap can be set (spiffe#4532) @mnp reported in issue 4530 that it was possible to set trust_bundle_url and insecure_bootstrap in the Agent configuration. There was a test for this case. However, the test was just checking if there was an error. There was an error but not the expected one. This commit also adds expectErrorContains to the test case struct so tests can check the expected error message. Also, more tests added. Signed-off-by: Matteus Silva <silvamatteus@lsd.ufcg.edu.br> Signed-off-by: Faisal Memon <fymemon@yahoo.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
@mnp reported in issue #4530 that it was possible to set trust_bundle_url and insecure_bootstrap in the Agent configuration. There was a test for this case. However, the test was just checking if there was an error. There was an error but not the expected one. This commit also adds expectErrorContains to the test case struct so tests can check the expected error message. Also, more tests added.
Pull Request check list
Affected functionality
SPIRE Agent config validation.
Description of change
Now, the validation code checks when the insecure bootstrap option is used with trust bundle config options and returns proper error messages. Tests were updated.
Which issue this PR fixes
#4530