Skip to content

Commit

Permalink
Fix group service visibility and secrets patching (#444)
Browse files Browse the repository at this point in the history
Co-authored-by: Olivier Levitt <[email protected]>
  • Loading branch information
fcomte and olevitt authored Jun 24, 2024
1 parent aa41bc4 commit c8f1985
Showing 1 changed file with 12 additions and 19 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -266,26 +266,12 @@ public CompletableFuture<ServicesListing> getUserServices(
.filter(
service -> {
boolean canUserSeeThisService = false;
if (project.getGroup() == null) {
if (project.getGroup() == null
|| service.isShare()
|| user.getIdep()
.equalsIgnoreCase(service.getOwner())) {
// Personal group
canUserSeeThisService = true;
} else {
if (service.getEnv().containsKey("onyxia.share")
&& "true"
.equals(
service.getEnv()
.get("onyxia.share"))) {
// Service has been intentionally shared
canUserSeeThisService = true;
}
if (service.getEnv().containsKey("onyxia.owner")
&& user.getIdep()
.equalsIgnoreCase(
service.getEnv()
.get("onyxia.owner"))) {
// User is owner
canUserSeeThisService = true;
}
}
return canUserSeeThisService;
})
Expand Down Expand Up @@ -487,7 +473,14 @@ private void patchOnyxiaSecret(
secretData.put(k, Base64Utils.base64Encode(v));
});
secret.setData(secretData);
client.secrets().inNamespace(namespaceId).resource(secret).serverSideApply();
if (secret.getMetadata().getManagedFields() != null) {
secret.getMetadata().getManagedFields().clear();
}
client.secrets()
.inNamespace(namespaceId)
.resource(secret)
.forceConflicts()
.serverSideApply();
} else {
Map<String, String> metadata = new HashMap<>();
metadata.put("owner", user.getIdep());
Expand Down

0 comments on commit c8f1985

Please sign in to comment.