Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-13158

Operator doesn't sanitize resource names sufficiently

    Details

      Description

      I noticed this error on KeycloakUser resource:

      status:
        message: >-
          Secret "credential-openshift-TEST-redhat-rhmi-rhsso" is invalid:
          metadata.name: Invalid value:
          "credential-openshift-TEST-redhat-rhmi-rhsso": a DNS-1123 subdomain
          must consist of lower case alphanumeric characters, '-' or '.', and must
          start and end with an alphanumeric character (e.g. 'example.com', regex used
          for validation is
          '[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*')
        phase: failing
      

      Seems like current implementation let's upper case characters through, and Kubernetes API server doesn't like that.
      Implementation is here - https://github.com/keycloak/keycloak-operator/blob/979290a0193a19a907d7197a4032c5dead5eb85b/pkg/model/util.go#L56

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                sebastian.laskawiec Sebastian Laskawiec
                Reporter:
                omatskiv Oleg Matskiv
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: