diff --git a/internal/specs/specs.go b/internal/specs/specs.go index 218888b12..1fd50c55a 100644 --- a/internal/specs/specs.go +++ b/internal/specs/specs.go @@ -82,10 +82,13 @@ func LoadFromCLIArgs(ctx context.Context, client kubernetes.Interface, args []st for _, v := range args { if strings.HasPrefix(v, "secret/") { - // format secret/namespace-name/secret-name + // format secret/namespace-name/secret-name[/data-key] pathParts := strings.Split(v, "/") - if len(pathParts) != 3 { - return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Errorf("secret path %q must have 3 components", v)) + if len(pathParts) > 4 { + return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Errorf("secret path %s must have at most 4 components", v)) + } + if len(pathParts) < 3 { + return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Errorf("secret path %s must have at least 3 components", v)) } data, err := LoadFromSecret(ctx, client, pathParts[1], pathParts[2]) @@ -93,25 +96,44 @@ func LoadFromCLIArgs(ctx context.Context, client kubernetes.Interface, args []st return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Wrap(err, "failed to get spec from secret")) } - // Append all data in the secret. Some may not be specs, but that's ok. They will be ignored. - for _, spec := range data { - rawSpecs = append(rawSpecs, string(spec)) + // If we have a key defined, then load specs from that key only. + if len(pathParts) == 4 { + spec, ok := data[pathParts[3]] + if ok { + rawSpecs = append(rawSpecs, string(spec)) + } + } else { + // Append all data in the secret. Some may not be specs, but that's ok. They will be ignored. + for _, spec := range data { + rawSpecs = append(rawSpecs, string(spec)) + } } } else if strings.HasPrefix(v, "configmap/") { - // format configmap/namespace-name/configmap-name + // format configmap/namespace-name/configmap-name[/data-key] pathParts := strings.Split(v, "/") - if len(pathParts) != 3 { - return nil, errors.Errorf("configmap path %q must have 3 components", v) + if len(pathParts) > 4 { + return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Errorf("configmap path %s must have at most 4 components", v)) + } + if len(pathParts) < 3 { + return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Errorf("configmap path %s must have at least 3 components", v)) } data, err := LoadFromConfigMap(ctx, client, pathParts[1], pathParts[2]) if err != nil { - return nil, errors.Wrap(err, "failed to get spec from configmap") + return nil, types.NewExitCodeError(constants.EXIT_CODE_SPEC_ISSUES, errors.Wrap(err, "failed to get spec from configmap")) } - // Append all data in the configmap. Some may not be specs, but that's ok. They will be ignored. - for _, spec := range data { - rawSpecs = append(rawSpecs, spec) + // If we have a key defined, then load specs from that key only. + if len(pathParts) == 4 { + spec, ok := data[pathParts[3]] + if ok { + rawSpecs = append(rawSpecs, spec) + } + } else { + // Append all data in the configmap. Some may not be specs, but that's ok. They will be ignored. + for _, spec := range data { + rawSpecs = append(rawSpecs, spec) + } } } else if _, err := os.Stat(v); err == nil { b, err := os.ReadFile(v) diff --git a/test/validate-support-bundle-e2e.sh b/test/validate-support-bundle-e2e.sh index 4c96107f9..ce45addbe 100755 --- a/test/validate-support-bundle-e2e.sh +++ b/test/validate-support-bundle-e2e.sh @@ -111,3 +111,45 @@ if ! grep "labelled-support-bundle-4 \*\*\*HIDDEN\*\*\*" "$tmpdir/$bundle_direct echo "Hidden content not found in redacted echo-hi-4 file" exit 1 fi + +echo "======= Generating support bundle from k8s secret/// ======" +recreate_tmpdir +kubectl apply -f "$PRJ_ROOT/testdata/supportbundle/labelled-specs" +./bin/support-bundle -v1 --interactive=false secret/default/labelled-support-bundle-1/custom-spec-key \ + --redactors configmap/default/labelled-redactor-spec-1/customer-redactor-spec \ + --output=$tmpdir/$bundle_archive_name +if [ $? -ne 0 ]; then + echo "support-bundle command failed" + exit $? +fi + +if ! tar -xvzf $tmpdir/$bundle_archive_name --directory $tmpdir; then + echo "A valid support bundle archive was not generated" + exit 1 +fi + +if ! grep "custom-spec-key \*\*\*HIDDEN\*\*\*" "$tmpdir/$bundle_directory_name/echo-hi-3"; then + echo "$(cat $tmpdir/$bundle_directory_name/echo-hi-3)" + echo "Hidden content not found in redacted echo-hi-3 file" + exit 1 +fi + +echo "======= Generating support bundle from k8s configmap// ======" +recreate_tmpdir +kubectl apply -f "$PRJ_ROOT/testdata/supportbundle/labelled-specs" +./bin/support-bundle -v1 --interactive=false configmap/labelled-specs/labelled-support-bundle-2 --output=$tmpdir/$bundle_archive_name +if [ $? -ne 0 ]; then + echo "support-bundle command failed" + exit $? +fi + +if ! tar -xvzf $tmpdir/$bundle_archive_name --directory $tmpdir; then + echo "A valid support bundle archive was not generated" + exit 1 +fi + +if ! grep "labelled-support-bundle-2 REDACT" "$tmpdir/$bundle_directory_name/echo-hi-2"; then + echo "$(cat $tmpdir/$bundle_directory_name/echo-hi-2)" + echo "Hidden content not found in redacted echo-hi-2 file" + exit 1 +fi diff --git a/testdata/supportbundle/labelled-specs/redact-spec-1.yaml b/testdata/supportbundle/labelled-specs/redact-spec-1.yaml index e62e43a9f..9e1772396 100644 --- a/testdata/supportbundle/labelled-specs/redact-spec-1.yaml +++ b/testdata/supportbundle/labelled-specs/redact-spec-1.yaml @@ -16,3 +16,15 @@ data: removals: values: - REDACT FIRST TEXT PLEASE + customer-redactor-spec: | + apiVersion: troubleshoot.sh/v1beta2 + kind: Redactor + metadata: + name: labelled-redactor-spec-1 + spec: + redactors: + - name: redact-text-1 + removals: + values: + - REDACT FIRST TEXT PLEASE + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/redact-spec-2.yaml b/testdata/supportbundle/labelled-specs/redact-spec-2.yaml index 6e7517759..619c4984d 100644 --- a/testdata/supportbundle/labelled-specs/redact-spec-2.yaml +++ b/testdata/supportbundle/labelled-specs/redact-spec-2.yaml @@ -17,3 +17,4 @@ stringData: removals: values: - REDACT SECOND TEXT PLEASE + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/redact-spec-3.yaml b/testdata/supportbundle/labelled-specs/redact-spec-3.yaml index fa1948697..4fa47b8a1 100644 --- a/testdata/supportbundle/labelled-specs/redact-spec-3.yaml +++ b/testdata/supportbundle/labelled-specs/redact-spec-3.yaml @@ -16,3 +16,4 @@ data: removals: values: - REDACT FIRST TEXT PLEASE + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/redact-spec-4.yaml b/testdata/supportbundle/labelled-specs/redact-spec-4.yaml index 2bd21e70e..6ccb397e9 100644 --- a/testdata/supportbundle/labelled-specs/redact-spec-4.yaml +++ b/testdata/supportbundle/labelled-specs/redact-spec-4.yaml @@ -17,3 +17,4 @@ stringData: removals: values: - REDACT SECOND TEXT PLEASE + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/sb-spec-1.yaml b/testdata/supportbundle/labelled-specs/sb-spec-1.yaml index 9b3ce9464..978ae667d 100644 --- a/testdata/supportbundle/labelled-specs/sb-spec-1.yaml +++ b/testdata/supportbundle/labelled-specs/sb-spec-1.yaml @@ -15,3 +15,14 @@ stringData: - data: name: echo-hi-1 data: "I am labelled-support-bundle-1 REDACT FIRST TEXT PLEASE" + custom-spec-key: | + apiVersion: troubleshoot.sh/v1beta2 + kind: SupportBundle + metadata: + name: custom-spec-key + spec: + collectors: + - data: + name: echo-hi-3 + data: "I am custom-spec-key REDACT FIRST TEXT PLEASE" + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/sb-spec-2.yaml b/testdata/supportbundle/labelled-specs/sb-spec-2.yaml index 9c92a3c69..429c892b9 100644 --- a/testdata/supportbundle/labelled-specs/sb-spec-2.yaml +++ b/testdata/supportbundle/labelled-specs/sb-spec-2.yaml @@ -16,3 +16,4 @@ data: - data: name: echo-hi-2 data: "I am labelled-support-bundle-2 REDACT SECOND TEXT PLEASE" + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/sb-spec-3.yaml b/testdata/supportbundle/labelled-specs/sb-spec-3.yaml index f3fce2407..84ea38ee8 100644 --- a/testdata/supportbundle/labelled-specs/sb-spec-3.yaml +++ b/testdata/supportbundle/labelled-specs/sb-spec-3.yaml @@ -15,3 +15,4 @@ stringData: - data: name: echo-hi-3 data: "I am labelled-support-bundle-3 REDACT FIRST TEXT PLEASE" + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti diff --git a/testdata/supportbundle/labelled-specs/sb-spec-4.yaml b/testdata/supportbundle/labelled-specs/sb-spec-4.yaml index 7f848f6b8..ab9ceb38e 100644 --- a/testdata/supportbundle/labelled-specs/sb-spec-4.yaml +++ b/testdata/supportbundle/labelled-specs/sb-spec-4.yaml @@ -16,3 +16,4 @@ data: - data: name: echo-hi-4 data: "I am labelled-support-bundle-4 REDACT SECOND TEXT PLEASE" + garbagge: MWdRRTlBRi9YNzB3eUE2VEgvWjdhRFVUR1UvRmU3TXdUR3Q4cnE4Nkti