Fix Workhorse config.toml rendering for AWS access and secret keys (!2639) · Merge requests · GitLab.org / charts / GitLab Chart

Stan Hu requested to merge sh-fix-workhorse-s3-config-toml into master Jun 22, 2022

What does this MR do?

For some S3 providers, the AWS access key may have a backslash. If such a character exists, Workhorse will fail to start due to an "invalid escape character".

As explained in https://docs.gitlab.com/charts/development/style_guide.html#templating-sensitive-content, we need to make sure TOML data is rendered properly by converting the output to a JSON string.

Testing

Use a storage secret (e.g. gitlab-rails-storage) with something like:

provider: AWS
# Specify the region
region: us-west-2
# Specify access/secret keys
aws_access_key_id: '3_FTW\s3.test1234'
aws_secret_access_key: MY-ACCESS-KEY

On master, gitlab-workhorse will fail to start. With this branch, Workhorse will start, and config.toml will have the right value.

Checklist

See Definition of done.

For anything in this list which will not be completed, please provide a reason in the MR discussion.

Required

Merge Request Title and Description are up to date, accurate, and descriptive
MR targeting the appropriate branch
MR has a green pipeline on GitLab.com

Expected (please provide an explanation if not completing)

Test plan indicating conditions for success has been posted and passes
Documentation created/updated
Tests added
Integration tests added to GitLab QA
Equivalent MR/issue for omnibus-gitlab opened

Edited Jun 22, 2022 by Stan Hu

Fix Workhorse config.toml rendering for AWS access and secret keys

What does this MR do?

Related issues

Testing

Checklist

Required

Expected (please provide an explanation if not completing)

Merge request reports