syndesis
syndesis copied to clipboard
syndesisio
Don't use user input in names, labels or annotations of k8s objects
This is a...
[x] Feature request
[ ] Regression (a behavior that used to work and stopped working in a new release)
[ ] Bug report
[ ] Documentation issue or request
Description
We should not use any user provided input in key-like properties of k8s objects. We currently rely on name sanitization which can yield non-unique names in several cases:
- two different names equal in the first 63 characters
- two different names equal in alphanumeric characters and placements, non equal in non-alphanumeric characters and placements (e.g.
hello!andhello?)
We should instead either hash the user provided input or generate random values.
+1! It also imposes arbitrary restrictions on what users can use for names that don't really make sense these days.
This issue has been automatically marked as stale because it has not had any activity since 90 days. It will be closed if no further activity occurs within 7 days. Thank you for your contributions!
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
I can give a look on this. ~~@zregvart do you have some property example where I can look at? right now I'm working on #6371 but I don't have enough context for this one. Thanks!~~
I understand it is related to this class implementation: https://github.com/syndesisio/syndesis/blob/16498025712e59d3cf4e9ac473f3575779234b1e/app/common/util/src/main/java/io/syndesis/common/util/Names.java#L52
Development done to partially accomplish the feature is available here: https://github.com/squakez/syndesis/tree/feature/3951_sanitized_collisions. Dropped in favor of a different redesign of the feature.