Bug 1978724

Summary:	Binary secret data isn't properly uploaded by ui
Product:	OpenShift Container Platform	Reporter:	Joe Caiani <jcaiani>
Component:	Management Console	Assignee:	Joe Caiani <jcaiani>
Status:	CLOSED ERRATA	QA Contact:	Siva Reddy <schituku>
Severity:	medium	Docs Contact:
Priority:	medium
Version:	4.8	CC:	aos-bugs, jokerman, schituku, spadgett, yanpzhan, yapei
Target Milestone:	---
Target Release:	4.9.0
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:		Doc Type:	Bug Fix
Doc Text:	Cause: Stringdata used for encoded secrets Consequence: Binary secrets not uploaded correctly Fix: Encode secrets and use data instead of stringdata in api Result: Binary secrets uploaded correctly	Story Points:	---
Clone Of:		Environment:
Last Closed:	2021-10-18 17:38:00 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1980136

Description Joe Caiani 2021-07-02 15:23:40 UTC

Description of problem:
currently we read binary data using filereader.readasbinarystring, and then convert that using base64.encode, however, this process doesn't properly encode the data. See https://github.com/dankogai/js-base64#decode-vs-atob-and-encode-vs-btoa

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 3 Yanping Zhang 2021-07-13 04:11:23 UTC

Checked on ocp 4.9 cluster with payload 4.9.0-0.nightly-2021-07-12-143404.  
1. Create key/value secret from console using binary file from /frontend/packages/integration-tests-cypress/fixtures/binarysecret.bin
2. Decode data from the secret, and check the data is identical to those from the binary file.
[zyp@MiWiFi-R1CM ~]$ oc get secret secret1 -n prozyp --template '{{.data.test}}' | base64 -d
WBELLDEV.DEV.BCE.CA	zookeeperosdevconsole.belldev.dev.bce.ca�#=4�J��WBELLDEV.DEV.BCE.CA	zookeeperosdevconsole.belldev.dev.bce.ca�#=4�J��_BELLDEV.DEV.BCE.CA	zookeeperosdevconsole.belldev.dev.bce.caT��\�4=}M��v{oBELLDEV.DEV.BCE.CA	zookeeperosdevconsole.belldev.dev.bce.ca f/�8�7F���x d5Ʃ�Rk_BELLDEV.DEV.BCE.CA	zookeeperosdevconsole.belldev.dev.bce.ca8�$i�@iN��3�m%[zyp@MiWiFi-R1CM ~]$ 
[zyp@MiWiFi-R1CM ~]$ oc get secret secret1 -n prozyp --template '{{.data.test}}' | base64 -d > /tmp/bintest
[zyp@MiWiFi-R1CM ~]$ diff /tmp/bintest gitrepo/console/frontend/packages/integration-tests-cypress/fixtures/binarysecret.bin 
[zyp@MiWiFi-R1CM ~]$ 

The bug is fixed.

Comment 6 errata-xmlrpc 2021-10-18 17:38:00 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:3759