BIP Need Not Decode Base64 Postfixed Attributes When Attributes are assigned from Vault

[nelsestu]

As our secret setting github action runner reads from vault, secret attributes that end with _BASE64, experience a transformation that is easily missed. The set-k8s-secrets.sh script will automatically decode them, passing the decoded values as attributes no longer containing the BASE64 postfix

What was the problem?

The problem is that the keystore and truststore as configured in Vault is inconsistent with truststore and keystore attributes. In some cases we store BIP_KEYSTORE_BASE64, and that attribute gets transformed in the set-k8s-secret.sh script. In this case, the attribute will get decoded in the bash script and the container will receive a BIP_KEYSTORE attribute containing the. decoded value.

Associated tickets or Slack threads:

• Confirm that svc-bip-api is functioning in the LHDI environment, when executing against the live BIP services #2242

How does this fix it?¹

The code catches failed base64 decoding, and attempts to the raw value.

How to test this PR

• Deploy to LHDI dev and confirm that crashloopbackoff is resolved.

Footnotes

1. Pull-Requests guidelines. If PR is significant, update Current Software State wiki page. ↩

[github-actions]

Test Results

138 tests  ±0   138 ✔️ ±0   46s ⏱️ -1s
  38 suites ±0       0 💤 ±0 
  38 files   ±0       0 ❌ ±0 

Results for commit b832bf2. ± Comparison against base commit 1af4443.

♻️ This comment has been updated with latest results.

[github-actions]

JaCoCo Test Coverage

There is no coverage information present for the Files changed

Total Project Coverage	76.47%	❌