Merge pull request #91 from covermymeds/error-handling

Handle nil/unset ContentType in expandFullChain helper

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+# [v1.7.1] - 2023-05-30
+
+### New bugfix release
+
+- Fixes bug in template helper `expandFullChain` introduced in https://github.com/covermymeds/azure-key-vault-agent/pull/86 where `expandFullChain` would throw a fatal error if secrets did not have a ContentType set
+
+
 # [v1.7.0] - 2023-05-19
 
 ### New minor release

templaterenderer/templaterenderer.go

@@ -61,15 +61,17 @@ func RenderInline(templateContents string, resourceMap resource.ResourceMap) str
 
 			for secretName, secret := range items {
 				results[secretName] = secret
-				switch contentType := *secret.ContentType; contentType {
-				case "application/x-pem-file":
-					results[secretName+".key"] = cloneSecret(secret, certutil.PemPrivateKeyFromPem(*secret.Value))
-					results[secretName+".pem"] = cloneSecret(secret, certutil.PemChainFromPem(*secret.Value, false))
-				case "application/x-pkcs12":
-					results[secretName+".key"] = cloneSecret(secret, certutil.PemPrivateKeyFromPkcs12(*secret.Value))
-					results[secretName+".pem"] = cloneSecret(secret, certutil.PemChainFromPkcs12(*secret.Value, false))
-				default:
-					continue
+				if secret.ContentType != nil {
+					switch contentType := *secret.ContentType; contentType {
+					case "application/x-pem-file":
+						results[secretName+".key"] = cloneSecret(secret, certutil.PemPrivateKeyFromPem(*secret.Value))
+						results[secretName+".pem"] = cloneSecret(secret, certutil.PemChainFromPem(*secret.Value, false))
+					case "application/x-pkcs12":
+						results[secretName+".key"] = cloneSecret(secret, certutil.PemPrivateKeyFromPkcs12(*secret.Value))
+						results[secretName+".pem"] = cloneSecret(secret, certutil.PemChainFromPkcs12(*secret.Value, false))
+					default:
+						continue
+					}
 				}
 			}
 			return results