From 3f0ebb514e6e0a89a039e42497fb122f65c9ce62 Mon Sep 17 00:00:00 2001 From: Jorge Turrado Date: Sun, 31 Dec 2023 14:25:03 +0100 Subject: [PATCH] Add missing usage assignment Signed-off-by: Jorge Turrado --- pkg/scalers/aws/aws_config_cache.go | 10 ++++++---- pkg/scalers/aws/aws_config_cache_test.go | 10 +++++++--- 2 files changed, 13 insertions(+), 7 deletions(-) diff --git a/pkg/scalers/aws/aws_config_cache.go b/pkg/scalers/aws/aws_config_cache.go index 6940d6e5021..d27795a0c2d 100644 --- a/pkg/scalers/aws/aws_config_cache.go +++ b/pkg/scalers/aws/aws_config_cache.go @@ -2,7 +2,6 @@ package aws import ( "context" - "crypto/sha1" "encoding/hex" "fmt" "os" @@ -15,6 +14,7 @@ import ( "github.com/aws/aws-sdk-go-v2/credentials/stscreds" "github.com/aws/aws-sdk-go-v2/service/sts" "github.com/go-logr/logr" + "golang.org/x/crypto/sha3" logf "sigs.k8s.io/controller-runtime/pkg/log" ) @@ -40,8 +40,8 @@ func (a *sharedConfigCache) getCacheKey(awsAuthorization AuthorizationMetadata) key = awsAuthorization.AwsRoleArn } // to avoid sensitive data as key and to use a constant key size, - // we hash the key with sha1 - hash := sha1.Sum([]byte(key)) + // we hash the key with sha3 + hash := sha3.Sum224([]byte(key)) return hex.EncodeToString(hash[:]) } @@ -72,7 +72,9 @@ func (a *sharedConfigCache) GetCredentials(ctx context.Context, awsRegion string newCacheEntry := cacheEntry{ config: &cfg, - usages: map[string]bool{}, + usages: map[string]bool{ + awsAuthorization.ScalerUniqueKey: true, + }, } a.items[key] = newCacheEntry diff --git a/pkg/scalers/aws/aws_config_cache_test.go b/pkg/scalers/aws/aws_config_cache_test.go index e279f0c7cb8..02130de31b0 100644 --- a/pkg/scalers/aws/aws_config_cache_test.go +++ b/pkg/scalers/aws/aws_config_cache_test.go @@ -18,9 +18,11 @@ func TestGetCredentialsReturnNewItemAndStoreItIfNotExist(t *testing.T) { ScalerUniqueKey: "test-key", }, } + cacheKey := cache.getCacheKey(config.awsAuthorization) _, err := cache.GetCredentials(context.Background(), config.awsRegion, config.awsAuthorization) assert.NoError(t, err) - assert.Contains(t, cache.items, cache.getCacheKey(config.awsAuthorization)) + assert.Contains(t, cache.items, cacheKey) + assert.Contains(t, cache.items[cacheKey].usages, config.awsAuthorization.ScalerUniqueKey) } func TestGetCredentialsReturnCachedItemIfExist(t *testing.T) { @@ -34,15 +36,17 @@ func TestGetCredentialsReturnCachedItemIfExist(t *testing.T) { } cfg := aws.Config{} cfg.AppID = "test1-app" - cache.items[cache.getCacheKey(config.awsAuthorization)] = cacheEntry{ + cacheKey := cache.getCacheKey(config.awsAuthorization) + cache.items[cacheKey] = cacheEntry{ config: &cfg, usages: map[string]bool{ - config.awsAuthorization.ScalerUniqueKey: true, + "other-usage": true, }, } configFromCache, err := cache.GetCredentials(context.Background(), config.awsRegion, config.awsAuthorization) assert.NoError(t, err) assert.Equal(t, &cfg, configFromCache) + assert.Contains(t, cache.items[cacheKey].usages, config.awsAuthorization.ScalerUniqueKey) } func TestRemoveCachedEntryRemovesCachedItemIfNotUsages(t *testing.T) {