Allow uppercase letters in secret names (closes #2) #16
@ -257,9 +257,10 @@ func isValidSecretName(name string) bool {
|
||||
if name == "" {
|
||||
return false
|
||||
}
|
||||
// Valid characters for secret names: lowercase letters, numbers, dash, dot, underscore, slash
|
||||
// Valid characters for secret names: letters, numbers, dash, dot, underscore, slash
|
||||
for _, char := range name {
|
||||
if (char < 'a' || char > 'z') && // lowercase letters
|
||||
(char < 'A' || char > 'Z') && // uppercase letters
|
||||
(char < '0' || char > '9') && // numbers
|
||||
char != '-' && // dash
|
||||
char != '.' && // dot
|
||||
@ -283,7 +284,9 @@ func TestSecretNameValidation(t *testing.T) {
|
||||
{"valid/path/name", true},
|
||||
{"123valid", true},
|
||||
{"", false},
|
||||
{"Invalid-Name", false}, // uppercase not allowed
|
||||
{"Valid-Upper-Name", true}, // uppercase allowed
|
||||
{"2025-11-21-ber1app1-vaultik-test-bucket-AKI", true}, // real-world uppercase key ID
|
||||
{"MixedCase/Path/Name", true}, // mixed case with path
|
||||
{"invalid name", false}, // space not allowed
|
||||
{"invalid@name", false}, // @ not allowed
|
||||
}
|
||||
|
||||
@ -67,7 +67,7 @@ func (v *Vault) ListSecrets() ([]string, error) {
|
||||
return secrets, nil
|
||||
}
|
||||
|
||||
// isValidSecretName validates secret names according to the format [a-z0-9\.\-\_\/]+
|
||||
// isValidSecretName validates secret names according to the format [a-zA-Z0-9\.\-\_\/]+
|
||||
// but with additional restrictions:
|
||||
// - No leading or trailing slashes
|
||||
// - No double slashes
|
||||
@ -93,7 +93,7 @@ func isValidSecretName(name string) bool {
|
||||
}
|
||||
|
||||
// Check the basic pattern
|
||||
matched, _ := regexp.MatchString(`^[a-z0-9\.\-\_\/]+$`, name)
|
||||
matched, _ := regexp.MatchString(`^[a-zA-Z0-9\.\-\_\/]+$`, name)
|
||||
|
||||
return matched
|
||||
}
|
||||
|
||||
42
internal/vault/secrets_name_test.go
Normal file
42
internal/vault/secrets_name_test.go
Normal file
@ -0,0 +1,42 @@
|
||||
package vault
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestIsValidSecretNameUppercase(t *testing.T) {
|
||||
tests := []struct {
|
||||
name string
|
||||
valid bool
|
||||
}{
|
||||
// Lowercase (existing behavior)
|
||||
{"valid-name", true},
|
||||
{"valid.name", true},
|
||||
{"valid_name", true},
|
||||
{"valid/path/name", true},
|
||||
{"123valid", true},
|
||||
|
||||
// Uppercase (new behavior - issue #2)
|
||||
{"Valid-Upper-Name", true},
|
||||
{"2025-11-21-ber1app1-vaultik-test-bucket-AKI", true},
|
||||
{"MixedCase/Path/Name", true},
|
||||
{"ALLUPPERCASE", true},
|
||||
{"ABC123", true},
|
||||
|
||||
// Still invalid
|
||||
{"", false},
|
||||
{"invalid name", false},
|
||||
{"invalid@name", false},
|
||||
{".dotstart", false},
|
||||
{"/leading-slash", false},
|
||||
{"trailing-slash/", false},
|
||||
{"double//slash", false},
|
||||
}
|
||||
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
result := isValidSecretName(tt.name)
|
||||
if result != tt.valid {
|
||||
t.Errorf("isValidSecretName(%q) = %v, want %v", tt.name, result, tt.valid)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user