Merge pull request #1142 from cappyzawa/fix/double-secret-fetch

matheuscscp · web-flow · commit 5bea87e16b19 · 2025-07-10T11:50:12.000+01:00
Fix double secret fetching in BasicAuth processing
diff --git a/internal/server/event_handlers.go b/internal/server/event_handlers.go
@@ -344,6 +344,13 @@ func extractAuthFromSecret(ctx context.Context, kubeClient client.Client, provid
 		options = append(options, notifier.WithHeaders(headers))
 	}
 
+	if user, ok := secret.Data["username"]; ok {
+		if pass, ok := secret.Data["password"]; ok {
+			options = append(options, notifier.WithUsername(strings.TrimSpace(string(user))))
+			options = append(options, notifier.WithPassword(strings.TrimSpace(string(pass))))
+		}
+	}
+
 	return options, secret.Data, nil
 }
 
@@ -404,12 +411,6 @@ func createNotifier(ctx context.Context, kubeClient client.Client, provider *api
 		if val, ok := secretData[secrets.TokenKey]; ok {
 			token = strings.TrimSpace(string(val))
 		}
-
-		user, pass, err := secrets.BasicAuthFromSecret(ctx, kubeClient, provider.Spec.SecretRef.Name, provider.Namespace)
-		if err == nil {
-			options = append(options, notifier.WithUsername(user))
-			options = append(options, notifier.WithPassword(pass))
-		}
 	}
 
 	if provider.Spec.ProxySecretRef != nil {

Original file line number	Diff line number	Diff line change
`@@ -344,6 +344,13 @@ func extractAuthFromSecret(ctx context.Context, kubeClient client.Client, provid`
`344`	`344`	`options = append(options, notifier.WithHeaders(headers))`
`345`	`345`	`}`
`346`	`346`
	`347`	`+ if user, ok := secret.Data["username"]; ok {`
	`348`	`+ if pass, ok := secret.Data["password"]; ok {`
	`349`	`+ options = append(options, notifier.WithUsername(strings.TrimSpace(string(user))))`
	`350`	`+ options = append(options, notifier.WithPassword(strings.TrimSpace(string(pass))))`
	`351`	`+ }`
	`352`	`+ }`
	`353`	`+`
`347`	`354`	`return options, secret.Data, nil`
`348`	`355`	`}`
`349`	`356`
`@@ -404,12 +411,6 @@ func createNotifier(ctx context.Context, kubeClient client.Client, provider *api`
`404`	`411`	`if val, ok := secretData[secrets.TokenKey]; ok {`
`405`	`412`	`token = strings.TrimSpace(string(val))`
`406`	`413`	`}`
`407`		`-`
`408`		`- user, pass, err := secrets.BasicAuthFromSecret(ctx, kubeClient, provider.Spec.SecretRef.Name, provider.Namespace)`
`409`		`- if err == nil {`
`410`		`- options = append(options, notifier.WithUsername(user))`
`411`		`- options = append(options, notifier.WithPassword(pass))`
`412`		`- }`
`413`	`414`	`}`
`414`	`415`
`415`	`416`	`if provider.Spec.ProxySecretRef != nil {`