Skip to content

[bitnami/redis] Avoid eager evaluation of ternary when resolving user secrets #36265

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open

[bitnami/redis] Avoid eager evaluation of ternary when resolving user secrets #36265

wants to merge 2 commits into from
+11 −4

Conversation

sina-devel
Copy link

Description of the change

This PR fixes an issue in the configmap template where Helm’s ternary function was used to look up a Kubernetes Secret.
Since Sprig’s ternary eagerly evaluates both branches, the include "common.secrets.get" call was executed even when .Values.auth.acl.userSecret was empty, causing template rendering to fail if the Secret did not exist.

The logic has been replaced with an explicit if guard, ensuring that secret lookups only occur when a user-provided Secret name is actually set.

Benefits

  • Prevents errors when .Values.auth.acl.userSecret is not provided.
  • Makes template evaluation safer and more predictable.
  • Improves compatibility with default chart values where no external secret is configured.

Possible drawbacks

  • None known. Behavior is unchanged for users who provide a userSecret.

Checklist

  • Chart version bumped in Chart.yaml according to semver. This is not necessary when the changes only affect README.md files.
  • Title of the pull request follows this pattern [bitnami/<name_of_the_chart>] Descriptive title
  • All commits signed off and in agreement of Developer Certificate of Origin (DCO)

@sina-devel
[bitnami/redis] Fix: avoid eager evaluation of ternary when resolving…
17b873d 
… user secrets

Helm’s ternary function (from Sprig) is eagerly evaluated, which
caused `include "common.secrets.get"` to run even when
`.Values.auth.acl.userSecret` was empty. This resulted in errors
when the referenced Secret did not exist.

Replaced ternary with an explicit `if` guard so that secret lookup
is only performed when a userSecret is actually set.

Signed-off-by: Sina Safari <[email protected]>
@github-actions github-actions bot added redis triage Triage is needed labels Sep 18, 2025
@github-actions github-actions bot requested a review from carrodher September 18, 2025 10:11
@bitnami-bot
Update CHANGELOG.md
b64196c 
Signed-off-by: Bitnami Bot <[email protected]>
@carrodher carrodher added verify Execute verification workflow for these changes in-progress labels Sep 18, 2025
@github-actions github-actions bot removed the triage Triage is needed label Sep 18, 2025
@github-actions github-actions bot removed the request for review from carrodher September 18, 2025 11:06
@github-actions github-actions bot requested a review from alvneiayu September 18, 2025 11:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alvneiayu alvneiayu Awaiting requested review from alvneiayu

At least 1 approving review is required to merge this pull request.

Assignees

@alvneiayu alvneiayu

Labels
in-progress redis verify Execute verification workflow for these changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sina-devel @alvneiayu @carrodher @bitnami-bot