Scrub the contents of the user var, not the literal string "$user" (#141

) (SOFTWARE-5596) Also make sure we reference the generated var name in the IDTOKEN name list
slateci · Jul 21, 2023 · 07e2782 · 07e2782
1 parent 248c9c7
commit 07e2782
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/charts/osg-hosted-ce/Chart.yaml b/charts/osg-hosted-ce/Chart.yaml
@@ -2,5 +2,5 @@ apiVersion: v1
 appVersion: "5.1.5"
 description: OSG Hosted Compute Element
 name: osg-hosted-ce
-version: 4.5.2
+version: 4.5.3
 
diff --git a/charts/osg-hosted-ce/templates/configmap.yaml b/charts/osg-hosted-ce/templates/configmap.yaml
@@ -77,7 +77,8 @@ data:
     # Templatize IDTOKEN generation for glidein -> CE collector advertising (SOFTWARE-5556)
     {{- range $index, $map := .Values.SciTokenRemoteUserMapping }}
     {{- range $url, $user := $map }}
-    JOB_ROUTER_CREATE_IDTOKEN_{{ $user }} @=end
+    # N.B. Special chars in a helm template regex need to be escaped with '\\'
+    JOB_ROUTER_CREATE_IDTOKEN_{{ mustRegexReplaceAll "[^A-Za-z0-9_]" $user "_" }} @=end
       sub = "{{ $user }}@users.htcondor.org"
       kid = "POOL"
       lifetime = 604800
@@ -86,7 +87,7 @@ data:
       filename = "ce_{{ $user }}.idtoken"
       owner = "{{ $user }}"
     @end
-    JOB_ROUTER_CREATE_IDTOKEN_NAMES = $(JOB_ROUTER_CREATE_IDTOKEN_NAMES) {{ $user }}
+    JOB_ROUTER_CREATE_IDTOKEN_NAMES = $(JOB_ROUTER_CREATE_IDTOKEN_NAMES) {{ mustRegexReplaceAll "[^A-Za-z0-9_]" $user "_" }}
     {{- end }}
     {{- end }}