Skip to content

fix sparse key delete when actor is removed#463

Open
justintsteele wants to merge 2 commits into
chef:mainfrom
justintsteele:jtsteele_sparse_key_remove
Open

fix sparse key delete when actor is removed#463
justintsteele wants to merge 2 commits into
chef:mainfrom
justintsteele:jtsteele_sparse_key_remove

Conversation

@justintsteele

@justintsteele justintsteele commented Jan 20, 2026

Copy link
Copy Markdown

if an actor is removed when keys are stored in sparse mode, the sparse key data bag item does not get removed

Description

when a vault has keys stored in sparse mode

knife data bag show test_vault test_val_keys -F json
{
  "admins": [
    "jtsteele"
  ],
  "clients": [
    "jtsteele-client1.example.com",
    "jtsteele-client2.example.com"
  ],
  "id": "test_val_keys",
  "mode": "sparse",
  "search_query": "name:jtsteele*"
}

and we remove a client:

knife vault remove test_vault test_val -C jtsteele-client2.example.com

the clients list gets updated properly

knife data bag show test_vault test_val_keys -F json
{
  "admins": [
    "jtsteele"
  ],
  "clients": [
    "jtsteele-client1.example.com"
  ],
  "id": "test_val_keys",
  "mode": "sparse",
  "search_query": "name:jtsteele*"
}

but the sparse key data bag item still exists

knife data bag show test_vault -F json
[
  "test_val",
  "test_val_key_jtsteele-client1.example.com",
  "test_val_key_jtsteele-client2.example.com" <<<< should have been removed as well
  "test_val_key_jtsteele",
  "test_val_keys"
]

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Chore (non-breaking change that does not add functionality or fix an issue)

Checklist:

  • I have read the CONTRIBUTING document.
  • I have run the pre-merge tests locally and they pass.
  • I have updated the documentation accordingly.
  • I have added tests to cover my changes.
  • If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
  • All new and existing tests passed.
  • All commits have been signed-off for [the Developer Certificate of Origin]

@justintsteele
fix delete sparse key when removing a client
3da2afa 
Signed-off-by: Justin Steele <justin.steele@oracle.com>
@justintsteele
extend spec to cover sparse key delete
1bbd7bb 
Signed-off-by: Justin Steele <justin.steele@oracle.com>
@justintsteele justintsteele requested review from a team as code owners January 20, 2026 17:21
@sonarqubecloud

sonarqubecloud Bot commented Jan 20, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@justintsteele