fix(client): Handle buddy secrets that don't have the expected password field in the k8s secret data.

Author: spbsoluble

kubernetes-orchestrator-extension/Jobs/Inventory.cs

@@ -323,7 +323,7 @@ private Dictionary<string, List<string>> HandleJKSSecret(JobConfiguration config
                             KubeNamespace + " and key " + keyName);
             var keyPassword = getK8SStorePassword(k8sData.Secret);
             var passwordHash = GetSHA256Hash(keyPassword);
-            Logger.LogTrace("Password hash for '{Secret}/{Key}': {Hash}", KubeSecretName, keyName, passwordHash);
+            // Logger.LogTrace("Password hash for '{Secret}/{Key}': {Hash}", KubeSecretName, keyName, passwordHash);
             var keyAlias = keyName;
             Logger.LogTrace("Key alias: {Alias}", keyAlias);
             Logger.LogDebug("Attempting to deserialize JKS store '{Secret}/{Key}'", KubeSecretName, keyName);

kubernetes-orchestrator-extension/Jobs/JobBase.cs

@@ -1237,7 +1237,17 @@ protected string getK8SStorePassword(V1Secret certData)
 
             Logger.LogDebug("Attempting to read K8S buddy secret");
             var k8sPasswordObj = KubeClient.ReadBuddyPass(passwordSecretName, passwordNamespace);
-            storePasswordBytes = k8sPasswordObj.Data[PasswordFieldName];
+            Logger.LogTrace("Secret response fields: {Keys}", k8sPasswordObj.Data.Keys);
+
+            if (!k8sPasswordObj.Data.TryGetValue(PasswordFieldName, out storePasswordBytes) ||
+                storePasswordBytes == null)
+            {
+                Logger.LogError("Unable to find password field {FieldName}", PasswordFieldName);
+                throw new InvalidK8SSecretException(
+                    $"Unable to find password field '{PasswordFieldName}' in secret '{passwordSecretName}' in namespace '{passwordNamespace}'"
+                );
+            }
+
             // var passwordHash = GetSHA256Hash(Encoding.UTF8.GetString(storePasswordBytes));
             // Logger.LogTrace("Password hash: {Pwd}", passwordHash);
             if (storePasswordBytes == null)

kubernetes-orchestrator-extension/Jobs/Management.cs

@@ -230,12 +230,12 @@ private V1Secret HandleJksSecret(ManagementJobConfiguration config, bool remove
             Logger.LogDebug("StorePassword is not null or empty so setting StorePassword to config.CertificateStoreDetails.StorePassword");
             StorePassword = config.CertificateStoreDetails.StorePassword;
             var hashedStorePassword = GetSHA256Hash(StorePassword);
-            Logger.LogTrace("hashedStorePassword: {Hash}", hashedStorePassword);
+            // Logger.LogTrace("hashedStorePassword: {Hash}", hashedStorePassword);
         }
         Logger.LogDebug("Getting store password");
         var sPass = getK8SStorePassword(k8sData.Secret);
         var hashedSPass = GetSHA256Hash(sPass);
-        Logger.LogTrace("hashedStorePassword: {Hash}", hashedSPass);
+        // Logger.LogTrace("hashedStorePassword: {Hash}", hashedSPass);
         Logger.LogDebug("Calling CreateOrUpdateJks()...");
         try
         {