don't deleted secret if used as sshkey

ib-steffen · ib-steffen · commit 213d061a4c97 · 2019-02-25T09:30:32.000Z
diff --git a/src/api/handlers/projects/secrets.py b/src/api/handlers/projects/secrets.py
@@ -96,6 +96,14 @@ def delete(self, project_id, secret_id):
         if num_secrets == 0:
             return abort(400, 'Such secret does not exist.')
 
+        num_keys = g.db.execute_one("""
+            SELECT COUNT(*) FROM sshkey
+            WHERE project_id = %s and secret_id = %s
+        """, [project_id, secret_id])[0]
+
+        if num_keys == 0:
+            return abort(400, 'Secret is still used SSH Key.')
+
         g.db.execute("""
             DELETE FROM secret WHERE project_id = %s and id = %s
         """, [project_id, secret_id])
diff --git a/src/scheduler/kubernetes/scheduler.py b/src/scheduler/kubernetes/scheduler.py
@@ -634,7 +634,7 @@ def kube_job(self, job_id, cpu, mem, services=None):
         cursor.close()
 
         for r in result:
-            private_key += '\n%s' decrypt_secret(r[0])
+            private_key += '\n%s' % decrypt_secret(r[0])
 
         if private_key:
             env += [{
