From 213d061a4c97ef3c5532c58a53bd72cf0be23ed9 Mon Sep 17 00:00:00 2001
From: Steffen <steffen@infrabox.net>
Date: Mon, 25 Feb 2019 09:30:32 +0000
Subject: [PATCH] don't deleted secret if used as sshkey

---
 src/api/handlers/projects/secrets.py  | 8 ++++++++
 src/scheduler/kubernetes/scheduler.py | 2 +-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/api/handlers/projects/secrets.py b/src/api/handlers/projects/secrets.py
index 651cc2cbb..65ac36c69 100644
--- a/src/api/handlers/projects/secrets.py
+++ b/src/api/handlers/projects/secrets.py
@@ -96,6 +96,14 @@ def delete(self, project_id, secret_id):
         if num_secrets == 0:
             return abort(400, 'Such secret does not exist.')
 
+        num_keys = g.db.execute_one("""
+            SELECT COUNT(*) FROM sshkey
+            WHERE project_id = %s and secret_id = %s
+        """, [project_id, secret_id])[0]
+
+        if num_keys == 0:
+            return abort(400, 'Secret is still used SSH Key.')
+
         g.db.execute("""
             DELETE FROM secret WHERE project_id = %s and id = %s
         """, [project_id, secret_id])
diff --git a/src/scheduler/kubernetes/scheduler.py b/src/scheduler/kubernetes/scheduler.py
index 1a8400f14..a981873a4 100644
--- a/src/scheduler/kubernetes/scheduler.py
+++ b/src/scheduler/kubernetes/scheduler.py
@@ -634,7 +634,7 @@ def kube_job(self, job_id, cpu, mem, services=None):
         cursor.close()
 
         for r in result:
-            private_key += '\n%s' decrypt_secret(r[0])
+            private_key += '\n%s' % decrypt_secret(r[0])
 
         if private_key:
             env += [{