pjfanning opened a new pull request, #708:
URL: https://github.com/apache/pekko-management/pull/708
Includes changes from #704
This goes further - a fuller solution for #702
Hard-coded 63-char truncation of DNS 1039 lease names could silently collide
— two distinct long names normalising to the same prefix became
indistinguishable. Additionally, the limit was not configurable.
## Changes
- **`AbstractKubernetesLease`**
- Renamed `truncateTo63Characters` → `truncateToLength(name, maxLength)`
- `makeDNS1039Compatible` now accepts `maxLength: Int = 63` and
`hashLength: Int = 0`; widened to `private[kubernetes]` for unit testing
- `base32Encode` widened to `private[kubernetes]` for direct unit testing
- When truncation is required **and** `hashLength > 0`: computes SHA-256
of the original (pre-normalisation) name, base32-encodes the digest using a
**lowercase, no-`=`-padding** alphabet (`[a-z2-7]`), takes the **first**
`hashLength` chars of the encoded digest as a suffix, and replaces the last
`hashLength + 1` chars of the truncated name with `-<suffix>`
- When `hashLength >= maxLength`: returns the first `maxLength` characters
of the base32 hash digest directly (no prefix or hyphen separator), gracefully
handling the degenerate case
- Call-site reads both limits from `KubernetesSettings`
- **`KubernetesSettings`** — two new fields populated from config:
- `leaseLabelMaxLength` (default `63`)
- `onTruncateAddHashLength` (default `8`)
- **`reference.conf`**
```hocon
pekko.coordination.lease.kubernetes {
lease-name-max-length = 63 # override if your cluster supports
longer names
on-truncate-add-hash-length = 8 # set to 0 to disable hash suffix on
truncation
}
```
- **Tests**
- New `MakeDNS1039CompatibleSpec` covering normalisation, plain
truncation, hash-suffix shape, determinism, collision disambiguation, DNS-valid
output, the no-uppercase/no-padding base32 guarantee, names that differ only in
the last 1 or 2 characters producing distinct DNS1039 results, and `hashLength
>= maxLength` edge cases
- New `Base32EncodeSpec` with direct tests of `base32Encode` including:
empty array, single-byte edge cases (`0x00`, `0xFF`), two-byte edge cases, all
6 RFC 4648 §10 test vectors (lowercase/no-padding), output charset `[a-z2-7]`,
no `=` padding for all residue classes, correct output length `⌈8n/5⌉`,
determinism, and distinct-input/distinct-output
- `KubernetesSettingsSpec` extended for both new config keys
## Example
```scala
// Two long names that normalise to the same prefix are now distinguishable:
makeDNS1039Compatible("a" * 100, maxLength = 63, hashLength = 8)
// → "aaa...aaa-<8-char hash>" (63 chars total)
makeDNS1039Compatible("A" * 100, maxLength = 63, hashLength = 8)
// → "aaa...aaa-<different 8-char hash>" (different suffix)
// Names differing only in the last character also produce distinct results:
makeDNS1039Compatible("a" * 69 + "b", maxLength = 63, hashLength = 8)
makeDNS1039Compatible("a" * 69 + "c", maxLength = 63, hashLength = 8)
// → different 63-char DNS1039 names
// When hashLength >= maxLength, the result is pure hash chars (no
prefix/hyphen):
makeDNS1039Compatible("a" * 100, maxLength = 10, hashLength = 10)
// → 10-char string of [a-z2-7] characters
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
