From 30460573897278040134c4477f99f17b06be1336 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 12 Mar 2026 10:02:29 +0100 Subject: [PATCH 1/4] fix: make password not required --- src/openapi/settings.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/src/openapi/settings.yaml b/src/openapi/settings.yaml index 1d140dfc..9cb390ee 100644 --- a/src/openapi/settings.yaml +++ b/src/openapi/settings.yaml @@ -261,7 +261,6 @@ Settings: required: - repoUrl - username - - password - email - branch adminPassword: From fa93c95d4f8ef83e66de202db4e18423c66b36e4 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 12 Mar 2026 10:28:33 +0100 Subject: [PATCH 2/4] fix: preserve git.password --- src/otomi-stack.ts | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/otomi-stack.ts b/src/otomi-stack.ts index 1499eca3..ba10f07c 100644 --- a/src/otomi-stack.ts +++ b/src/otomi-stack.ts @@ -503,11 +503,15 @@ export default class OtomiStack { const settings = this.getSettings() await this.editIngressApps(settings, data, settingId) const updatedSettingsData: any = { ...data } - // Preserve the otomi.adminPassword when editing otomi settings + // Preserve the otomi.adminPassword and otomi.git.password when editing otomi settings if (settingId === 'otomi') { updatedSettingsData.otomi = { ...updatedSettingsData.otomi, adminPassword: settings.otomi?.adminPassword, + git: { + ...updatedSettingsData.otomi?.git, + password: settings.otomi?.git?.password, + }, } // convert otomi.nodeSelector to object if (Array.isArray(updatedSettingsData.otomi.nodeSelector)) { From 74484744687f5e797c46fe624e3c86635137c2ba Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 12 Mar 2026 11:07:24 +0100 Subject: [PATCH 3/4] fix: preserve git.password only if not present --- src/otomi-stack.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/otomi-stack.ts b/src/otomi-stack.ts index ba10f07c..a7b40077 100644 --- a/src/otomi-stack.ts +++ b/src/otomi-stack.ts @@ -1,4 +1,4 @@ -import { CoreV1Api, User as k8sUser, KubeConfig, V1ObjectReference } from '@kubernetes/client-node' +import { CoreV1Api, KubeConfig, User as k8sUser, V1ObjectReference } from '@kubernetes/client-node' import Debug from 'debug' import { getRegions, ObjectStorageKeyRegions } from '@linode/api-v4' @@ -503,14 +503,14 @@ export default class OtomiStack { const settings = this.getSettings() await this.editIngressApps(settings, data, settingId) const updatedSettingsData: any = { ...data } - // Preserve the otomi.adminPassword and otomi.git.password when editing otomi settings + // Preserve the otomi.adminPassword and otomi.git.password if not present when editing otomi settings if (settingId === 'otomi') { updatedSettingsData.otomi = { ...updatedSettingsData.otomi, adminPassword: settings.otomi?.adminPassword, git: { ...updatedSettingsData.otomi?.git, - password: settings.otomi?.git?.password, + ...(!updatedSettingsData.otomi?.git?.password && { password: settings.otomi?.git?.password }), }, } // convert otomi.nodeSelector to object From f50a7e8c2f5fa1fa79066353c9051da9a6e31975 Mon Sep 17 00:00:00 2001 From: Cas Lubbers Date: Thu, 12 Mar 2026 14:36:26 +0100 Subject: [PATCH 4/4] fix: strip passwords from editSettings --- src/api/v1/settings/{settingId}.ts | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/api/v1/settings/{settingId}.ts b/src/api/v1/settings/{settingId}.ts index a804ba47..8551022c 100644 --- a/src/api/v1/settings/{settingId}.ts +++ b/src/api/v1/settings/{settingId}.ts @@ -1,6 +1,7 @@ import Debug from 'debug' import { Response } from 'express' import { OpenApiRequestExt, Settings } from 'src/otomi-models' +import { omit } from 'lodash' const debug = Debug('otomi:api:v1:settings') @@ -13,5 +14,9 @@ export const editSettings = async (req: OpenApiRequestExt, res: Response): Promi const ids = Object.keys(req.body as Settings) debug(`editSettings(${ids.join(',')})`) const v = await req.otomi.editSettings(req.body as Settings, settingId) - res.json(v) + if (v?.otomi) { + res.json(omit(v, ['otomi.adminPassword', 'otomi.git.password'])) + } else { + res.json(v) + } }