teepod: Correct check for kmsEnabled in secrets reset

Dstack-TEE · Dec 24, 2024 · 6c3407e · 6c3407e
1 parent 2f1d6ee
commit 6c3407e
Showing 1 changed file with 13 additions and 5 deletions.
diff --git a/teepod/src/console.html b/teepod/src/console.html
@@ -1098,16 +1098,16 @@ <h3>Derive VM</h3>
                     return Array.from(result).map(b => b.toString(16).padStart(2, '0')).join('');
                 };
 
-                const makeEncryptedEnv = async (appId) => {
-                    if (!vmForm.value.kms_enabled || vmForm.value.encrypted_envs.length === 0) return '';
+                const makeEncryptedEnv = async (envs, kmsEnabled, appId) => {
+                    if (!kmsEnabled || envs.length === 0) return '';
                     if (!appId) {
                         appId = await appIdOf(vmForm.value.compose_file);
                     }
                     const response = await rpcCall('GetAppEnvEncryptPubKey', {
                         app_id: appId
                     });
                     const encryptPubkey = await response.json();
-                    return await encryptEnv(vmForm.value.encrypted_envs, encryptPubkey.public_key);
+                    return await encryptEnv(envs, encryptPubkey.public_key);
                 };
 
                 const clearEncryptedEnv = () => {
@@ -1119,7 +1119,11 @@ <h3>Derive VM</h3>
                         const form = {
                             ...vmForm.value,
                             compose_file: makeAppComposeFile(),
-                            encrypted_env: await makeEncryptedEnv()
+                            encrypted_env: await makeEncryptedEnv(
+                                vmForm.value.encrypted_envs,
+                                vmForm.value.kms_enabled,
+                                vmForm.value.app_id
+                            )
                         };
                         const _response = await rpcCall('CreateVm', form);
                         loadVMList();
@@ -1300,7 +1304,11 @@ <h3>Derive VM</h3>
                         }
 
                         if (upgradeDialog.value.resetSecrets) {
-                            body.encrypted_env = await makeEncryptedEnv(upgradeDialog.value.vm.app_id);
+                            body.encrypted_env = await makeEncryptedEnv(
+                                vmForm.value.encrypted_envs,
+                                kmsEnabled(upgradeDialog.value.vm),
+                                upgradeDialog.value.vm.app_id
+                            );
                         }
 
                         const response = await rpcCall('UpgradeApp', body);