2021-12-17 22:41:09 +01:00
|
|
|
package task
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
2022-01-11 22:39:18 +01:00
|
|
|
"errors"
|
2021-12-23 17:22:50 +01:00
|
|
|
"fmt"
|
2021-12-23 19:09:26 +01:00
|
|
|
"os"
|
2021-12-17 22:41:09 +01:00
|
|
|
"os/exec"
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/rs/zerolog/log"
|
|
|
|
"go.dagger.io/dagger/compiler"
|
|
|
|
"go.dagger.io/dagger/plancontext"
|
|
|
|
"go.dagger.io/dagger/solver"
|
|
|
|
)
|
|
|
|
|
|
|
|
func init() {
|
2021-12-22 16:19:40 +01:00
|
|
|
Register("InputSecretExec", func() Task { return &inputSecretExecTask{} })
|
2021-12-17 22:41:09 +01:00
|
|
|
}
|
|
|
|
|
2021-12-22 16:19:40 +01:00
|
|
|
type inputSecretExecTask struct {
|
2021-12-17 22:41:09 +01:00
|
|
|
}
|
|
|
|
|
2021-12-22 16:19:40 +01:00
|
|
|
func (c *inputSecretExecTask) Run(ctx context.Context, pctx *plancontext.Context, _ solver.Solver, v *compiler.Value) (*compiler.Value, error) {
|
2021-12-17 22:41:09 +01:00
|
|
|
var secretExec struct {
|
|
|
|
Command struct {
|
|
|
|
Name string
|
|
|
|
Args []string
|
|
|
|
}
|
2021-12-23 17:22:50 +01:00
|
|
|
TrimSpace bool
|
2021-12-17 22:41:09 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
if err := v.Decode(&secretExec); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2021-12-23 17:22:50 +01:00
|
|
|
lg := log.Ctx(ctx)
|
|
|
|
lg.Debug().Str("name", secretExec.Command.Name).Str("args", strings.Join(secretExec.Command.Args, " ")).Str("trimSpace", fmt.Sprintf("%t", secretExec.TrimSpace)).Msg("loading secret")
|
2021-12-17 22:41:09 +01:00
|
|
|
|
2021-12-23 19:09:26 +01:00
|
|
|
var err error
|
|
|
|
|
|
|
|
//#nosec G204: sec audited by @aluzzardi and @mrjones
|
|
|
|
cmd := exec.CommandContext(ctx, secretExec.Command.Name, secretExec.Command.Args...)
|
|
|
|
cmd.Env = os.Environ()
|
|
|
|
cmd.Dir, err = v.Lookup("command.name").Dirname()
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2021-12-20 17:58:26 +01:00
|
|
|
// sec audited by @aluzzardi and @mrjones
|
2021-12-23 19:09:26 +01:00
|
|
|
out, err := cmd.Output()
|
2021-12-17 22:41:09 +01:00
|
|
|
if err != nil {
|
2022-01-11 22:39:18 +01:00
|
|
|
var exitErr *exec.ExitError
|
|
|
|
if errors.As(err, &exitErr) {
|
|
|
|
return nil, errors.New(string(exitErr.Stderr))
|
|
|
|
}
|
2021-12-17 22:41:09 +01:00
|
|
|
return nil, err
|
|
|
|
}
|
2021-12-23 17:22:50 +01:00
|
|
|
|
|
|
|
plaintext := string(out)
|
|
|
|
|
|
|
|
if secretExec.TrimSpace {
|
|
|
|
plaintext = strings.TrimSpace(plaintext)
|
|
|
|
}
|
|
|
|
|
|
|
|
secret := pctx.Secrets.New(plaintext)
|
2021-12-17 22:41:09 +01:00
|
|
|
return compiler.NewValue().FillFields(map[string]interface{}{
|
|
|
|
"contents": secret.MarshalCUE(),
|
|
|
|
})
|
|
|
|
}
|