added trimSpace to inputs secrets

Signed-off-by: Richard Jones <richard@dagger.io>
This commit is contained in:
Richard Jones 2021-12-23 09:22:50 -07:00
parent bbec566bb5
commit 2561f942c6
No known key found for this signature in database
GPG Key ID: CFB3A382EB166F4C
4 changed files with 37 additions and 11 deletions

View File

@ -4,6 +4,7 @@ import (
"context" "context"
"fmt" "fmt"
"os" "os"
"strings"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
"go.dagger.io/dagger/compiler" "go.dagger.io/dagger/compiler"
@ -22,19 +23,25 @@ func (c *inputSecretEnvTask) Run(ctx context.Context, pctx *plancontext.Context,
lg := log.Ctx(ctx) lg := log.Ctx(ctx)
var secretEnv struct { var secretEnv struct {
Envvar string Envvar string
TrimSpace bool
} }
if err := v.Decode(&secretEnv); err != nil { if err := v.Decode(&secretEnv); err != nil {
return nil, err return nil, err
} }
lg.Debug().Str("envvar", secretEnv.Envvar).Msg("loading secret") lg.Debug().Str("envvar", secretEnv.Envvar).Str("trimSpace", fmt.Sprintf("%t", secretEnv.TrimSpace)).Msg("loading secret")
env := os.Getenv(secretEnv.Envvar) env := os.Getenv(secretEnv.Envvar)
if env == "" { if env == "" {
return nil, fmt.Errorf("environment variable %q not set", secretEnv.Envvar) return nil, fmt.Errorf("environment variable %q not set", secretEnv.Envvar)
} }
if secretEnv.TrimSpace {
env = strings.TrimSpace(env)
}
secret := pctx.Secrets.New(env) secret := pctx.Secrets.New(env)
return compiler.NewValue().FillFields(map[string]interface{}{ return compiler.NewValue().FillFields(map[string]interface{}{
"contents": secret.MarshalCUE(), "contents": secret.MarshalCUE(),

View File

@ -2,6 +2,7 @@ package task
import ( import (
"context" "context"
"fmt"
"os/exec" "os/exec"
"strings" "strings"
@ -24,21 +25,29 @@ func (c *inputSecretExecTask) Run(ctx context.Context, pctx *plancontext.Context
Name string Name string
Args []string Args []string
} }
TrimSpace bool
} }
if err := v.Decode(&secretExec); err != nil { if err := v.Decode(&secretExec); err != nil {
return nil, err return nil, err
} }
lg := log.Ctx(ctx)
lg.Debug().Str("name", secretExec.Command.Name).Str("args", strings.Join(secretExec.Command.Args, " ")).Msg("executing secret command") lg := log.Ctx(ctx)
lg.Debug().Str("name", secretExec.Command.Name).Str("args", strings.Join(secretExec.Command.Args, " ")).Str("trimSpace", fmt.Sprintf("%t", secretExec.TrimSpace)).Msg("loading secret")
// sec audited by @aluzzardi and @mrjones // sec audited by @aluzzardi and @mrjones
out, err := exec.CommandContext(ctx, secretExec.Command.Name, secretExec.Command.Args...).Output() //#nosec G204 out, err := exec.CommandContext(ctx, secretExec.Command.Name, secretExec.Command.Args...).Output() //#nosec G204
if err != nil { if err != nil {
return nil, err return nil, err
} }
secret := pctx.Secrets.New(string(out))
plaintext := string(out)
if secretExec.TrimSpace {
plaintext = strings.TrimSpace(plaintext)
}
secret := pctx.Secrets.New(plaintext)
return compiler.NewValue().FillFields(map[string]interface{}{ return compiler.NewValue().FillFields(map[string]interface{}{
"contents": secret.MarshalCUE(), "contents": secret.MarshalCUE(),
}) })

View File

@ -2,7 +2,9 @@ package task
import ( import (
"context" "context"
"fmt"
"os" "os"
"strings"
"github.com/rs/zerolog/log" "github.com/rs/zerolog/log"
"go.dagger.io/dagger/compiler" "go.dagger.io/dagger/compiler"
@ -18,24 +20,29 @@ type inputSecretFileTask struct {
} }
func (c *inputSecretFileTask) Run(ctx context.Context, pctx *plancontext.Context, _ solver.Solver, v *compiler.Value) (*compiler.Value, error) { func (c *inputSecretFileTask) Run(ctx context.Context, pctx *plancontext.Context, _ solver.Solver, v *compiler.Value) (*compiler.Value, error) {
lg := log.Ctx(ctx)
var secretFile struct { var secretFile struct {
Path string Path string
TrimSpace bool
} }
if err := v.Decode(&secretFile); err != nil { if err := v.Decode(&secretFile); err != nil {
return nil, err return nil, err
} }
lg.Debug().Str("path", secretFile.Path).Msg("loading secret") lg := log.Ctx(ctx)
lg.Debug().Str("path", secretFile.Path).Str("trimSpace", fmt.Sprintf("%t", secretFile.TrimSpace)).Msg("loading secret")
plaintext, err := os.ReadFile(secretFile.Path) fileBytes, err := os.ReadFile(secretFile.Path)
if err != nil { if err != nil {
return nil, err return nil, err
} }
secret := pctx.Secrets.New(string(plaintext)) plaintext := string(fileBytes)
if secretFile.TrimSpace {
plaintext = strings.TrimSpace(plaintext)
}
secret := pctx.Secrets.New(plaintext)
return compiler.NewValue().FillFields(map[string]interface{}{ return compiler.NewValue().FillFields(map[string]interface{}{
"contents": secret.MarshalCUE(), "contents": secret.MarshalCUE(),
}) })

View File

@ -66,6 +66,9 @@ _#inputSecret: {
// See universe.dagger.io/docker.#Run.mounts // See universe.dagger.io/docker.#Run.mounts
// FIXME: `contents` field name causes confusion (not actually the secret contents..) // FIXME: `contents` field name causes confusion (not actually the secret contents..)
contents: #Secret contents: #Secret
// Whether to trim leading and trailing space characters from secret value
trimSpace: *true | false
} }
// Read secret from an environment variable ON THE CLIENT MACHINE // Read secret from an environment variable ON THE CLIENT MACHINE