Merge pull request #1306 from talentedmrjones/europa-trim-space

added trimSpace to inputs secrets

plan/task/inputsecretenv.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"os"
+	"strings"
 
 	"github.com/rs/zerolog/log"
 	"go.dagger.io/dagger/compiler"
@@ -22,19 +23,25 @@ func (c *inputSecretEnvTask) Run(ctx context.Context, pctx *plancontext.Context,
 	lg := log.Ctx(ctx)
 
 	var secretEnv struct {
-		Envvar string
+		Envvar    string
+		TrimSpace bool
 	}
 
 	if err := v.Decode(&secretEnv); err != nil {
 		return nil, err
 	}
 
-	lg.Debug().Str("envvar", secretEnv.Envvar).Msg("loading secret")
+	lg.Debug().Str("envvar", secretEnv.Envvar).Str("trimSpace", fmt.Sprintf("%t", secretEnv.TrimSpace)).Msg("loading secret")
 
 	env := os.Getenv(secretEnv.Envvar)
 	if env == "" {
 		return nil, fmt.Errorf("environment variable %q not set", secretEnv.Envvar)
 	}
+
+	if secretEnv.TrimSpace {
+		env = strings.TrimSpace(env)
+	}
+
 	secret := pctx.Secrets.New(env)
 	return compiler.NewValue().FillFields(map[string]interface{}{
 		"contents": secret.MarshalCUE(),

plan/task/inputsecretexec.go

@@ -2,6 +2,7 @@ package task
 
 import (
 	"context"
+	"fmt"
 	"os/exec"
 	"strings"
 
@@ -24,21 +25,29 @@ func (c *inputSecretExecTask) Run(ctx context.Context, pctx *plancontext.Context
 			Name string
 			Args []string
 		}
+		TrimSpace bool
 	}
 
 	if err := v.Decode(&secretExec); err != nil {
 		return nil, err
 	}
-	lg := log.Ctx(ctx)
 
-	lg.Debug().Str("name", secretExec.Command.Name).Str("args", strings.Join(secretExec.Command.Args, " ")).Msg("executing secret command")
+	lg := log.Ctx(ctx)
+	lg.Debug().Str("name", secretExec.Command.Name).Str("args", strings.Join(secretExec.Command.Args, " ")).Str("trimSpace", fmt.Sprintf("%t", secretExec.TrimSpace)).Msg("loading secret")
 
 	// sec audited by @aluzzardi and @mrjones
 	out, err := exec.CommandContext(ctx, secretExec.Command.Name, secretExec.Command.Args...).Output() //#nosec G204
 	if err != nil {
 		return nil, err
 	}
-	secret := pctx.Secrets.New(string(out))
+
+	plaintext := string(out)
+
+	if secretExec.TrimSpace {
+		plaintext = strings.TrimSpace(plaintext)
+	}
+
+	secret := pctx.Secrets.New(plaintext)
 	return compiler.NewValue().FillFields(map[string]interface{}{
 		"contents": secret.MarshalCUE(),
 	})

plan/task/inputsecretfile.go

@@ -2,7 +2,9 @@ package task
 
 import (
 	"context"
+	"fmt"
 	"os"
+	"strings"
 
 	"github.com/rs/zerolog/log"
 	"go.dagger.io/dagger/compiler"
@@ -18,24 +20,29 @@ type inputSecretFileTask struct {
 }
 
 func (c *inputSecretFileTask) Run(ctx context.Context, pctx *plancontext.Context, _ solver.Solver, v *compiler.Value) (*compiler.Value, error) {
-	lg := log.Ctx(ctx)
-
 	var secretFile struct {
-		Path string
+		Path      string
+		TrimSpace bool
 	}
 
 	if err := v.Decode(&secretFile); err != nil {
 		return nil, err
 	}
 
-	lg.Debug().Str("path", secretFile.Path).Msg("loading secret")
+	lg := log.Ctx(ctx)
+	lg.Debug().Str("path", secretFile.Path).Str("trimSpace", fmt.Sprintf("%t", secretFile.TrimSpace)).Msg("loading secret")
 
-	plaintext, err := os.ReadFile(secretFile.Path)
+	fileBytes, err := os.ReadFile(secretFile.Path)
 	if err != nil {
 		return nil, err
 	}
 
-	secret := pctx.Secrets.New(string(plaintext))
+	plaintext := string(fileBytes)
+	if secretFile.TrimSpace {
+		plaintext = strings.TrimSpace(plaintext)
+	}
+
+	secret := pctx.Secrets.New(plaintext)
 	return compiler.NewValue().FillFields(map[string]interface{}{
 		"contents": secret.MarshalCUE(),
 	})

stdlib/europa/dagger/engine/plan.cue

@@ -66,6 +66,9 @@ _#inputSecret: {
 	// See universe.dagger.io/docker.#Run.mounts
 	// FIXME: `contents` field name causes confusion (not actually the secret contents..)
 	contents: #Secret
+
+	// Whether to trim leading and trailing space characters from secret value
+	trimSpace: *true | false
 }
 
 // Read secret from an environment variable ON THE CLIENT MACHINE