diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 72d053ec..ec825750 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -86,8 +86,8 @@ jobs: env: DAGGER_AGE_KEY: ${{ secrets.DAGGER_AGE_KEY }} run: | - mkdir ~/.dagger - echo "$DAGGER_AGE_KEY" > ~/.dagger/keys.txt + mkdir -p ~/.config/dagger + echo "$DAGGER_AGE_KEY" > ~/.config/dagger/keys.txt - name: Login to Docker Hub uses: docker/login-action@v1 diff --git a/cmd/dagger/cmd/version.go b/cmd/dagger/cmd/version.go index 33ed2503..b4f1acdc 100644 --- a/cmd/dagger/cmd/version.go +++ b/cmd/dagger/cmd/version.go @@ -21,7 +21,7 @@ import ( const ( defaultVersion = "devel" - versionFile = "~/.dagger/version-check" + versionFile = "~/.config/dagger/version-check" versionURL = "https://releases.dagger.io/dagger/latest_version" ) @@ -168,7 +168,7 @@ func checkVersion() { baseDir := path.Dir(versionFilePath) if _, err := os.Stat(baseDir); os.IsNotExist(err) { - if err := os.MkdirAll(baseDir, 0755); err != nil { + if err := os.MkdirAll(baseDir, 0700); err != nil { // mkdir fails, ignore silently return } diff --git a/keychain/keys.go b/keychain/keys.go index 830f1e8f..57bc1fcd 100644 --- a/keychain/keys.go +++ b/keychain/keys.go @@ -5,7 +5,6 @@ import ( "errors" "fmt" "os" - "path" "path/filepath" "time" @@ -15,12 +14,35 @@ import ( ) func Path() (string, error) { - h, err := homedir.Dir() + keysFile, err := homedir.Expand("~/.config/dagger/keys.txt") if err != nil { return "", err } - return path.Join(h, ".dagger", "keys.txt"), nil + // if the keys file doesn't exist, attempt a migration + if _, err := os.Stat(keysFile); errors.Is(err, os.ErrNotExist) { + migrateKeys(keysFile) + } + + return keysFile, nil +} + +// migrateKeys attempts a migration from `~/.dagger/keys.txt` to `~/.config/dagger/keys.txt` +func migrateKeys(keysFile string) error { + oldKeysFile, err := homedir.Expand("~/.dagger/keys.txt") + if err != nil { + return err + } + + if _, err := os.Stat(oldKeysFile); err != nil { + return err + } + + if err := os.MkdirAll(filepath.Dir(keysFile), 0700); err != nil { + return err + } + + return os.Rename(oldKeysFile, keysFile) } func Default(ctx context.Context) (string, error) { @@ -49,7 +71,7 @@ func Generate(ctx context.Context) (string, error) { return "", fmt.Errorf("internal error: %v", err) } - if err := os.MkdirAll(filepath.Dir(keysFile), 0755); err != nil { + if err := os.MkdirAll(filepath.Dir(keysFile), 0700); err != nil { return "", err } f, err := os.OpenFile(keysFile, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0600) diff --git a/tests/helpers.bash b/tests/helpers.bash index ca5fe74b..2416f8aa 100644 --- a/tests/helpers.bash +++ b/tests/helpers.bash @@ -13,7 +13,7 @@ common_setup() { DAGGER_WORKSPACE="$(mktemp -d -t dagger-workspace-XXXXXX)" export DAGGER_WORKSPACE - SOPS_AGE_KEY_FILE=~/.dagger/keys.txt + SOPS_AGE_KEY_FILE=~/.config/dagger/keys.txt export SOPS_AGE_KEY_FILE }