This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.
dagger/plan/task/secretexec.go
Richard Jones e6207b45af
fixed gosec issue
Signed-off-by: Richard Jones <richard@dagger.io>
2021-12-20 09:58:26 -07:00

46 lines
1.1 KiB
Go

package task
import (
"context"
"os/exec"
"strings"
"github.com/rs/zerolog/log"
"go.dagger.io/dagger/compiler"
"go.dagger.io/dagger/plancontext"
"go.dagger.io/dagger/solver"
)
func init() {
Register("SecretExec", func() Task { return &secretExecTask{} })
}
type secretExecTask struct {
}
func (c secretExecTask) Run(ctx context.Context, pctx *plancontext.Context, _ solver.Solver, v *compiler.Value) (*compiler.Value, error) {
var secretExec struct {
Command struct {
Name string
Args []string
}
}
if err := v.Decode(&secretExec); err != nil {
return nil, err
}
lg := log.Ctx(ctx)
lg.Debug().Str("name", secretExec.Command.Name).Str("args", strings.Join(secretExec.Command.Args, " ")).Msg("executing secret command")
// sec audited by @aluzzardi and @mrjones
out, err := exec.CommandContext(ctx, secretExec.Command.Name, secretExec.Command.Args...).Output() //#nosec G204
if err != nil {
return nil, err
}
secret := pctx.Secrets.New(string(out))
return compiler.NewValue().FillFields(map[string]interface{}{
"contents": secret.MarshalCUE(),
})
}