From 8d29e5f6edda796b85737b20072ae8934bcaa118 Mon Sep 17 00:00:00 2001 From: Knut Ahlers Date: Mon, 20 Nov 2023 15:52:06 +0100 Subject: [PATCH] [#148] Make secret optional when files are attached (#150) --- cmd/ots-cli/cmd_create.go | 65 +++++++++++++++++++++---------- src/components/create.vue | 8 +++- src/components/secret-display.vue | 9 +++-- 3 files changed, 56 insertions(+), 26 deletions(-) diff --git a/cmd/ots-cli/cmd_create.go b/cmd/ots-cli/cmd_create.go index c4b47cd..96350c4 100644 --- a/cmd/ots-cli/cmd_create.go +++ b/cmd/ots-cli/cmd_create.go @@ -1,6 +1,7 @@ package main import ( + "bytes" "fmt" "io" "mime" @@ -37,6 +38,7 @@ func init() { createCmd.Flags().StringSliceP("header", "H", nil, "Headers to include in the request (i.e. 'Authorization: Token ...')") createCmd.Flags().String("instance", "https://ots.fyi/", "Instance to create the secret with") createCmd.Flags().StringSliceP("file", "f", nil, "File(s) to attach to the secret") + createCmd.Flags().Bool("no-text", false, "Disable secret read (create a secret with only files)") createCmd.Flags().String("secret-from", "-", `File to read the secret content from ("-" for STDIN)`) createCmd.Flags().StringP("user", "u", "", "Username / Password for basic auth, specified as 'user:pass'") rootCmd.AddCommand(createCmd) @@ -51,29 +53,10 @@ func createRunE(cmd *cobra.Command, _ []string) (err error) { // Read the secret content logrus.Info("reading secret content...") - secretSourceName, err := cmd.Flags().GetString("secret-from") - if err != nil { - return fmt.Errorf("getting secret-from flag: %w", err) + if secret.Secret, err = getSecretContent(cmd); err != nil { + return fmt.Errorf("getting secret content: %w", err) } - var secretSource io.Reader - if secretSourceName == "-" { - secretSource = os.Stdin - } else { - f, err := os.Open(secretSourceName) //#nosec:G304 // Opening user specified file is intended - if err != nil { - return fmt.Errorf("opening secret-from file: %w", err) - } - defer f.Close() //nolint:errcheck // The file will be force-closed by program exit - secretSource = f - } - - secretContent, err := io.ReadAll(secretSource) - if err != nil { - return fmt.Errorf("reading secret content: %w", err) - } - secret.Secret = string(secretContent) - // Attach any file given files, err := cmd.Flags().GetStringSlice("file") if err != nil { @@ -93,6 +76,10 @@ func createRunE(cmd *cobra.Command, _ []string) (err error) { }) } + if secret.Secret == "" && secret.Attachments == nil { + return fmt.Errorf("secret has no content and no attachments") + } + // Get flags for creation logrus.Info("creating the secret...") instanceURL, err := cmd.Flags().GetString("instance") @@ -158,6 +145,42 @@ func constructHTTPClient(cmd *cobra.Command) (*http.Client, error) { return &http.Client{Transport: t}, nil } +func getSecretContent(cmd *cobra.Command) (string, error) { + secretSourceName, err := cmd.Flags().GetString("secret-from") + if err != nil { + return "", fmt.Errorf("getting secret-from flag: %w", err) + } + + noSecret, err := cmd.Flags().GetBool("no-text") + if err != nil { + return "", fmt.Errorf("getting no-text flag: %w", err) + } + + var secretSource io.Reader + switch { + case noSecret: + secretSource = bytes.NewReader(nil) + + case secretSourceName == "-": + secretSource = os.Stdin + + default: + f, err := os.Open(secretSourceName) //#nosec:G304 // Opening user specified file is intended + if err != nil { + return "", fmt.Errorf("opening secret-from file: %w", err) + } + defer f.Close() //nolint:errcheck // The file will be force-closed by program exit + secretSource = f + } + + secretContent, err := io.ReadAll(secretSource) + if err != nil { + return "", fmt.Errorf("reading secret content: %w", err) + } + + return strings.TrimSpace(string(secretContent)), nil +} + func (a authRoundTripper) RoundTrip(r *http.Request) (*http.Response, error) { if a.user != "" { r.SetBasicAuth(a.user, a.pass) diff --git a/src/components/create.vue b/src/components/create.vue index 8ea4d8e..1ed40c6 100644 --- a/src/components/create.vue +++ b/src/components/create.vue @@ -72,7 +72,7 @@