Attempted rework to match new code.
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
This commit is contained in:
parent
eea47f9099
commit
ba956f340a
|
@ -127,10 +127,6 @@ var appNewCommand = cli.Command{
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := secret.EnsureSecretLengths(secretsConfig, internal.Domain, sanitisedAppName); err != nil {
|
|
||||||
logrus.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if err := promptForSecrets(recipe.Name, secretsConfig); err != nil {
|
if err := promptForSecrets(recipe.Name, secretsConfig); err != nil {
|
||||||
logrus.Fatal(err)
|
logrus.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -96,10 +96,6 @@ var appSecretGenerateCommand = cli.Command{
|
||||||
logrus.Fatal(err)
|
logrus.Fatal(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := secret.EnsureSecretLengths(secrets, internal.Domain, config.SanitiseAppName(app.Name)); err != nil {
|
|
||||||
logrus.Fatal(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
if !allSecrets {
|
if !allSecrets {
|
||||||
secretName := c.Args().Get(1)
|
secretName := c.Args().Get(1)
|
||||||
secretVersion := c.Args().Get(2)
|
secretVersion := c.Args().Get(2)
|
||||||
|
|
|
@ -89,7 +89,7 @@ func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName strin
|
||||||
appEnv["STACK_NAME"] = stackName
|
appEnv["STACK_NAME"] = stackName
|
||||||
|
|
||||||
opts := stack.Deploy{Composefiles: composeFiles}
|
opts := stack.Deploy{Composefiles: composeFiles}
|
||||||
config, err := loader.LoadComposefile(opts, appEnv)
|
composeConfig, err := loader.LoadComposefile(opts, appEnv)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
@ -100,7 +100,7 @@ func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName strin
|
||||||
}
|
}
|
||||||
|
|
||||||
var enabledSecrets []string
|
var enabledSecrets []string
|
||||||
for _, service := range config.Services {
|
for _, service := range composeConfig.Services {
|
||||||
for _, secret := range service.Secrets {
|
for _, secret := range service.Secrets {
|
||||||
enabledSecrets = append(enabledSecrets, secret.Source)
|
enabledSecrets = append(enabledSecrets, secret.Source)
|
||||||
}
|
}
|
||||||
|
@ -112,7 +112,7 @@ func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName strin
|
||||||
}
|
}
|
||||||
|
|
||||||
secretValues := map[string]Secret{}
|
secretValues := map[string]Secret{}
|
||||||
for secretId, secretConfig := range config.Secrets {
|
for secretId, secretConfig := range composeConfig.Secrets {
|
||||||
if string(secretConfig.Name[len(secretConfig.Name)-1]) == "_" {
|
if string(secretConfig.Name[len(secretConfig.Name)-1]) == "_" {
|
||||||
return nil, fmt.Errorf("missing version for secret? (%s)", secretId)
|
return nil, fmt.Errorf("missing version for secret? (%s)", secretId)
|
||||||
}
|
}
|
||||||
|
@ -126,6 +126,10 @@ func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName strin
|
||||||
secretVersion := secretConfig.Name[lastIdx+1:]
|
secretVersion := secretConfig.Name[lastIdx+1:]
|
||||||
value := Secret{Version: secretVersion, RemoteName: secretConfig.Name}
|
value := Secret{Version: secretVersion, RemoteName: secretConfig.Name}
|
||||||
|
|
||||||
|
if len(value.RemoteName) > config.MAX_DOCKER_SECRET_LENGTH {
|
||||||
|
return nil, fmt.Errorf("secret %s is > %d chars when combined with %s", secretId, config.MAX_DOCKER_SECRET_LENGTH, stackName)
|
||||||
|
}
|
||||||
|
|
||||||
// Check if the length modifier is set for this secret.
|
// Check if the length modifier is set for this secret.
|
||||||
for envName, modifierValues := range appModifiers {
|
for envName, modifierValues := range appModifiers {
|
||||||
// configWithoutEnv contains the raw name as defined in the compose.yaml
|
// configWithoutEnv contains the raw name as defined in the compose.yaml
|
||||||
|
@ -282,19 +286,3 @@ func PollSecretsStatus(cl *dockerClient.Client, app config.App) (secretStatuses,
|
||||||
|
|
||||||
return secStats, nil
|
return secStats, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func EnsureSecretLengths(secrets map[string]Secret, domainName string, sanitisedAppName string) error {
|
|
||||||
if len(sanitisedAppName) > config.MAX_SANITISED_APP_NAME_LENGTH {
|
|
||||||
sanitisedAppName = sanitisedAppName[:config.MAX_SANITISED_APP_NAME_LENGTH]
|
|
||||||
}
|
|
||||||
|
|
||||||
domainAndFormatLength := len(sanitisedAppName) + 4
|
|
||||||
for secretName := range secrets {
|
|
||||||
|
|
||||||
if len(secretName)+domainAndFormatLength > config.MAX_DOCKER_SECRET_LENGTH {
|
|
||||||
return fmt.Errorf("secret %s is too long (> %d chars when combined with %s)", secretName, config.MAX_DOCKER_SECRET_LENGTH, sanitisedAppName)
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
|
@ -28,3 +28,14 @@ func TestReadSecretsConfig(t *testing.T) {
|
||||||
assert.Equal(t, "v2", secretsFromConfig["test_pass_three"].Version)
|
assert.Equal(t, "v2", secretsFromConfig["test_pass_three"].Version)
|
||||||
assert.Equal(t, 0, secretsFromConfig["test_pass_three"].Length)
|
assert.Equal(t, 0, secretsFromConfig["test_pass_three"].Length)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestReadSecretsConfigWithLongDomain(t *testing.T) {
|
||||||
|
composeFiles := []string{"./testdir/compose.yaml"}
|
||||||
|
_, err := ReadSecretsConfig("./testdir/.env.sample", composeFiles, "should_break_on_forty_eight_char_stack_nameeeeee")
|
||||||
|
if err == nil {
|
||||||
|
t.Fatal("Expected to fail")
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check error
|
||||||
|
assert.Equal(t, "secret test_pass_one is > 64 chars when combined with should_break_on_forty_eight_char_stack_nameeeeee", err.Error())
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue