diff options
author | Krasimir Angelov <kangelov@gitlab.com> | 2019-12-05 11:44:17 +0300 |
---|---|---|
committer | Krasimir Angelov <kangelov@gitlab.com> | 2019-12-05 11:44:17 +0300 |
commit | e97fad680a73720b4b539f54f0ac9bcd46ee92f9 (patch) | |
tree | 201489a46f33ee4ca4236dcd605e5bcba3341d4e /main.go | |
parent | 7f35a7b7c1dde36f695fd7f1627fa77d9d8d2be0 (diff) |
Base64 decode GitLab API secret
before using it.
Diffstat (limited to 'main.go')
-rw-r--r-- | main.go | 22 |
1 files changed, 21 insertions, 1 deletions
@@ -1,6 +1,7 @@ package main import ( + "encoding/base64" "errors" "fmt" "io" @@ -121,6 +122,22 @@ func setArtifactsServer(artifactsServer string, artifactsServerTimeout int, conf config.ArtifactsServer = artifactsServer } +func setGitLabAPISecretKey(secretFile string, config *appConfig) { + encoded := readFile(secretFile) + + decoded := make([]byte, base64.StdEncoding.DecodedLen(len(encoded))) + secretLength, err := base64.StdEncoding.Decode(decoded, encoded) + if err != nil { + log.WithError(err).Fatal("Failed to decode GitLab API secret") + } + + if secretLength != 32 { + log.WithError(fmt.Errorf("Expected 32 bytes GitLab API secret but got %d bytes", secretLength)).Fatal("Failed to decode GitLab API secret") + } + + config.GitLabAPISecretKey = decoded +} + func configFromFlags() appConfig { var config appConfig @@ -144,13 +161,16 @@ func configFromFlags() appConfig { }{ {&config.RootCertificate, *pagesRootCert}, {&config.RootKey, *pagesRootKey}, - {&config.GitLabAPISecretKey, *gitLabAPISecretKey}, } { if file.path != "" { *file.contents = readFile(file.path) } } + if *gitLabAPISecretKey != "" { + setGitLabAPISecretKey(*gitLabAPISecretKey, &config) + } + if *artifactsServer != "" { setArtifactsServer(*artifactsServer, *artifactsServerTimeout, &config) } |