Allows flags containing sensitive stuff to be passed as files (#545)

* Allows options containing sensitive stuff (passwords, tokens) to be passed as a file instead

* Fixed linter error, added tests, removed notification-url (due to being an array)

internal/flags/flags.go

@@ -1,11 +1,14 @@
 package flags
 
 import (
+	"io/ioutil"
 	"os"
+	"strings"
 	"time"
 
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
+	"github.com/spf13/pflag"
 	"github.com/spf13/viper"
 )
 
@@ -366,3 +369,45 @@ func setEnvOptBool(env string, opt bool) error {
 	}
 	return nil
 }
+
+// GetSecretsFromFiles checks if passwords/tokens/webhooks have been passed as a file instead of plaintext.
+// If so, the value of the flag will be replaced with the contents of the file.
+func GetSecretsFromFiles(rootCmd *cobra.Command) {
+	flags := rootCmd.PersistentFlags()
+
+	secrets := []string{
+		"notification-email-server-password",
+		"notification-slack-hook-url",
+		"notification-msteams-hook",
+		"notification-gotify-token",
+	}
+	for _, secret := range secrets {
+		getSecretFromFile(flags, secret)
+	}
+}
+
+// getSecretFromFile will check if the flag contains a reference to a file; if it does, replaces the value of the flag with the contents of the file.
+func getSecretFromFile(flags *pflag.FlagSet, secret string) {
+	value, err := flags.GetString(secret)
+	if err != nil {
+		log.Error(err)
+	}
+	if value != "" && isFile(value) {
+		file, err := ioutil.ReadFile(value)
+		if err != nil {
+			log.Fatal(err)
+		}
+		err = flags.Set(secret, strings.TrimSpace(string(file)))
+		if err != nil {
+			log.Error(err)
+		}
+	}
+}
+
+func isFile(s string) bool {
+	_, err := os.Stat(s)
+	if os.IsNotExist(err) {
+		return false
+	}
+	return true
+}

internal/flags/flags_test.go

@@ -1,6 +1,7 @@
 package flags
 
 import (
+	"io/ioutil"
 	"os"
 	"testing"
 
@@ -39,3 +40,42 @@ func TestEnvConfig_Custom(t *testing.T) {
 	// Re-enable this test when we've moved to github actions.
 	// assert.Equal(t, "1.99", os.Getenv("DOCKER_API_VERSION"))
 }
+
+func TestGetSecretsFromFilesWithString(t *testing.T) {
+	value := "supersecretstring"
+
+	err := os.Setenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD", value)
+	require.NoError(t, err)
+
+	testGetSecretsFromFiles(t, "notification-email-server-password", value)
+}
+
+func TestGetSecretsFromFilesWithFile(t *testing.T) {
+	value := "megasecretstring"
+
+	// Create the temporary file which will contain a secret.
+	file, err := ioutil.TempFile(os.TempDir(), "watchtower-")
+	require.NoError(t, err)
+	defer os.Remove(file.Name()) // Make sure to remove the temporary file later.
+
+	// Write the secret to the temporary file.
+	secret := []byte(value)
+	_, err = file.Write(secret)
+	require.NoError(t, err)
+
+	err = os.Setenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD", file.Name())
+	require.NoError(t, err)
+
+	testGetSecretsFromFiles(t, "notification-email-server-password", value)
+}
+
+func testGetSecretsFromFiles(t *testing.T, flagName string, expected string) {
+	cmd := new(cobra.Command)
+	SetDefaults()
+	RegisterNotificationFlags(cmd)
+	GetSecretsFromFiles(cmd)
+	value, err := cmd.PersistentFlags().GetString(flagName)
+	require.NoError(t, err)
+
+	assert.Equal(t, expected, value)
+}