Andreas/watchtower
1
0
Fork 0
mirror of https://github.com/containrrr/watchtower.git synced 2025-12-13 21:56:38 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Support secrets for notification_url (#1300)

Browse source 
Co-authored-by: nils måsén <nils@piksel.se>
This commit is contained in:
James Laska 2022-08-01 14:10:36 -04:00 committed by GitHub
parent 489356aa42
commit bd2adf6e5f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 57 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
docs/notifications.md
View file

@ -181,7 +181,8 @@ If you want to disable TLS verification for the Gotify instance, you can use eit
To send notifications via shoutrrr, the following command-line options, or their corresponding environment variables, can be set: To send notifications via shoutrrr, the following command-line options, or their corresponding environment variables, can be set:
- `--notification-url` (env. `WATCHTOWER_NOTIFICATION_URL`): The shoutrrr service URL to be used. - `--notification-url` (env. `WATCHTOWER_NOTIFICATION_URL`): The shoutrrr service URL to be used. This option can also reference a file, in which case the contents of the file are used.
Go to [containrrr.dev/shoutrrr/v0.6/services/overview](https://containrrr.dev/shoutrrr/v0.6/services/overview) to Go to [containrrr.dev/shoutrrr/v0.6/services/overview](https://containrrr.dev/shoutrrr/v0.6/services/overview) to
learn more about the different service URLs you can use. You can define multiple services by space separating the learn more about the different service URLs you can use. You can define multiple services by space separating the

31
internal/flags/flags.go
View file

@ -1,6 +1,7 @@
package flags package flags
import ( import (
"bufio"
"errors" "errors"
"io/ioutil" "io/ioutil"
"os" "os"
@ -444,6 +445,7 @@ func GetSecretsFromFiles(rootCmd *cobra.Command) {
"notification-slack-hook-url", "notification-slack-hook-url",
"notification-msteams-hook", "notification-msteams-hook",
"notification-gotify-token", "notification-gotify-token",
"notification-url",
} }
for _, secret := range secrets { for _, secret := range secrets {
getSecretFromFile(flags, secret) getSecretFromFile(flags, secret)
@ -452,10 +454,33 @@ func GetSecretsFromFiles(rootCmd *cobra.Command) {
// getSecretFromFile will check if the flag contains a reference to a file; if it does, replaces the value of the flag with the contents of the file. // getSecretFromFile will check if the flag contains a reference to a file; if it does, replaces the value of the flag with the contents of the file.
func getSecretFromFile(flags *pflag.FlagSet, secret string) { func getSecretFromFile(flags *pflag.FlagSet, secret string) {
value, err := flags.GetString(secret) flag := flags.Lookup(secret)
if err != nil { if sliceValue, ok := flag.Value.(pflag.SliceValue); ok {
log.Error(err) oldValues := sliceValue.GetSlice()
values := make([]string, 0, len(oldValues))
for _, value := range oldValues {
if value != "" && isFile(value) {
file, err := os.Open(value)
if err != nil {
log.Fatal(err)
}
scanner := bufio.NewScanner(file)
for scanner.Scan() {
line := scanner.Text()
if line == "" {
continue
}
values = append(values, line)
}
} else {
values = append(values, value)
}
}
sliceValue.Replace(values)
return
} }
value := flag.Value.String()
if value != "" && isFile(value) { if value != "" && isFile(value) {
file, err := ioutil.ReadFile(value) file, err := ioutil.ReadFile(value)
if err != nil { if err != nil {

30
internal/flags/flags_test.go
View file

@ -50,6 +50,7 @@ func TestGetSecretsFromFilesWithString(t *testing.T) {
err := os.Setenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD", value) err := os.Setenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD", value)
require.NoError(t, err) require.NoError(t, err)
defer os.Unsetenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD")
testGetSecretsFromFiles(t, "notification-email-server-password", value) testGetSecretsFromFiles(t, "notification-email-server-password", value)
} }
@ -69,17 +70,40 @@ func TestGetSecretsFromFilesWithFile(t *testing.T) {
err = os.Setenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD", file.Name()) err = os.Setenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD", file.Name())
require.NoError(t, err) require.NoError(t, err)
defer os.Unsetenv("WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD")
testGetSecretsFromFiles(t, "notification-email-server-password", value) testGetSecretsFromFiles(t, "notification-email-server-password", value)
} }
func testGetSecretsFromFiles(t *testing.T, flagName string, expected string) { func TestGetSliceSecretsFromFiles(t *testing.T) {
values := []string{"entry2", "", "entry3"}
// Create the temporary file which will contain a secret.
file, err := ioutil.TempFile(os.TempDir(), "watchtower-")
require.NoError(t, err)
defer os.Remove(file.Name()) // Make sure to remove the temporary file later.
// Write the secret to the temporary file.
for _, value := range values {
_, err = file.WriteString("\n" + value)
require.NoError(t, err)
}
file.Close()
testGetSecretsFromFiles(t, "notification-url", `[entry1,entry2,entry3]`,
`--notification-url`, "entry1",
`--notification-url`, file.Name())
}
func testGetSecretsFromFiles(t *testing.T, flagName string, expected string, args ...string) {
cmd := new(cobra.Command) cmd := new(cobra.Command)
SetDefaults() SetDefaults()
RegisterNotificationFlags(cmd) RegisterNotificationFlags(cmd)
require.NoError(t, cmd.ParseFlags(args))
GetSecretsFromFiles(cmd) GetSecretsFromFiles(cmd)
value, err := cmd.PersistentFlags().GetString(flagName) flag := cmd.PersistentFlags().Lookup(flagName)
require.NoError(t, err) require.NotNil(t, flag)
value := flag.Value.String()
assert.Equal(t, expected, value) assert.Equal(t, expected, value)
} }