Merge pull request 'PASSWORD/KEY distinction+match for secret generation' (#33) from new-pass-keys-generation into main
Reviewed-on: coop-cloud/abra#33
This commit is contained in:
decentral1se
commit
b75bce531b
54
abra
54
abra
@ -344,8 +344,18 @@ get_servers() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
get_app_secrets() {
|
get_app_secrets() {
|
||||||
|
get_app_passwords
|
||||||
|
get_app_keys
|
||||||
|
}
|
||||||
|
|
||||||
|
get_app_passwords() {
|
||||||
# FIXME 3wc: requires bash 4, use for loop instead
|
# FIXME 3wc: requires bash 4, use for loop instead
|
||||||
mapfile -t SECRETS < <(grep "PASSWORD.*VERSION" "$ENV_FILE" | cut -d' ' -f2)
|
mapfile -t PASSWORDS < <(grep "SECRET.*PASSWORD.*VERSION.*" "$ENV_FILE" | cut -d ' ' -f2-)
|
||||||
|
}
|
||||||
|
|
||||||
|
get_app_keys() {
|
||||||
|
# FIXME 3wc: requires bash 4, use for loop instead
|
||||||
|
mapfile -t KEYS < <(grep "SECRET.*KEY.*VERSION.*" "$ENV_FILE" | cut -d' ' -f2-)
|
||||||
}
|
}
|
||||||
|
|
||||||
load_instance() {
|
load_instance() {
|
||||||
@ -396,6 +406,25 @@ prompt_confirm() {
|
|||||||
esac
|
esac
|
||||||
}
|
}
|
||||||
|
|
||||||
|
parse_secret() {
|
||||||
|
SECRET="$1"
|
||||||
|
|
||||||
|
if [[ "$SECRET" == *"length"* ]]; then
|
||||||
|
abra__length_="$(echo $SECRET | sed -e 's/.*[^0-9]\([0-9]\+\)[^0-9]*$/\1/')"
|
||||||
|
else
|
||||||
|
abra__length_=32
|
||||||
|
fi
|
||||||
|
|
||||||
|
abra__secret_="${SECRET%_VERSION=*}" # strip _VERSION=v1
|
||||||
|
abra__secret_="${abra__secret_#SECRET_}" # strip SECRET_
|
||||||
|
abra__secret_="${abra__secret_,,}" # lowercase
|
||||||
|
|
||||||
|
abra__version_="$(echo $SECRET | sed -n 's/.*\(v[0-9]\).*/\1/p')"
|
||||||
|
|
||||||
|
echo "Generating $abra__secret_, version: $abra__version_, length: $abra__length_"
|
||||||
|
sub_app_secret_generate
|
||||||
|
}
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
# abra app ..
|
# abra app ..
|
||||||
#######################################
|
#######################################
|
||||||
@ -480,7 +509,8 @@ sub_app_new (){
|
|||||||
abra__domain_="$DOMAIN"
|
abra__domain_="$DOMAIN"
|
||||||
|
|
||||||
get_app_secrets
|
get_app_secrets
|
||||||
if [ "${#SECRETS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
|
|
||||||
|
if [ "${#PASSWORDS[@]}" -gt 0 ] || [ "${#KEYS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
|
||||||
sub_app_secret_auto
|
sub_app_secret_auto
|
||||||
fi
|
fi
|
||||||
|
|
||||||
@ -633,8 +663,13 @@ sub_app_secret_generate(){
|
|||||||
|
|
||||||
SECRET="$abra__secret_"
|
SECRET="$abra__secret_"
|
||||||
VERSION="$abra__version_"
|
VERSION="$abra__version_"
|
||||||
PWGEN=${abra__cmd_:-pwgen}
|
LENGTH="$abra__length_"
|
||||||
|
|
||||||
|
if [[ "$SECRET" == *"password"* ]]; then
|
||||||
|
PWGEN="${abra__cmd_:-pwqgen}"
|
||||||
|
else
|
||||||
|
PWGEN=${abra__cmd_:-pwgen -n "$LENGTH"}
|
||||||
|
fi
|
||||||
|
|
||||||
if [ -z "$SECRET" ] || [ -z "$VERSION" ]; then
|
if [ -z "$SECRET" ] || [ -z "$VERSION" ]; then
|
||||||
error "Required arguments missing"
|
error "Required arguments missing"
|
||||||
@ -657,13 +692,12 @@ sub_app_secret_auto(){
|
|||||||
|
|
||||||
get_app_secrets
|
get_app_secrets
|
||||||
|
|
||||||
for SECRET in "${SECRETS[@]}"; do
|
for PASSWORD in "${PASSWORDS[@]}"; do
|
||||||
abra__secret_="${SECRET%=*}" # strip =v1
|
parse_secret "$PASSWORD"
|
||||||
abra__secret_="${abra__secret_%_VERSION}" # strip VERSION_
|
done
|
||||||
abra__secret_="${abra__secret_,,}" # lowercase
|
|
||||||
abra__version_="${SECRET#*=}"
|
for KEY in "${KEYS[@]}"; do
|
||||||
echo "Generating $abra__secret_"
|
parse_secret "$KEY"
|
||||||
sub_app_secret_generate
|
|
||||||
done
|
done
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user