Merge pull request 'PASSWORD/KEY distinction+match for secret generation' (#33) from new-pass-keys-generation into main

Reviewed-on: coop-cloud/abra#33
This commit is contained in:
decentral1se 2020-11-05 15:57:39 +01:00
commit b75bce531b

54
abra
View File

@ -344,8 +344,18 @@ get_servers() {
}
get_app_secrets() {
get_app_passwords
get_app_keys
}
get_app_passwords() {
# FIXME 3wc: requires bash 4, use for loop instead
mapfile -t SECRETS < <(grep "PASSWORD.*VERSION" "$ENV_FILE" | cut -d' ' -f2)
mapfile -t PASSWORDS < <(grep "SECRET.*PASSWORD.*VERSION.*" "$ENV_FILE" | cut -d ' ' -f2-)
}
get_app_keys() {
# FIXME 3wc: requires bash 4, use for loop instead
mapfile -t KEYS < <(grep "SECRET.*KEY.*VERSION.*" "$ENV_FILE" | cut -d' ' -f2-)
}
load_instance() {
@ -396,6 +406,25 @@ prompt_confirm() {
esac
}
parse_secret() {
SECRET="$1"
if [[ "$SECRET" == *"length"* ]]; then
abra__length_="$(echo $SECRET | sed -e 's/.*[^0-9]\([0-9]\+\)[^0-9]*$/\1/')"
else
abra__length_=32
fi
abra__secret_="${SECRET%_VERSION=*}" # strip _VERSION=v1
abra__secret_="${abra__secret_#SECRET_}" # strip SECRET_
abra__secret_="${abra__secret_,,}" # lowercase
abra__version_="$(echo $SECRET | sed -n 's/.*\(v[0-9]\).*/\1/p')"
echo "Generating $abra__secret_, version: $abra__version_, length: $abra__length_"
sub_app_secret_generate
}
#######################################
# abra app ..
#######################################
@ -480,7 +509,8 @@ sub_app_new (){
abra__domain_="$DOMAIN"
get_app_secrets
if [ "${#SECRETS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
if [ "${#PASSWORDS[@]}" -gt 0 ] || [ "${#KEYS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
sub_app_secret_auto
fi
@ -633,8 +663,13 @@ sub_app_secret_generate(){
SECRET="$abra__secret_"
VERSION="$abra__version_"
PWGEN=${abra__cmd_:-pwgen}
LENGTH="$abra__length_"
if [[ "$SECRET" == *"password"* ]]; then
PWGEN="${abra__cmd_:-pwqgen}"
else
PWGEN=${abra__cmd_:-pwgen -n "$LENGTH"}
fi
if [ -z "$SECRET" ] || [ -z "$VERSION" ]; then
error "Required arguments missing"
@ -657,13 +692,12 @@ sub_app_secret_auto(){
get_app_secrets
for SECRET in "${SECRETS[@]}"; do
abra__secret_="${SECRET%=*}" # strip =v1
abra__secret_="${abra__secret_%_VERSION}" # strip VERSION_
abra__secret_="${abra__secret_,,}" # lowercase
abra__version_="${SECRET#*=}"
echo "Generating $abra__secret_"
sub_app_secret_generate
for PASSWORD in "${PASSWORDS[@]}"; do
parse_secret "$PASSWORD"
done
for KEY in "${KEYS[@]}"; do
parse_secret "$KEY"
done
}