Merge pull request 'PASSWORD/KEY distinction+match for secret generation' (#33) from new-pass-keys-generation into main
Reviewed-on: coop-cloud/abra#33
This commit is contained in:
decentral1se
commit
b75bce531b
54
abra
54
abra
@ -344,8 +344,18 @@ get_servers() {
|
||||
}
|
||||
|
||||
get_app_secrets() {
|
||||
get_app_passwords
|
||||
get_app_keys
|
||||
}
|
||||
|
||||
get_app_passwords() {
|
||||
# FIXME 3wc: requires bash 4, use for loop instead
|
||||
mapfile -t SECRETS < <(grep "PASSWORD.*VERSION" "$ENV_FILE" | cut -d' ' -f2)
|
||||
mapfile -t PASSWORDS < <(grep "SECRET.*PASSWORD.*VERSION.*" "$ENV_FILE" | cut -d ' ' -f2-)
|
||||
}
|
||||
|
||||
get_app_keys() {
|
||||
# FIXME 3wc: requires bash 4, use for loop instead
|
||||
mapfile -t KEYS < <(grep "SECRET.*KEY.*VERSION.*" "$ENV_FILE" | cut -d' ' -f2-)
|
||||
}
|
||||
|
||||
load_instance() {
|
||||
@ -396,6 +406,25 @@ prompt_confirm() {
|
||||
esac
|
||||
}
|
||||
|
||||
parse_secret() {
|
||||
SECRET="$1"
|
||||
|
||||
if [[ "$SECRET" == *"length"* ]]; then
|
||||
abra__length_="$(echo $SECRET | sed -e 's/.*[^0-9]\([0-9]\+\)[^0-9]*$/\1/')"
|
||||
else
|
||||
abra__length_=32
|
||||
fi
|
||||
|
||||
abra__secret_="${SECRET%_VERSION=*}" # strip _VERSION=v1
|
||||
abra__secret_="${abra__secret_#SECRET_}" # strip SECRET_
|
||||
abra__secret_="${abra__secret_,,}" # lowercase
|
||||
|
||||
abra__version_="$(echo $SECRET | sed -n 's/.*\(v[0-9]\).*/\1/p')"
|
||||
|
||||
echo "Generating $abra__secret_, version: $abra__version_, length: $abra__length_"
|
||||
sub_app_secret_generate
|
||||
}
|
||||
|
||||
#######################################
|
||||
# abra app ..
|
||||
#######################################
|
||||
@ -480,7 +509,8 @@ sub_app_new (){
|
||||
abra__domain_="$DOMAIN"
|
||||
|
||||
get_app_secrets
|
||||
if [ "${#SECRETS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
|
||||
|
||||
if [ "${#PASSWORDS[@]}" -gt 0 ] || [ "${#KEYS[@]}" -gt 0 ] && [ "$abra___auto" == "true" ]; then
|
||||
sub_app_secret_auto
|
||||
fi
|
||||
|
||||
@ -633,8 +663,13 @@ sub_app_secret_generate(){
|
||||
|
||||
SECRET="$abra__secret_"
|
||||
VERSION="$abra__version_"
|
||||
PWGEN=${abra__cmd_:-pwgen}
|
||||
LENGTH="$abra__length_"
|
||||
|
||||
if [[ "$SECRET" == *"password"* ]]; then
|
||||
PWGEN="${abra__cmd_:-pwqgen}"
|
||||
else
|
||||
PWGEN=${abra__cmd_:-pwgen -n "$LENGTH"}
|
||||
fi
|
||||
|
||||
if [ -z "$SECRET" ] || [ -z "$VERSION" ]; then
|
||||
error "Required arguments missing"
|
||||
@ -657,13 +692,12 @@ sub_app_secret_auto(){
|
||||
|
||||
get_app_secrets
|
||||
|
||||
for SECRET in "${SECRETS[@]}"; do
|
||||
abra__secret_="${SECRET%=*}" # strip =v1
|
||||
abra__secret_="${abra__secret_%_VERSION}" # strip VERSION_
|
||||
abra__secret_="${abra__secret_,,}" # lowercase
|
||||
abra__version_="${SECRET#*=}"
|
||||
echo "Generating $abra__secret_"
|
||||
sub_app_secret_generate
|
||||
for PASSWORD in "${PASSWORDS[@]}"; do
|
||||
parse_secret "$PASSWORD"
|
||||
done
|
||||
|
||||
for KEY in "${KEYS[@]}"; do
|
||||
parse_secret "$KEY"
|
||||
done
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user