secretsync: escape $ in variable content
GitLab doesn't treat $ as literals in file content, which means that it tries to do variable interpolation. This is bad and annoying, because e.g. password hashes tend to contain $, so they get variable-interpolated and thus corrupted. Fix this by escaping $ on input to GitLab.
This commit is contained in:
parent
f994f155cd
commit
823eab4775
1 changed files with 16 additions and 10 deletions
|
@ -134,6 +134,19 @@ type ProjectVariable struct {
|
|||
Masked bool `json:"masked" url:"masked"`
|
||||
}
|
||||
|
||||
func (v ProjectVariable) EncodedValue() string {
|
||||
return strings.ReplaceAll(v.Value, "$", "$$")
|
||||
}
|
||||
|
||||
func (v ProjectVariable) Values() url.Values {
|
||||
data, err := query.Values(v)
|
||||
if err != nil {
|
||||
panic("query.Values failed unexpectedly")
|
||||
}
|
||||
data.Set("value", v.EncodedValue())
|
||||
return data
|
||||
}
|
||||
|
||||
// Variables gets the list of variables from GitLab.
|
||||
func (gl *GitLabAPI) Variables(ctx context.Context, project string) (map[string]ProjectVariable, error) {
|
||||
resp, err := gl.get(ctx, fmt.Sprintf("/api/v4/projects/%s/variables", url.PathEscape(project)))
|
||||
|
@ -149,6 +162,7 @@ func (gl *GitLabAPI) Variables(ctx context.Context, project string) (map[string]
|
|||
|
||||
out := make(map[string]ProjectVariable, len(pvs))
|
||||
for _, s := range pvs {
|
||||
s.Value = strings.ReplaceAll(s.Value, "$$", "$")
|
||||
out[s.Key] = s
|
||||
}
|
||||
return out, nil
|
||||
|
@ -156,11 +170,7 @@ func (gl *GitLabAPI) Variables(ctx context.Context, project string) (map[string]
|
|||
|
||||
// CreateVariable creates a new project variable.
|
||||
func (gl *GitLabAPI) CreateVariable(ctx context.Context, project string, varData ProjectVariable) error {
|
||||
data, err := query.Values(varData)
|
||||
if err != nil {
|
||||
return fmt.Errorf("encoding variable data")
|
||||
}
|
||||
resp, err := gl.doWithForm(ctx, "POST", fmt.Sprintf("/api/v4/projects/%s/variables", url.PathEscape(project)), data)
|
||||
resp, err := gl.doWithForm(ctx, "POST", fmt.Sprintf("/api/v4/projects/%s/variables", url.PathEscape(project)), varData.Values())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
@ -173,11 +183,7 @@ func (gl *GitLabAPI) CreateVariable(ctx context.Context, project string, varData
|
|||
|
||||
// UpdateVariable updates a project variable.
|
||||
func (gl *GitLabAPI) UpdateVariable(ctx context.Context, project string, varData ProjectVariable) error {
|
||||
data, err := query.Values(varData)
|
||||
if err != nil {
|
||||
return fmt.Errorf("encoding variable data")
|
||||
}
|
||||
resp, err := gl.doWithForm(ctx, "PUT", fmt.Sprintf("/api/v4/projects/%s/variables/%s", url.PathEscape(project), url.PathEscape(varData.Key)), data)
|
||||
resp, err := gl.doWithForm(ctx, "PUT", fmt.Sprintf("/api/v4/projects/%s/variables/%s", url.PathEscape(project), url.PathEscape(varData.Key)), varData.Values())
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue