2016-11-17 02:33:48 +00:00
|
|
|
package agent
|
|
|
|
|
|
|
|
import (
|
|
|
|
"strings"
|
|
|
|
|
|
|
|
"github.com/drone/drone/model"
|
|
|
|
)
|
|
|
|
|
|
|
|
// SecretReplacer hides secrets from being exposed by the build output.
|
|
|
|
type SecretReplacer interface {
|
|
|
|
// Replace conceals instances of secrets found in s.
|
|
|
|
Replace(s string) string
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewSecretReplacer creates a SecretReplacer based on whether any value in
|
|
|
|
// secrets requests it be hidden.
|
|
|
|
func NewSecretReplacer(secrets []*model.Secret) SecretReplacer {
|
|
|
|
var r []string
|
|
|
|
for _, s := range secrets {
|
|
|
|
if s.Conceal {
|
|
|
|
r = append(r, s.Value, "*****")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-11-17 18:09:58 +00:00
|
|
|
if len(r) == 0 {
|
|
|
|
return &noopReplacer{}
|
2016-11-17 02:33:48 +00:00
|
|
|
}
|
|
|
|
|
2016-11-17 18:09:58 +00:00
|
|
|
return &secretReplacer{
|
|
|
|
replacer: strings.NewReplacer(r...),
|
|
|
|
}
|
2016-11-17 02:33:48 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type noopReplacer struct{}
|
|
|
|
|
|
|
|
func (*noopReplacer) Replace(s string) string {
|
|
|
|
return s
|
|
|
|
}
|
|
|
|
|
|
|
|
type secretReplacer struct {
|
|
|
|
replacer *strings.Replacer
|
|
|
|
}
|
|
|
|
|
|
|
|
func (r *secretReplacer) Replace(s string) string {
|
|
|
|
return r.replacer.Replace(s)
|
|
|
|
}
|