adding the ability to set the RSA key as a string value on drone startup instead of a file that has to be mounted.

This commit is contained in:
Joachim Hill-Grannec 2017-02-01 13:41:45 -08:00
parent 4a57d93b53
commit c413565521
3 changed files with 27 additions and 9 deletions

View file

@ -261,6 +261,11 @@ var serverCmd = cli.Command{
Name: "stash-consumer-rsa", Name: "stash-consumer-rsa",
Usage: "stash oauth1 private key file", Usage: "stash oauth1 private key file",
}, },
cli.StringFlag{
EnvVar: "DRONE_STASH_CONSUMER_RSA_STRING",
Name: "stash-consumer-rsa-string",
Usage: "stash oauth1 private key string",
},
cli.StringFlag{ cli.StringFlag{
EnvVar: "DRONE_STASH_GIT_USERNAME", EnvVar: "DRONE_STASH_GIT_USERNAME",
Name: "stash-git-username", Name: "stash-git-username",

View file

@ -32,6 +32,7 @@ type Opts struct {
Password string // Git machine account password. Password string // Git machine account password.
ConsumerKey string // Oauth1 consumer key. ConsumerKey string // Oauth1 consumer key.
ConsumerRSA string // Oauth1 consumer key file. ConsumerRSA string // Oauth1 consumer key file.
ConsumerRSAString string
SkipVerify bool // Skip ssl verification. SkipVerify bool // Skip ssl verification.
} }
@ -60,19 +61,30 @@ func New(opts Opts) (remote.Remote, error) {
return nil, fmt.Errorf("Must have a git machine account password") return nil, fmt.Errorf("Must have a git machine account password")
case opts.ConsumerKey == "": case opts.ConsumerKey == "":
return nil, fmt.Errorf("Must have a oauth1 consumer key") return nil, fmt.Errorf("Must have a oauth1 consumer key")
case opts.ConsumerRSA == "":
return nil, fmt.Errorf("Must have a oauth1 consumer key file")
} }
keyFile, err := ioutil.ReadFile(opts.ConsumerRSA) if opts.ConsumerRSA == "" && opts.ConsumerRSAString == "" {
if err != nil { return nil, fmt.Errorf("must have CONSUMER_RSA_KEY set to the path of a oauth1 consumer key file or CONSUMER_RSA_KEY_STRING set to the value of a oauth1 consumer key")
return nil, err
} }
block, _ := pem.Decode(keyFile)
PrivateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) var keyFileBytes []byte;
if err != nil { if opts.ConsumerRSA != "" {
return nil, err var err error;
keyFileBytes, err = ioutil.ReadFile(opts.ConsumerRSA)
if err != nil {
return nil, err
}
} else {
keyFileBytes = []byte(opts.ConsumerRSAString)
} }
block, _ := pem.Decode(keyFileBytes)
PrivateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
return nil, err
}
config.Consumer = CreateConsumer(opts.URL, opts.ConsumerKey, PrivateKey) config.Consumer = CreateConsumer(opts.URL, opts.ConsumerKey, PrivateKey)
return config, nil return config, nil
} }

View file

@ -71,6 +71,7 @@ func setupStash(c *cli.Context) (remote.Remote, error) {
Password: c.String("stash-git-password"), Password: c.String("stash-git-password"),
ConsumerKey: c.String("stash-consumer-key"), ConsumerKey: c.String("stash-consumer-key"),
ConsumerRSA: c.String("stash-consumer-rsa"), ConsumerRSA: c.String("stash-consumer-rsa"),
ConsumerRSAString: c.String("stash-consumer-rsa-string"),
SkipVerify: c.Bool("stash-skip-verify"), SkipVerify: c.Bool("stash-skip-verify"),
}) })
} }