Radish alpha
r
radicle-ci-broker
rad:zwTxygwuz5LDGBq255RA2CbNGrz8
Radicle CI broker
Radicle
Git
Patches 30271be0
Adds support for `sensitive_envs` sections in configuration
Merged did:key:z6MkkpTP...arsB opened 2 years ago
Activity Changes +27 -2
3 files changed +27 -2 5ea5baa1 b4274509
modified README.md
@@ -61,6 +61,8 @@ adapters:
    command: radicle-native-ci

    env:

      RADICLE_NATIVE_CI: /home/liw/radicle/radicle-native-ci/x/config.yaml
+ 
    sensitive_env:
+ 
      some_secret: some_secret_value_that_is_not_logged

filters:

  - !And

    - !Repository "rad:z2e6URdt1we1iG1BCVqtx8QVgsX4a"
@@ -80,6 +82,8 @@ adapters:
    command: radicle-native-ci

    env:

      RADICLE_NATIVE_CI: /home/liw/radicle/radicle-native-ci/x/config.yaml
+ 
    sensitive_env:
+ 
      some_secret: some_secret_value_that_is_not_logged

filters:

  - !And

    - !Repository "rad:z2e6URdt1we1iG1BCVqtx8QVgsX4a"
modified src/bin/ci-broker.rs
@@ -65,7 +65,9 @@ fn fallible_main() -> Result<(), BrokerError> {
            .ok_or(BrokerError::UnknownDefaultAdapter(

                config.default_adapter.clone(),

            ))?;
- 
    let adapter = Adapter::new(&spec.command).with_environment(spec.envs());
+ 
    let adapter = Adapter::new(&spec.command)
+ 
        .with_environment(spec.envs())
+ 
        .with_environment(spec.sensitive_envs());

    broker.set_default_adapter(&adapter);

    debug!("set default adapter");
modified src/config.rs
@@ -2,6 +2,7 @@


use std::{

    collections::HashMap,
+ 
    fmt,

    path::{Path, PathBuf},

};
@@ -41,17 +42,35 @@ impl Config {
        &self.db

    }

}
+ 
impl fmt::Debug for Adapter {
+ 
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
+ 
        write!(
+ 
            f,
+ 
            "Adapter {{ \n command: {:#?}, \n env: {:#?}, \n sensitive_env: {:#?} }}",
+ 
            self.command,
+ 
            self.env,
+ 
            self.sensitive_env
+ 
                .iter()
+ 
                .map(|(k, _)| (k.to_string(), "***".to_string()))
+ 
                .collect::<HashMap<String, String>>()
+ 
        )
+ 
    }
+ 
}
- 
#[derive(Debug, Serialize, Deserialize)]
+ 
#[derive(Serialize, Deserialize)]

pub struct Adapter {

    pub command: PathBuf,

    pub env: HashMap<String, String>,
+ 
    pub sensitive_env: HashMap<String, String>,

}



impl Adapter {

    pub fn envs(&self) -> &HashMap<String, String> {

        &self.env

    }
+ 
    pub fn sensitive_envs(&self) -> &HashMap<String, String> {
+ 
        &self.sensitive_env
+ 
    }

}



/// All possible errors from configuration handling.