Semaphore/db/Environment.go

package db

import (
	"encoding/json"
	"errors"
	"strings"
)

type EnvironmentSecretOperation string

const (
	EnvironmentSecretCreate EnvironmentSecretOperation = "create"
	EnvironmentSecretUpdate EnvironmentSecretOperation = "update"
	EnvironmentSecretDelete EnvironmentSecretOperation = "delete"
)

type EnvironmentSecretType string

const (
	EnvironmentSecretVar EnvironmentSecretType = "var"
	EnvironmentSecretEnv EnvironmentSecretType = "env"
)

type EnvironmentSecret struct {
	ID        int                        `json:"id"`
	Type      EnvironmentSecretType      `json:"type"`
	Name      string                     `json:"name"`
	Secret    string                     `json:"secret"`
	Operation EnvironmentSecretOperation `json:"operation"`
}

// Environment is used to pass additional arguments, in json form to ansible
type Environment struct {
	ID        int     `db:"id" json:"id" backup:"-"`
	Name      string  `db:"name" json:"name" binding:"required"`
	ProjectID int     `db:"project_id" json:"project_id" backup:"-"`
	Password  *string `db:"password" json:"password"`
	JSON      string  `db:"json" json:"json" binding:"required"`
	ENV       *string `db:"env" json:"env" binding:"required"`

	// Secrets is a field which used to update secrets associated with the environment.
	Secrets []EnvironmentSecret `db:"-" json:"secrets" backup:"-"`
}

func (s *EnvironmentSecret) Validate() error {

	if s.Type == EnvironmentSecretVar || s.Type == EnvironmentSecretEnv {
		return nil
	}

	if s.Secret == "" {
		return errors.New("missing secret")
	}

	return errors.New("invalid environment secret type")
}

func (env *Environment) Validate() error {
	if env.Name == "" {
		return &ValidationError{"Environment name can not be empty"}
	}

	if !json.Valid([]byte(env.JSON)) {
		return &ValidationError{"Extra variables must be valid JSON"}
	}

	if env.ENV != nil && !json.Valid([]byte(*env.ENV)) {
		return &ValidationError{"Environment variables must be valid JSON"}
	}

	return nil
}

func FillEnvironmentSecrets(store Store, env *Environment, deserializeSecret bool) error {
	keys, err := store.GetEnvironmentSecrets(env.ProjectID, env.ID)

	if err != nil {
		return err
	}

	for _, k := range keys {
		var secretName string
		var secretType EnvironmentSecretType

		if strings.HasPrefix(k.Name, string(EnvironmentSecretVar)+".") {
			secretType = EnvironmentSecretVar
			secretName = strings.TrimPrefix(k.Name, string(EnvironmentSecretVar)+".")
		} else if strings.HasPrefix(k.Name, string(EnvironmentSecretEnv)+".") {
			secretType = EnvironmentSecretEnv
			secretName = strings.TrimPrefix(k.Name, string(EnvironmentSecretEnv)+".")
		} else {
			secretType = EnvironmentSecretVar
			secretName = k.Name
		}

		if deserializeSecret {
			err = k.DeserializeSecret()
			if err != nil {
				return err
			}
		}

		env.Secrets = append(env.Secrets, EnvironmentSecret{
			ID:     k.ID,
			Name:   secretName,
			Type:   secretType,
			Secret: k.String,
		})
	}

	return nil
}
merge models -> db 2017-02-23 06:12:16 +01:00			`package db`
beginning to running tasks 2016-04-04 15:44:34 +02:00
feat(be): data validation 2021-11-02 20:30:45 +01:00			`import (`
			`"encoding/json"`
feat(environment): secret can be var or env 2024-07-17 20:29:29 +02:00			`"errors"`
fix(environment): decrypt secrets 2024-07-17 21:41:11 +02:00			`"strings"`
feat(be): data validation 2021-11-02 20:30:45 +01:00			`)`

refactor(secrets): move secrets to environment entity 2024-07-02 20:45:59 +02:00			`type EnvironmentSecretOperation string`

			`const (`
			`EnvironmentSecretCreate EnvironmentSecretOperation = "create"`
			`EnvironmentSecretUpdate EnvironmentSecretOperation = "update"`
			`EnvironmentSecretDelete EnvironmentSecretOperation = "delete"`
			`)`

fix(environment): remove secret from ui 2024-07-17 19:46:48 +02:00			`type EnvironmentSecretType string`

			`const (`
			`EnvironmentSecretVar EnvironmentSecretType = "var"`
			`EnvironmentSecretEnv EnvironmentSecretType = "env"`
			`)`

refactor(secrets): move secrets to environment entity 2024-07-02 20:45:59 +02:00			`type EnvironmentSecret struct {`
			ID int `json:"id"`
fix(environment): remove secret from ui 2024-07-17 19:46:48 +02:00			Type EnvironmentSecretType `json:"type"`
refactor(secrets): move secrets to environment entity 2024-07-02 20:45:59 +02:00			Name string `json:"name"`
			Secret string `json:"secret"`
			Operation EnvironmentSecretOperation `json:"operation"`
			`}`

add gometalinter to tools and run it in circle. extract some error checking and logging in places where linting needed or errors not checked 2018-03-27 22:12:47 +02:00			`// Environment is used to pass additional arguments, in json form to ansible`
beginning to running tasks 2016-04-04 15:44:34 +02:00			`type Environment struct {`
refactor(backup): add tag backup and use it 2024-10-05 22:16:25 +02:00			ID int `db:"id" json:"id" backup:"-"`
			Name string `db:"name" json:"name" binding:"required"`
			ProjectID int `db:"project_id" json:"project_id" backup:"-"`
			Password *string `db:"password" json:"password"`
			JSON string `db:"json" json:"json" binding:"required"`
			ENV *string `db:"env" json:"env" binding:"required"`

			`// Secrets is a field which used to update secrets associated with the environment.`
			Secrets []EnvironmentSecret `db:"-" json:"secrets" backup:"-"`
beginning to running tasks 2016-04-04 15:44:34 +02:00			`}`
feat(be): data validation 2021-11-02 20:30:45 +01:00
feat(environment): secret can be var or env 2024-07-17 20:29:29 +02:00			`func (s *EnvironmentSecret) Validate() error {`

			`if s.Type == EnvironmentSecretVar \|\| s.Type == EnvironmentSecretEnv {`
			`return nil`
			`}`

			`if s.Secret == "" {`
			`return errors.New("missing secret")`
			`}`

			`return errors.New("invalid environment secret type")`
fix(environment): remove secret from ui 2024-07-17 19:46:48 +02:00			`}`

feat(be): data validation 2021-11-02 20:30:45 +01:00			`func (env *Environment) Validate() error {`
			`if env.Name == "" {`
Add environment variables to model and provide migrations 2022-06-24 12:19:52 +02:00			`return &ValidationError{"Environment name can not be empty"}`
feat(be): data validation 2021-11-02 20:30:45 +01:00			`}`

			`if !json.Valid([]byte(env.JSON)) {`
Add environment variables to model and provide migrations 2022-06-24 12:19:52 +02:00			`return &ValidationError{"Extra variables must be valid JSON"}`
			`}`

fix(be): empty env field in environment, https://github.com/ansible-semaphore/semaphore/issues/980 2022-06-30 08:04:51 +02:00			`if env.ENV != nil && !json.Valid([]byte(*env.ENV)) {`
Add environment variables to model and provide migrations 2022-06-24 12:19:52 +02:00			`return &ValidationError{"Environment variables must be valid JSON"}`
feat(be): data validation 2021-11-02 20:30:45 +01:00			`}`

			`return nil`
feat: remove soft delete functionality 2022-02-03 08:05:13 +01:00			`}`
fix(environment): decrypt secrets 2024-07-17 21:41:11 +02:00
			`func FillEnvironmentSecrets(store Store, env *Environment, deserializeSecret bool) error {`
			`keys, err := store.GetEnvironmentSecrets(env.ProjectID, env.ID)`

			`if err != nil {`
			`return err`
			`}`

			`for _, k := range keys {`
			`var secretName string`
			`var secretType EnvironmentSecretType`

			`if strings.HasPrefix(k.Name, string(EnvironmentSecretVar)+".") {`
			`secretType = EnvironmentSecretVar`
			`secretName = strings.TrimPrefix(k.Name, string(EnvironmentSecretVar)+".")`
			`} else if strings.HasPrefix(k.Name, string(EnvironmentSecretEnv)+".") {`
			`secretType = EnvironmentSecretEnv`
			`secretName = strings.TrimPrefix(k.Name, string(EnvironmentSecretEnv)+".")`
			`} else {`
			`secretType = EnvironmentSecretVar`
			`secretName = k.Name`
			`}`

			`if deserializeSecret {`
			`err = k.DeserializeSecret()`
			`if err != nil {`
			`return err`
			`}`
			`}`

			`env.Secrets = append(env.Secrets, EnvironmentSecret{`
			`ID: k.ID,`
			`Name: secretName,`
			`Type: secretType,`
			`Secret: k.String,`
			`})`
			`}`

			`return nil`
			`}`