Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add the ability to set the passphrase secrets provider to read from a passphrase file #5327

Merged
merged 2 commits into from Sep 11, 2020
Merged

Add the ability to set the passphrase secrets provider to read from a passphrase file #5327

merged 2 commits into from Sep 11, 2020

Conversation

stack72
Copy link
Contributor

@stack72 stack72 commented Sep 11, 2020

@stack72 stack72 self-assigned this Sep 11, 2020
justinvp
justinvp approved these changes Sep 11, 2020
View reviewed changes
Copy link
Member

@justinvp justinvp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM otherwise.

Also, mind opening a PR in the docs repo to add the new environment variable to the docs? https://github.com/pulumi/docs/blob/master/content/docs/reference/cli/environment-variables.md

pkg/cmd/pulumi/crypto_local.go
if err != nil {
return "", errors.New("unable to construct a path the PULUMI_CONFIG_PASSPHRASE_FILE")
}
phraseDetails, err := ioutil.ReadFile(phraseFilePath)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What if the file has trailing newlines? I assume we do not want to treat that as part of the passphrase.

Maybe do it like how we read from the console elsewhere (which can be from a file via redirected std input)?

pulumi/sdk/go/common/util/cmdutil/console.go

Lines 72 to 78 in 848a98d

reader := bufio.NewReader(os.Stdin)
raw, err := reader.ReadString('\n')
if err != nil {
return "", err
}
return RemoveTrailingNewline(raw), nil

justinvp
justinvp reviewed Sep 11, 2020
View reviewed changes
pkg/cmd/pulumi/crypto_local.go Outdated Show resolved Hide resolved
pkg/cmd/pulumi/crypto_local.go Outdated Show resolved Hide resolved
@stack72 stack72 merged commit 9a46dad into master Sep 11, 2020
@pulumi-bot pulumi-bot deleted the stack72/gh-5305 branch September 11, 2020 21:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justinvp justinvp justinvp approved these changes

Assignees

@stack72 stack72

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Support passing passphrase via a file
2 participants
@stack72 @justinvp