config: implement base64 -> []byte conversion (#984)

I mistakenly assumed that because the json package implemented this, the package implementing a json "superset" would also. Signed-off-by: Hank Donnay <hdonnay@redhat.com>
quay · Apr 21, 2020 · a93271b · a93271b
1 parent b9f47b6
commit a93271b
Show file tree

Hide file tree

Showing 2 changed files with 110 additions and 2 deletions.
diff --git a/config/config.go b/config/config.go
@@ -1,6 +1,7 @@
 package config
 
 import (
+	"encoding/base64"
 	"fmt"
 	"net/url"
 	"strings"
@@ -60,7 +61,7 @@ type Config struct {
 
 // Indexer provides Clair Indexer node configuration
 type Indexer struct {
-	// A POSTGRES connection string
+	// A Postgres connection string.
 	//
 	// formats
 	// url: "postgres://pqgotest:password@localhost/pqgotest?sslmode=verify-full"
@@ -85,7 +86,7 @@ type Indexer struct {
 }
 
 type Matcher struct {
-	// A POSTGRES connection string
+	// A Postgres connection string.
 	//
 	// Formats:
 	// url: "postgres://pqgotest:password@localhost/pqgotest?sslmode=verify-full"
@@ -142,6 +143,24 @@ type AuthKeyserver struct {
 	Intraservice []byte `yaml:"intraservice"`
 }
 
+// UnmarshalYAML implements yaml.Unmarshaler.
+func (a *AuthKeyserver) UnmarshalYAML(f func(interface{}) error) error {
+	var m struct {
+		API          string `yaml:"api"`
+		Intraservice string `yaml:"intraservice"`
+	}
+	if err := f(&m); err != nil {
+		return nil
+	}
+	a.API = m.API
+	s, err := base64.StdEncoding.DecodeString(m.Intraservice)
+	if err != nil {
+		return err
+	}
+	a.Intraservice = s
+	return nil
+}
+
 // AuthPSK is the configuration for doing pre-shared key based authentication.
 //
 // The "Issuer" key is what the service expects to verify as the "issuer claim.
@@ -150,6 +169,24 @@ type AuthPSK struct {
 	Issuer string `yaml:"iss"`
 }
 
+// UnmarshalYAML implements yaml.Unmarshaler.
+func (a *AuthPSK) UnmarshalYAML(f func(interface{}) error) error {
+	var m struct {
+		Issuer string `yaml:"iss"`
+		Key    string `yaml:"key"`
+	}
+	if err := f(&m); err != nil {
+		return nil
+	}
+	a.Issuer = m.Issuer
+	s, err := base64.StdEncoding.DecodeString(m.Key)
+	if err != nil {
+		return err
+	}
+	a.Key = s
+	return nil
+}
+
 type Trace struct {
 	Name        string   `yaml:"name"`
 	Probability *float64 `yaml:"probability"`

diff --git a/config/config_test.go b/config/config_test.go
@@ -4,6 +4,9 @@ import (
 	"log"
 	"testing"
 
+	"github.com/google/go-cmp/cmp"
+	"gopkg.in/yaml.v2"
+
 	"github.com/quay/clair/v4/config"
 )
 
@@ -67,3 +70,71 @@ func Test_Config_Validate_Failure(t *testing.T) {
 		})
 	}
 }
+
+func TestAuthUnmarshal(t *testing.T) {
+	t.Run("PSK", func(t *testing.T) {
+		type testcase struct {
+			In   string
+			Want config.AuthPSK
+		}
+		var tt = []testcase{
+			{
+				In: `---
+key: >-
+  ZGVhZGJlZWZkZWFkYmVlZg==
+iss: iss
+`,
+				Want: config.AuthPSK{
+					Key:    []byte("deadbeefdeadbeef"),
+					Issuer: "iss",
+				},
+			},
+		}
+
+		check := func(t *testing.T, tc testcase) {
+			v := config.AuthPSK{}
+			if err := yaml.Unmarshal([]byte(tc.In), &v); err != nil {
+				t.Error(err)
+			}
+			if got, want := v, tc.Want; !cmp.Equal(got, want) {
+				t.Error(cmp.Diff(got, want))
+			}
+		}
+		for _, tc := range tt {
+			check(t, tc)
+		}
+	})
+
+	t.Run("Keyserver", func(t *testing.T) {
+		type testcase struct {
+			In   string
+			Want config.AuthKeyserver
+		}
+		var tt = []testcase{
+			{
+				In: `---
+api: quay/keys
+intraservice: >-
+  ZGVhZGJlZWZkZWFkYmVlZg==
+`,
+				Want: config.AuthKeyserver{
+					API:          "quay/keys",
+					Intraservice: []byte("deadbeefdeadbeef"),
+				},
+			},
+		}
+
+		check := func(t *testing.T, tc testcase) {
+			v := config.AuthKeyserver{}
+			if err := yaml.Unmarshal([]byte(tc.In), &v); err != nil {
+				t.Error(err)
+			}
+			if got, want := v, tc.Want; !cmp.Equal(got, want) {
+				t.Error(cmp.Diff(got, want))
+			}
+		}
+		for _, tc := range tt {
+			check(t, tc)
+		}
+	})
+}