-
Notifications
You must be signed in to change notification settings - Fork 88
/
registry_store.go
92 lines (74 loc) · 3.15 KB
/
registry_store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
package kotsstore
import (
"database/sql"
"encoding/base64"
"os"
"github.com/pkg/errors"
"github.com/replicatedhq/kots/pkg/crypto"
"github.com/replicatedhq/kots/pkg/logger"
"github.com/replicatedhq/kots/pkg/persistence"
registrytypes "github.com/replicatedhq/kots/pkg/registry/types"
"go.uber.org/zap"
)
func (s *KOTSStore) GetRegistryDetailsForApp(appID string) (registrytypes.RegistrySettings, error) {
db := persistence.MustGetPGSession()
query := `select registry_hostname, registry_username, registry_password_enc, namespace, registry_is_readonly from app where id = $1`
row := db.QueryRow(query, appID)
var registryHostname sql.NullString
var registryUsername sql.NullString
var registryPasswordEnc sql.NullString
var registryNamespace sql.NullString
var isReadOnly sql.NullBool
if err := row.Scan(®istryHostname, ®istryUsername, ®istryPasswordEnc, ®istryNamespace, &isReadOnly); err != nil {
return registrytypes.RegistrySettings{}, errors.Wrap(err, "failed to scan registry")
}
registrySettings := registrytypes.RegistrySettings{
Hostname: registryHostname.String,
Username: registryUsername.String,
PasswordEnc: registryPasswordEnc.String,
Namespace: registryNamespace.String,
IsReadOnly: isReadOnly.Bool,
}
if !registryPasswordEnc.Valid {
return registrySettings, nil
}
apiCipher, err := crypto.AESCipherFromString(os.Getenv("API_ENCRYPTION_KEY"))
if err != nil {
return registrytypes.RegistrySettings{}, errors.Wrap(err, "failed to load apiCipher")
}
decodedPassword, err := base64.StdEncoding.DecodeString(registrySettings.PasswordEnc)
if err != nil {
return registrytypes.RegistrySettings{}, errors.Wrap(err, "failed to decode")
}
decryptedPassword, err := apiCipher.Decrypt([]byte(decodedPassword))
if err != nil {
return registrytypes.RegistrySettings{}, errors.Wrap(err, "failed to decrypt")
}
registrySettings.Password = string(decryptedPassword)
return registrySettings, nil
}
func (s *KOTSStore) UpdateRegistry(appID string, hostname string, username string, password string, namespace string, isReadOnly bool) error {
logger.Debug("updating app registry",
zap.String("appID", appID))
db := persistence.MustGetPGSession()
if password == registrytypes.PasswordMask {
// password unchanged - don't update it
query := `update app set registry_hostname = $1, registry_username = $2, namespace = $3, registry_is_readonly = $4 where id = $5`
_, err := db.Exec(query, hostname, username, namespace, isReadOnly, appID)
if err != nil {
return errors.Wrap(err, "failed to update registry settings")
}
} else {
cipher, err := crypto.AESCipherFromString(os.Getenv("API_ENCRYPTION_KEY"))
if err != nil {
return errors.Wrap(err, "failed to create aes cipher")
}
passwordEnc := base64.StdEncoding.EncodeToString(cipher.Encrypt([]byte(password)))
query := `update app set registry_hostname = $1, registry_username = $2, registry_password_enc = $3, namespace = $4, registry_is_readonly = $5 where id = $6`
_, err = db.Exec(query, hostname, username, passwordEnc, namespace, isReadOnly, appID)
if err != nil {
return errors.Wrap(err, "failed to update registry settings")
}
}
return nil
}