diff --git a/go.mod b/go.mod index 16fe773..de929c0 100644 --- a/go.mod +++ b/go.mod @@ -6,6 +6,7 @@ require ( github.com/1Password/connect-sdk-go v1.5.3 github.com/google/go-github/v50 v50.2.0 github.com/jamesruan/sodium v1.0.14 + github.com/pkg/errors v0.9.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.2 gopkg.in/yaml.v3 v3.0.1 @@ -18,7 +19,6 @@ require ( github.com/google/go-querystring v1.1.0 // indirect github.com/kr/text v0.2.0 // indirect github.com/opentracing/opentracing-go v1.2.0 // indirect - github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/uber/jaeger-client-go v2.30.0+incompatible // indirect github.com/uber/jaeger-lib v2.4.1+incompatible // indirect diff --git a/main.go b/main.go index dff2b70..8fad49c 100644 --- a/main.go +++ b/main.go @@ -17,8 +17,10 @@ package main import ( "context" "flag" + "github.com/pkg/errors" "os" "strings" + "unicode" "github.com/falcosecurity/pigeon/pkg/pigeon" "github.com/google/go-github/v50/github" @@ -41,6 +43,26 @@ func init() { flag.BoolVar(&verbose, "verbose", false, "enable verbose logging") } +func getTokenFromFile(path string) (string, error) { + token, err := os.ReadFile(path) + if err != nil { + return "", errors.Wrap(err, "error reading token file") + } + + return removeNonPrintableChars(string(token)), nil +} + +func removeNonPrintableChars(s string) string { + return strings.Map(func(r rune) rune { + switch { + case unicode.IsPrint(r): + return r + default: + return -1 + } + }, s) +} + func initOpts() { flag.Parse() @@ -55,12 +77,11 @@ func initOpts() { logrus.Fatal(`Github token must be provided either through "gh-token" flag, or "GITHUB_AUTH_TOKEN" env."`) } } - ghTokBytes, err := os.ReadFile(ghToken) + var err error + ghToken, err = getTokenFromFile(ghToken) if err != nil { logrus.Fatal(err) } - ghToken = string(ghTokBytes) - ghToken = strings.Trim(ghToken, "\n") if confFile == "" { logrus.Fatal(`"conf" flag must be set`)