-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
eeb8594
commit 8ecc1f0
Showing
7 changed files
with
280 additions
and
158 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
package signatures | ||
|
||
import ( | ||
"fmt" | ||
"os" | ||
|
||
"github.com/rumenvasilev/rvsecret/internal/core" | ||
"gopkg.in/src-d/go-git.v4" | ||
githttp "gopkg.in/src-d/go-git.v4/plumbing/transport/http" | ||
) | ||
|
||
// fetchSignaturesWithGit will clone the signatures repository and return the local path to it | ||
func fetchSignaturesWithGit(version string, sess *core.Session) (string, error) { | ||
branch := version | ||
tag := true | ||
if version == "latest" { | ||
branch = "stable" | ||
tag = false | ||
} | ||
err := sess.InitGitClient() | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
// build the URL | ||
url := sess.Config.SignaturesURL | ||
if sess.Config.SignaturesUserRepo != "" { | ||
// TODO this address has to be a const perhaps? | ||
url = fmt.Sprintf("https://github.com/%s", sess.Config.SignaturesUserRepo) | ||
} | ||
// sanitize checks | ||
cURL, err := cleanInput(url) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
cloneCfg := core.CloneConfiguration{ | ||
URL: cURL, | ||
Branch: branch, | ||
Depth: sess.Config.CommitDepth, | ||
InMemClone: sess.Config.InMemClone, | ||
Tag: tag, | ||
// Should we? | ||
TagMode: git.AllTags, | ||
} | ||
auth := &githttp.BasicAuth{ | ||
Username: "egal", | ||
Password: sess.Config.GithubAccessToken, | ||
} | ||
|
||
// If we're gonna use git clone to get a specific tag, we need to pass git.AllTags as parameter here. | ||
_, dir, err := core.CloneRepositoryGeneric(cloneCfg, auth) | ||
if err != nil { | ||
// cleanup dir | ||
_ = os.RemoveAll(dir) | ||
return "", err | ||
} | ||
|
||
return dir, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
package signatures | ||
|
||
import ( | ||
"context" | ||
"fmt" | ||
"net/http" | ||
"os" | ||
"strings" | ||
|
||
"github.com/google/go-github/github" | ||
"github.com/rumenvasilev/rvsecret/internal/core" | ||
_github "github.com/rumenvasilev/rvsecret/internal/core/provider/github" | ||
"github.com/rumenvasilev/rvsecret/version" | ||
) | ||
|
||
// fetchSignaturesFromGithubAPI will only download a version of the signatures file from Github REST API | ||
func fetchSignaturesFromGithubAPI(version string, sess *core.Session) (string, error) { | ||
ctx := context.Background() | ||
if sess.Config.SignaturesUserRepo == "" { | ||
return "", fmt.Errorf("please provide -signatures-user-repo value") | ||
} | ||
|
||
res := strings.Split(sess.Config.SignaturesUserRepo, "/") | ||
if len(res) != 2 { | ||
return "", fmt.Errorf("user/repo doesn't have matching format, %s", sess.Config.SignaturesUserRepo) | ||
} | ||
owner := res[0] | ||
repo := res[1] | ||
|
||
client, err := _github.NewClient(sess.Config.GithubAccessToken, "", sess.Out) | ||
if err != nil { | ||
return "", fmt.Errorf("failed instantiation of Github client, %w", err) | ||
} | ||
|
||
var assets *github.RepositoryRelease | ||
if version == "latest" { | ||
assets, err = client.GetLatestRelease(ctx, owner, repo) | ||
} else { | ||
assets, err = client.GetReleaseByTag(ctx, owner, repo, version) | ||
} | ||
if err != nil { | ||
// TODO: handle 404 not found | ||
return "", fmt.Errorf("error while fetching release information, %w", err) | ||
} | ||
|
||
assetURL, err := getAssetURL(assets.Assets) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
return downloadAsset(assetURL, sess) | ||
} | ||
|
||
func getAssetURL(assets []github.ReleaseAsset) (string, error) { | ||
var download string | ||
for _, v := range assets { | ||
if v.GetName() == "default.yaml" { | ||
download = v.GetURL() | ||
break | ||
} | ||
} | ||
if download == "" { | ||
return "", fmt.Errorf("couldn't find the release asset default.yaml") | ||
} | ||
return download, nil | ||
} | ||
|
||
func downloadAsset(url string, sess *core.Session) (string, error) { | ||
// Create tmp dir | ||
path, err := os.MkdirTemp("", "rvsecret") | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
err = os.Mkdir(fmt.Sprintf("%s/signatures", path), 0700) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
// fetch from URL | ||
req, _ := http.NewRequest("GET", url, nil) | ||
req.Header.Add("Authorization", fmt.Sprintf("token %s", sess.Config.GithubAccessToken)) | ||
req.Header.Add("User-Agent", version.UserAgent) | ||
req.Header.Add("Accept", "application/octet-stream") | ||
|
||
// call github | ||
c := http.Client{} | ||
resp, err := c.Do(req) | ||
if err != nil { | ||
return "", err | ||
} | ||
defer resp.Body.Close() //nolint:errcheck | ||
|
||
// store file | ||
filename := fmt.Sprintf("%s/signatures/default.yaml", path) | ||
f, err := os.OpenFile(filename, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0664) | ||
defer f.Close() //nolint:staticcheck | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
b := make([]byte, 4096) | ||
var i int | ||
for err == nil { | ||
i, err = resp.Body.Read(b) | ||
f.Write(b[:i]) //nolint:errcheck | ||
} | ||
|
||
return path, nil | ||
} |
Oops, something went wrong.