working secret option that hides default value from option usage message #36

jspaleta · 2020-08-14T09:48:04Z

This closes #35

I've tested this locally with a slightly edited influxdb handler.

Here's an example of my local test:

$ cat event.json | INFLUXDB_PASS="hey" INFLUXDB_USER="now" ./sensu-influxdb-handler

Debug::: User: now Pass: hey

Usage:
  sensu-influxdb-handler [flags]
  sensu-influxdb-handler [command]

Available Commands:
  help        Help about any command
  version     Print the version number of this plugin

Flags:
  -a, --addr string            the address of the influxdb server, should be of the form 'http://host:port', defaults to 'http://localhost:8086' or value of INFLUXDB_ADDR env variable (default "http://localhost:8086")
  -c, --check-status-metric    if true, the check status result will be captured as a metric
  -d, --db-name string         the influxdb to send metrics to
  -h, --help                   help for sensu-influxdb-handler
  -i, --insecure-skip-verify   if true, the influx client skips https certificate verification
  -p, --password string        the password for the given db, defaults to value of INFLUXDB_PASS env variable
      --precision string       the precision value of the metric (default "s")
  -u, --username string        the username for the given db, defaults to value of INFLUXDB_USER env variable

Use "sensu-influxdb-handler [command] --help" for more information about a command.

Error executing sensu-influxdb-handler: error validating input: missing db name

I added the initial Debug message in my local build of the influxdb handler to make sure I was setting the options correctly.

Here are the changes I made in the influxdb handler to enable those two options as secrets.

$ git diff master main.go
diff --git a/main.go b/main.go
index a62805a..aeef86e 100644
--- a/main.go
+++ b/main.go
@@ -57,6 +57,7 @@ var (
                        Path:      username,
                        Env:       "INFLUXDB_USER",
                        Argument:  username,
+                       Secret:    true,
                        Shorthand: "u",
                        Default:   "",
                        Usage:     "the username for the given db, defaults to value of INFLUXDB_USER env variable",
@@ -66,6 +67,7 @@ var (
                        Path:      password,
                        Env:       "INFLUXDB_PASS",
                        Argument:  password,
+                       Secret:    true,
                        Shorthand: "p",
                        Default:   "",
                        Usage:     "the password for the given db, defaults to value of INFLUXDB_PASS env variable",
@@ -112,6 +114,7 @@ func main() {
 }
 
 func checkArgs(event *corev2.Event) error {
+       fmt.Printf("Debug::: User: %v Pass: %v\n", config.Username, config.Password)
        if len(config.DbName) == 0 {
                return errors.New("missing db name")
        }

nixwiz · 2020-08-14T11:40:54Z

Works in my local testing.

                 {
                        Path:      "username",
                        Env:       "ELASTICSEARCH_USERNAME",
                        Argument:  "username",
                        Shorthand: "U",
                        Default:   "",
                        Usage:     "Username, if required, to authenticate requests to Elasticsearch",
                        Secret:    false,
                        Value:     &plugin.Username,
                },
                {
                        Path:      "password",
                        Env:       "ELASTICSEARCH_PASSWORD",
                        Argument:  "password",
                        Shorthand: "P",
                        Default:   "",
                        Usage:     "Password, if required, to authenticate requests to Elasticsearch",
                        Secret:    true,
                        Value:     &plugin.Password,
                },

Yields the following:

ELASTICSEARCH_USERNAME="myuser" ELASTICSEARCH_PASSWORD="mysecret" ./sensu-elasticsearch-handler --help
The Sensu Go handler for event/metric logging in Elasticsearch

Usage:
  sensu-elasticsearch-handler [flags]
  sensu-elasticsearch-handler [command]

Available Commands:
  help        Help about any command
  version     Print the version number of this plugin

Flags:
  -d, --dated-index              Postfix index with the current date (e.g. sensu_events-2020-08-20)
  -h, --help                     help for sensu-elasticsearch-handler
  -i, --index string             Index to be used for Sensu events (default "sensu_events")
  -s, --insecure-skip-verify     Skip TLS certificate verification (not recommended!)
  -P, --password string          Password, if required, to authenticate requests to Elasticsearch
  -t, --trusted-ca-file string   TLS CA certificate bundle in PEM format
  -u, --url strings              URL(s) for Elasticsearch server(s), accepts multiple iterations or comma separated list
  -U, --username string          Username, if required, to authenticate requests to Elasticsearch (default "myuser")

Use "sensu-elasticsearch-handler [command] --help" for more information about a command.

Needs a CHANGELOG entry.

working secret option that hides default value from option usage message

74da992

add changelog message for new Secret attribute

87ae95b

jspaleta requested a review from echlebek August 14, 2020 16:38

echlebek approved these changes Aug 14, 2020

View reviewed changes

Merge branch 'master' into feature/secret-option

bcc33cd

jspaleta merged commit ce4a6d9 into master Aug 14, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

working secret option that hides default value from option usage message #36

working secret option that hides default value from option usage message #36

jspaleta commented Aug 14, 2020

nixwiz commented Aug 14, 2020 •

edited

Loading

working secret option that hides default value from option usage message #36

working secret option that hides default value from option usage message #36

Conversation

jspaleta commented Aug 14, 2020

nixwiz commented Aug 14, 2020 • edited Loading

nixwiz commented Aug 14, 2020 •

edited

Loading