Skip to content

Commit

Permalink
cmd/setec: add --verbatim flag to the "put" subcommand
Browse files Browse the repository at this point in the history 
Certain secret types, notably SSH keys, care about the leading and trailing
whitespace we usually trim from plain text secrets by default. Add a flag to
permit this to not happen.
  • Loading branch information
@creachadair
creachadair committed Nov 23, 2023
1 parent 6a618ca commit 58e1650
Showing 1 changed file with 12 additions and 6 deletions.
18 changes: 12 additions & 6 deletions cmd/setec/setec.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,11 @@ With --if-changed, return the active value only if it differs from --version.`,
With --from-file, the new value is read from the specified file; otherwise if
stdin is connected to a pipe, its contents are fully read to obtain the new
value. Otherwise, the user is prompted for a new value and confirmation.`,
value. Otherwise, the user is prompted for a new value and confirmation.
By default, leading and trailing whitespace is trimmed from plain text values.
Use --verbatim to suppress this behaviour for values where whitespace matters,
such as SSH keys.`,

SetFlags: command.Flags(flax.MustBind, &putArgs),
Run: command.Adapt(runPut),
Expand Down Expand Up @@ -363,8 +367,9 @@ func runGet(env *command.Env, name string) error {
}

var putArgs struct {
File string `flag:"from-file,Read secret value from this file instead of stdin"`
EmptyOK bool `flag:"empty-ok,Allow an empty secret value"`
File string `flag:"from-file,Read secret value from this file instead of stdin"`
EmptyOK bool `flag:"empty-ok,Allow an empty secret value"`
Verbatim bool `flag:"verbatim,Do not trim whitespace from plain text values"`
}

func runPut(env *command.Env, name string) error {
Expand All @@ -381,9 +386,10 @@ func runPut(env *command.Env, name string) error {
if err != nil {
return err
}
// If the value we read is all valid UTF-8, trim leading and trailing
// whitespace. If not, the value is binary and we shouldn't do that.
if utf8.Valid(value) {
// If the value we read is all valid UTF-8 and the user has not asked us
// to do otherwise, trim leading and trailing whitespace. For non-text
// inputs we shouldn't do that.
if utf8.Valid(value) && !putArgs.Verbatim {
value = bytes.TrimSpace(value)
}
if len(value) == 0 && !putArgs.EmptyOK {
Expand Down

0 comments on commit 58e1650

Please sign in to comment.