Merge pull request #268 from carolynvs/redact-credentials

Redact credential values by default in duffle show
cnabio · Oct 8, 2018 · ba8a306 · ba8a306
2 parents 3be7662 + 7c2bd30
commit ba8a306
Show file tree

Hide file tree

Showing 2 changed files with 136 additions and 8 deletions.
diff --git a/cmd/duffle/credential_show.go b/cmd/duffle/credential_show.go
@@ -5,21 +5,21 @@ import (
 	"io"
 	"path/filepath"
 
-	"github.com/ghodss/yaml"
-	"github.com/spf13/cobra"
-
 	"github.com/deis/duffle/pkg/credentials"
 	"github.com/deis/duffle/pkg/duffle/home"
+	"github.com/ghodss/yaml"
+	"github.com/spf13/cobra"
 )
 
 const credentialShowDesc = `
 This command will fetch the credential set with the given name and prints the contents of the file.
 `
 
 type credentialShowCmd struct {
-	name string
-	home home.Home
-	out  io.Writer
+	name       string
+	home       home.Home
+	out        io.Writer
+	unredacted bool
 }
 
 func newCredentialShowCmd(w io.Writer) *cobra.Command {
@@ -35,6 +35,7 @@ func newCredentialShowCmd(w io.Writer) *cobra.Command {
 			return show.run()
 		},
 	}
+	cmd.Flags().BoolVar(&show.unredacted, "unredacted", false, "Print the secret values without redacting them")
 	return cmd
 }
 
@@ -43,16 +44,36 @@ func (sh *credentialShowCmd) run() error {
 	if err != nil {
 		return err
 	}
+	return sh.printCredentials(*cs)
+}
+
+func (sh *credentialShowCmd) printCredentials(cs credentials.CredentialSet) error {
+	if !sh.unredacted {
+		// Do not modify the passed credentials
+		creds := make([]credentials.CredentialStrategy, len(cs.Credentials))
+		for i, cred := range cs.Credentials {
+			if cred.Source.Value != "" {
+				cred.Source.Value = "REDACTED"
+			}
+			if cred.Destination.Value != "" {
+				cred.Destination.Value = "REDACTED"
+			}
+			creds[i] = cred
+		}
+		cs.Credentials = creds
+	}
+
 	b, err := yaml.Marshal(cs.Name)
 	if err != nil {
 		return err
 	}
-	fmt.Printf("name: %s", string(b))
+	fmt.Fprintf(sh.out, "name: %s", string(b))
 	b, err = yaml.Marshal(cs.Credentials)
 	if err != nil {
 		return err
 	}
-	fmt.Printf("credentials:\n%s", string(b))
+	fmt.Fprintf(sh.out, "credentials:\n%s", string(b))
+
 	return nil
 }
 

diff --git a/cmd/duffle/credential_show_test.go b/cmd/duffle/credential_show_test.go
@@ -0,0 +1,107 @@
+package main
+
+import (
+	"bytes"
+	"testing"
+
+	"github.com/deis/duffle/pkg/credentials"
+)
+
+func TestPrintCredentials(t *testing.T) {
+	cs := &credentials.CredentialSet{
+		Name: "foo",
+		Credentials: []credentials.CredentialStrategy{
+			{
+				Name:        "password",
+				Source:      credentials.Source{Value: "TOPSECRET"},
+				Destination: credentials.Destination{EnvVar: "PASSWORD"},
+			},
+			{
+				Name:        "another-password",
+				Destination: credentials.Destination{Value: "TOPSECRET"},
+			},
+			{
+				Name:        "kubeconfig",
+				Source:      credentials.Source{Path: "/root/.kube/config"},
+				Destination: credentials.Destination{Path: "/root/.kube/config"},
+			},
+			{
+				Name:        "some-setting",
+				Source:      credentials.Source{EnvVar: "MYSETTING"},
+				Destination: credentials.Destination{EnvVar: "MYSETTING"},
+			},
+		},
+	}
+
+	testcases := []struct {
+		name       string
+		unredacted bool
+		output     string
+	}{
+		{name: "reacted", unredacted: false, output: `name: foo
+credentials:
+- destination:
+    env: PASSWORD
+  name: password
+  source:
+    value: REDACTED
+- destination:
+    value: REDACTED
+  name: another-password
+  source: {}
+- destination:
+    path: /root/.kube/config
+  name: kubeconfig
+  source:
+    path: /root/.kube/config
+- destination:
+    env: MYSETTING
+  name: some-setting
+  source:
+    env: MYSETTING
+`},
+		{name: "unredacted", unredacted: true, output: `name: foo
+credentials:
+- destination:
+    env: PASSWORD
+  name: password
+  source:
+    value: TOPSECRET
+- destination:
+    value: TOPSECRET
+  name: another-password
+  source: {}
+- destination:
+    path: /root/.kube/config
+  name: kubeconfig
+  source:
+    path: /root/.kube/config
+- destination:
+    env: MYSETTING
+  name: some-setting
+  source:
+    env: MYSETTING
+`},
+	}
+
+	for _, tc := range testcases {
+		t.Run(tc.name, func(t *testing.T) {
+			output := &bytes.Buffer{}
+			show := &credentialShowCmd{
+				out:        output,
+				unredacted: tc.unredacted,
+			}
+
+			err := show.printCredentials(*cs)
+			if err != nil {
+				t.Fatal(err)
+			}
+
+			want := tc.output
+			got := output.String()
+			if want != got {
+				t.Fatalf("expected credentials output. WANT:\n%q\n\nGOT:\n%q\n", want, got)
+			}
+		})
+	}
+}