Skip to content

Commit

Permalink
Fix do not expand envvars for empty config fields
Browse files Browse the repository at this point in the history
Signed-off-by: Ivo Gosemann <[email protected]>
  • Loading branch information
IvoGoman committed Mar 30, 2024
1 parent 733e5a1 commit db62a1f
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 22 deletions.
28 changes: 17 additions & 11 deletions config/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,20 +47,26 @@ func LoadFile(paths []string, expandEnvVars bool) (*Config, error) {
if expandEnvVars {
var err error
for i, auth := range cfg.Auths {
cfg.Auths[i].Username, err = substituteEnvVariables(auth.Username)
if err != nil {
return nil, err
if auth.Username != "" {
cfg.Auths[i].Username, err = substituteEnvVariables(auth.Username)
if err != nil {
return nil, err
}
}
password, err := substituteEnvVariables(string(auth.Password))
if err != nil {
return nil, err
if auth.Password != "" {
password, err := substituteEnvVariables(string(auth.Password))
if err != nil {
return nil, err
}
cfg.Auths[i].Password.Set(password)
}
cfg.Auths[i].Password.Set(password)
privPassword, err := substituteEnvVariables(string(auth.PrivPassword))
if err != nil {
return nil, err
if auth.PrivPassword != "" {
privPassword, err := substituteEnvVariables(string(auth.PrivPassword))
if err != nil {
return nil, err
}
cfg.Auths[i].PrivPassword.Set(privPassword)
}
cfg.Auths[i].PrivPassword.Set(privPassword)
}
}

Expand Down
25 changes: 14 additions & 11 deletions config_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@
package main

import (
"os"
"strings"
"testing"

Expand Down Expand Up @@ -71,12 +70,9 @@ func TestLoadMultipleConfigs(t *testing.T) {

// When all environment variables are present
func TestEnvSecrets(t *testing.T) {
os.Setenv("ENV_USERNAME", "snmp_username")
os.Setenv("ENV_PASSWORD", "snmp_password")
os.Setenv("ENV_PRIV_PASSWORD", "snmp_priv_password")
defer os.Unsetenv("ENV_USERNAME")
defer os.Unsetenv("ENV_PASSWORD")
defer os.Unsetenv("ENV_PRIV_PASSWORD")
t.Setenv("ENV_USERNAME", "snmp_username")
t.Setenv("ENV_PASSWORD", "snmp_password")
t.Setenv("ENV_PRIV_PASSWORD", "snmp_priv_password")

sc := &SafeConfig{}
err := sc.ReloadConfig([]string{"testdata/snmp-auth-envvars.yml"}, true)
Expand Down Expand Up @@ -106,10 +102,8 @@ func TestEnvSecrets(t *testing.T) {

// When environment variable(s) are absent
func TestEnvSecretsMissing(t *testing.T) {
os.Setenv("ENV_PASSWORD", "snmp_password")
os.Setenv("ENV_PRIV_PASSWORD", "snmp_priv_password")
defer os.Unsetenv("ENV_PASSWORD")
defer os.Unsetenv("ENV_PRIV_PASSWORD")
t.Setenv("ENV_PASSWORD", "snmp_password")
t.Setenv("ENV_PRIV_PASSWORD", "snmp_priv_password")

sc := &SafeConfig{}
err := sc.ReloadConfig([]string{"testdata/snmp-auth-envvars.yml"}, true)
Expand All @@ -122,3 +116,12 @@ func TestEnvSecretsMissing(t *testing.T) {
}
}
}

// When SNMPv2 was specified without credentials
func TestEnvSecretsNotSpecified(t *testing.T) {
sc := &SafeConfig{}
err := sc.ReloadConfig([]string{"testdata/snmp-auth-v2nocreds.yml"}, true)
if err != nil {
t.Errorf("Error loading config %v: %v", "testdata/snmp-auth-v2nocreds.yml", err)
}
}
4 changes: 4 additions & 0 deletions testdata/snmp-auth-v2nocreds.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
auths:
v2_without_secret:
community: mysecret
version: 2

0 comments on commit db62a1f

Please sign in to comment.