From b2982cc668a7cbae9f25b06a4209087233203570 Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Tue, 31 Mar 2020 10:45:16 -0700 Subject: [PATCH] Use docker-credential-helper to manage secrets (WIP) Store service credentials securely in the stores supported by docker: - https://github.com/docker/docker-credential-helpers#available-programs Introduces a top-level config property, "secretStore" and additional command line arguments to manage the stored secrets. The value of secretStore is used to find a helper command, `docker-credential-`. The docker project currently provides 4 store helpers: - "osxkeychain" (OS X only) - "secretservice" (Linux only) - "wincred" (Windows only) - "pass" (any OS supporting pass, which uses gpg2) Docker-for-desktop installs the credential helpers above, as well as "desktop" (docker-credential-desktop). Generic installation instructions for the helpers: - https://github.com/docker/docker-credential-helpers#installation Users could provide additional helpers, the only requirement is that the helper implements the credential store protocol: - https://github.com/docker/docker-credential-helpers#development The credential protocol is open, and new credential stores can be implemented by any CLI satisfying the protocol: - https://github.com/docker/docker-credential-helpers#development The modifications to existing modules is not tested due to lack of API keys, but demonstrates the unobtrusive changes required to use the secret store. --- cfg/secrets.go | 164 +++++++++++++++++++++++++++++++ flags/flags.go | 88 +++++++++++++++++ go.mod | 2 + go.sum | 3 + modules/azuredevops/settings.go | 8 ++ modules/bamboohr/settings.go | 8 ++ modules/buildkite/settings.go | 11 ++- modules/circleci/settings.go | 8 ++ modules/datadog/settings.go | 16 +++ modules/digitalocean/settings.go | 8 ++ modules/football/settings.go | 9 ++ modules/gerrit/settings.go | 8 ++ modules/github/settings.go | 9 ++ modules/gitlab/settings.go | 8 ++ modules/gitlabtodo/settings.go | 8 ++ modules/gitter/settings.go | 8 ++ modules/hibp/settings.go | 7 ++ modules/jenkins/settings.go | 8 ++ modules/jira/settings.go | 8 ++ modules/newrelic/settings.go | 8 ++ modules/opsgenie/settings.go | 8 ++ modules/pagerduty/settings.go | 8 ++ modules/pihole/settings.go | 8 ++ modules/pocket/settings.go | 8 ++ modules/rollbar/settings.go | 8 ++ modules/spotifyweb/settings.go | 8 ++ modules/todoist/settings.go | 8 ++ modules/travisci/settings.go | 8 ++ modules/trello/settings.go | 8 ++ modules/victorops/settings.go | 8 ++ modules/zendesk/settings.go | 8 ++ 31 files changed, 484 insertions(+), 1 deletion(-) create mode 100644 cfg/secrets.go diff --git a/cfg/secrets.go b/cfg/secrets.go new file mode 100644 index 000000000..9d45dcf7f --- /dev/null +++ b/cfg/secrets.go @@ -0,0 +1,164 @@ +package cfg + +import ( + "errors" + "fmt" + "runtime" + + "github.com/docker/docker-credential-helpers/client" + "github.com/docker/docker-credential-helpers/credentials" + "github.com/olebedev/config" + "github.com/wtfutil/wtf/logger" +) + +type Secret struct { + Service string + Secret string + Username string + Store string +} + +// Configure the secret for a service. +// +// Does not overwrite explicitly configured values, so is safe to call +// if username and secret were explicitly set in module config. +// +// Input: +// * service: URL or identifier for service if configured by user. Not all +// modules support or need this. Optional, defaults to serviceDefault. +// * serviceDefault: Default URL or identifier for service. Must be unique, +// using the API URL is customary, but using the module name is reasonable. +// Required, secrets cannot be stored unless associated with a service. +// +// Output: +// * username: If a user/subdomain/identifier specific to the service is +// configurable, it can be saved as a "username". Optional. +// * secret: The secret for service. Optional. +func ConfigureSecret( + globalConfig *config.Config, + service string, + serviceDefault string, + username *string, + secret *string, // unfortunate order dependency... +) { + notWanted := func(out *string) bool { + return out == nil && *out != "" + } + + // Don't try to fetch from cred store if nothing is wanted. + if notWanted(secret) && notWanted(username) { + return + } + + if service == "" { + service = serviceDefault + } + + if service == "" { + return + } + + cred, err := FetchSecret(globalConfig, service) + + if err != nil { + logger.Log(fmt.Sprintf("Loading secret failed: %s", err.Error())) + return + } + + if cred == nil { + // No secret store configued. + return + } + + if username != nil && *username == "" { + *username = cred.Username + } + + if secret != nil && *secret == "" { + *secret = cred.Secret + } +} + +// Fetch secret for `service`. Service is customarily a URL, but can be any +// identifier uniquely used by wtf to identify the service, such as the name +// of the module. nil is returned if the secretStore global property is not +// present or the secret is not found in that store. +func FetchSecret(globalConfig *config.Config, service string) (*Secret, error) { + prog := newProgram(globalConfig) + + if prog == nil { + // No secret store configured. + return nil, nil + } + + cred, err := client.Get(prog.runner, service) + + if err != nil { + return nil, fmt.Errorf("get %v from %v: %w", service, prog.store, err) + } + + return &Secret{ + Service: cred.ServerURL, + Secret: cred.Secret, + Username: cred.Username, + Store: prog.store, + }, nil +} + +func StoreSecret(globalConfig *config.Config, secret *Secret) error { + prog := newProgram(globalConfig) + + if prog == nil { + return errors.New("Cannot store secrets: wtf.secretStore is not configured") + } + + cred := &credentials.Credentials{ + ServerURL: secret.Service, + Username: secret.Username, + Secret: secret.Secret, + } + + // docker-credential requires a username, but it isn't necessary for + // all services. Use a default if a username was not set. + if cred.Username == "" { + cred.Username = "default" + } + + err := client.Store(prog.runner, cred) + + if err != nil { + return fmt.Errorf("store %v: %w", prog.store, err) + } + + return nil +} + +type program struct { + store string + runner client.ProgramFunc +} + +func newProgram(globalConfig *config.Config) *program { + secretStore := globalConfig.UString("wtf.secretStore", "(none)") + + if secretStore == "(none)" { + return nil + } + + if secretStore == "" { + switch runtime.GOOS { + case "windows": + secretStore = "winrt" + case "darwin": + secretStore = "osxkeychain" + default: + secretStore = "secretservice" + } + + } + + return &program{ + secretStore, + client.NewShellProgramFunc("docker-credential-" + secretStore), + } +} diff --git a/flags/flags.go b/flags/flags.go index bc6fcbdb5..7d2731381 100644 --- a/flags/flags.go +++ b/flags/flags.go @@ -1,10 +1,13 @@ package flags import ( + "bufio" "fmt" "os" "path/filepath" + "strings" + "github.com/chzyer/readline" goFlags "github.com/jessevdk/go-flags" "github.com/olebedev/config" "github.com/wtfutil/wtf/cfg" @@ -17,10 +20,29 @@ type Flags struct { Module string `short:"m" long:"module" optional:"yes" description:"Display info about a specific module, i.e.: 'wtfutil -m=todo'"` Profile bool `short:"p" long:"profile" optional:"yes" description:"Profile application memory usage"` Version bool `short:"v" long:"version" description:"Show version info"` + // Work-around go-flags misfeatures. If any sub-command is defined + // then `wtf` (no sub-commands, the common usage), is warned about. + Opt struct { + Cmd string `positional-arg-name:"command"` + Args []string `positional-arg-name:"args"` + } `positional-args:"yes"` hasCustom bool } +var EXTRA = ` +Commands: + save-secret [secret [username]] + service Service URL or name for secret. + secret Secret to be saved for the service. + username Username to associate with the service. + Save a secret into the secret store. Requires wtf.secretStore + to be configured. See individual modules for information on what + service, secret, and username means for their configuration. Not + all modules use secrets, and not all secrets require a username. + If secret or username is not provided, will prompt for them. +` + // NewFlags creates an instance of Flags func NewFlags() *Flags { flags := Flags{} @@ -46,6 +68,71 @@ func (flags *Flags) RenderIf(version, date string, config *config.Config) { fmt.Println(fmt.Sprintf("%s (%s)", version, date)) os.Exit(0) } + + if flags.Opt.Cmd == "" { + return + } + + switch cmd := flags.Opt.Cmd; cmd { + case "save-secret": + var service, secret, username string + args := flags.Opt.Args + + if len(args) < 1 || args[0] == "" { + fmt.Fprintf(os.Stderr, "save-secret: service required, see `%s --help`\n", os.Args[0]) + os.Exit(1) + } + + service = args[0] + + if len(args) > 1 { + secret = args[1] + } else { + b, err := readline.Password("Secret (required): ") + if err != nil { + fmt.Fprintf(os.Stderr, "Error: %v\n", err) + os.Exit(1) + } + secret = string(b) + } + secret = strings.TrimSpace(secret) + + if secret == "" { + fmt.Fprintf(os.Stderr, "save-secret: secret required, see `%s --help`\n", os.Args[0]) + os.Exit(1) + } + + if len(args) > 2 { + username = args[2] + } else { + fmt.Printf("Username (optional): ") + reader := bufio.NewReader(os.Stdin) + var err error + username, err = reader.ReadString('\n') + if err != nil { + fmt.Fprintf(os.Stderr, "Error: %v\n", err) + os.Exit(1) + } + } + username = strings.TrimSpace(username) + + err := cfg.StoreSecret(config, &cfg.Secret{ + Service: service, + Secret: secret, + Username: username, + }) + + if err != nil { + fmt.Fprintf(os.Stderr, "Saving secret for service %q: %s\n", service, err.Error()) + os.Exit(1) + } + + fmt.Printf("Saved secret for service %q (username %q)\n", service, username) + os.Exit(0) + default: + fmt.Fprintf(os.Stderr, "Command `%s` is not supported, try `%s --help`\n", cmd, os.Args[0]) + os.Exit(1) + } } // HasCustomConfig returns TRUE if a config path was passed in, FALSE if one was not @@ -68,6 +155,7 @@ func (flags *Flags) Parse() { parser := goFlags.NewParser(flags, goFlags.Default) if _, err := parser.Parse(); err != nil { if flagsErr, ok := err.(*goFlags.Error); ok && flagsErr.Type == goFlags.ErrHelp { + fmt.Println(EXTRA) os.Exit(0) } } diff --git a/go.mod b/go.mod index 2cf58954a..038236e56 100644 --- a/go.mod +++ b/go.mod @@ -15,9 +15,11 @@ require ( github.com/andygrunwald/go-gerrit v0.0.0-20190825170856-5959a9bf9ff8 github.com/briandowns/openweathermap v0.0.0-20180804155945-5f41b7c9d92d github.com/cenkalti/backoff v2.2.1+incompatible // indirect + github.com/chzyer/readline v0.0.0-20171208011716-f6d7a1f6fbf3 github.com/digitalocean/godo v1.35.1 github.com/docker/distribution v2.7.1+incompatible // indirect github.com/docker/docker v1.13.1 + github.com/docker/docker-credential-helpers v0.6.3 github.com/docker/go-connections v0.4.0 // indirect github.com/docker/go-units v0.4.0 // indirect github.com/dustin/go-humanize v1.0.0 diff --git a/go.sum b/go.sum index b7fb46e62..f93f19792 100644 --- a/go.sum +++ b/go.sum @@ -101,6 +101,7 @@ github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QH github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= +github.com/chzyer/readline v0.0.0-20171208011716-f6d7a1f6fbf3 h1:T7Bw4H6z3WAZ2khw+gfKdYmbKHyy5xiHtk9IHfZqm7g= github.com/chzyer/readline v0.0.0-20171208011716-f6d7a1f6fbf3/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/circonus-labs/circonus-gometrics v2.2.4+incompatible h1:+ZwGzyJGsOwSxIEDDOXzPagR167tQak/1P5wBwH+/dM= @@ -141,6 +142,8 @@ github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BU github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v1.13.1 h1:IkZjBSIc8hBjLpqeAbeE5mca5mNgeatLHBy3GO78BWo= github.com/docker/docker v1.13.1/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= +github.com/docker/docker-credential-helpers v0.6.3 h1:zI2p9+1NQYdnG6sMU26EX4aVGlqbInSQxQXLvzJ4RPQ= +github.com/docker/docker-credential-helpers v0.6.3/go.mod h1:WRaJzqw3CTB9bk10avuGsjVBZsD05qeibJ1/TYlvc0Y= github.com/docker/go-connections v0.3.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ= github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec= diff --git a/modules/azuredevops/settings.go b/modules/azuredevops/settings.go index 5fdca9c70..2d7c679aa 100644 --- a/modules/azuredevops/settings.go +++ b/modules/azuredevops/settings.go @@ -35,5 +35,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co projectName: ymlConfig.UString("projectName", os.Getenv("WTF_AZURE_DEVOPS_PROJECT_NAME")), } + cfg.ConfigureSecret( + globalConfig, + settings.orgURL, + "", + &settings.projectName, + &settings.apiToken, + ) + return &settings } diff --git a/modules/bamboohr/settings.go b/modules/bamboohr/settings.go index 112db588b..ef8e11dc3 100644 --- a/modules/bamboohr/settings.go +++ b/modules/bamboohr/settings.go @@ -27,5 +27,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co subdomain: ymlConfig.UString("subdomain", os.Getenv("WTF_BAMBOO_HR_SUBDOMAIN")), } + cfg.ConfigureSecret( + globalConfig, + "", + name, + &settings.subdomain, + &settings.apiKey, + ) + return &settings } diff --git a/modules/buildkite/settings.go b/modules/buildkite/settings.go index 6a0c67ad2..b1459b5e2 100644 --- a/modules/buildkite/settings.go +++ b/modules/buildkite/settings.go @@ -1,10 +1,11 @@ package buildkite import ( + "os" + "github.com/olebedev/config" "github.com/wtfutil/wtf/cfg" "github.com/wtfutil/wtf/utils" - "os" ) const ( @@ -35,6 +36,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co pipelines: buildPipelineSettings(ymlConfig), } + cfg.ConfigureSecret( + globalConfig, + "", + name, + &settings.orgSlug, + &settings.apiKey, + ) + return &settings } diff --git a/modules/circleci/settings.go b/modules/circleci/settings.go index b16ef7f9b..6ab870ed0 100644 --- a/modules/circleci/settings.go +++ b/modules/circleci/settings.go @@ -26,5 +26,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co apiKey: ymlConfig.UString("apiKey", ymlConfig.UString("apikey", os.Getenv("WTF_CIRCLE_API_KEY"))), } + cfg.ConfigureSecret( + globalConfig, + "", + name, + nil, + &settings.apiKey, + ) + return &settings } diff --git a/modules/datadog/settings.go b/modules/datadog/settings.go index a8d1c4a72..502cbacbf 100644 --- a/modules/datadog/settings.go +++ b/modules/datadog/settings.go @@ -30,5 +30,21 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co tags: ymlConfig.UList("monitors.tags"), } + cfg.ConfigureSecret( + globalConfig, + "", + "datadog-api", + nil, + &settings.apiKey, + ) + + cfg.ConfigureSecret( + globalConfig, + "", + "datadog-app", + nil, + &settings.applicationKey, + ) + return &settings } diff --git a/modules/digitalocean/settings.go b/modules/digitalocean/settings.go index 6d2e1c696..00a3f8164 100644 --- a/modules/digitalocean/settings.go +++ b/modules/digitalocean/settings.go @@ -31,5 +31,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co dateFormat: ymlConfig.UString("dateFormat", wtf.DateFormat), } + cfg.ConfigureSecret( + globalConfig, + "", + name, + nil, + &settings.apiKey, + ) + return &settings } diff --git a/modules/football/settings.go b/modules/football/settings.go index dda757591..334883081 100644 --- a/modules/football/settings.go +++ b/modules/football/settings.go @@ -33,5 +33,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co matchesTo: ymlConfig.UInt("matchesTo", 5), standingCount: ymlConfig.UInt("standingCount", 5), } + + cfg.ConfigureSecret( + globalConfig, + "", + name, + nil, + &settings.apiKey, + ) + return &settings } diff --git a/modules/gerrit/settings.go b/modules/gerrit/settings.go index 0d78550ef..463183253 100644 --- a/modules/gerrit/settings.go +++ b/modules/gerrit/settings.go @@ -41,6 +41,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co verifyServerCertificate: ymlConfig.UBool("verifyServerCertificate", true), } + cfg.ConfigureSecret( + globalConfig, + settings.domain, + name, + nil, // Seems like it should be mandatory, but its optional above. + &settings.password, + ) + settings.colors.rows.even = ymlConfig.UString("colors.rows.even", "white") settings.colors.rows.odd = ymlConfig.UString("colors.rows.odd", "blue") diff --git a/modules/github/settings.go b/modules/github/settings.go index 0aac22a0e..e9cb496c8 100644 --- a/modules/github/settings.go +++ b/modules/github/settings.go @@ -17,6 +17,7 @@ type Settings struct { common *cfg.Common apiKey string `help:"Your GitHub API token."` + apiSecret string `help:"Secret store for your GitHub API token."` baseURL string `help:"Your GitHub Enterprise API URL." optional:"true"` customQueries []customQuery `help:"Custom queries allow you to filter pull requests and issues however you like. Give the query a title and a filter. Filters can be copied directly from GitHub’s UI." optional:"true"` enableStatus bool `help:"Display pull request mergeability status (‘dirty’, ‘clean’, ‘unstable’, ‘blocked’)." optional:"true"` @@ -45,6 +46,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co settings.repositories = cfg.ParseAsMapOrList(ymlConfig, "repositories") settings.customQueries = parseCustomQueries(ymlConfig) + cfg.ConfigureSecret( + globalConfig, + settings.baseURL, + name, + &settings.username, + &settings.apiKey, + ) + return &settings } diff --git a/modules/gitlab/settings.go b/modules/gitlab/settings.go index 0c7db373c..bbd6b4264 100644 --- a/modules/gitlab/settings.go +++ b/modules/gitlab/settings.go @@ -32,6 +32,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co username: ymlConfig.UString("username"), } + cfg.ConfigureSecret( + globalConfig, + settings.domain, + name, + &settings.username, + &settings.apiKey, + ) + settings.projects = cfg.ParseAsMapOrList(ymlConfig, "projects") return &settings diff --git a/modules/gitlabtodo/settings.go b/modules/gitlabtodo/settings.go index b1f3d72d0..ee4797238 100644 --- a/modules/gitlabtodo/settings.go +++ b/modules/gitlabtodo/settings.go @@ -32,5 +32,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co showProject: ymlConfig.UBool("showProject", true), } + cfg.ConfigureSecret( + globalConfig, + settings.domain, + name, + nil, + &settings.apiKey, + ) + return &settings } diff --git a/modules/gitter/settings.go b/modules/gitter/settings.go index 5172f8d8a..368b09adf 100644 --- a/modules/gitter/settings.go +++ b/modules/gitter/settings.go @@ -30,5 +30,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co roomURI: ymlConfig.UString("roomUri", "wtfutil/Lobby"), } + cfg.ConfigureSecret( + globalConfig, + "https://api.gitter.im", + "", + &settings.apiToken, + nil, + ) + return &settings } diff --git a/modules/hibp/settings.go b/modules/hibp/settings.go index e9efdcb9a..cfb8e76a2 100644 --- a/modules/hibp/settings.go +++ b/modules/hibp/settings.go @@ -40,6 +40,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co since: ymlConfig.UString("since", ""), } + cfg.ConfigureSecret( + globalConfig, + "https://haveibeenpwned.com/api", + "", + &settings.apiKey, + nil, + ) settings.colors.ok = ymlConfig.UString("colors.ok", "white") settings.colors.pwned = ymlConfig.UString("colors.pwned", "red") diff --git a/modules/jenkins/settings.go b/modules/jenkins/settings.go index 15b6ac134..e6cdbab95 100644 --- a/modules/jenkins/settings.go +++ b/modules/jenkins/settings.go @@ -36,5 +36,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co verifyServerCertificate: ymlConfig.UBool("verifyServerCertificate", true), } + cfg.ConfigureSecret( + globalConfig, + settings.url, + "", + &settings.user, + &settings.apiKey, + ) + return &settings } diff --git a/modules/jira/settings.go b/modules/jira/settings.go index 66645bead..3e77d7c93 100644 --- a/modules/jira/settings.go +++ b/modules/jira/settings.go @@ -45,6 +45,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co verifyServerCertificate: ymlConfig.UBool("verifyServerCertificate", true), } + cfg.ConfigureSecret( + globalConfig, + settings.domain, + "", + &settings.username, + &settings.apiKey, + ) + settings.colors.rows.even = ymlConfig.UString("colors.even", "lightblue") settings.colors.rows.odd = ymlConfig.UString("colors.odd", "white") diff --git a/modules/newrelic/settings.go b/modules/newrelic/settings.go index 3f085a352..b29a51031 100644 --- a/modules/newrelic/settings.go +++ b/modules/newrelic/settings.go @@ -30,5 +30,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co applicationIDs: ymlConfig.UList("applicationIDs"), } + cfg.ConfigureSecret( + globalConfig, + "newrelic.com", + "", + nil, + &settings.apiKey, + ) + return &settings } diff --git a/modules/opsgenie/settings.go b/modules/opsgenie/settings.go index b5d9d6b87..11a0e920b 100644 --- a/modules/opsgenie/settings.go +++ b/modules/opsgenie/settings.go @@ -33,6 +33,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co scheduleIdentifierType: ymlConfig.UString("scheduleIdentifierType", "id"), } + cfg.ConfigureSecret( + globalConfig, + "https://opsgenie.com", + "", + nil, + &settings.apiKey, + ) + settings.schedule = settings.arrayifySchedules(ymlConfig, globalConfig) return &settings diff --git a/modules/pagerduty/settings.go b/modules/pagerduty/settings.go index 03af27c00..6b5a8fb1a 100644 --- a/modules/pagerduty/settings.go +++ b/modules/pagerduty/settings.go @@ -37,5 +37,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co showSchedules: ymlConfig.UBool("showSchedules", true), } + cfg.ConfigureSecret( + globalConfig, + "https://pagerduty.com", + "", + &settings.myName, + &settings.apiKey, + ) + return &settings } diff --git a/modules/pihole/settings.go b/modules/pihole/settings.go index 5f25ca46d..7f6f1ada6 100644 --- a/modules/pihole/settings.go +++ b/modules/pihole/settings.go @@ -34,5 +34,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co maxDomainWidth: ymlConfig.UInt("maxDomainWidth", 20), } + cfg.ConfigureSecret( + globalConfig, + settings.apiUrl, + "", + nil, + &settings.token, + ) + return &settings } diff --git a/modules/pocket/settings.go b/modules/pocket/settings.go index df79216c3..b44430d71 100644 --- a/modules/pocket/settings.go +++ b/modules/pocket/settings.go @@ -23,5 +23,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co consumerKey: ymlConfig.UString("consumerKey"), } + cfg.ConfigureSecret( + globalConfig, + "https://pocket.com", + "", + nil, + &settings.consumerKey, + ) + return &settings } diff --git a/modules/rollbar/settings.go b/modules/rollbar/settings.go index 47df9812b..b18b2dc09 100644 --- a/modules/rollbar/settings.go +++ b/modules/rollbar/settings.go @@ -34,5 +34,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co projectOwner: ymlConfig.UString("projectOwner"), } + cfg.ConfigureSecret( + globalConfig, + "https://rollbar.com", + "", + nil, + &settings.accessToken, + ) + return &settings } diff --git a/modules/spotifyweb/settings.go b/modules/spotifyweb/settings.go index 4ab4c8f5f..cf32a1e08 100644 --- a/modules/spotifyweb/settings.go +++ b/modules/spotifyweb/settings.go @@ -30,5 +30,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co secretKey: ymlConfig.UString("secretKey", os.Getenv("SPOTIFY_SECRET")), } + cfg.ConfigureSecret( + globalConfig, + "https://spotify.com", + "", + &settings.clientID, + &settings.secretKey, + ) + return &settings } diff --git a/modules/todoist/settings.go b/modules/todoist/settings.go index 308bf5cc3..17100515e 100644 --- a/modules/todoist/settings.go +++ b/modules/todoist/settings.go @@ -30,5 +30,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co projects: utils.IntsToUints(utils.ToInts(ymlConfig.UList("projects"))), } + cfg.ConfigureSecret( + globalConfig, + "https://todoist.com", + "", + nil, + &settings.apiKey, + ) + return &settings } diff --git a/modules/travisci/settings.go b/modules/travisci/settings.go index 3de7a3a33..ff07f6a94 100644 --- a/modules/travisci/settings.go +++ b/modules/travisci/settings.go @@ -35,5 +35,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co sort_by: ymlConfig.UString("sort_by", "id:desc"), } + cfg.ConfigureSecret( + globalConfig, + "https://travis.com", + "", + &settings.baseURL, + &settings.apiKey, + ) + return &settings } diff --git a/modules/trello/settings.go b/modules/trello/settings.go index ab9d4381e..022b16de5 100644 --- a/modules/trello/settings.go +++ b/modules/trello/settings.go @@ -32,6 +32,14 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co username: ymlConfig.UString("username"), } + cfg.ConfigureSecret( + globalConfig, + "https://trello.com", + "", + &settings.accessToken, + &settings.apiKey, + ) + settings.list = buildLists(ymlConfig, globalConfig) return &settings diff --git a/modules/victorops/settings.go b/modules/victorops/settings.go index e9f1fb432..b20aab2ae 100644 --- a/modules/victorops/settings.go +++ b/modules/victorops/settings.go @@ -29,5 +29,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co team: ymlConfig.UString("team"), } + cfg.ConfigureSecret( + globalConfig, + "https://victorops.com", + "", + &settings.apiID, + &settings.apiKey, + ) + return &settings } diff --git a/modules/zendesk/settings.go b/modules/zendesk/settings.go index 6501afa0e..4d2bb3b11 100644 --- a/modules/zendesk/settings.go +++ b/modules/zendesk/settings.go @@ -31,5 +31,13 @@ func NewSettingsFromYAML(name string, ymlConfig *config.Config, globalConfig *co username: ymlConfig.UString("username"), } + cfg.ConfigureSecret( + globalConfig, + "https://zendesk.com", + "", + &settings.subdomain, + &settings.apiKey, + ) + return &settings }