search

go-vela / community

Community Information for Vela (Target's official Pipeline Automation Framework)
https://go-vela.github.io/docs/
Apache License 2.0
22 stars 3 forks source link

Fix multiline json secrets #251

Closed plyr4 closed 3 years ago

plyr4 commented 3 years ago

Description

Vela should be able to properly escape and inject the multi-line JSON secret in a format that containers and plugins like vela-terraform can process.

Useful Information

example FAKE credentials used for terraform that DO NOT work

{
  "type": "service_account",
  "project_id": "tgt-pe-fake",
  "private_key_id": "bcaab01d-0651-4bb1-9005-60b979fccc2a",
  "private_key": "-----BEGIN PRIVATE KEY-----\nMIICXAIBAAKBgQCysZWyIw8QoY4fs/1eTYkDveUFR+wGFUEVHnqDo5QA0FZmKKpx
eRYI5DOjeeMAW/iXUTrVrr67WLZnpoxWroEKKfPgd5C8e6UdToaAhvHD9Y5PBQJ0
B0L8aYvsC28Fw2ZCPP9bosLk/qjrweN4j/6UYZ8LMDYzAouOy43gdXGU2QIDAQAB
AoGAZ+W7LSUXSEs20JYddixMwwExXP2xbOQEwFvFTi7ZChQYeDOiznFh72+H2sAu
zXGsO4b+V2nP+iwdemyq4md6HM0JXLTG7h3omyYyWJXFquKhMCcoQZISWomE5KoM
jV8IOF6P5JBjIUh0UZ7fAukwCWBsFh2hTsIKITkedgrpj1ECQQDyzOlHeyvAjca5
oLSjm4JUUWU3ukk6V6+l4e2/auMl90uBeibUVMc3cJD8EdzpbWb9wciFfoqm6ixC
KLT1d/+9AkEAvGh9nOjLo0UfdaCgYupUW8ATYQVUMIgUijaQvFL8HYUqPjWRI/gl
Q+FmPwu+JBXFrUx250QzkKbdgaNAoFpdTQJACxWv0MOey7utRuw/UvjWimLs7A5l
KXS3YCtgX0zR8fnISLD69NaqAa3x8JAgNcf427ztGqscSWKHgr25BTvlQQJBAI6X
hnn6tiQbbHPZ3Yj/UFkgRYpoPg987g6svV3KcITnA9GROQfABnQZYwjUGlO1JqbB
+DuPoncX0w0KQR8bRQECQE3Tb3Dc7JT2LB5inMbVJLlS9m/Ue5dEqxJdVDhH6JMT
W0c7pR1VzxwpLmM7UHlGrwqQX0lJ+CogJQbEQ+82kjE=\n-----END PRIVATE KEY-----\n",
  "client_email": "svc-apiplatform-config-fake@tgt-pe-fake.iam.gserviceaccount.com",
  "client_id": "123456789101112",
  "auth_uri": "https://accounts.google.com/o/oauth2/auth",
  "token_uri": "https://accounts.google.com/o/oauth2/token",
  "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
  "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/svc-apiplatform-config-fake%40tgt-pe-fake.iam.gserviceaccount.com"
}

example FAKE credentials used for terraform as a WORKAROUND

"GOOGLE_CREDENTIALS={\n  \"type\": \"service_account\",\n  \"project_id\": \"tgt-pe-fake\",\n  \"private_key_id\": \"bcaab01d-0651-4bb1-9005-60b979fccc2a\",\n  \"private_key\": \"-----BEGIN PRIVATE KEY-----\nMIICXAIBAAKBgQCysZWyIw8QoY4fs/1eTYkDveUFR+wGFUEVHnqDo5QA0FZmKKpx\neRYI5DOjeeMAW/iXUTrVrr67WLZnpoxWroEKKfPgd5C8e6UdToaAhvHD9Y5PBQJ0\nB0L8aYvsC28Fw2ZCPP9bosLk/qjrweN4j/6UYZ8LMDYzAouOy43gdXGU2QIDAQAB\nAoGAZ+W7LSUXSEs20JYddixMwwExXP2xbOQEwFvFTi7ZChQYeDOiznFh72+H2sAu\nzXGsO4b+V2nP+iwdemyq4md6HM0JXLTG7h3omyYyWJXFquKhMCcoQZISWomE5KoM\njV8IOF6P5JBjIUh0UZ7fAukwCWBsFh2hTsIKITkedgrpj1ECQQDyzOlHeyvAjca5\noLSjm4JUUWU3ukk6V6+l4e2/auMl90uBeibUVMc3cJD8EdzpbWb9wciFfoqm6ixC\nKLT1d/+9AkEAvGh9nOjLo0UfdaCgYupUW8ATYQVUMIgUijaQvFL8HYUqPjWRI/gl\nQ+FmPwu+JBXFrUx250QzkKbdgaNAoFpdTQJACxWv0MOey7utRuw/UvjWimLs7A5l\nKXS3YCtgX0zR8fnISLD69NaqAa3x8JAgNcf427ztGqscSWKHgr25BTvlQQJBAI6X\nhnn6tiQbbHPZ3Yj/UFkgRYpoPg987g6svV3KcITnA9GROQfABnQZYwjUGlO1JqbB\n+DuPoncX0w0KQR8bRQECQE3Tb3Dc7JT2LB5inMbVJLlS9m/Ue5dEqxJdVDhH6JMT\nW0c7pR1VzxwpLmM7UHlGrwqQX0lJ+CogJQbEQ+82kjE=\n-----END PRIVATE KEY-----\",\n  \"client_email\": \"svc-apiplatform-config-fake@tgt-pe-fake.iam.gserviceaccount.com\",\n  \"client_id\": \"123456789101112\",\n  \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n  \"token_uri\": \"https://accounts.google.com/o/oauth2/token\",\n  \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n  \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/svc-apiplatform-config-fake%40tgt-pe-fake.iam.gserviceaccount.com\"\n}\n",
susangreve commented 3 years ago

Duplicate of https://github.com/go-vela/community/issues/75