infrastructure/modules/django-apps/01-webhook.patch
Tom Hubrecht 96e8bfff5b
All checks were successful
Check meta / check_dns (push) Successful in 20s
Check meta / check_meta (push) Successful in 20s
Build all the nodes / bridge01 (push) Successful in 57s
Build all the nodes / geo01 (push) Successful in 58s
Build all the nodes / geo02 (push) Successful in 50s
Build all the nodes / rescue01 (push) Successful in 1m1s
Build all the nodes / compute01 (push) Successful in 1m30s
Build all the nodes / storage01 (push) Successful in 1m0s
Build all the nodes / vault01 (push) Successful in 1m7s
Build all the nodes / web02 (push) Successful in 59s
Run pre-commit on all files / check (push) Successful in 22s
Build all the nodes / web01 (push) Successful in 1m33s
Build all the nodes / web03 (push) Successful in 1m24s
feat(django-apps): Internalize
2024-11-25 23:29:39 +01:00

67 lines
1.5 KiB
Diff

diff --git a/internal/hook/hook.go b/internal/hook/hook.go
index 0510095..0347f26 100644
--- a/internal/hook/hook.go
+++ b/internal/hook/hook.go
@@ -13,12 +13,12 @@ import (
"errors"
"fmt"
"hash"
- "io/ioutil"
"log"
"math"
"net"
"net/textproto"
"os"
+ "path"
"reflect"
"regexp"
"strconv"
@@ -750,14 +750,18 @@ func (h *Hooks) LoadFromFile(path string, asTemplate bool) error {
}
// parse hook file for hooks
- file, e := ioutil.ReadFile(path)
+ file, e := os.ReadFile(path)
if e != nil {
return e
}
if asTemplate {
- funcMap := template.FuncMap{"getenv": getenv}
+ funcMap := template.FuncMap{
+ "cat": cat,
+ "credential": credential,
+ "getenv": getenv,
+ }
tmpl, err := template.New("hooks").Funcs(funcMap).Parse(string(file))
if err != nil {
@@ -956,3 +960,27 @@ func compare(a, b string) bool {
func getenv(s string) string {
return os.Getenv(s)
}
+
+// cat provides a template function to retrieve content of files
+// Similarly to getenv, if no file is found, it returns the empty string
+func cat(s string) string {
+ data, e := os.ReadFile(s)
+
+ if e != nil {
+ return ""
+ }
+
+ return strings.TrimSuffix(string(data), "\n")
+}
+
+// credential provides a template function to retreive secrets using systemd's LoadCredential mechanism
+func credential(s string) string {
+ dir := getenv("CREDENTIALS_DIRECTORY")
+
+ // If no credential directory is found, fallback to the env variable
+ if dir == "" {
+ return getenv(s)
+ }
+
+ return cat(path.Join(dir, s))
+}