mirror of
https://github.com/weaveworks/scope.git
synced 2026-02-14 18:09:59 +00:00
allow to read password from file
it enables option to utilize docker swarm secret storage for password instead of env variables or app switches
This commit is contained in:
Piotr Kiełkowicz
32
prog/main.go
32
prog/main.go
@@ -4,6 +4,7 @@ import (
|
||||
"compress/gzip"
|
||||
"flag"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net"
|
||||
"os"
|
||||
"regexp"
|
||||
@@ -97,6 +98,7 @@ type probeFlags struct {
|
||||
basicAuth bool
|
||||
username string
|
||||
password string
|
||||
passwordFilename string
|
||||
token string
|
||||
httpListen string
|
||||
publishInterval time.Duration
|
||||
@@ -152,9 +154,10 @@ type appFlags struct {
|
||||
logHTTP bool
|
||||
logHTTPHeaders bool
|
||||
|
||||
basicAuth bool
|
||||
username string
|
||||
password string
|
||||
basicAuth bool
|
||||
username string
|
||||
password string
|
||||
passwordFilename string
|
||||
|
||||
weaveEnabled bool
|
||||
weaveAddr string
|
||||
@@ -294,6 +297,7 @@ func setupFlags(flags *flags) {
|
||||
flag.BoolVar(&flags.probe.basicAuth, "probe.basicAuth", false, "Use basic authentication to authenticate with app")
|
||||
flag.StringVar(&flags.probe.username, "probe.basicAuth.username", "admin", "Username for basic authentication")
|
||||
flag.StringVar(&flags.probe.password, "probe.basicAuth.password", "admin", "Password for basic authentication")
|
||||
flag.StringVar(&flags.probe.passwordFilename, "probe.basicAuth.password.filename", "", "Password filename for basic authentication. It overwrites probe.basicAuth.password")
|
||||
flag.StringVar(&flags.probe.token, serviceTokenFlag, "", "Token to authenticate with cloud.weave.works")
|
||||
flag.StringVar(&flags.probe.token, probeTokenFlag, "", "Token to authenticate with cloud.weave.works")
|
||||
flag.StringVar(&flags.probe.httpListen, "probe.http.listen", "", "listen address for HTTP profiling and instrumentation server")
|
||||
@@ -368,6 +372,7 @@ func setupFlags(flags *flags) {
|
||||
flag.BoolVar(&flags.app.basicAuth, "app.basicAuth", false, "Enable basic authentication for app")
|
||||
flag.StringVar(&flags.app.username, "app.basicAuth.username", "admin", "Username for basic authentication")
|
||||
flag.StringVar(&flags.app.password, "app.basicAuth.password", "admin", "Password for basic authentication")
|
||||
flag.StringVar(&flags.app.passwordFilename, "app.basicAuth.password.filename", "", "Password filename for basic authentication. It overwrites app.basicAuth.password")
|
||||
|
||||
flag.StringVar(&flags.app.weaveAddr, "app.weave.addr", app.DefaultWeaveURL, "Address on which to contact WeaveDNS")
|
||||
flag.StringVar(&flags.app.weaveHostname, "app.weave.hostname", "", "Hostname to advertise in WeaveDNS")
|
||||
@@ -486,6 +491,15 @@ func main() {
|
||||
flags.app.password = password
|
||||
}
|
||||
|
||||
passwordFilename := os.Getenv("BASIC_AUTH_PASSWORD_FILENAME")
|
||||
if passwordFilename != "" {
|
||||
flags.probe.passwordFilename = passwordFilename
|
||||
flags.app.passwordFilename = passwordFilename
|
||||
}
|
||||
|
||||
flags.probe.password = getPassword(flags.probe.password, flags.probe.passwordFilename)
|
||||
flags.app.password = getPassword(flags.app.password, flags.app.passwordFilename)
|
||||
|
||||
if flags.dryRun {
|
||||
return
|
||||
}
|
||||
@@ -504,3 +518,15 @@ func main() {
|
||||
os.Exit(1)
|
||||
}
|
||||
}
|
||||
|
||||
func getPassword(password string, passwordFilename string) string {
|
||||
if passwordFilename == "" {
|
||||
return password
|
||||
}
|
||||
|
||||
b, err := ioutil.ReadFile(passwordFilename)
|
||||
if err != nil {
|
||||
log.Fatalf("Cannot read password from: %v, error: %v", passwordFilename, err)
|
||||
}
|
||||
return string(b)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user