Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fleet server now accepts arguments via stdin #21124

Merged
merged 3 commits into from
Aug 7, 2024
Merged

Fleet server now accepts arguments via stdin #21124

merged 3 commits into from
Aug 7, 2024

Conversation

getvictor
Copy link
Member

#21038
Fleet server now accepts arguments via stdin. This is useful for passing secrets that you don't want to expose as env vars, in the command line, or in the config file.

Demo: https://www.loom.com/share/c8b4dc6ae6ef4182bc812d7f43423f4d

Checklist for submitter

  • Changes file added for user-visible changes in changes/, orbit/changes/ or ee/fleetd-chrome/changes.
    See Changes files for more information.
  • Input data is properly validated, SELECT * is avoided, SQL injection is prevented (using placeholders for values in statements)
  • Added/updated tests
  • Manual QA for all new/changed functionality

@getvictor getvictor marked this pull request as ready for review August 7, 2024 07:48
@getvictor getvictor requested a review from a team as a code owner August 7, 2024 07:48
lucasmrod
lucasmrod reviewed Aug 7, 2024
View reviewed changes
server/shellquote/shellquote.go
@@ -0,0 +1,156 @@
// Based on https://github.com/kballard/go-shellquote
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why not use the package? (out of curiosity) Is it because it's not active?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

With all the supply chain attacks, the current trend is to reduce the amount of dependencies for security. The 1 function I needed was pretty small to bring in.

lucasmrod
lucasmrod reviewed Aug 7, 2024
View reviewed changes
server/shellquote/shellquote_test.go
}
}

var simpleSplitTest = []struct {
Copy link
Member

@lucasmrod lucasmrod Aug 7, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: While we're at it, add a test for flags like --foo bar or with characters that might be on server private keys like 6mI4OpVBAidu1bALjY0F+wN4mPQyu8AZap/9M/kHp8I=?

lucasmrod
lucasmrod reviewed Aug 7, 2024
View reviewed changes
Copy link
Member

@lucasmrod lucasmrod left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Left a few comments.

@getvictor getvictor merged commit 75ab4b5 into main Aug 7, 2024
11 of 12 checks passed
@getvictor getvictor deleted the victor/21038-stdin branch August 7, 2024 13:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lucasmrod lucasmrod lucasmrod approved these changes

Assignees

@lucasmrod lucasmrod

Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@getvictor @lucasmrod