Add validation to secret names
This commit is contained in:
+13
-2
@@ -3,6 +3,7 @@ package database
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"regexp"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/jackc/pgx/v5"
|
||||
@@ -445,13 +446,23 @@ WHERE id=$1;`
|
||||
}
|
||||
|
||||
func (db *Database) CreateSecret(name string, secret string) (Secret, error) {
|
||||
// TODO: we need to validate that we can convert the name to a valid environment variable
|
||||
s := Secret{}
|
||||
|
||||
// validate that the secret is only A-Z or underscores and less than 256 characters
|
||||
if len(name) > 256 {
|
||||
return s, fmt.Errorf("secret name must be 256 characters or less")
|
||||
}
|
||||
|
||||
validName := regexp.MustCompile(`^[A-Z0-9_]+$`)
|
||||
if !validName.MatchString(name) {
|
||||
return s, fmt.Errorf("secren name must be made up of only uppercase letters, numbers, and underscores")
|
||||
}
|
||||
|
||||
query := `
|
||||
INSERT INTO secrets (id, name, secret)
|
||||
VALUES (uuid_generate_v4(), $1, $2)
|
||||
RETURNING id, name, secret;`
|
||||
|
||||
s := Secret{}
|
||||
var idStr string
|
||||
err := db.Conn.QueryRow(context.Background(), query, name, secret).Scan(&idStr, &s.Name, &s.Secret)
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user