github.com/tilt-dev/tilt@v0.33.15-0.20240515162809-0a22ed45d8a0/internal/docker/buildkit/secret.go (about) 1 /** 2 Code for parsing Buildkit arguments adapted from Docker CLI 3 4 Adapted from 5 https://github.com/docker/cli/blob/28ac2f82c690ac8f37c2980f2787572815439a50/cli/command/image/build_buildkit.go 6 7 8 Copyright 2013-2017 Docker, Inc. 9 10 Licensed under the Apache License, Version 2.0 (the "License"); 11 you may not use this file except in compliance with the License. 12 You may obtain a copy of the License at 13 14 http://www.apache.org/licenses/LICENSE-2.0 15 16 Unless required by applicable law or agreed to in writing, software 17 distributed under the License is distributed on an "AS IS" BASIS, 18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 19 See the License for the specific language governing permissions and 20 limitations under the License. 21 */ 22 23 package buildkit 24 25 import ( 26 "encoding/csv" 27 "strings" 28 29 "github.com/moby/buildkit/session" 30 "github.com/moby/buildkit/session/secrets/secretsprovider" 31 "github.com/pkg/errors" 32 ) 33 34 func ParseSecretSpecs(sl []string) (session.Attachable, error) { 35 fs := make([]secretsprovider.Source, 0, len(sl)) 36 for _, v := range sl { 37 s, err := parseSecret(v) 38 if err != nil { 39 return nil, err 40 } 41 fs = append(fs, *s) 42 } 43 store, err := secretsprovider.NewStore(fs) 44 if err != nil { 45 return nil, err 46 } 47 return secretsprovider.NewSecretProvider(store), nil 48 } 49 50 func parseSecret(value string) (*secretsprovider.Source, error) { 51 csvReader := csv.NewReader(strings.NewReader(value)) 52 fields, err := csvReader.Read() 53 if err != nil { 54 return nil, errors.Wrap(err, "failed to parse csv secret") 55 } 56 57 fs := secretsprovider.Source{} 58 59 var typ string 60 for _, field := range fields { 61 parts := strings.SplitN(field, "=", 2) 62 key := strings.ToLower(parts[0]) 63 64 if len(parts) != 2 { 65 return nil, errors.Errorf("invalid field '%s' must be a key=value pair", field) 66 } 67 68 value := parts[1] 69 switch key { 70 case "type": 71 if value != "file" && value != "env" { 72 return nil, errors.Errorf("unsupported secret type %q", value) 73 } 74 typ = value 75 case "id": 76 fs.ID = value 77 case "source", "src": 78 fs.FilePath = value 79 case "env": 80 fs.Env = value 81 default: 82 return nil, errors.Errorf("unexpected key '%s' in '%s'", key, field) 83 } 84 } 85 if typ == "env" && fs.Env == "" { 86 fs.Env = fs.FilePath 87 fs.FilePath = "" 88 } 89 return &fs, nil 90 }