feat: Allow reading an access token

2024-02-04 13:26:48 +01:00
parent 3747f02ed8
commit 48b6585eba
3 changed files with 44 additions and 3 deletions
--- a/cmd/rio/main.go
+++ b/cmd/rio/main.go
@@ -147,6 +147,7 @@ func runServer(ctx *cli.Context) error {
 	defaultCsp := ctx.String("default-csp")
 	lokiUrl := ctx.String("loki-url")
 	metricsBotList := ctx.String("metrics-bot-list")
+	tokenFile := ctx.String("token-file")

 	// Init Logging
 	if ctx.Bool("debug") {
@@ -177,18 +178,28 @@ func runServer(ctx *cli.Context) error {
 		}
 	}

+	// If specified, read in an access token
+	token := ""
+	if tokenFile != "" {
+		t, err := readSecret(tokenFile)
+		if err != nil {
+			log.Warnf("Failed to read secret: %v", err)
+		}
+		token = t
+	}
+
 	// Setup the Gitea stuff
 	httpClient := http.Client{Timeout: 10 * time.Second}
 	giteaApiClient, err := gitea.NewClient(
 		giteaUrl,
 		gitea.SetHTTPClient(&httpClient),
-		gitea.SetToken(""),
+		gitea.SetToken(token),
 		gitea.SetUserAgent("rio"),
 	)
 	if err != nil {
 		return err
 	}
-	giteaClient := riogitea.NewGiteaClient(giteaUrl, giteaApiClient)
+	giteaClient := riogitea.NewGiteaClient(giteaUrl, token, giteaApiClient)

 	// Listen on the port
 	addr := ctx.String("listen-host") + ":" + ctx.String("listen-port")
@@ -414,6 +425,12 @@ func main() {
 				Value:   "",
 				EnvVars: []string{"METRICS_BOT_LIST"},
 			},
+			&cli.StringFlag{
+				Name:    "token-file",
+				Usage:   "File containing a access token. Required for serving private repositories",
+				Value:   "",
+				EnvVars: []string{"TOKEN_FILE"},
+			},
 		},
 	}

--- a/cmd/rio/utils.go
+++ b/cmd/rio/utils.go
@@ -0,0 +1,16 @@
+package main
+
+import (
+	"os"
+	"strings"
+)
+
+// Read a secret file and return its (cleaned) content.
+func readSecret(path string) (string, error) {
+	content, err := os.ReadFile(path)
+	if err != nil {
+		return "", err
+	}
+
+	return strings.Trim(string(content), "\n\r "), nil
+}