]> source.dussan.org Git - gitea.git/commitdiff
projects / gitea.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6ecd2e7)
Respect original content when creating secrets (#24745) (#24746)
authorGiteabot <teabot@gitea.io>
Tue, 16 May 2023 07:33:47 +0000 (03:33 -0400)
committerGitHub <noreply@github.com>
Tue, 16 May 2023 07:33:47 +0000 (03:33 -0400)
Backport #24745 by @wolfogre

Fix #24721.

Follow what GitHub does:
- Don't trim spaces for secrets.
- Newline should be `\n` instead of `\r\n`.

Did some tests with:

```yaml
name: secrets
on: push
jobs:
  show_secrets:
    runs-on: ubuntu-latest
    steps:
      - name: Dump secrets context
        run: echo '${{ toJSON(secrets) }}' | base64
```

`AAAAAA`:
```text
   AAAAAA
AAAAAA

```
`BBBBBB`:
```text

BBBBBB
BBBBBB
```

On GitHub:

<img width="675" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/0ec60652-c2a3-47bb-9f9d-7e81665355a8">

On Gitea (before):

<img width="673" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/cce818bf-5edc-4656-86e1-2c81c304cdb2">

On Gitea (after):

<img width="673" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/0b3b15af-4d48-4bab-a334-4738a1b0eb4a">

Co-authored-by: Jason Song <i@wolfogre.com>
models/secret/secret.go patch | blob | history
routers/web/shared/secrets/secrets.go patch | blob | history

diff --git a/models/secret/secret.go b/models/secret/secret.go
index f970d5319e7e38dc18c290950c7b69f0315788a1..8b23b6c35cf8c1948a38c38e19aaf0ce2fc54c0b 100644 (file)
--- a/models/secret/secret.go
+++ b/models/secret/secret.go
@@ -59,7 +59,7 @@ func newSecret(ownerID, repoID int64, name, data string) *Secret {
 
 // InsertEncryptedSecret Creates, encrypts, and validates a new secret with yet unencrypted data and insert into database
 func InsertEncryptedSecret(ctx context.Context, ownerID, repoID int64, name, data string) (*Secret, error) {
-       encrypted, err := secret_module.EncryptSecret(setting.SecretKey, strings.TrimSpace(data))
+       encrypted, err := secret_module.EncryptSecret(setting.SecretKey, data)
        if err != nil {
                return nil, err
        }
diff --git a/routers/web/shared/secrets/secrets.go b/routers/web/shared/secrets/secrets.go
index 0e6fa247416fb9c61cb07ba7c36d5433ddcb323a..a0d648f908fd47067fb965867f6966bbb9f43d8b 100644 (file)
--- a/routers/web/shared/secrets/secrets.go
+++ b/routers/web/shared/secrets/secrets.go
@@ -5,6 +5,7 @@ package secrets
 
 import (
        "net/http"
+       "strings"
 
        "code.gitea.io/gitea/models/db"
        secret_model "code.gitea.io/gitea/models/secret"
@@ -27,7 +28,15 @@ func SetSecretsContext(ctx *context.Context, ownerID, repoID int64) {
 func PerformSecretsPost(ctx *context.Context, ownerID, repoID int64, redirectURL string) {
        form := web.GetForm(ctx).(*forms.AddSecretForm)
 
-       s, err := secret_model.InsertEncryptedSecret(ctx, ownerID, repoID, form.Title, form.Content)
+       content := form.Content
+       // Since the content is from a form which is a textarea, the line endings are \r\n.
+       // It's a standard behavior of HTML.
+       // But we want to store them as \n like what GitHub does.
+       // And users are unlikely to really need to keep the \r.
+       // Other than this, we should respect the original content, even leading or trailing spaces.
+       content = strings.ReplaceAll(content, "\r\n", "\n")
+
+       s, err := secret_model.InsertEncryptedSecret(ctx, ownerID, repoID, form.Title, content)
        if err != nil {
                log.Error("InsertEncryptedSecret: %v", err)
                ctx.Flash.Error(ctx.Tr("secrets.creation.failed"))
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea