diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..411f722 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,25 @@ +version: 2 +updates: + - package-ecosystem: "gomod" + directory: "/" + schedule: + interval: "daily" + commit-message: + prefix: "fix" + include: "scope" + + - package-ecosystem: "docker" + directory: "/" + schedule: + interval: "daily" + commit-message: + prefix: "fix" + include: "scope" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + commit-message: + prefix: "fix" + include: "scope" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..ea6e130 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,29 @@ +name: Release + +on: + push: + tags: + - "*" + +jobs: + binaries: + runs-on: ubuntu-20.04 + + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + token: ${{ secrets.API_GITHUB_TOKEN }} + + - name: Setup Go environment + uses: actions/setup-go@v2.1.3 + with: + go-version: "1.16" + + - name: Binaries Release + uses: goreleaser/goreleaser-action@v2 + with: + version: ~> 0.159 + args: release --rm-dist + env: + GITHUB_TOKEN: ${{ secrets.API_GITHUB_TOKEN }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml new file mode 100644 index 0000000..b126cd9 --- /dev/null +++ b/.github/workflows/test.yml @@ -0,0 +1,38 @@ +name: Test + +on: + push: + branches: [master, develop] + pull_request: + branches: [master, develop] + +jobs: + build: + runs-on: ubuntu-20.04 + + steps: + - name: Checkout with token + if: github.event_name != 'pull_request' + uses: actions/checkout@v2 + with: + token: ${{ secrets.API_GITHUB_TOKEN }} + + - name: Checkout without token + if: github.event_name == 'pull_request' + uses: actions/checkout@v2 + + - name: Setup Go environment + uses: actions/setup-go@v2.1.3 + with: + go-version: "1.16" + + - name: Program Test + run: go test ./... + + - name: Version + if: github.event_name != 'pull_request' + uses: cycjimmy/semantic-release-action@v2.5.3 + with: + semantic_version: 17.4 + env: + GITHUB_TOKEN: ${{ secrets.API_GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..61f6e73 --- /dev/null +++ b/.gitignore @@ -0,0 +1,123 @@ + +# Created by https://www.toptal.com/developers/gitignore/api/go,intellij+all,vscode +# Edit at https://www.toptal.com/developers/gitignore?templates=go,intellij+all,vscode + +### Go ### +# Binaries for programs and plugins +*.exe +*.exe~ +*.dll +*.so +*.dylib + +# Test binary, built with `go test -c` +*.test + +# Output of the go coverage tool, specifically when used with LiteIDE +*.out + +# Dependency directories (remove the comment below to include it) +# vendor/ + +### Go Patch ### +/vendor/ +/Godeps/ + +### Intellij+all ### +# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider +# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839 + +# User-specific stuff +.idea/**/workspace.xml +.idea/**/tasks.xml +.idea/**/usage.statistics.xml +.idea/**/dictionaries +.idea/**/shelf + +# Generated files +.idea/**/contentModel.xml + +# Sensitive or high-churn files +.idea/**/dataSources/ +.idea/**/dataSources.ids +.idea/**/dataSources.local.xml +.idea/**/sqlDataSources.xml +.idea/**/dynamic.xml +.idea/**/uiDesigner.xml +.idea/**/dbnavigator.xml + +# Gradle +.idea/**/gradle.xml +.idea/**/libraries + +# Gradle and Maven with auto-import +# When using Gradle or Maven with auto-import, you should exclude module files, +# since they will be recreated, and may cause churn. Uncomment if using +# auto-import. +# .idea/artifacts +# .idea/compiler.xml +# .idea/jarRepositories.xml +# .idea/modules.xml +# .idea/*.iml +# .idea/modules +# *.iml +# *.ipr + +# CMake +cmake-build-*/ + +# Mongo Explorer plugin +.idea/**/mongoSettings.xml + +# File-based project format +*.iws + +# IntelliJ +out/ + +# mpeltonen/sbt-idea plugin +.idea_modules/ + +# JIRA plugin +atlassian-ide-plugin.xml + +# Cursive Clojure plugin +.idea/replstate.xml + +# Crashlytics plugin (for Android Studio and IntelliJ) +com_crashlytics_export_strings.xml +crashlytics.properties +crashlytics-build.properties +fabric.properties + +# Editor-based Rest Client +.idea/httpRequests + +# Android studio 3.1+ serialized cache file +.idea/caches/build_file_checksums.ser + +### Intellij+all Patch ### +# Ignores the whole .idea folder and all .iml files +# See https://github.com/joeblau/gitignore.io/issues/186 and https://github.com/joeblau/gitignore.io/issues/360 + +.idea/ + +# Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-249601023 + +*.iml +modules.xml +.idea/misc.xml +*.ipr + +# Sonarlint plugin +.idea/sonarlint + +### vscode ### +.vscode/* +!.vscode/settings.json +!.vscode/tasks.json +!.vscode/launch.json +!.vscode/extensions.json +*.code-workspace + +# End of https://www.toptal.com/developers/gitignore/api/go,intellij+all,vscode \ No newline at end of file diff --git a/.goreleaser.yml b/.goreleaser.yml new file mode 100644 index 0000000..b60efea --- /dev/null +++ b/.goreleaser.yml @@ -0,0 +1,22 @@ +before: +builds: + - env: + - CGO_ENABLED=0 + ldflags: + - -s -w + goos: + - linux + - windows + - darwin + goarch: + - 386 + - amd64 + - arm + - arm64 + goarm: + - 6 + - 7 +archives: + - format: binary +checksum: + name_template: "checksums.txt" diff --git a/.releaserc.json b/.releaserc.json new file mode 100644 index 0000000..2145d40 --- /dev/null +++ b/.releaserc.json @@ -0,0 +1,22 @@ +{ + "branches": [ + { + "name": "master" + }, + { + "name": "develop", + "prerelease": true + } + ], + "plugins": [ + "@semantic-release/commit-analyzer", + "@semantic-release/release-notes-generator", + [ + "@semantic-release/github", + { + "successComment": false, + "failComment": false + } + ] + ] +} diff --git a/README.md b/README.md new file mode 100644 index 0000000..af6328c --- /dev/null +++ b/README.md @@ -0,0 +1,63 @@ +# iOS Signer Builder + +This is a free and simple builder server for [ios-signer-service](https://github.com/SignTools/ios-signer-service). This project is the self-hosted alternative of [ios-signer-ci](https://github.com/SignTools/ios-signer-ci) - instead of using a Continuous Integration (CI) provider, this server turns one of your very own Macs into a builder used to pull, sign, and upload any iOS apps to your `ios-signer-service`. + +You only need to configure one builder. If you already configured a CI provider as your builder, you don't need to do anything here. This project is aimed at people who want to have a self-hosted builder. + +## Setup + +All the steps should be performed on your builder Mac. + +1. Install the following dependencies: + - [Xcode](https://developer.apple.com/xcode/) + - curl + - p7zip (optional, but recommended) +2. Download the correct [binary release](https://github.com/SignTools/ios-signer-builder/releases) +3. Make the binary executable by running: `chmod +x ios-signer-builder`. Replace the name with the file that you just downloaded +4. Download the archive of `ios-signer-ci` and extract it in the same folder as the binary from the previous step. These will be your **signing files**. The whole step can be accomplished with the following commands: + ```bash + curl -sL https://github.com/SignTools/ios-signer-ci/archive/master.zip -o master.zip + unzip master.zip + rm master.zip + ``` + +Important: + +> :warning: **Remember to update the signing files from above every time that you update the signing service. Otherwise you may experience random issues.** + +This server requires the use of an authentication key so that only the web service can control your builder. However, there is no built-in support for HTTPS or any other form of encryption. Therefore: + +> :warning: **Anybody with access to the builder's network can potentially manipulate the builder to execute any code that they want on your machine.** + +To prevent this, only deploy this server in a trusted environment, or even better, wrap the server in HTTPS yourself using a reverse proxy like nginx. + +The authentication key has to be at least 8 characters long. Note it down - you will need to put it in your `ios-signer-service`'s configuration file later on. + +## Running + +When starting the server, you will want to use the same auth key and signing files from above and pass them as arguments: + +```bash +./ios-signer-builder -key "SOME_SECRET_KEY" -files "ios-signer-ci-master" +``` + +The first time you run the server, you will have to [allow](https://www.macworld.co.uk/how-to/mac-app-unidentified-developer-3669596/) the unrecognized binary to run on your machine. After that it will run with no interruptions. + +Additionally, the first time you attempt to sign an app using a developer account, macOS will ask you to grant permission for UI automation. You need to grant this permission or signing can't work. The prompt may break the current signing process, so just re-upload the app on the web service once more - it will work the next time. + +For reference, these all of the arguments that will be used: + +```bash + -files string + Path to directory whose files will be included in each sign job. Should at least contain a signer script 'sign.sh' + -host string + Listen host, empty for all + -key string + Auth key the web service must use to talk to this server + -port uint + Listen port (default 8090) + -timeout uint + Job timeout in minutes (default 15) +``` + +You can always print them by running with `-help`. diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..927f2f3 --- /dev/null +++ b/go.mod @@ -0,0 +1,11 @@ +module ios-signer-builder + +go 1.16 + +require ( + github.com/davecgh/go-spew v1.1.1 // indirect + github.com/google/uuid v1.2.0 + github.com/labstack/echo/v4 v4.2.1 + github.com/otiai10/copy v1.5.0 // indirect + github.com/pkg/errors v0.9.1 +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..be903f4 --- /dev/null +++ b/go.sum @@ -0,0 +1,61 @@ +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/dgrijalva/jwt-go v3.2.0+incompatible h1:7qlOGliEKZXTDg6OTjfoBKDXWrumCAMpl/TFQ4/5kLM= +github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ= +github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs= +github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/labstack/echo/v4 v4.2.1 h1:LF5Iq7t/jrtUuSutNuiEWtB5eiHfZ5gSe2pcu5exjQw= +github.com/labstack/echo/v4 v4.2.1/go.mod h1:AA49e0DZ8kk5jTOOCKNuPR6oTnBS0dYiM4FW1e6jwpg= +github.com/labstack/gommon v0.3.0 h1:JEeO0bvc78PKdyHxloTKiF8BD5iGrH8T6MSeGvSgob0= +github.com/labstack/gommon v0.3.0/go.mod h1:MULnywXg0yavhxWKc+lOruYdAhDwPK9wf0OL7NoOu+k= +github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= +github.com/mattn/go-colorable v0.1.7 h1:bQGKb3vps/j0E9GfJQ03JyhRuxsvdAanXlT9BTw3mdw= +github.com/mattn/go-colorable v0.1.7/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= +github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= +github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ= +github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY= +github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= +github.com/otiai10/copy v1.5.0 h1:SoXDGnlTUZoqB/wSuj/Y5L6T5i6iN4YRAcMCd+JnLNU= +github.com/otiai10/copy v1.5.0/go.mod h1:XWfuS3CrI0R6IE0FbgHsEazaXO8G0LpMp9o8tos0x4E= +github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE= +github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs= +github.com/otiai10/mint v1.3.0/go.mod h1:F5AjcsTsWUqX+Na9fpHb52P8pcRX2CI6A3ctIT91xUo= +github.com/otiai10/mint v1.3.2/go.mod h1:/yxELlJQ0ufhjUwhshSj+wFjZ78CnZ48/1wtmBH1OTc= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= +github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk= +github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= +github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= +github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= +github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8= +github.com/valyala/fasttemplate v1.2.1 h1:TVEnxayobAdVkhQfrfes2IzOB6o+z4roRkPF52WA1u4= +github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ= +golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= +golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a h1:vclmkQCjlDX5OydZ9wv8rBCcS0QyQY66Mpf/7BZbInM= +golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= +golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= +golang.org/x/net v0.0.0-20200822124328-c89045814202 h1:VvcQYSHwXgi7W+TpUR6A9g6Up98WAHf3f/ulnJ62IyA= +golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= +golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= +golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20200826173525-f9321e4c35a6 h1:DvY3Zkh7KabQE/kfzMvYvKirSiguP9Q/veMtkYyf0o8= +golang.org/x/sys v0.0.0-20200826173525-f9321e4c35a6/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= +golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k= +golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= +golang.org/x/time v0.0.0-20201208040808-7e3f01d25324 h1:Hir2P/De0WpUhtrKGGjvSb2YxUgyZ7EFOSLIcSSpiwE= +golang.org/x/time v0.0.0-20201208040808-7e3f01d25324/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= +golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw= +gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= diff --git a/main.go b/main.go new file mode 100644 index 0000000..43107ef --- /dev/null +++ b/main.go @@ -0,0 +1,144 @@ +package main + +import ( + "context" + "flag" + "fmt" + "github.com/google/uuid" + "github.com/labstack/echo/v4" + "github.com/labstack/echo/v4/middleware" + dirCopy "github.com/otiai10/copy" + "github.com/pkg/errors" + "io/ioutil" + "log" + "net/url" + "os" + "os/exec" + "path/filepath" + "strings" + "sync/atomic" + "time" +) + +var secrets atomic.Value + +type StatusResponse struct { + PendingJobs uint64 `json:"pending_jobs"` + ActiveJobs uint64 `json:"active_jobs"` +} + +func main() { + if err := mainE(); err != nil { + log.Fatalln(err) + } +} + +func mainE() error { + host := flag.String("host", "", "Listen host, empty for all") + port := flag.Uint64("port", 8090, "Listen port") + signFilesDir := flag.String("files", "", "Path to directory whose files "+ + "will be included in each sign job. Should at least contain a signer script 'sign.sh'") + authKey := flag.String("key", "", "Auth key the web service must use to talk to this server") + jobTimeout := flag.Uint64("timeout", 15, "Job timeout in minutes") + flag.Parse() + + if *signFilesDir == "" || *authKey == "" { + flag.Usage() + return errors.New("missing argument(s)") + } + + if stat, err := os.Stat(*signFilesDir); err != nil { + return errors.WithMessage(err, "stat sign files dir") + } else if !stat.IsDir() { + return errors.New("sign files dir not a directory") + } + if len(strings.TrimSpace(*authKey)) < 8 { + return errors.New("auth key must be at least 8 characters long") + } + + jobChan := make(chan bool, 1000) + workerChan := make(chan bool, 1) + go func() { + for { + <-jobChan + workerChan <- true + id := uuid.NewString() + ctx, cancel := context.WithTimeout(context.Background(), time.Duration(*jobTimeout)*time.Minute) + log.Println(id, "Running sign job") + err := func() error { + tempDir, err := os.MkdirTemp(".", "ios-signer") + if err != nil { + return errors.WithMessage(err, "make temp dir") + } + defer os.RemoveAll(tempDir) + workDir, err := filepath.Abs(tempDir) + if err != nil { + return errors.WithMessage(err, "get sign job dir absolute path") + } + if err := dirCopy.Copy(*signFilesDir, workDir); err != nil { + return errors.WithMessage(err, "copy sign files") + } + signEnv := os.Environ() + for key, val := range secrets.Load().(map[string]string) { + signEnv = append(signEnv, key+"="+val) + } + cmd := exec.CommandContext(ctx, filepath.Join(workDir, "sign.sh")) + cmd.Dir = workDir + cmd.Env = signEnv + if output, err := cmd.CombinedOutput(); err != nil { + return errors.WithMessage(errors.WithMessage(errors.New(string(output)), err.Error()), "sign script") + } + return nil + }() + if err != nil { + log.Println(id, err) + } + log.Println(id, "Finished sign job") + cancel() + <-workerChan + } + }() + + e := echo.New() + e.HideBanner = true + e.Use(middleware.Logger()) + + keyAuth := middleware.KeyAuth(func(s string, c echo.Context) (bool, error) { + return s == *authKey, nil + }) + + e.GET("/status", func(c echo.Context) error { + return c.JSONPretty(200, StatusResponse{ + PendingJobs: uint64(len(jobChan)), + ActiveJobs: uint64(len(workerChan)), + }, " ") + }) + e.POST("/trigger", func(c echo.Context) error { + select { + case jobChan <- true: + return c.NoContent(200) + default: + return errors.New("job queue full") + } + }, keyAuth) + e.POST("/secrets", func(c echo.Context) error { + bodyBytes, err := ioutil.ReadAll(c.Request().Body) + if err != nil { + c.Response().WriteHeader(400) + return err + } + params, err := url.ParseQuery(string(bodyBytes)) + if err != nil { + c.Response().WriteHeader(400) + return err + } + var newSecrets = map[string]string{} + for key, val := range params { + newSecrets[key] = val[0] + } + secrets.Store(newSecrets) + return c.NoContent(200) + }, keyAuth) + + return e.Start(fmt.Sprintf("%s:%d", *host, *port)) +}