Merge pull request #2 from cloudnautique/main

Added support for multiline fields
acorn-io · Nov 15, 2023 · 56059d6 · 56059d6
2 parents 1dea449 + cc0c8b2
commit 56059d6
Show file tree

Hide file tree

Showing 7 changed files with 54 additions and 16 deletions.
diff --git a/Acornfile b/Acornfile
@@ -5,6 +5,8 @@ readme:      "./README.md"
 args: {
 	// Comma separate list of keys to prompt the user for.
 	secretKeys: ""
+	// Comma separated list of textfield keys to prompt the user for.
+	textareaSecretKeys: ""
 	// A multiline markdown formatted string to display instructions to the user to get the needed secret info
 	instructions: """
 	## Pass Instructions variable	
@@ -21,10 +23,11 @@ jobs: helper: {
 		},
 	]
 	env: {
-		HELPER_AUTH_TOKEN: "secret://cred-helper-auth/token"
-		SECRET_KEY:        "secret://secret-key/token"
-		FORM_FIELDS:       "\(args.secretKeys)"
-		ACORN_NAME:        "@{acorn.name}"
+		HELPER_AUTH_TOKEN:    "secret://cred-helper-auth/token"
+		SECRET_KEY:           "secret://secret-key/token"
+		FORM_FIELDS:          "\(args.secretKeys)"
+		TEXTAREA_FORM_FIELDS: "\(args.textareaSecretKeys)"
+		ACORN_NAME:           "@{acorn.name}"
 	}
 	files: "/acorn/instructions.txt": args.instructions
 	events: ["create"]

diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ Here is an example of how to add this Acorn to your Acornfile:
 acorns: helper: {
     image: "ghcr.io/acorn-io/secret-create-helper:v#.#.#"
     serviceArgs: {
-        secretKeys: "public_key,private_key,project_id"
+        secretKeys: "public_key,secret_key,project_id"
         instructions: localData.credInfo
     }
 }
@@ -37,6 +37,8 @@ secrets: "api-keys": alias: "helper.output"
 // ...
 ```
 
+For secrets that involve multiple lines like PEMs, you can use the `textareaSecretKeys` argument to capture that value. The `textareaSecretKeys` is also a comma separated list of keys to display.
+
 ### What does this look like?
 
 When this has been added to the Acornfile, when launched the user will see an endpoint to open the page to prompt the user. The user clicks on the link and is taken to the page that provides instructions and a form to create the secret needed to provision the service.

diff --git a/app.py b/app.py
@@ -13,6 +13,7 @@
 app.config["AUTH_TOKEN"] = os.environ.get("HELPER_AUTH_TOKEN")
 app.config["SECRET_KEY"] = os.environ.get("SECRET_KEY")
 app.config["FORM_FIELDS"] = os.environ.get("FORM_FIELDS")
+app.config["TEXTAREA_FIELDS"] = os.environ.get("TEXTAREA_FORM_FIELDS")
 
 csrf = CSRFProtect(app)
 
@@ -63,8 +64,10 @@ def index():
 
     if request.method == "POST":
         form_data = {}
-        for field in app.config["FORM_FIELDS"].split(","):
-            form_data[field] = request.form.get(field)
+        form_fields = get_form_keys_by_type()
+        for form_field_type in form_fields.keys():
+            for field in form_fields[form_field_type]:
+                form_data[field] = request.form.get(field)
 
         output_body = {"type": "opaque", "data": form_data}
         output_json = json.dumps({"secrets": {"output": output_body}})
@@ -88,10 +91,11 @@ def index():
         flash("Instructions information not found.", "error")
 
     csrf = generate_csrf()
+    form = get_form_keys_by_type()
 
     return render_template(
         "main_page.html",
-        fields=app.config["FORM_FIELDS"].split(","),
+        fields=form,
         display_content=display_content,
         csrf_token=csrf,
     )
@@ -105,3 +109,17 @@ def success_page():
 @app.route("/unauthorized")
 def unauthorized():
     return render_template("unauthorized_page.html")
+
+
+def get_form_keys_by_type():
+    form = {}
+
+    text_field_list = app.config["FORM_FIELDS"].split(",")
+    textarea_field_list = app.config["TEXTAREA_FIELDS"].split(",")
+
+    if text_field_list != [""]:
+        form["text_fields"] = text_field_list
+    if textarea_field_list != [""]:
+        form["textarea_fields"] = textarea_field_list
+
+    return form
diff --git a/static/favicon.ico b/static/favicon.ico
diff --git a/templates/main_page.html b/templates/main_page.html
@@ -4,6 +4,7 @@
     <meta charset="UTF-8">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <title>File Form</title>
+    <link rel="icon" href="{{ url_for('static', filename='favicon.ico') }}">
     <!-- Include Bootstrap CSS -->
     <link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet">
 </head>
@@ -16,15 +17,27 @@ <h2 class="mt-5">Instructions:</h2>
             </div>
         </div>
         <div class ="col-md-6">
-
             <form method="POST">
                 <input type="hidden" name="csrf_token" value="{{ csrf_token }}">
-                {% for key in fields %}
-                <div class="mb-3">
-                    <label for="{{ key }}" class="form-label">{{ key }}</label>
-                    <input type="password" class="form-control" id="{{ key }}" name="{{ key }}">
-                </div>
-                {% endfor %}
+
+                {% if "text_fields" in fields %}
+                    {% for key in fields["text_fields"] %}
+                    <div class="mb-3">
+                        <label for="{{ key }}" class="form-label">{{ key }}</label>
+                        <input type="password" class="form-control" id="{{ key }}" name="{{ key }}">
+                    </div>
+                    {% endfor %}
+                {% endif %}
+
+                {% if "textarea_fields" in fields %}
+                    {% for key in fields["textarea_fields"] %}
+                    <div class="mb-3">
+                        <label for="{{ key }}" class="form-label">{{ key }}</label>
+                        <textarea class="form-control" id="{{ key }}" name="{{ key }}" rows="4" cols="50"></textarea>
+                    </div>
+                    {% endfor %}
+                {% endif %}
+
                 <button type="submit" class="btn btn-primary">Submit</button>
             </form>
         </div>

diff --git a/templates/success_page.html b/templates/success_page.html
@@ -2,6 +2,7 @@
 <html>
 <head>
     <title>Success Page</title>
+    <link rel="icon" href="{{ url_for('static', filename='favicon.ico') }}">
     <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
 </head>
 <body>
@@ -12,7 +13,7 @@
                     <div class="card-body text-center">
                         <h2 class="card-title">Success</h2>
                         <p class="card-text">Your request was successful.</p>
-                        <p class="card-text">You can now close your browser.</p>
+                        <p class="card-text">You can now close this browser window.</p>
                     </div>
                 </div>
             </div>

diff --git a/templates/unauthorized_page.html b/templates/unauthorized_page.html
@@ -2,6 +2,7 @@
 <html>
 <head>
     <title>Error Page</title>
+    <link rel="icon" href="{{ url_for('static', filename='favicon.ico') }}">
     <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
     <!-- Add any custom CSS for your error_page here -->
 </head>