From c494e6bf7ed5123d9188e180f81b1008b2734118 Mon Sep 17 00:00:00 2001
From: Somtochi Onyekwere <somtochionyekwere@gmail.com>
Date: Wed, 21 Apr 2021 22:12:42 +0100
Subject: [PATCH] Inject password in create secret git if specified

Signed-off-by: Somtochi Onyekwere <somtochionyekwere@gmail.com>
---
 cmd/flux/create_secret_git.go      | 8 ++++++++
 cmd/flux/create_source_git.go      | 9 +++++++++
 docs/cmd/flux_create_secret_git.md | 7 +++++++
 docs/cmd/flux_create_source_git.md | 9 +++++++++
 4 files changed, 33 insertions(+)

diff --git a/cmd/flux/create_secret_git.go b/cmd/flux/create_secret_git.go
index e7410ea8..446703a0 100644
--- a/cmd/flux/create_secret_git.go
+++ b/cmd/flux/create_secret_git.go
@@ -50,6 +50,13 @@ For Git over HTTP/S, the provided basic authentication credentials are stored in
     --url=ssh://git@github.com/stefanprodan/podinfo \
     --private-key-file=./private.key
 
+  # Create a Git SSH authentication secret with a passworded private key from file
+  # The public SSH host key will still be gathered from the host
+  flux create secret git podinfo-auth \
+    --url=ssh://git@github.com/stefanprodan/podinfo \
+    --private-key-file=./private.key \
+    --password=<password>
+
   # Create a secret for a Git repository using basic authentication
   flux create secret git podinfo-auth \
     --url=https://github.com/stefanprodan/podinfo \
@@ -140,6 +147,7 @@ func createSecretGitCmdRun(cmd *cobra.Command, args []string) error {
 		opts.PrivateKeyAlgorithm = sourcesecret.PrivateKeyAlgorithm(secretGitArgs.keyAlgorithm)
 		opts.RSAKeyBits = int(secretGitArgs.rsaBits)
 		opts.ECDSACurve = secretGitArgs.ecdsaCurve.Curve
+		opts.Password = secretGitArgs.password
 	case "http", "https":
 		if secretGitArgs.username == "" || secretGitArgs.password == "" {
 			return fmt.Errorf("for Git over HTTP/S the username and password are required")
diff --git a/cmd/flux/create_source_git.go b/cmd/flux/create_source_git.go
index b3090737..793136ac 100644
--- a/cmd/flux/create_source_git.go
+++ b/cmd/flux/create_source_git.go
@@ -101,6 +101,15 @@ For private Git repositories, the basic authentication credentials are stored in
     --branch=master \
     --private-key-file=./private.key
 
+  # Create a source for a Git repository using SSH authentication and a
+  # private key with a password from file
+  # The public SSH host key will still be gathered from the host
+  flux create source git podinfo \
+    --url=ssh://git@github.com/stefanprodan/podinfo \
+    --branch=master \
+    --private-key-file=./private.key \
+    --password=<password>
+
   # Create a source for a Git repository using basic authentication
   flux create source git podinfo \
     --url=https://github.com/stefanprodan/podinfo \
diff --git a/docs/cmd/flux_create_secret_git.md b/docs/cmd/flux_create_secret_git.md
index 042b39c2..2c47a213 100644
--- a/docs/cmd/flux_create_secret_git.md
+++ b/docs/cmd/flux_create_secret_git.md
@@ -31,6 +31,13 @@ flux create secret git [name] [flags]
     --url=ssh://git@github.com/stefanprodan/podinfo \
     --private-key-file=./private.key
 
+  # Create a Git SSH authentication secret with a passworded private key from file
+  # The public SSH host key will still be gathered from the host
+  flux create secret git podinfo-auth \
+    --url=ssh://git@github.com/stefanprodan/podinfo \
+    --private-key-file=./private.key \
+    --password=<password>
+
   # Create a secret for a Git repository using basic authentication
   flux create secret git podinfo-auth \
     --url=https://github.com/stefanprodan/podinfo \
diff --git a/docs/cmd/flux_create_source_git.md b/docs/cmd/flux_create_source_git.md
index 6d6daf23..70bbfca7 100644
--- a/docs/cmd/flux_create_source_git.md
+++ b/docs/cmd/flux_create_source_git.md
@@ -54,6 +54,15 @@ flux create source git [name] [flags]
     --branch=master \
     --private-key-file=./private.key
 
+  # Create a source for a Git repository using SSH authentication and a
+  # private key with a password from file
+  # The public SSH host key will still be gathered from the host
+  flux create source git podinfo \
+    --url=ssh://git@github.com/stefanprodan/podinfo \
+    --branch=master \
+    --private-key-file=./private.key \
+    --password=<password>
+
   # Create a source for a Git repository using basic authentication
   flux create source git podinfo \
     --url=https://github.com/stefanprodan/podinfo \
-- 
GitLab