feat: enabled loading http-api-token from file (#1728)

pull/1732/head
nils måsén 1 year ago committed by GitHub
parent 139f67270b
commit 9f60766692
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -27,6 +27,33 @@ In the example above, watchtower will execute an upgrade attempt on the containe
When no arguments are specified, watchtower will monitor all running containers. When no arguments are specified, watchtower will monitor all running containers.
## Secrets/Files
Some arguments can also reference a file, in which case the contents of the file are used as the value.
This can be used to avoid putting secrets in the configuration file or command line.
The following arguments are currently supported (including their corresponding `WATCHTOWER_` environment variables):
- `notification-url`
- `notification-email-server-password`
- `notification-slack-hook-url`
- `notification-msteams-hook`
- `notification-gotify-token`
- `http-api-token`
### Example docker-compose usage
```yaml
secrets:
access_token:
file: access_token
services:
watchtower:
secrets:
- access_token
environment:
- WATCHTOWER_HTTP_API_TOKEN=/run/secrets/access_token
```
## Help ## Help
Shows documentation about the supported flags. Shows documentation about the supported flags.
@ -270,6 +297,7 @@ Environment Variable: WATCHTOWER_HTTP_API_UPDATE
## HTTP API Token ## HTTP API Token
Sets an authentication token to HTTP API requests. Sets an authentication token to HTTP API requests.
Can also reference a file, in which case the contents of the file are used.
```text ```text
Argument: --http-api-token Argument: --http-api-token
@ -363,4 +391,4 @@ requests and may rate limit pull requests (mainly docker.io).
Environment Variable: WATCHTOWER_WARN_ON_HEAD_FAILURE Environment Variable: WATCHTOWER_WARN_ON_HEAD_FAILURE
Possible values: always, auto, never Possible values: always, auto, never
Default: auto Default: auto
``` ```

@ -466,6 +466,7 @@ func GetSecretsFromFiles(rootCmd *cobra.Command) {
"notification-msteams-hook", "notification-msteams-hook",
"notification-gotify-token", "notification-gotify-token",
"notification-url", "notification-url",
"http-api-token",
} }
for _, secret := range secrets { for _, secret := range secrets {
if err := getSecretFromFile(flags, secret); err != nil { if err := getSecretFromFile(flags, secret); err != nil {

@ -90,6 +90,7 @@ func TestGetSliceSecretsFromFiles(t *testing.T) {
func testGetSecretsFromFiles(t *testing.T, flagName string, expected string, args ...string) { func testGetSecretsFromFiles(t *testing.T, flagName string, expected string, args ...string) {
cmd := new(cobra.Command) cmd := new(cobra.Command)
SetDefaults() SetDefaults()
RegisterSystemFlags(cmd)
RegisterNotificationFlags(cmd) RegisterNotificationFlags(cmd)
require.NoError(t, cmd.ParseFlags(args)) require.NoError(t, cmd.ParseFlags(args))
GetSecretsFromFiles(cmd) GetSecretsFromFiles(cmd)

Loading…
Cancel
Save