From 510f31a5de15a0c3acc008d859dea86c83d1e35d Mon Sep 17 00:00:00 2001
From: Nathan Pierce <norsegaud@gmail.com>
Date: Wed, 23 Oct 2024 10:29:21 -0500
Subject: [PATCH] https://github.com/veertuinc/anklet/issues/36
 ANKLET_GLOBAL_RECEIVER_SECRET

---
 VERSION                            | 2 +-
 docker/docker-compose.yml          | 2 ++
 internal/config/config.go          | 6 ++++++
 main.go                            | 9 +++++++++
 plugins/receivers/github/README.md | 3 ++-
 plugins/receivers/github/github.go | 7 +++++--
 6 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/VERSION b/VERSION
index c18d72b..53a48a1 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.8.1
\ No newline at end of file
+0.8.2
\ No newline at end of file
diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml
index 405d731..c5cf46e 100644
--- a/docker/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -43,3 +43,5 @@ services:
       - ANKLET_GLOBAL_DATABASE_USER=
       - ANKLET_GLOBAL_DATABASE_PASSWORD=
       - ANKLET_GLOBAL_DATABASE_DATABASE=0
+      # ANKLET_GLOBAL_RECEIVER_SECRET allows you to set a global secret for all receivers
+      # - ANKLET_GLOBAL_RECEIVER_SECRET=12345
\ No newline at end of file
diff --git a/internal/config/config.go b/internal/config/config.go
index 0458c8c..346b60e 100644
--- a/internal/config/config.go
+++ b/internal/config/config.go
@@ -28,6 +28,7 @@ type Config struct {
 	GlobalDatabaseUser     string   `yaml:"global_database_user"`
 	GlobalDatabasePassword string   `yaml:"global_database_password"`
 	GlobalDatabaseDatabase int      `yaml:"global_database_database"`
+	GlobalReceiverSecret   string   `yaml:"global_receiver_secret"`
 }
 
 type Log struct {
@@ -174,6 +175,11 @@ func LoadInEnvs(config Config) (Config, error) {
 		config.GlobalDatabasePassword = envGlobalDatabasePassword
 	}
 
+	envGlobalReceiverSecret := os.Getenv("ANKLET_GLOBAL_RECEIVER_SECRET")
+	if envGlobalReceiverSecret != "" {
+		config.GlobalReceiverSecret = envGlobalReceiverSecret
+	}
+
 	// pidFileDir := os.Getenv("ANKLET_PID_FILE_DIR")
 	// if pidFileDir != "" {
 	// 	config.PidFileDir = pidFileDir
diff --git a/main.go b/main.go
index 0557b2a..be8af1f 100644
--- a/main.go
+++ b/main.go
@@ -123,6 +123,15 @@ func main() {
 		loadedConfig.WorkDir = "./"
 	}
 
+	// handle global receiver secret
+	if loadedConfig.GlobalReceiverSecret != "" {
+		for index, plugin := range loadedConfig.Plugins {
+			if strings.Contains(plugin.Plugin, "_receiver") {
+				loadedConfig.Plugins[index].Secret = loadedConfig.GlobalReceiverSecret
+			}
+		}
+	}
+
 	logger.DebugContext(parentCtx, "loaded config", slog.Any("config", loadedConfig))
 	parentCtx = context.WithValue(parentCtx, config.ContextKey("config"), &loadedConfig)
 
diff --git a/plugins/receivers/github/README.md b/plugins/receivers/github/README.md
index ca667bb..cc3a602 100644
--- a/plugins/receivers/github/README.md
+++ b/plugins/receivers/github/README.md
@@ -11,12 +11,13 @@ The Github Receiver Plugin is used to receive webhook events from github and sto
 In the `config.yml`, you can define the `github_receiver` plugin as follows:
 
 ```
+global_receiver_secret: 12345 # this can be set using the ANKLET_GLOBAL_RECEIVER_SECRET env var too
 plugins:
   - name: GITHUB_RECEIVER
     plugin: github_receiver
     hook_id: 489747753
     port: 54321
-    secret: 123412342
+    # secret: 12345
     private_key: /Users/nathanpierce/veertuinc-anklet.2024-07-19.private-key.pem
     app_id: 949431
     installation_id: 52970581
diff --git a/plugins/receivers/github/github.go b/plugins/receivers/github/github.go
index b0feb66..59bc304 100644
--- a/plugins/receivers/github/github.go
+++ b/plugins/receivers/github/github.go
@@ -138,10 +138,13 @@ func Run(
 
 	configFileName := config.GetConfigFileNameFromContext(pluginCtx)
 	if ctxPlugin.Token == "" && ctxPlugin.PrivateKey == "" {
-		logging.Panic(workerCtx, pluginCtx, "token or private_key are not set at global level or in "+configFileName+":plugins:"+ctxPlugin.Name+"<token/private_key>")
+		logging.Panic(workerCtx, pluginCtx, "token or private_key are not set at global level or in "+configFileName+":plugins:"+ctxPlugin.Name)
 	}
 	if ctxPlugin.Owner == "" {
-		logging.Panic(workerCtx, pluginCtx, "owner is not set in "+configFileName+":plugins:"+ctxPlugin.Name+"<owner>")
+		logging.Panic(workerCtx, pluginCtx, "owner is not set in "+configFileName+":plugins:"+ctxPlugin.Name)
+	}
+	if ctxPlugin.Secret == "" {
+		logging.Panic(workerCtx, pluginCtx, "secret is not set in "+configFileName+":plugins:"+ctxPlugin.Name)
 	}
 
 	databaseContainer, err := database.GetDatabaseFromContext(pluginCtx)