read Maxmind license key from a file

2023-03-04 14:19:23 -06:00 · 2023-03-04 14:19:23 -06:00 · 8988942821
commit 8988942821
parent dc61f6cd8b
3 changed files with 32 additions and 0 deletions
--- a/internal/nginx/maxmind.go
+++ b/internal/nginx/maxmind.go
@ -37,6 +37,9 @@ import (
 // MaxmindLicenseKey maxmind license key to download databases
 var MaxmindLicenseKey = ""

+// MaxmindLicenseKeyFile file containing maxmind license key
+var MaxmindLicenseKeyFile = ""
+
 // MaxmindEditionIDs maxmind editions (GeoLite2-City, GeoLite2-Country, GeoIP2-ISP, etc)
 var MaxmindEditionIDs = ""

@ -139,6 +142,14 @@ func createURL(mirror, licenseKey, dbName string) string {
 }

 func downloadDatabase(dbName string) error {
+	if MaxmindLicenseKeyFile != "" {
+		b, err := os.ReadFile(MaxmindLicenseKeyFile)
+		if err != nil {
+			return err
+		}
+		MaxmindLicenseKey = string(b)
+	}
+
 	url := createURL(MaxmindMirror, MaxmindLicenseKey, dbName)
 	req, err := http.NewRequest(http.MethodGet, url, nil)
 	if err != nil {
--- a/pkg/flags/flags.go
+++ b/pkg/flags/flags.go
@ -220,6 +220,7 @@ Takes the form "<host>:port". If not provided, no admission controller is starte
 		enableTopologyAwareRouting = flags.Bool("enable-topology-aware-routing", false, "Enable topology aware hints feature, needs service object annotation service.kubernetes.io/topology-aware-hints sets to auto.")
 	)

+	flags.StringVar(&nginx.MaxmindLicenseKeyFile, "maxmind-license-key-file", "", "File containing Maxmind license key.")
 	flags.StringVar(&nginx.MaxmindMirror, "maxmind-mirror", "", `Maxmind mirror url (example: http://geoip.local/databases.`)
 	flags.StringVar(&nginx.MaxmindLicenseKey, "maxmind-license-key", "", `Maxmind license key to download GeoLite2 Databases.
 https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases .`)
@ -376,6 +377,10 @@ https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-g
 		config.RootCAFile = *rootCAFile
 	}

+	if nginx.MaxmindLicenseKeyFile != "" && nginx.MaxmindLicenseKey != "" {
+		return false, nil, fmt.Errorf("flags --maxmind-license-key-file and --maxmind-license-key are mutually exclusive")
+	}
+
 	var err error
 	if nginx.MaxmindEditionIDs != "" {
 		if err = nginx.ValidateGeoLite2DBEditions(); err != nil {
--- a/pkg/flags/flags_test.go
+++ b/pkg/flags/flags_test.go
@ -83,6 +83,22 @@ func TestMaxmindEdition(t *testing.T) {
 	}
 }

+func TestMaxmindLicenseKeyFile(t *testing.T) {
+	ResetForTesting(func() { t.Fatal("Parsing failed") })
+
+	oldArgs := os.Args
+	defer func() { os.Args = oldArgs }()
+	os.Args = []string{"cmd", "--publish-service", "namespace/test", "--http-port", "0", "--https-port", "0", "--maxmind-license-key", "0000000", "--maxmind-license-key-file", "/path/to/file"}
+
+	_, _, err := ParseFlags()
+	if err == nil {
+		t.Fatalf("Expected an error parsing flags but none returned")
+	}
+	if err.Error() != "flags --maxmind-license-key-file and --maxmind-license-key are mutually exclusive" {
+		t.Fatalf("Unexpected error message for conflicting flags: %s.", err.Error())
+	}
+}
+
 func TestMaxmindMirror(t *testing.T) {
 	ResetForTesting(func() { t.Fatal("Parsing failed") })