added autoreport to keyserver-App
All checks were successful
release-tag / release-image (push) Successful in 2m33s
All checks were successful
release-tag / release-image (push) Successful in 2m33s
This commit is contained in:
@@ -22,4 +22,6 @@ WORKDIR /app
|
||||
COPY --from=build /out/pgpkeygen /app/pgpkeygen
|
||||
EXPOSE 8080
|
||||
USER nonroot:nonroot
|
||||
#export KEYSERVER_URL='http://localhost:8080'
|
||||
#export KEYSERVER_TOKEN='supersecret'
|
||||
ENTRYPOINT ["/app/pgpkeygen"]
|
||||
|
||||
81
main.go
81
main.go
@@ -1,12 +1,17 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"embed"
|
||||
"encoding/json"
|
||||
"errors"
|
||||
"fmt"
|
||||
"html/template"
|
||||
"io"
|
||||
"log"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"strconv"
|
||||
"strings"
|
||||
"time"
|
||||
@@ -47,6 +52,71 @@ type genResult struct {
|
||||
UIDOnKey string // tatsächliche UID im Schlüssel
|
||||
}
|
||||
|
||||
type apiUploadReq struct {
|
||||
Name string `json:"name"`
|
||||
Email string `json:"email"`
|
||||
Fingerprint string `json:"fingerprint"`
|
||||
PublicArmored string `json:"public_armored"`
|
||||
Filename string `json:"filename,omitempty"`
|
||||
}
|
||||
|
||||
type apiUploadResp struct {
|
||||
ID string `json:"id"`
|
||||
Email string `json:"email"`
|
||||
Fingerprint string `json:"fingerprint"`
|
||||
WKDHash string `json:"wkd_hash"`
|
||||
Domain string `json:"domain"`
|
||||
Local string `json:"local"`
|
||||
}
|
||||
|
||||
func uploadPublicKey(res *genResult) (*apiUploadResp, error) {
|
||||
base := strings.TrimSpace(os.Getenv("KEYSERVER_URL"))
|
||||
token := strings.TrimSpace(os.Getenv("KEYSERVER_TOKEN"))
|
||||
if base == "" || token == "" {
|
||||
return nil, nil // Upload deaktiviert
|
||||
}
|
||||
|
||||
u, err := url.Parse(base)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("invalid KEYSERVER_URL: %w", err)
|
||||
}
|
||||
u.Path = strings.TrimRight(u.Path, "/") + "/api/v1/keys"
|
||||
|
||||
reqBody := apiUploadReq{
|
||||
Name: res.Name,
|
||||
Email: res.Email,
|
||||
Fingerprint: res.Fingerprint,
|
||||
PublicArmored: res.PublicArmored,
|
||||
Filename: res.Email + ".asc",
|
||||
}
|
||||
|
||||
b, _ := json.Marshal(reqBody)
|
||||
httpReq, err := http.NewRequest(http.MethodPost, u.String(), bytes.NewReader(b))
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
httpReq.Header.Set("Content-Type", "application/json")
|
||||
httpReq.Header.Set("Authorization", "Bearer "+token)
|
||||
|
||||
client := &http.Client{Timeout: 10 * time.Second}
|
||||
httpRes, err := client.Do(httpReq)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
defer httpRes.Body.Close()
|
||||
|
||||
if httpRes.StatusCode != http.StatusCreated {
|
||||
msg, _ := io.ReadAll(io.LimitReader(httpRes.Body, 8<<10))
|
||||
return nil, fmt.Errorf("keyserver returned %d: %s", httpRes.StatusCode, strings.TrimSpace(string(msg)))
|
||||
}
|
||||
|
||||
var out apiUploadResp
|
||||
if err := json.NewDecoder(httpRes.Body).Decode(&out); err != nil {
|
||||
return nil, fmt.Errorf("decode response: %w", err)
|
||||
}
|
||||
return &out, nil
|
||||
}
|
||||
|
||||
func main() {
|
||||
mux := http.NewServeMux()
|
||||
mux.HandleFunc("/", handleIndex)
|
||||
@@ -97,6 +167,17 @@ func handleGenerate(w http.ResponseWriter, r *http.Request) {
|
||||
http.Error(w, fmt.Sprintf("Fehler beim Erzeugen der Schlüssel: %v", err), http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
|
||||
// Optional: Upload zum Keyserver
|
||||
if up, upErr := uploadPublicKey(res); upErr != nil {
|
||||
log.Printf("upload failed: %v", upErr)
|
||||
// Du kannst hier entscheiden: Fehler anzeigen oder nur loggen
|
||||
// http.Error(w, "Upload fehlgeschlagen: "+upErr.Error(), 502); return
|
||||
} else if up != nil {
|
||||
// optional: im UI anzeigen
|
||||
res.Comment += fmt.Sprintf(" (Uploaded: %s)", up.ID)
|
||||
}
|
||||
|
||||
_ = resultTmpl.Execute(w, res)
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user