mirror of
https://github.com/go-gitea/gitea.git
synced 2025-10-25 07:37:48 -04:00
34 lines
984 B
Go
34 lines
984 B
Go
// Copyright 2023 The Gitea Authors. All rights reserved.
|
|
// SPDX-License-Identifier: MIT
|
|
|
|
package secrets
|
|
|
|
import (
|
|
"regexp"
|
|
"strings"
|
|
"sync"
|
|
|
|
"code.gitea.io/gitea/modules/util"
|
|
)
|
|
|
|
// https://docs.github.com/en/actions/learn-github-actions/variables#naming-conventions-for-configuration-variables
|
|
// https://docs.github.com/en/actions/security-guides/encrypted-secrets#naming-your-secrets
|
|
var globalVars = sync.OnceValue(func() (ret struct {
|
|
namePattern, forbiddenPrefixPattern *regexp.Regexp
|
|
},
|
|
) {
|
|
ret.namePattern = regexp.MustCompile("(?i)^[A-Z_][A-Z0-9_]*$")
|
|
ret.forbiddenPrefixPattern = regexp.MustCompile("(?i)^GIT(EA|HUB)_")
|
|
return ret
|
|
})
|
|
|
|
func ValidateName(name string) error {
|
|
vars := globalVars()
|
|
if !vars.namePattern.MatchString(name) ||
|
|
vars.forbiddenPrefixPattern.MatchString(name) ||
|
|
strings.EqualFold(name, "CI") /* CI is always set to true in GitHub Actions*/ {
|
|
return util.NewInvalidArgumentErrorf("invalid variable or secret name")
|
|
}
|
|
return nil
|
|
}
|