diff --git a/yaml/secret.go b/yaml/secret.go index 58d99b23..443fa82d 100644 --- a/yaml/secret.go +++ b/yaml/secret.go @@ -6,6 +6,7 @@ package yaml import ( "errors" + "fmt" "strings" "github.com/go-vela/types/constants" @@ -206,6 +207,13 @@ func (s *StepSecretSlice) UnmarshalYAML(unmarshal func(interface{}) error) error // attempt to unmarshal as a step secret slice type err = unmarshal(secrets) if err == nil { + // check for secret source and target + for _, secret := range *secrets { + if len(secret.Source) == 0 || len(secret.Target) == 0 { + return fmt.Errorf("no secret source or target found") + } + } + // overwrite existing StepSecretSlice *s = StepSecretSlice(*secrets) return nil diff --git a/yaml/secret_test.go b/yaml/secret_test.go index e58561e6..aca19d96 100644 --- a/yaml/secret_test.go +++ b/yaml/secret_test.go @@ -288,6 +288,16 @@ func TestYaml_StepSecretSlice_UnmarshalYAML(t *testing.T) { }, }, }, + { + failure: true, + file: "testdata/step_secret_slice_invalid_no_source.yml", + want: nil, + }, + { + failure: true, + file: "testdata/step_secret_slice_invalid_no_target.yml", + want: nil, + }, { failure: true, file: "testdata/invalid.yml", diff --git a/yaml/testdata/step_secret_slice_invalid_no_source.yml b/yaml/testdata/step_secret_slice_invalid_no_source.yml new file mode 100644 index 00000000..1f7e6fc3 --- /dev/null +++ b/yaml/testdata/step_secret_slice_invalid_no_source.yml @@ -0,0 +1,2 @@ +--- +- target: foo \ No newline at end of file diff --git a/yaml/testdata/step_secret_slice_invalid_no_target.yml b/yaml/testdata/step_secret_slice_invalid_no_target.yml new file mode 100644 index 00000000..3e0e29b1 --- /dev/null +++ b/yaml/testdata/step_secret_slice_invalid_no_target.yml @@ -0,0 +1,2 @@ +--- +- source: foo \ No newline at end of file