feat: support JSON Credentials as repo secret

lambda/main.go

@@ -163,6 +163,9 @@ func parseCreds(creds string) (string, error) {
 		return secret, err
 	} else if credsType == SECRET_TEXT {
 		return creds, nil
+	} else if credsType == SECRET_JSON {
+		secret, err := GetJSONSecret(creds)
+		return secret, err
 	}
-	return "", fmt.Errorf("unkown creds type")
+	return "", fmt.Errorf("unknown creds type")
 }

lambda/utils.go

@@ -154,9 +154,18 @@ const (
 	SECRET_ARN  = "SECRET_ARN"
 	SECRET_NAME = "SECRET_NAME"
 	SECRET_TEXT = "SECRET_TEXT"
+	SECRET_JSON = "SECRET_JSON"
 )
 
 func GetCredsType(s string) string {
+	var jsonData map[string]interface{}
+	if err := json.Unmarshal([]byte(s), &jsonData); err == nil {
+		if _, hasUsername := jsonData["username"]; hasUsername {
+			if _, hasPassword := jsonData["password"]; hasPassword {
+				return SECRET_JSON
+			}
+		}
+	}
 	if strings.HasPrefix(s, "arn:aws") {
 		return SECRET_ARN
 	} else if strings.Contains(s, ":") {
@@ -184,3 +193,19 @@ func GetSecret(secretId string) (secret string, err error) {
 	}
 	return *resp.SecretString, nil
 }
+
+func GetJSONSecret(secretJson string) (secret string, err error) {
+	var jsonData map[string]interface{}
+	if err := json.Unmarshal([]byte(secretJson), &jsonData); err != nil {
+		return "", fmt.Errorf("json unmarshal error: %v", err.Error())
+	}
+	username, ok := jsonData["username"].(string)
+	if !ok {
+		return "", fmt.Errorf("json username error")
+	}
+	password, ok := jsonData["password"].(string)
+	if !ok {
+		return "", fmt.Errorf("json password error")
+	}
+	return fmt.Sprintf("%s:%s", username, password), nil
+}

lambda/utils_test.go

@@ -30,4 +30,5 @@ func TestGetCredsType(t *testing.T) {
 	assert.Equal(t, SECRET_NAME, GetCredsType("fake-secret"))
 	assert.Equal(t, SECRET_TEXT, GetCredsType("username:password"))
 	assert.Equal(t, SECRET_NAME, GetCredsType(""))
+	assert.Equal(t, SECRET_JSON, GetCredsType("{ \"username\" : \"privateRegistryUsername\", \"password\" : \"privateRegistryPassword\" }"))
 }