fix: restrict secretFile path

[MichaelDeSteven]

What this PR does:

Which issue(s) this PR fixes:

Fixes #631

Special notes for your reviewer:

Does this PR introduce a user-facing change?:

[seeflood]

The FIXME said that we should get the startup parameters in main.go and you can take

layotto/cmd/layotto/main.go

Line 455 in 9a31451

stm := stagemanager.InitStageManager(c, c.String("config"), app)

as an example.
Checking -c or -config here is not enough, since users can just ./layotto start and layotto will use the default configuration path

[MichaelDeSteven]

The FIXME said that we should get the startup parameters in main.go and you can take

layotto/cmd/layotto/main.go

Line 455 in 9a31451

stm := stagemanager.InitStageManager(c, c.String("config"), app)

as an example.
Checking -c or -config here is not enough, since users can just ./layotto start and layotto will use the default configuration path

Is there means I can get configuration path by used c.String("config") in main.go to replace if str == "-c" || str == "-config"?

[seeflood]

Yes! you can get the path by c.String("config") in main.go and then put it in a common place in the memory

We need to review the code and find a suitable place to store the path

[MichaelDeSteven]

how to store var in memory? Can you give me some refs?

[seeflood]

The easiest way is to store it in the main.go as a global variable. But this "global variable" way is not "elegant".
I suggest you read the startup code and try to pass the var to the runtime server without using global variable.
If you really can't find a way, then use global variable

[seeflood]

@MichaelDeSteven Hi ,are u still working on it?
Do you need help? I can help with this

[MichaelDeSteven]

sorry that I cant find the method of store var in startup code. can you give me some tips?

[seeflood]

Sure. let me take a look

[seeflood]

I submitted #698 to test the case ./layotto start -c and ./layotto start --config

@MichaelDeSteven Could u modify the quickstart doc to test the case 2 in #631

[MichaelDeSteven]

I submitted #698 to test the case ./layotto start -c and ./layotto start --config

@MichaelDeSteven Could u modify the quickstart doc to test the case 2 in #631

I will modify and test it later.

[seeflood]

Hi @MichaelDeSteven , I submitted a PR MichaelDeSteven#3 to your branch.
It will test cases including:

• ./layotto start without -c or --config flags.
• case 2 in the relative path in secretFile is error-prone; 限制 secretFile 能访问的路径 #631

Please review and merge :)

[github-actions]

This pull request has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in 7 days if no further activity occurs. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!

[github-actions]

This pull request has been automatically closed because it has not had activity in the last 37 days. Please feel free to give a status update now, ping for review, or re-open when it's ready. Thank you for your contributions!