diff --git a/go.mod b/go.mod index 7738419..605c81e 100644 --- a/go.mod +++ b/go.mod @@ -7,11 +7,12 @@ require ( github.com/shurcooL/graphql v0.0.0-20230722043721-ed46e5a46466 github.com/stretchr/testify v1.9.0 golang.org/x/oauth2 v0.23.0 - gopkg.in/yaml.v3 v3.0.1 + sigs.k8s.io/yaml v1.4.0 ) require ( github.com/davecgh/go-spew v1.1.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect golang.org/x/crypto v0.22.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index e4f1bdb..c2559f4 100644 --- a/go.sum +++ b/go.sum @@ -60,3 +60,5 @@ gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E= +sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY= diff --git a/internal/signer/signer.go b/internal/signer/signer.go index bd8d8e4..f65848b 100644 --- a/internal/signer/signer.go +++ b/internal/signer/signer.go @@ -6,15 +6,14 @@ package signer import ( "crypto/ecdsa" "crypto/x509" - "encoding/json" "encoding/pem" "errors" "time" jose "github.com/go-jose/go-jose/v3" jwt "github.com/go-jose/go-jose/v3/jwt" + "sigs.k8s.io/yaml" "golang.org/x/oauth2" - "gopkg.in/yaml.v3" ) const serviceAccountIssuer = "mondoo/ams" @@ -27,11 +26,11 @@ var ( ) type serviceAccountCredentials struct { - Mrn string `json:"mrn,omitempty" yaml:"mrn,omitempty"` - ParentMrn string `json:"parent_mrn,omitempty" yaml:"parent_mrn,omitempty"` - PrivateKey string `json:"private_key,omitempty" yaml:"private_key,omitempty"` - Certificate string `json:"certificate,omitempty" yaml:"certificate,omitempty"` - ApiEndpoint string `json:"api_endpoint,omitempty" yaml:"api_endpoint,omitempty"` + Mrn string `json:"mrn,omitempty"` + ParentMrn string `json:"parent_mrn,omitempty"` + PrivateKey string `json:"private_key,omitempty"` + Certificate string `json:"certificate,omitempty"` + ApiEndpoint string `json:"api_endpoint,omitempty"` } // privateKeyFromBytes loads a .p8 certificate from an in memory byte array and @@ -55,11 +54,8 @@ func privateKeyFromBytes(bytes []byte) (*ecdsa.PrivateKey, error) { func NewServiceAccountTokenSource(data []byte) (*serviceAccountTokenSource, *serviceAccountCredentials, error) { var credentials *serviceAccountCredentials - err := json.Unmarshal(data, &credentials) + err := yaml.Unmarshal(data, &credentials) if credentials == nil || err != nil { - // if JSON format didn't work, try YAML - err = yaml.Unmarshal(data, &credentials) - if credentials == nil || err != nil { return nil, nil, errors.New("valid service account needs to be provided") } }