Add in tag default file.

[dvalinrh]

Description

Assigning tags will now check .config/zathras/cloud_tags for tags to assign.

Before/After Comparison

Before: Required the user to always update tags.config to set the tags
After: The user now is able to set the values once in the .config/zathras/cloud_tags file, and the values will be used
everytime

Documentation Check

Yes, updates made.

Clerical Stuff

This closes #342

Relates to JIRA: RPOPC-753

[github-actions]

This relates to RPOPC-753

[github-actions]

PullHero Review

Provider: generativelanguage.googleapis.com Model: gemini-2.0-flash

Okay, I will review the proposed changes and provide feedback.

Analysis

The changes introduce a new feature that allows users to override the default cloud tags defined in config/tags.conf by creating a ~/.config/zathras/cloud_tags file. This allows for more flexible and personalized cloud resource tagging.

Key Changes:

• bin/burden:
  • The generate_tags function in bin/burden is modified to incorporate tag overrides from the new file. It checks for the existence of ~/.config/zathras/cloud_tags and, if present, iterates through its contents, replacing the corresponding tags in a temporary file (tags_defaults). Finally, it replaces the original tags_defaults with the modified version.
• docs/tag_default_file.md:
  • A new documentation file docs/tag_default_file.md is added to explain the purpose and usage of the ~/.config/zathras/cloud_tags file.

Potential Issues and Concerns:

• File Ownership and Permissions: The code assumes the user running burden has read access to ~/.config/zathras/cloud_tags. The install script should create this directory and file with the appropriate ownership and permissions.
• Error Handling: The code lacks explicit error handling for reading the override file. If the file is malformed or inaccessible, the script might fail silently or produce unexpected results.
• Tags file replacement: The generate_tags function is replacing the existing tags_defaults file with a new tag_temp file. If there is an issue with the cloud_tags file, it is possible that the tags will not be properly generated due to the file replacement.
• Injection Vulnerability: The code directly uses the values from the cloud_tags file in shell commands, creating a potential command injection vulnerability. If a malicious user creates a cloud_tags file with carefully crafted content, they could potentially execute arbitrary commands on the system.
• Tag file format The proposed change is using a loop to read the cloud_tags file, then an inner loop is reading the tags_defaults file. This is not optimal. It is possible to read both files into an associative array and then update the tags_defaults using the associative array.
• Missing Documentation Update: The docs/command_line_reference.md file is not updated to reflect the ability for the end user to modify the tags.

Recommendations

1. Implement Error Handling: Add error handling to check if the ~/.config/zathras/cloud_tags file exists and is readable. Provide informative error messages if the file is missing or malformed.
2. Sanitize Input: Implement proper input sanitization to prevent command injection vulnerabilities. Use jq or other safe methods to parse the cloud_tags file.
3. Alternative Tags file replacement Instead of replacing the contents of the tag_defaults file, use sed to update the existing tags. This way, if there is an error with the cloud_tags file, at least the default tags will still be present.
4. Update main documentation Update the docs/command_line_reference.md file to reflect the ability for the end user to modify the tags.
5. Permissions Verify the ~/.config/zathras/cloud_tags has the proper permissions.

Vote

Vote: -1 (request changes if significant issues exist)

Vote: -1

PullHero

[kdvalin]

Suggested change

	field=`echo $tag_value | cut -d':' -f 1`
	field=`echo "$tag_value" | cut -d':' -f 1`

[kdvalin]

Suggested change

	echo $field | grep -q $name
	echo "$field" | grep -q "$name"

[kdvalin]

Suggested change

	# If ~/.config/zathras/cloud_tags exsists, replace the various tags.
	# If ~/.config/zathras/cloud_tags exists, replace the various tags.