From 9f21b594826cea55510fd40e35a45876905f0065 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vitor=20Jord=C3=A3o?= <srvitorlol@gmail.com>
Date: Thu, 12 Jan 2023 16:20:03 -0300
Subject: [PATCH 1/2] When the password contains "$" in the "config" the login
 not working well.

---
 cmd/gateclient/client.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cmd/gateclient/client.go b/cmd/gateclient/client.go
index 7ff8eac1..885c4025 100644
--- a/cmd/gateclient/client.go
+++ b/cmd/gateclient/client.go
@@ -235,7 +235,7 @@ func userConfig(gateClient *GatewayClient, configLocation string) error {
 	// but unmarshal to an upstream oauth package, so the cached token needs to match
 	// https://godoc.org/golang.org/x/oauth2#Token
 	if yamlFile != nil {
-		err = yaml.UnmarshalStrict([]byte(os.ExpandEnv(string(yamlFile))), &gateClient.Config)
+		err = yaml.UnmarshalStrict([]byte(string(yamlFile)), &gateClient.Config)
 		if err != nil {
 			gateClient.ui.Error(fmt.Sprintf("Could not deserialize config file with contents: %s, failing.", yamlFile))
 			return err

From af079b1c476c64b4b27e69a9ebe7ce2c2563eb32 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vitor=20Jord=C3=A3o?= <srvitorlol@gmail.com>
Date: Thu, 29 Feb 2024 17:16:26 -0300
Subject: [PATCH 2/2] Update the solution to skip system environment

---
 cmd/gateclient/client.go  | 11 +++++++++++
 config/auth/authconfig.go | 17 +++++++++--------
 config/example.yaml       |  2 ++
 3 files changed, 22 insertions(+), 8 deletions(-)

diff --git a/cmd/gateclient/client.go b/cmd/gateclient/client.go
index 5c3c3562..f0fa5519 100644
--- a/cmd/gateclient/client.go
+++ b/cmd/gateclient/client.go
@@ -263,11 +263,22 @@ func userConfig(gateClient *GatewayClient, configLocation string) error {
 	// but unmarshal to an upstream oauth package, so the cached token needs to match
 	// https://godoc.org/golang.org/x/oauth2#Token
 	if yamlFile != nil {
+
 		err = yaml.UnmarshalStrict([]byte(string(yamlFile)), &gateClient.Config)
 		if err != nil {
 			gateClient.ui.Error(fmt.Sprintf("Could not deserialize config file with contents: %s, failing.", yamlFile))
 			return err
 		}
+
+		if gateClient.Config.Auth.DisabeSystemEnvironment {
+			return nil
+		}
+
+		err = yaml.UnmarshalStrict([]byte(os.ExpandEnv(string(yamlFile))), &gateClient.Config)
+		if err != nil {
+			gateClient.ui.Error(fmt.Sprintf("Could not deserialize config file with contents: %s, failing.", yamlFile))
+			return err
+		}
 	} else {
 		gateClient.Config = config.Config{}
 	}
diff --git a/config/auth/authconfig.go b/config/auth/authconfig.go
index ea2abfe1..16a84a5b 100644
--- a/config/auth/authconfig.go
+++ b/config/auth/authconfig.go
@@ -25,14 +25,15 @@ import (
 
 // Config is the CLI's authentication configuration.
 type Config struct {
-	Enabled          bool           `json:"enabled" yaml:"enabled"`
-	IgnoreRedirects  bool           `json:"ignoreRedirects" yaml:"ignoreRedirects"`
-	IgnoreCertErrors bool           `json:"ignoreCertErrors" yaml:"ignoreCertErrors"`
-	X509             *x509.Config   `json:"x509,omitempty" yaml:"x509,omitempty"`
-	OAuth2           *oauth2.Config `json:"oauth2,omitempty" yaml:"oauth2,omitempty"`
-	Basic            *basic.Config  `json:"basic,omitempty" yaml:"basic,omitempty"`
-	Iap              *config.Config `json:"iap,omitempty" yaml:"iap,omitempty"`
-	Ldap             *ldap.Config   `json:"ldap,omitempty" yaml:"ldap,omitempty"`
+	Enabled                 bool           `json:"enabled" yaml:"enabled"`
+	DisabeSystemEnvironment bool           `json:"disabeSystemEnvironment" yaml:"DisabeSystemEnvironment"`
+	IgnoreRedirects         bool           `json:"ignoreRedirects" yaml:"ignoreRedirects"`
+	IgnoreCertErrors        bool           `json:"ignoreCertErrors" yaml:"ignoreCertErrors"`
+	X509                    *x509.Config   `json:"x509,omitempty" yaml:"x509,omitempty"`
+	OAuth2                  *oauth2.Config `json:"oauth2,omitempty" yaml:"oauth2,omitempty"`
+	Basic                   *basic.Config  `json:"basic,omitempty" yaml:"basic,omitempty"`
+	Iap                     *config.Config `json:"iap,omitempty" yaml:"iap,omitempty"`
+	Ldap                    *ldap.Config   `json:"ldap,omitempty" yaml:"ldap,omitempty"`
 
 	GoogleServiceAccount *gsa.Config `json:"google_service_account,omitempty" yaml:"google_service_account,omitempty"`
 }
diff --git a/config/example.yaml b/config/example.yaml
index fabf9f10..4262563a 100644
--- a/config/example.yaml
+++ b/config/example.yaml
@@ -4,6 +4,8 @@ gate:
   endpoint: https://my-spinnaker-gate:8084
   retryTimeout: 300
 auth:
+  # If your user or password contains "$" character, you need to escape it with this flag:
+  disabeSystemEnvironment: true
   enabled: true
   x509:
     # See https://www.spinnaker.io/setup/security/ssl/ and