Do not disable echo when stdin is not a terminal

When reading values like access keys or secrets from the terminal, we
would use the `terminal.ReadPassword` function to ensure characters
the user typed were not echo'd back to the console, as a convience.

When standard input was not connected to a tty (which would happen in
some cases like in docker when -t was not passed or in CI), this would
fail with an error about an bad ioctl. Update our logic such that
when standard in is not connected to a terminal, we just read input
normally.

While I was in the area, I unified the code for Windows and *NIX for
these functions.

Fixes #2017

CHANGELOG.md

@@ -4,6 +4,7 @@
 
 - Configuration and stack commands now take a `--config-file` options. This option allows the user to override the file used to fetch and store config information for a stack during the execution of a command.
 
+- Fix an error about a bad icotl when trying to read sensitive input from the console and standard in was not connected to a terminal.
 
 ## 0.16.6 (Released November 28th, 2018)
 

Gopkg.lock

@@ -63,12 +63,6 @@
   revision = "e6c5e190452424b404ecdb81d6e3991d46b18e9d"
   version = "v1.12.26"
 
-[[projects]]
-  name = "github.com/bgentry/speakeasy"
-  packages = ["."]
-  revision = "4aabc24848ce5fd31929f7d1e4ea74d3709c14cd"
-  version = "v0.1.0"
-
 [[projects]]
   name = "github.com/blang/semver"
   packages = ["."]
@@ -593,6 +587,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "eaeb2282f35a265330a240be239886c91ab253b40dc2cf92469c7cbe29c78f9d"
+  inputs-digest = "6767608d8cb6e96b1a0e0dbb5a2ad5b7e3cd07d6d9a5bcfe32c68b10358db62c"
   solver-name = "gps-cdcl"
   solver-version = 1

pkg/util/cmdutil/console_password.go

@@ -11,24 +11,31 @@
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
-// +build !windows
 
 package cmdutil
 
 import (
 	"fmt"
-	"syscall"
+	"os"
 
 	"golang.org/x/crypto/ssh/terminal"
 )
 
 // ReadConsoleNoEcho reads from the console without echoing.  This is useful for reading passwords.
 func ReadConsoleNoEcho(prompt string) (string, error) {
+	// If standard input is not a terminal, we must not use ReadPassword as it will fail with an ioctl
+	// error when it tries to disable local echo.
+	//
+	// In this case, just read normally
+	if !terminal.IsTerminal(int(os.Stdin.Fd())) {
+		return ReadConsole(prompt)
+	}
+
 	if prompt != "" {
 		fmt.Print(prompt + ": ")
 	}
 
-	b, err := terminal.ReadPassword(syscall.Stdin)
+	b, err := terminal.ReadPassword(int(os.Stdin.Fd()))
 
 	fmt.Println() // echo a newline, since the user's keypress did not generate one
 

pkg/util/cmdutil/console_password_windows.go

@@ -1,35 +0,0 @@
-// Copyright 2016-2018, Pulumi Corporation.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-// +build windows
-
-package cmdutil
-
-import (
-	"fmt"
-
-	"github.com/bgentry/speakeasy"
-)
-
-// ReadConsoleNoEcho reads from the console without echoing.  This is useful for reading passwords.
-func ReadConsoleNoEcho(prompt string) (string, error) {
-	if prompt != "" {
-		fmt.Print(prompt + ": ")
-	}
-
-	s, err := speakeasy.Ask("")
-
-	fmt.Println() // echo a newline, since the user's keypress did not generate one
-
-	return s, err
-}