This repository has been archived by the owner on Jun 10, 2020. It is now read-only.
/
helpers.go
151 lines (123 loc) · 3.39 KB
/
helpers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
package main
import (
"encoding/json"
"fmt"
"io/ioutil"
"log"
b64 "encoding/base64"
"github.com/AckeeDevOps/vaultier/client"
"github.com/AckeeDevOps/vaultier/config"
yaml "gopkg.in/yaml.v2"
)
type helmManifestFotmat struct {
Secrets map[string]string `json:"secrets"`
}
// merge multiple results into single map
func mergeResults(maps []map[string]interface{}) map[string]interface{} {
result := map[string]interface{}{}
for _, m := range maps {
for k, v := range m {
result[k] = v
}
}
return result
}
// get configuration from the specs file based on PLUGIN_RUN_CAUSE
func getSelection(s Specs, c *config.PluginConfig) []SecretPathEntry {
var specsSelection []SecretPathEntry
// get the specified environment
for _, e := range s.Environments {
if e.Name == c.Environment {
specsSelection = e.Secrets
break
}
}
if cap(specsSelection) == 0 {
log.Fatal(fmt.Sprintf("configuration for %s is empty", c.Environment))
}
return specsSelection
}
// parse provided configuraton
func getConfig() *config.PluginConfig {
cfg := config.Create()
err := cfg.Validate()
if err != nil {
log.Fatal(err)
}
return cfg
}
// read specs file
func getSpecs(c *config.PluginConfig) Specs {
log.Printf("getting secrets configuration from %s", c.SpecsPath)
// open specs file
specsFile, e := ioutil.ReadFile(c.SpecsPath)
if e != nil {
log.Fatal(fmt.Sprintf("Error loading specs file:\n%s", e))
}
// parse YAML
var specs Specs
e = yaml.Unmarshal(specsFile, &specs)
if e != nil {
log.Fatal(fmt.Sprintf("Error parsing specs:\n%s", e))
}
return specs
}
// generate secrets manifest in the requested format
func generateManifest(c *config.PluginConfig, s map[string]interface{}) []byte {
var finalObj interface{}
if c.OutputFormat == "helm" {
// convert the whole document to JSON first
res, err := json.Marshal(s)
if err != nil {
log.Fatal("could not marshal intermediate config to JSON")
}
// add the whole configuration as en extra key
s["cfg.json"] = string(res)
// create final Helm values mapping
finalObj = helmManifestFotmat{
Secrets: convertToB64String(s),
}
} else if c.OutputFormat == "dotenv" {
finalObj = s
} else {
log.Fatalf("unknown output format %s", c.OutputFormat)
}
finalJSON, err := json.Marshal(finalObj)
if err != nil {
log.Fatal("failed to marshal final results")
}
return finalJSON
}
// go through specs and call vault client
func collectSecrets(
secrets []SecretPathEntry,
vaultAddr string,
vaultToken string,
insecure bool) map[string]interface{} {
c := client.New(vaultAddr, vaultToken, insecure)
results := []map[string]interface{}{}
for _, secret := range secrets {
res, err := c.Get(secret.Path, secret.KeyMap, client.VaultFetcher{})
log.Printf("Getting secrets from %s", secret.Path)
if err != nil {
log.Fatal(fmt.Sprintf("error getting secrets:\n%s", err))
}
results = append(results, res)
}
return mergeResults(results)
}
// write results to the file
func writeFile(c *config.PluginConfig, s []byte) {
err := ioutil.WriteFile(c.OutputPath, s, 0644)
if err != nil {
log.Fatalf("could not create output file %s", c.OutputPath)
}
log.Printf("data successfully written to %s", c.OutputPath)
}
func convertToB64String(input map[string]interface{}) map[string]string {
output := map[string]string{}
for k, v := range input {
output[k] = b64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%v", v)))
}
return output
}