forked from getsops/sops
/
store.go
207 lines (191 loc) · 5.67 KB
/
store.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
package yaml //import "go.mozilla.org/sops/v3/stores/yaml"
import (
"fmt"
"github.com/mozilla-services/yaml"
"go.mozilla.org/sops/v3"
"go.mozilla.org/sops/v3/stores"
)
// Store handles storage of YAML data
type Store struct {
}
func (store Store) mapSliceToTreeBranch(in yaml.MapSlice) sops.TreeBranch {
branch := make(sops.TreeBranch, 0)
for _, item := range in {
if comment, ok := item.Key.(yaml.Comment); ok {
// Convert the yaml comment to a generic sops comment
branch = append(branch, sops.TreeItem{
Key: sops.Comment{
Value: comment.Value,
},
Value: nil,
})
} else {
branch = append(branch, sops.TreeItem{
Key: item.Key,
Value: store.yamlValueToTreeValue(item.Value),
})
}
}
return branch
}
func (store Store) yamlValueToTreeValue(in interface{}) interface{} {
switch in := in.(type) {
case map[interface{}]interface{}:
return store.yamlMapToTreeBranch(in)
case yaml.MapSlice:
return store.mapSliceToTreeBranch(in)
case []interface{}:
return store.yamlSliceToTreeValue(in)
case yaml.Comment:
return sops.Comment{Value: in.Value}
default:
return in
}
}
func (store *Store) yamlSliceToTreeValue(in []interface{}) []interface{} {
for i, v := range in {
in[i] = store.yamlValueToTreeValue(v)
}
return in
}
func (store *Store) yamlMapToTreeBranch(in map[interface{}]interface{}) sops.TreeBranch {
branch := make(sops.TreeBranch, 0)
for k, v := range in {
branch = append(branch, sops.TreeItem{
Key: k.(string),
Value: store.yamlValueToTreeValue(v),
})
}
return branch
}
func (store Store) treeValueToYamlValue(in interface{}) interface{} {
switch in := in.(type) {
case sops.TreeBranch:
return store.treeBranchToYamlMap(in)
case sops.Comment:
return yaml.Comment{in.Value}
case []interface{}:
var out []interface{}
for _, v := range in {
out = append(out, store.treeValueToYamlValue(v))
}
return out
default:
return in
}
}
func (store Store) treeBranchToYamlMap(in sops.TreeBranch) yaml.MapSlice {
branch := make(yaml.MapSlice, 0)
for _, item := range in {
if comment, ok := item.Key.(sops.Comment); ok {
branch = append(branch, yaml.MapItem{
Key: store.treeValueToYamlValue(comment),
Value: nil,
})
} else {
branch = append(branch, yaml.MapItem{
Key: item.Key,
Value: store.treeValueToYamlValue(item.Value),
})
}
}
return branch
}
// LoadEncryptedFile loads the contents of an encrypted yaml file onto a
// sops.Tree runtime object
func (store *Store) LoadEncryptedFile(in []byte) (sops.Tree, error) {
var data []yaml.MapSlice
if err := (yaml.CommentUnmarshaler{}).UnmarshalDocuments(in, &data); err != nil {
return sops.Tree{}, fmt.Errorf("Error unmarshaling input YAML: %s", err)
}
// Because we don't know what fields the input file will have, we have to
// load the file in two steps.
// First, we load the file's metadata, the structure of which is known.
metadataHolder := stores.SopsFile{}
err := yaml.Unmarshal(in, &metadataHolder)
if err != nil {
return sops.Tree{}, fmt.Errorf("Error unmarshalling input yaml: %s", err)
}
if metadataHolder.Metadata == nil {
return sops.Tree{}, sops.MetadataNotFound
}
metadata, err := metadataHolder.Metadata.ToInternal()
if err != nil {
return sops.Tree{}, err
}
var branches sops.TreeBranches
for _, doc := range data {
for i, item := range doc {
if item.Key == "sops" { // Erase
doc = append(doc[:i], doc[i+1:]...)
}
}
branches = append(branches, store.mapSliceToTreeBranch(doc))
}
return sops.Tree{
Branches: branches,
Metadata: metadata,
}, nil
}
// LoadPlainFile loads the contents of a plaintext yaml file onto a
// sops.Tree runtime obejct
func (store *Store) LoadPlainFile(in []byte) (sops.TreeBranches, error) {
var data []yaml.MapSlice
if err := (yaml.CommentUnmarshaler{}).UnmarshalDocuments(in, &data); err != nil {
return nil, fmt.Errorf("Error unmarshaling input YAML: %s", err)
}
var branches sops.TreeBranches
for _, doc := range data {
branches = append(branches, store.mapSliceToTreeBranch(doc))
}
return branches, nil
}
// EmitEncryptedFile returns the encrypted bytes of the yaml file corresponding to a
// sops.Tree runtime object
func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) {
out := []byte{}
for i, branch := range in.Branches {
if i > 0 {
out = append(out, "---\n"...)
}
yamlMap := store.treeBranchToYamlMap(branch)
yamlMap = append(yamlMap, yaml.MapItem{Key: "sops", Value: stores.MetadataFromInternal(in.Metadata)})
tout, err := (&yaml.YAMLMarshaler{Indent: 4}).Marshal(yamlMap)
if err != nil {
return nil, fmt.Errorf("Error marshaling to yaml: %s", err)
}
out = append(out, tout...)
}
return out, nil
}
// EmitPlainFile returns the plaintext bytes of the yaml file corresponding to a
// sops.TreeBranches runtime object
func (store *Store) EmitPlainFile(branches sops.TreeBranches) ([]byte, error) {
var out []byte
for i, branch := range branches {
if i > 0 {
out = append(out, "---\n"...)
}
yamlMap := store.treeBranchToYamlMap(branch)
tmpout, err := (&yaml.YAMLMarshaler{Indent: 4}).Marshal(yamlMap)
if err != nil {
return nil, fmt.Errorf("Error marshaling to yaml: %s", err)
}
out = append(out[:], tmpout[:]...)
}
return out, nil
}
// EmitValue returns bytes corresponding to a single encoded value
// in a generic interface{} object
func (store *Store) EmitValue(v interface{}) ([]byte, error) {
v = store.treeValueToYamlValue(v)
return (&yaml.YAMLMarshaler{Indent: 4}).Marshal(v)
}
// EmitExample returns the bytes corresponding to an example complex tree
func (store *Store) EmitExample() []byte {
bytes, err := store.EmitPlainFile(stores.ExampleComplexTree.Branches)
if err != nil {
panic(err)
}
return bytes
}