Merge pull request #27 from fpco/write-file-command

Write file command
fpco · Mar 13, 2022 · 96ee659 · 96ee659
2 parents 2c2c2ec + a4842de
commit 96ee659
Show file tree

Hide file tree

Showing 8 changed files with 41 additions and 11 deletions.
diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml
@@ -21,7 +21,7 @@ jobs:
         - windows-latest
 
         toolchain:
-        - 1.54.0
+        - 1.59.0
         - stable
         - nightly
 
@@ -52,13 +52,13 @@ jobs:
     - uses: actions/checkout@v2
     - uses: actions-rs/toolchain@v1
       with:
-        toolchain: 1.54.0
+        toolchain: 1.59.0
         target: x86_64-unknown-linux-musl
         profile: minimal
         override: true
     - uses: Swatinem/rust-cache@v1
       with:
-        key: ${{ runner.os }}-${{ hashFiles('Cargo.lock') }}-1.54.0-binary
+        key: ${{ runner.os }}-${{ hashFiles('Cargo.lock') }}-1.59.0-binary
     - name: Install musl tools
       run: sudo apt-get install -y musl-tools
     - name: Build
@@ -81,12 +81,12 @@ jobs:
     - uses: actions/checkout@v2
     - uses: actions-rs/toolchain@v1
       with:
-        toolchain: 1.54.0
+        toolchain: 1.59.0
         profile: minimal
         override: true
     - uses: Swatinem/rust-cache@v1
       with:
-        key: ${{ runner.os }}-${{ hashFiles('Cargo.lock') }}-1.54.0-binary
+        key: ${{ runner.os }}-${{ hashFiles('Cargo.lock') }}-1.59.0-binary
     - name: Build
       run: cargo build --release
     - name: Rename
@@ -105,12 +105,12 @@ jobs:
     - uses: actions/checkout@v2
     - uses: actions-rs/toolchain@v1
       with:
-        toolchain: 1.54.0
+        toolchain: 1.59.0
         profile: minimal
         override: true
     - uses: Swatinem/rust-cache@v1
       with:
-        key: ${{ runner.os }}-${{ hashFiles('Cargo.lock') }}-1.54.0-binary
+        key: ${{ runner.os }}-${{ hashFiles('Cargo.lock') }}-1.59.0-binary
     - name: Build
       run: cargo build --release
     - name: Rename

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Change log for Amber
 
+## 0.1.3 (2022-03-13)
+
+* Add the `write-file` command
+
 ## 0.1.2 (2022-01-18)
 
 * Allow `encrypt` subcommand to take secret value from `stdin` [#15](https://github.com/fpco/amber/issues/15)

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "amber"
-version = "0.1.2"
+version = "0.1.3"
 authors = ["Michael Snoyman <michael@snoyman.com>"]
 edition = "2018"
 description = "Manage secret values in-repo via public key cryptography"

diff --git a/rust-toolchain.toml b/rust-toolchain.toml
@@ -1,2 +1,2 @@
 [toolchain]
-channel = "1.54.0"
+channel = "1.59.0"
diff --git a/src/cli.rs b/src/cli.rs
@@ -53,6 +53,15 @@ pub enum SubCommand {
         /// Command line arguments to pass to the command
         args: Vec<String>,
     },
+    /// Write the contents of a secret to the given file.
+    WriteFile {
+        /// The key for the secret
+        #[clap(long)]
+        key: String,
+        /// File path to write to
+        #[clap(long)]
+        dest: PathBuf,
+    },
 }
 
 #[derive(Parser, Debug)]

diff --git a/src/config.rs b/src/config.rs
@@ -203,6 +203,14 @@ impl Config {
                 .map(|plain| (key, plain))
         })
     }
+
+    /// Look up a specific secret value
+    pub(crate) fn get_secret(&self, key: &str, secret_key: &SecretKey) -> Result<String> {
+        self.secrets
+            .get(key)
+            .with_context(|| format!("Key does not exist: {}", key))
+            .and_then(|secret| secret.decrypt(&self.public_key, secret_key, key))
+    }
 }
 
 impl Secret {

diff --git a/src/main.rs b/src/main.rs
@@ -3,7 +3,7 @@ mod config;
 mod exec;
 mod mask;
 
-use std::io::Read;
+use std::{io::Read, path::Path};
 
 use anyhow::*;
 use exec::CommandExecExt;
@@ -38,6 +38,7 @@ fn main() -> Result<()> {
         cli::SubCommand::Remove { key } => remove(cmd.opt, key),
         cli::SubCommand::Print { style } => print(cmd.opt, style),
         cli::SubCommand::Exec { cmd: cmd_, args } => exec(cmd.opt, cmd_, args),
+        cli::SubCommand::WriteFile { key, dest } => write_file(cmd.opt, &key, &dest),
     }
 }
 
@@ -169,3 +170,11 @@ fn exec(mut opt: cli::Opt, cmd: String, args: Vec<String>) -> Result<()> {
 
     Ok(())
 }
+
+fn write_file(mut opt: cli::Opt, key: &str, dest: &Path) -> Result<()> {
+    let config = config::Config::load(opt.find_amber_yaml()?)?;
+    let secret_key = config.load_secret_key()?;
+    let value = config.get_secret(key, &secret_key)?;
+    std::fs::write(dest, value)
+        .with_context(|| format!("Unable to write to file {}", dest.display()))
+}