/
write.go
109 lines (90 loc) · 2.84 KB
/
write.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
package sub
import (
"context"
"fmt"
"strings"
"github.com/gopasspw/gopass/pkg/ctxutil"
"github.com/gopasspw/gopass/pkg/out"
"github.com/gopasspw/gopass/pkg/store"
"github.com/pkg/errors"
)
// Set encodes and writes the cipertext of one entry to disk
func (s *Store) Set(ctx context.Context, name string, sec store.Secret) error {
if strings.Contains(name, "//") {
return errors.Errorf("invalid secret name: %s", name)
}
p := s.passfile(name)
if s.IsDir(ctx, name) && !ctxutil.IsForce(ctx) {
return errors.Errorf("a folder named %s already exists", name)
}
recipients, err := s.useableKeys(ctx, name)
if err != nil {
return errors.Wrapf(err, "failed to list useable keys for '%s'", p)
}
// confirm recipients
newRecipients, err := GetRecipientFunc(ctx)(ctx, name, recipients)
if err != nil {
return errors.Wrapf(err, "user aborted")
}
recipients = newRecipients
// make sure the encryptor can decrypt later
recipients = s.ensureOurKeyID(ctx, recipients)
buf, err := sec.Bytes()
if err != nil {
return errors.Wrapf(err, "failed to encode secret")
}
ciphertext, err := s.crypto.Encrypt(ctx, buf, recipients)
if err != nil {
out.Debug(ctx, "Failed encrypt secret: %s", err)
return store.ErrEncrypt
}
if err := s.storage.Set(ctx, p, ciphertext); err != nil {
return errors.Wrapf(err, "failed to write secret")
}
// It is not possible to perform concurrent git add and git commit commands
// so we need to skip this step when using concurrency and perform them
// at the end of the batch processing.
if ctxutil.HasConcurrency(ctx) {
out.Debug(ctx, "sub.Set(%s) - skipping git ops due to concurrency", p)
return nil
}
if err := s.rcs.Add(ctx, p); err != nil {
if errors.Cause(err) == store.ErrGitNotInit {
return nil
}
return errors.Wrapf(err, "failed to add '%s' to git", p)
}
if !ctxutil.IsGitCommit(ctx) {
return nil
}
return s.gitCommitAndPush(ctx, name)
}
func (s *Store) gitCommitAndPush(ctx context.Context, name string) error {
if err := s.rcs.Commit(ctx, fmt.Sprintf("Save secret to %s: %s", name, GetReason(ctx))); err != nil {
if errors.Cause(err) == store.ErrGitNotInit {
return nil
}
return errors.Wrapf(err, "failed to commit changes to git")
}
// abort if autosync is not set
if !IsAutoSync(ctx) {
return nil
}
if err := s.rcs.Push(ctx, "", ""); err != nil {
if errors.Cause(err) == store.ErrGitNotInit {
msg := "Warning: git is not initialized for this.storage. Ignoring auto-push option\n" +
"Run: gopass git init"
out.Error(ctx, msg)
return nil
}
if errors.Cause(err) == store.ErrGitNoRemote {
msg := "Warning: git has no remote. Ignoring auto-push option\n" +
"Run: gopass git remote add origin ..."
out.Yellow(ctx, msg)
return nil
}
return errors.Wrapf(err, "failed to push to git remote")
}
out.Green(ctx, "Pushed changes to git remote")
return nil
}