forked from vmware-archive/atc
-
Notifications
You must be signed in to change notification settings - Fork 0
/
credhub.go
101 lines (78 loc) · 2.16 KB
/
credhub.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
package credhub
import (
"path"
"code.cloudfoundry.org/lager"
"github.com/cloudfoundry-incubator/credhub-cli/credhub"
"github.com/cloudfoundry-incubator/credhub-cli/credhub/credentials"
"github.com/cloudfoundry/bosh-cli/director/template"
)
type CredHubAtc struct {
CredHub lazyCredhub
logger lager.Logger
PathPrefix string
TeamName string
PipelineName string
}
func (c CredHubAtc) Get(varDef template.VariableDefinition) (interface{}, bool, error) {
var cred credentials.Credential
var found bool
var err error
if c.PipelineName != "" {
path := c.path(c.TeamName, c.PipelineName, varDef.Name)
cred, found, err = c.findCred(path)
if err != nil {
c.logger.Error("could not find cred", err)
return nil, false, err
}
}
if !found {
cred, found, err = c.findCred(c.path(c.TeamName, varDef.Name))
if err != nil {
c.logger.Error("could not find cred", err)
return nil, false, err
}
}
if !found {
return nil, false, nil
}
var result interface{} = cred.Value
if standardMap, ok := cred.Value.(map[string]interface{}); ok {
// TODO - we should do this recursively since the cpp4life go-path library
// does not support map[string]interface{} types when looking for
// nested values
evenLessTyped := map[interface{}]interface{}{}
for k, v := range standardMap {
evenLessTyped[k] = v
}
result = evenLessTyped
}
return result, true, nil
}
func (c CredHubAtc) findCred(path string) (credentials.Credential, bool, error) {
var cred credentials.Credential
var err error
ch, err := c.CredHub.CredHub()
if err != nil {
return cred, false, err
}
_, err = ch.FindByPath(path)
if err != nil {
return cred, false, err
}
cred, err = ch.GetLatestVersion(path)
if _, ok := err.(*credhub.Error); ok {
return cred, false, nil
}
if err != nil {
return cred, false, err
}
return cred, true, nil
}
func (c CredHubAtc) path(segments ...string) string {
return path.Join(append([]string{c.PathPrefix}, segments...)...)
}
func (c CredHubAtc) List() ([]template.VariableDefinition, error) {
// not implemented, see vault implementation
return []template.VariableDefinition{}, nil
}
var _ template.Variables = new(CredHubAtc)