add save and flush after set

This commit is contained in:
Roberto Hidalgo 2022-12-13 23:41:03 -06:00
parent cfc2cdcc22
commit 0fd31e8cd8
14 changed files with 281 additions and 127 deletions

View File

@ -13,12 +13,16 @@
package cmd package cmd
import ( import (
"fmt"
"io/fs"
"os" "os"
"strings" "strings"
"git.rob.mx/nidito/joao/internal/command" "git.rob.mx/nidito/joao/internal/command"
opclient "git.rob.mx/nidito/joao/internal/op-client"
"git.rob.mx/nidito/joao/internal/registry" "git.rob.mx/nidito/joao/internal/registry"
"git.rob.mx/nidito/joao/pkg/config" "git.rob.mx/nidito/joao/pkg/config"
"github.com/sirupsen/logrus"
) )
func init() { func init() {
@ -70,6 +74,10 @@ Will read from stdin (or ﹅--from﹅ a file) and store it at the ﹅PATH
Description: "Treat input as JSON-encoded", Description: "Treat input as JSON-encoded",
Type: "bool", Type: "bool",
}, },
"flush": {
Description: "Save to 1Password after saving to file",
Type: "bool",
},
}, },
Action: func(cmd *command.Command) error { Action: func(cmd *command.Command) error {
path := cmd.Arguments[0].ToValue().(string) path := cmd.Arguments[0].ToValue().(string)
@ -80,6 +88,7 @@ Will read from stdin (or ﹅--from﹅ a file) and store it at the ﹅PATH
secret := cmd.Options["secret"].ToValue().(bool) secret := cmd.Options["secret"].ToValue().(bool)
input := cmd.Options["input"].ToValue().(string) input := cmd.Options["input"].ToValue().(string)
parseJSON := cmd.Options["json"].ToValue().(bool) parseJSON := cmd.Options["json"].ToValue().(bool)
flush := cmd.Options["flush"].ToValue().(bool)
cfg, err = config.Load(path, false) cfg, err = config.Load(path, false)
if err != nil { if err != nil {
@ -103,7 +112,23 @@ Will read from stdin (or ﹅--from﹅ a file) and store it at the ﹅PATH
return err return err
} }
_, err = cmd.Cobra.OutOrStdout().Write(b) var mode fs.FileMode = 644
// var mode uint32 =
if info, err := os.Stat(path); err == nil {
mode = info.Mode().Perm()
}
if err := os.WriteFile(path, b, mode); err != nil {
return fmt.Errorf("could not save changes to %s: %w", path, err)
}
if flush {
if err := opclient.Update(cfg.Vault, cfg.Name, cfg.ToOP()); err != nil {
return fmt.Errorf("could not flush to 1password: %w", err)
}
}
logrus.Info("Done")
return err return err
}, },
}).SetBindings() }).SetBindings()

1
go.mod
View File

@ -4,6 +4,7 @@ go 1.18
require ( require (
github.com/1Password/connect-sdk-go v1.5.0 github.com/1Password/connect-sdk-go v1.5.0
github.com/alessio/shellescape v1.4.1
github.com/charmbracelet/glamour v0.6.0 github.com/charmbracelet/glamour v0.6.0
github.com/fatih/color v1.13.0 github.com/fatih/color v1.13.0
github.com/go-playground/validator/v10 v10.11.1 github.com/go-playground/validator/v10 v10.11.1

2
go.sum
View File

@ -7,6 +7,8 @@ github.com/HdrHistogram/hdrhistogram-go v1.1.2/go.mod h1:yDgFjdqOqDEKOvasDdhWNXY
github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw= github.com/ajstarks/svgo v0.0.0-20180226025133-644b8db467af/go.mod h1:K08gAheRH3/J6wwsYMMT4xOr94bZjxIelGM0+d/wbFw=
github.com/alecthomas/chroma v0.10.0 h1:7XDcGkCQopCNKjZHfYrNLraA+M7e0fMiJ/Mfikbfjek= github.com/alecthomas/chroma v0.10.0 h1:7XDcGkCQopCNKjZHfYrNLraA+M7e0fMiJ/Mfikbfjek=
github.com/alecthomas/chroma v0.10.0/go.mod h1:jtJATyUxlIORhUOFNA9NZDWGAQ8wpxQQqNSB4rjA/1s= github.com/alecthomas/chroma v0.10.0/go.mod h1:jtJATyUxlIORhUOFNA9NZDWGAQ8wpxQQqNSB4rjA/1s=
github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0=
github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30=
github.com/aymanbagabas/go-osc52 v1.0.3 h1:DTwqENW7X9arYimJrPeGZcV0ln14sGMt3pHZspWD+Mg= github.com/aymanbagabas/go-osc52 v1.0.3 h1:DTwqENW7X9arYimJrPeGZcV0ln14sGMt3pHZspWD+Mg=
github.com/aymanbagabas/go-osc52 v1.0.3/go.mod h1:zT8H+Rk4VSabYN90pWyugflM3ZhpTZNC7cASDfUCdT4= github.com/aymanbagabas/go-osc52 v1.0.3/go.mod h1:zT8H+Rk4VSabYN90pWyugflM3ZhpTZNC7cASDfUCdT4=
github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk= github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuPk=

View File

@ -173,9 +173,6 @@ func (arg *Argument) IsKnown() bool {
func (arg *Argument) ToString() string { func (arg *Argument) ToString() string {
val := arg.ToValue() val := arg.ToValue()
if val == nil {
return ""
}
if arg.Variadic { if arg.Variadic {
val := val.([]string) val := val.([]string)

View File

@ -21,8 +21,8 @@ import (
"github.com/spf13/pflag" "github.com/spf13/pflag"
) )
type CommandHelpFunc func(printLinks bool) string type HelpFunc func(printLinks bool) string
type CommandAction func(cmd *Command) error type Action func(cmd *Command) error
type Command struct { type Command struct {
Path []string Path []string
@ -34,9 +34,9 @@ type Command struct {
Arguments Arguments `json:"arguments" yaml:"arguments" validate:"dive"` Arguments Arguments `json:"arguments" yaml:"arguments" validate:"dive"`
// A map of option names to option definitions // A map of option names to option definitions
Options Options `json:"options" yaml:"options" validate:"dive"` Options Options `json:"options" yaml:"options" validate:"dive"`
HelpFunc CommandHelpFunc `json:"-" yaml:"-"` HelpFunc HelpFunc `json:"-" yaml:"-"`
// The action to take upon running // The action to take upon running
Action CommandAction Action Action
runtimeFlags *pflag.FlagSet runtimeFlags *pflag.FlagSet
Cobra *cobra.Command Cobra *cobra.Command
} }

View File

@ -157,7 +157,6 @@ func (vs *ValueSource) Resolve(currentValue string) (values []string, flag cobra
values = strings.Split(stdout.String(), "\n") values = strings.Split(stdout.String(), "\n")
flag = cobra.ShellCompDirectiveDefault flag = cobra.ShellCompDirectiveDefault
err = nil
case vs.Script != "": case vs.Script != "":
if vs.command == nil { if vs.command == nil {
return nil, cobra.ShellCompDirectiveError, fmt.Errorf("bug: command is nil") return nil, cobra.ShellCompDirectiveError, fmt.Errorf("bug: command is nil")
@ -178,7 +177,7 @@ func (vs *ValueSource) Resolve(currentValue string) (values []string, flag cobra
vs.computed = &values vs.computed = &values
if vs.SuggestRaw { if vs.SuggestRaw {
flag = flag | cobra.ShellCompDirectiveNoSpace flag |= cobra.ShellCompDirectiveNoSpace
} }
vs.flag = flag vs.flag = flag

View File

@ -10,7 +10,7 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
package opClient package opclient
import ( import (
"bytes" "bytes"
@ -18,14 +18,21 @@ import (
"fmt" "fmt"
"os" "os"
"os/exec" "os/exec"
"strings"
op "github.com/1Password/connect-sdk-go/onepassword" op "github.com/1Password/connect-sdk-go/onepassword"
"github.com/alessio/shellescape"
"github.com/sirupsen/logrus"
) )
type CLI struct{} type CLI struct{}
func (b *CLI) Get(vault, name string) (*op.Item, error) { func invoke(vault string, args ...string) (bytes.Buffer, error) {
cmd := exec.Command("op", "item", "--format", "json", "--vault", vault, "get", name) if vault != "" {
args = append([]string{"--vault", shellescape.Quote(vault)}, args...)
}
logrus.Debugf("invoking op with args: %s", args)
cmd := exec.Command("op", args...)
cmd.Env = os.Environ() cmd.Env = os.Environ()
var stdout bytes.Buffer var stdout bytes.Buffer
@ -33,10 +40,19 @@ func (b *CLI) Get(vault, name string) (*op.Item, error) {
var stderr bytes.Buffer var stderr bytes.Buffer
cmd.Stderr = &stderr cmd.Stderr = &stderr
if err := cmd.Run(); err != nil { if err := cmd.Run(); err != nil {
return nil, err return stderr, err
} }
if cmd.ProcessState.ExitCode() > 0 { if cmd.ProcessState.ExitCode() > 0 {
return nil, fmt.Errorf("op exited with %d: %s", cmd.ProcessState.ExitCode(), stderr.Bytes()) return stderr, fmt.Errorf("op exited with %d: %s", cmd.ProcessState.ExitCode(), stderr.Bytes())
}
return stdout, nil
}
func (b *CLI) Get(vault, name string) (*op.Item, error) {
stdout, err := invoke(vault, "item", "--format", "json", "get", name)
if err != nil {
return nil, err
} }
var item *op.Item var item *op.Item
@ -47,7 +63,96 @@ func (b *CLI) Get(vault, name string) (*op.Item, error) {
return item, nil return item, nil
} }
func (b *CLI) create(item *op.Item) error {
logrus.Infof("Creating new item: %s/%s", item.Vault.ID, item.Title)
cmd := exec.Command("op", "--vault", shellescape.Quote(item.Vault.ID), "item", "create")
itemJSON, err := json.Marshal(item)
if err != nil {
return fmt.Errorf("could not serialize op item into json: %w", err)
}
cmd.Stdin = bytes.NewBuffer(itemJSON)
cmd.Env = os.Environ()
var stdout bytes.Buffer
cmd.Stdout = &stdout
var stderr bytes.Buffer
cmd.Stderr = &stderr
if err := cmd.Run(); err != nil {
return fmt.Errorf("could not create item: %w", err)
}
if cmd.ProcessState.ExitCode() > 0 {
return fmt.Errorf("op exited with %d: %s", cmd.ProcessState.ExitCode(), stderr.Bytes())
}
logrus.Infof("Item %s/%s created", item.Vault.ID, item.Title)
return nil
}
type hashResult int
const (
HashItemError hashResult = iota
HashItemMissing
HashMatch
HashMismatch
)
func hashesMatch(item *op.Item) (hashResult, error) {
stdout, err := invoke(item.Vault.ID, "item", "get", "--fields", "label=password", item.Title)
if err != nil {
if strings.Contains(stdout.String(), fmt.Sprintf("\"%s\" isn't an item in the \"%s\" vault", item.Vault.ID, item.Title)) {
return HashItemMissing, nil
}
return HashItemError, err
}
res := HashMismatch
if strings.TrimSpace(stdout.String()) == item.GetValue("password") {
res = HashMatch
}
return res, nil
}
func (b *CLI) Update(vault, name string, item *op.Item) error { func (b *CLI) Update(vault, name string, item *op.Item) error {
status, err := hashesMatch(item)
if err != nil {
return err
}
switch status {
case HashItemMissing:
return b.create(item)
case HashMatch:
logrus.Warn("item is already up to date")
return nil
case HashMismatch:
logrus.Infof("Item %s/%s already exists, updating", item.Vault.ID, item.Title)
}
args := []string{"item", "edit", name, "--"}
for _, field := range item.Fields {
kind := strings.ToLower(field.Purpose)
if kind != "password" {
kind = "text"
}
name := strings.ReplaceAll(field.Label, ".", "\\.")
if field.Section != nil {
name = field.Section.ID + "." + name
}
key := fmt.Sprintf("%s[%s]", name, kind)
args = append(args, fmt.Sprintf("%s=%s", key, field.Value))
}
stdout, err := invoke(vault, args...)
if err != nil {
logrus.Errorf("op stderr: %s", stdout.String())
return err
}
logrus.Infof("Item %s/%s updated", item.Vault.ID, item.Title)
return nil return nil
} }

View File

@ -10,17 +10,14 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
package opClient package opclient
import ( import (
"fmt"
"github.com/1Password/connect-sdk-go/connect" "github.com/1Password/connect-sdk-go/connect"
op "github.com/1Password/connect-sdk-go/onepassword" op "github.com/1Password/connect-sdk-go/onepassword"
"github.com/sirupsen/logrus"
) )
// UUIDLength defines the required length of UUIDs // UUIDLength defines the required length of UUIDs.
const UUIDLength = 26 const UUIDLength = 26
// IsValidClientUUID returns true if the given client uuid is valid. // IsValidClientUUID returns true if the given client uuid is valid.
@ -50,30 +47,30 @@ func NewConnect(host, token string) *Connect {
return &Connect{client: client} return &Connect{client: client}
} }
func (b *Connect) getVaultId(vaultIdentifier string) (string, error) { // func (b *Connect) getVaultId(vaultIdentifier string) (string, error) {
if !IsValidClientUUID(vaultIdentifier) { // if !IsValidClientUUID(vaultIdentifier) {
vaults, err := b.client.GetVaultsByTitle(vaultIdentifier) // vaults, err := b.client.GetVaultsByTitle(vaultIdentifier)
if err != nil { // if err != nil {
return "", err // return "", err
} // }
if len(vaults) == 0 { // if len(vaults) == 0 {
return "", fmt.Errorf("No vaults found with identifier %q", vaultIdentifier) // return "", fmt.Errorf("no vaults found with identifier %q", vaultIdentifier)
} // }
oldestVault := vaults[0] // oldestVault := vaults[0]
if len(vaults) > 1 { // if len(vaults) > 1 {
for _, returnedVault := range vaults { // for _, returnedVault := range vaults {
if returnedVault.CreatedAt.Before(oldestVault.CreatedAt) { // if returnedVault.CreatedAt.Before(oldestVault.CreatedAt) {
oldestVault = returnedVault // oldestVault = returnedVault
} // }
} // }
logrus.Infof("%v 1Password vaults found with the title %q. Will use vault %q as it is the oldest.", len(vaults), vaultIdentifier, oldestVault.ID) // logrus.Infof("%v 1Password vaults found with the title %q. Will use vault %q as it is the oldest.", len(vaults), vaultIdentifier, oldestVault.ID)
} // }
vaultIdentifier = oldestVault.ID // vaultIdentifier = oldestVault.ID
} // }
return vaultIdentifier, nil // return vaultIdentifier, nil
} // }
func (b *Connect) Get(vault, name string) (*op.Item, error) { func (b *Connect) Get(vault, name string) (*op.Item, error) {
return b.client.GetItem(name, vault) return b.client.GetItem(name, vault)

View File

@ -10,7 +10,7 @@
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and // See the License for the specific language governing permissions and
// limitations under the License. // limitations under the License.
package opClient package opclient
import ( import (
op "github.com/1Password/connect-sdk-go/onepassword" op "github.com/1Password/connect-sdk-go/onepassword"

View File

@ -153,7 +153,7 @@ func Execute(version string) error {
container := ccRoot container := ccRoot
for idx, cp := range cmd.Path { for idx, cp := range cmd.Path {
if idx == len(cmd.Path)-1 { if idx == len(cmd.Path)-1 {
logrus.Debugf("adding command %s to %s", leaf.Name(), cmd.Path[0:idx]) // logrus.Debugf("adding command %s to %s", leaf.Name(), cmd.Path[0:idx])
container.AddCommand(leaf) container.AddCommand(leaf)
break break
} }

View File

@ -14,6 +14,7 @@ package config
import ( import (
"bytes" "bytes"
"crypto/md5"
"encoding/json" "encoding/json"
"fmt" "fmt"
"io/ioutil" "io/ioutil"
@ -25,6 +26,9 @@ import (
"gopkg.in/yaml.v3" "gopkg.in/yaml.v3"
) )
const YAMLTypeSecret string = "!!secret"
const YAMLTypeMetaConfig string = "!!joao"
type Config struct { type Config struct {
Vault string Vault string
Name string Name string
@ -55,6 +59,9 @@ var defaultItemFields = []*op.ItemField{
func (cfg *Config) ToMap() map[string]any { func (cfg *Config) ToMap() map[string]any {
ret := map[string]any{} ret := map[string]any{}
for _, child := range cfg.Tree.Content { for _, child := range cfg.Tree.Content {
if child.Name() == "" {
continue
}
ret[child.Name()] = child.AsMap() ret[child.Name()] = child.AsMap()
} }
return ret return ret
@ -64,22 +71,26 @@ func (cfg *Config) ToOP() *op.Item {
sections := []*op.ItemSection{annotationsSection} sections := []*op.ItemSection{annotationsSection}
fields := append([]*op.ItemField{}, defaultItemFields...) fields := append([]*op.ItemField{}, defaultItemFields...)
for _, leaf := range cfg.Tree.Content { newHash := md5.New()
if len(leaf.Content) == 0 { datafields := cfg.Tree.ToOP()
fields = append(fields, leaf.ToOP()...) for _, field := range datafields {
newHash.Write([]byte(field.ID + field.Value))
}
fields[0].Value = fmt.Sprintf("%x", newHash.Sum(nil))
fields = append(fields, datafields...)
for i := 0; i < len(cfg.Tree.Content); i += 2 {
value := cfg.Tree.Content[i+1]
if value.Type == YAMLTypeMetaConfig {
continue continue
} }
if leaf.Kind != yaml.SequenceNode { if value.Kind == yaml.MappingNode {
sections = append(sections, &op.ItemSection{ sections = append(sections, &op.ItemSection{
ID: leaf.Name(), ID: value.Name(),
Label: leaf.Name(), Label: value.Name(),
}) })
} }
for _, child := range leaf.Content {
fields = append(fields, child.ToOP()...)
}
} }
return &op.Item{ return &op.Item{
@ -95,61 +106,57 @@ type opDetails struct {
Vault string `yaml:"vault"` Vault string `yaml:"vault"`
Name string `yaml:"name"` Name string `yaml:"name"`
NameTemplate string `yaml:"nameTemplate"` NameTemplate string `yaml:"nameTemplate"`
Repo string
} }
type opConfig interface { // type opConfig interface {
Name() string // Name() string
Vault() string // Vault() string
} // }
type inFileConfig struct { // type inFileConfig struct {
*opDetails // *opDetails
*yaml.Node // *yaml.Node
} // }
type virtualConfig struct { // type virtualConfig struct {
*opDetails // *opDetails
} // }
func (ifc *inFileConfig) MarshalYAML() (any, error) { // func (ifc *inFileConfig) MarshalYAML() (any, error) {
return ifc.Node, nil // return ifc.Node, nil
} // }
func (vc *virtualConfig) MarshalYAML() (any, error) { // func (vc *virtualConfig) MarshalYAML() (any, error) {
return nil, nil // return nil, nil
} // }
func (ifc *inFileConfig) UnmarshalYAML(node *yaml.Node) error { // func (ifc *inFileConfig) UnmarshalYAML(node *yaml.Node) error {
ifc.Node = node // ifc.Node = node
d := &opDetails{} // d := &opDetails{}
if err := node.Decode(&d); err != nil { // if err := node.Decode(&d); err != nil {
return err // return err
} // }
ifc.opDetails = d // ifc.opDetails = d
return nil // return nil
} // }
func (ifc *inFileConfig) Name() string { // func (ifc *inFileConfig) Name() string {
return ifc.opDetails.Name // return ifc.opDetails.Name
} // }
func (ifc *inFileConfig) Vault() string { // func (ifc *inFileConfig) Vault() string {
return ifc.opDetails.Name // return ifc.opDetails.Name
} // }
type singleModeConfig struct { type singleModeConfig struct {
Config *opDetails `yaml:"_config,omitempty"` Config *opDetails `yaml:"_config,omitempty"`
} }
type repoModeConfig struct { // FromFile reads a path and returns a config.
Repo string func FromFile(path string) (*Config, error) {
Vault string `yaml:"vault"`
NameTemplate string `yaml:"nameTemplate"`
}
func ConfigFromFile(path string) (*Config, error) {
buf, err := ioutil.ReadFile(path) buf, err := ioutil.ReadFile(path)
if err != nil { if err != nil {
return nil, fmt.Errorf("could not read file %s", path) return nil, fmt.Errorf("could not read file %s", path)
@ -165,7 +172,7 @@ func ConfigFromFile(path string) (*Config, error) {
} }
logrus.Debugf("Found name: %s and vault: %s", name, vault) logrus.Debugf("Found name: %s and vault: %s", name, vault)
cfg, err := ConfigFromYAML(buf) cfg, err := FromYAML(buf)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -175,12 +182,16 @@ func ConfigFromFile(path string) (*Config, error) {
return cfg, nil return cfg, nil
} }
func ConfigFromYAML(data []byte) (*Config, error) { // FromYAML reads yaml bytes and returns a config.
func FromYAML(data []byte) (*Config, error) {
cfg := &Config{ cfg := &Config{
Tree: NewEntry("root", yaml.MappingNode), Tree: NewEntry("root", yaml.MappingNode),
} }
yaml.Unmarshal(data, &cfg.Tree) err := yaml.Unmarshal(data, &cfg.Tree)
if err != nil {
return nil, err
}
return cfg, nil return cfg, nil
} }
@ -188,7 +199,7 @@ func ConfigFromYAML(data []byte) (*Config, error) {
func scalarsIn(data map[string]yaml.Node, parents []string) ([]string, error) { func scalarsIn(data map[string]yaml.Node, parents []string) ([]string, error) {
keys := []string{} keys := []string{}
for key, leaf := range data { for key, leaf := range data {
if key == "_joao" { if key == "_config" && len(parents) == 0 {
continue continue
} }
switch leaf.Kind { switch leaf.Kind {
@ -219,7 +230,6 @@ func scalarsIn(data map[string]yaml.Node, parents []string) ([]string, error) {
default: default:
logrus.Fatalf("found unknown %v at %s", leaf.Kind, key) logrus.Fatalf("found unknown %v at %s", leaf.Kind, key)
} }
} }
sort.Strings(keys) sort.Strings(keys)
@ -228,12 +238,16 @@ func scalarsIn(data map[string]yaml.Node, parents []string) ([]string, error) {
func KeysFromYAML(data []byte) ([]string, error) { func KeysFromYAML(data []byte) ([]string, error) {
cfg := map[string]yaml.Node{} cfg := map[string]yaml.Node{}
yaml.Unmarshal(data, &cfg) err := yaml.Unmarshal(data, &cfg)
if err != nil {
return nil, err
}
return scalarsIn(cfg, []string{}) return scalarsIn(cfg, []string{})
} }
func ConfigFromOP(item *op.Item) (*Config, error) { // FromOP reads a config from an op item and returns a config.
func FromOP(item *op.Item) (*Config, error) {
cfg := &Config{ cfg := &Config{
Vault: item.Vault.ID, Vault: item.Vault.ID,
Name: item.Title, Name: item.Title,
@ -253,8 +267,7 @@ func (cfg *Config) AsYAML(redacted bool) ([]byte, error) {
var out bytes.Buffer var out bytes.Buffer
enc := yaml.NewEncoder(&out) enc := yaml.NewEncoder(&out)
enc.SetIndent(2) enc.SetIndent(2)
err := enc.Encode(cfg) if err := enc.Encode(cfg); err != nil {
if err != nil {
return nil, fmt.Errorf("could not serialize config as yaml: %w", err) return nil, fmt.Errorf("could not serialize config as yaml: %w", err)
} }
return out.Bytes(), nil return out.Bytes(), nil
@ -290,7 +303,7 @@ func (cfg *Config) Set(path []string, data []byte, isSecret, parseEntry bool) er
valueStr = strings.Trim(valueStr, "\n") valueStr = strings.Trim(valueStr, "\n")
if isSecret { if isSecret {
newEntry.Style = yaml.TaggedStyle newEntry.Style = yaml.TaggedStyle
newEntry.Tag = "!!secret" newEntry.Tag = YAMLTypeSecret
} }
newEntry.Kind = yaml.ScalarNode newEntry.Kind = yaml.ScalarNode
newEntry.Value = valueStr newEntry.Value = valueStr

View File

@ -131,6 +131,9 @@ func (e *Entry) UnmarshalYAML(node *yaml.Node) error {
logrus.Errorf("decode map key: %s", keyNode.Value) logrus.Errorf("decode map key: %s", keyNode.Value)
return err return err
} }
if valueNode.Tag == YAMLTypeMetaConfig {
key.Type = YAMLTypeMetaConfig
}
value.SetPath(e.Path, key.Value) value.SetPath(e.Path, key.Value)
e.Content = append(e.Content, key, value) e.Content = append(e.Content, key, value)
} }
@ -141,7 +144,7 @@ func (e *Entry) UnmarshalYAML(node *yaml.Node) error {
} }
func (e *Entry) IsSecret() bool { func (e *Entry) IsSecret() bool {
return e.Tag == "!!secret" return e.Tag == YAMLTypeSecret
} }
func (e *Entry) TypeStr() string { func (e *Entry) TypeStr() string {
@ -252,7 +255,7 @@ func (e *Entry) FromOP(fields []*op.ItemField) error {
case "secret": case "secret":
value = secretValue(value.(string)) value = secretValue(value.(string))
style = yaml.TaggedStyle style = yaml.TaggedStyle
tag = "!!secret" tag = YAMLTypeSecret
default: default:
// either no annotation or an unknown value // either no annotation or an unknown value
value = valueStr value = valueStr
@ -295,13 +298,14 @@ func (e *Entry) FromOP(fields []*op.ItemField) error {
func (e *Entry) ToOP() []*op.ItemField { func (e *Entry) ToOP() []*op.ItemField {
ret := []*op.ItemField{} ret := []*op.ItemField{}
var section *op.ItemSection var section *op.ItemSection
if e.Kind == yaml.ScalarNode {
name := e.Path[len(e.Path)-1] name := e.Path[len(e.Path)-1]
if len(e.Path) > 1 { if len(e.Path) > 1 {
section = &op.ItemSection{ID: e.Path[0]} section = &op.ItemSection{ID: e.Path[0]}
name = strings.Join(e.Path[1:], ".") name = strings.Join(e.Path[1:], ".")
} }
if len(e.Content) == 0 {
fieldType := "STRING" fieldType := "STRING"
if e.IsSecret() { if e.IsSecret() {
fieldType = "CONCEALED" fieldType = "CONCEALED"
@ -324,12 +328,24 @@ func (e *Entry) ToOP() []*op.ItemField {
Type: fieldType, Type: fieldType,
Value: e.Value, Value: e.Value,
}) })
} else { return ret
}
if e.Kind == yaml.SequenceNode {
ret := []*op.ItemField{}
for _, child := range e.Content { for _, child := range e.Content {
ret = append(ret, child.ToOP()...) ret = append(ret, child.ToOP()...)
} }
return ret
} }
for i := 0; i < len(e.Content); i += 2 {
child := e.Content[i+1]
if child.Type == YAMLTypeMetaConfig {
continue
}
ret = append(ret, child.ToOP()...)
}
return ret return ret
} }

View File

@ -20,12 +20,12 @@ import (
"gopkg.in/yaml.v3" "gopkg.in/yaml.v3"
) )
func (c *Config) Lookup(query []string) (*Entry, error) { func (cfg *Config) Lookup(query []string) (*Entry, error) {
if len(query) == 0 || len(query) == 1 && query[0] == "." { if len(query) == 0 || len(query) == 1 && query[0] == "." {
return c.Tree, nil return cfg.Tree, nil
} }
entry := c.Tree entry := cfg.Tree
for _, part := range query { for _, part := range query {
entry = entry.ChildNamed(part) entry = entry.ChildNamed(part)
if entry == nil { if entry == nil {
@ -36,12 +36,12 @@ func (c *Config) Lookup(query []string) (*Entry, error) {
return entry, nil return entry, nil
} }
func findRepoConfig(from string) (*repoModeConfig, error) { func findRepoConfig(from string) (*opDetails, error) {
parts := strings.Split(from, "/") parts := strings.Split(from, "/")
for i := len(parts); i > 0; i -= 1 { for i := len(parts); i > 0; i-- {
query := strings.Join(parts[0:i], "/") query := strings.Join(parts[0:i], "/")
if bytes, err := os.ReadFile(query + "/.joao.yaml"); err == nil { if bytes, err := os.ReadFile(query + "/.joao.yaml"); err == nil {
rmc := &repoModeConfig{Repo: query} rmc := &opDetails{Repo: query}
err := yaml.Unmarshal(bytes, rmc) err := yaml.Unmarshal(bytes, rmc)
if err != nil { if err != nil {
return nil, err return nil, err

View File

@ -38,7 +38,7 @@ func argIsYAMLFile(path string) bool {
// return "config/" + strings.ReplaceAll(name, ":", "/") + ".yaml" // return "config/" + strings.ReplaceAll(name, ":", "/") + ".yaml"
// } // }
func vaultAndNameFrom(path string, buf []byte) (string, string, error) { func vaultAndNameFrom(path string, buf []byte) (name string, vault string, err error) {
smc := &singleModeConfig{} smc := &singleModeConfig{}
if buf == nil { if buf == nil {
var err error var err error
@ -48,8 +48,8 @@ func vaultAndNameFrom(path string, buf []byte) (string, string, error) {
} }
} }
if err := yaml.Unmarshal(buf, &smc); err == nil && smc.Config != nil { if err = yaml.Unmarshal(buf, &smc); err == nil && smc.Config != nil {
return smc.Config.Vault, smc.Config.Name, nil return smc.Config.Name, smc.Config.Vault, nil
} }
rmc, err := findRepoConfig(path) rmc, err := findRepoConfig(path)
@ -85,12 +85,11 @@ func vaultAndNameFrom(path string, buf []byte) (string, string, error) {
} }
func Load(ref string, preferRemote bool) (*Config, error) { func Load(ref string, preferRemote bool) (*Config, error) {
isYaml := argIsYAMLFile(ref)
if preferRemote { if preferRemote {
name := ref name := ref
vault := "" vault := ""
if isYaml { if argIsYAMLFile(ref) {
var err error var err error
name, vault, err = vaultAndNameFrom(ref, nil) name, vault, err = vaultAndNameFrom(ref, nil)
if err != nil { if err != nil {
@ -109,12 +108,12 @@ func Load(ref string, preferRemote bool) (*Config, error) {
return nil, err return nil, err
} }
return ConfigFromOP(item) return FromOP(item)
} }
if !isYaml { if !argIsYAMLFile(ref) {
return nil, fmt.Errorf("could not load %s from local as it's not a path", ref) return nil, fmt.Errorf("could not load %s from local as it's not a path", ref)
} }
return ConfigFromFile(ref) return FromFile(ref)
} }