use data attribute for secret

2019-03-17 19:25:35 -07:00 · 2019-03-17 19:25:35 -07:00 · c38254d4f1
parent b32d023dca
commit c38254d4f1
15 changed files with 34 additions and 176 deletions
--- a/yaml/pretty/pretty.go
+++ b/yaml/pretty/pretty.go
@ -29,8 +29,6 @@ func Print(w io.Writer, v *yaml.Manifest) {
 			printCron(state, t)
 		case *yaml.Secret:
 			printSecret(state, t)
-		case *yaml.Registry:
-			printRegistry(state, t)
 		case *yaml.Signature:
 			printSignature(state, t)
 		case *yaml.Pipeline:
--- a/yaml/pretty/registry.go
+++ b/yaml/pretty/registry.go
@ -1,34 +0,0 @@
-// Copyright 2019 Drone IO, Inc.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//      http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-package pretty
-
-import (
-	"github.com/drone/drone-yaml/yaml"
-)
-
-// helper function pretty prints the registry resource.
-func printRegistry(w writer, v *yaml.Registry) {
-	w.WriteString("---")
-	w.WriteTagValue("version", v.Version)
-	w.WriteTagValue("kind", v.Kind)
-	w.WriteTagValue("type", v.Type)
-	if v.Type == "encrypted" {
-		printData(w, v.Data)
-	} else {
-		w.WriteTagValue("data", v.Data)
-	}
-	w.WriteByte('\n')
-	w.WriteByte('\n')
-}
--- a/yaml/pretty/registry_test.go
+++ b/yaml/pretty/registry_test.go
@ -1,16 +0,0 @@
-// Copyright 2019 Drone.IO Inc. All rights reserved.
-// Use of this source code is governed by the Drone Non-Commercial License
-// that can be found in the LICENSE file.
-
-package pretty
-
-import "testing"
-
-func TestRegistry(t *testing.T) {
-	ok, err := diff("testdata/registry.yml")
-	if err != nil {
-		t.Error(err)
-	} else if !ok {
-		t.Errorf("Unepxected formatting")
-	}
-}
--- a/yaml/pretty/secret.go
+++ b/yaml/pretty/secret.go
@ -28,19 +28,13 @@ func printSecret(w writer, v *yaml.Secret) {
 	w.WriteString("---")
 	w.WriteTagValue("version", v.Version)
 	w.WriteTagValue("kind", v.Kind)
+	w.WriteTagValue("type", v.Type)

 	if len(v.Data) > 0 {
-		w.WriteTagValue("type", toSecretType(v.Type))
 		w.WriteTagValue("name", v.Name)
 		printData(w, v.Data)
 	}
-	if len(v.External) > 0 {
-		w.WriteTagValue("type", toSecretType(v.Type))
-		w.WriteTagValue("name", v.Name)
-		printExternalData(w, v.External)
-	}
 	if isSecretGetEmpty(v.Get) == false {
-		w.WriteTagValue("type", v.Type)
 		w.WriteTagValue("name", v.Name)
 		w.WriteByte('\n')
 		printGet(w, v.Get)
@ -49,17 +43,6 @@ func printSecret(w writer, v *yaml.Secret) {
 	w.WriteByte('\n')
 }

-// helper function returns the secret type text.
-func toSecretType(s string) string {
-	s = strings.ToLower(s)
-	switch s {
-	case "docker", "ecr", "general":
-		return s
-	default:
-		return "general"
-	}
-}
-
 // helper function prints the get block.
 func printGet(w writer, v yaml.SecretGet) {
 	w.WriteTag("get")
@ -91,28 +74,16 @@ func printExternalData(w writer, d map[string]yaml.ExternalData) {
 	w.IndentDecrease()
 }

-func printData(w writer, d map[string]string) {
-	var keys []string
-	for k := range d {
-		keys = append(keys, k)
-	}
-	sort.Strings(keys)
-
+func printData(w writer, d string) {
 	w.WriteTag("data")
+	w.WriteByte(' ')
+	w.WriteByte('>')
 	w.IndentIncrease()
-	for _, k := range keys {
-		v := d[k]
-		w.WriteTag(k)
-		w.WriteByte(' ')
-		w.WriteByte('>')
-		w.IndentIncrease()
-		v = spaceReplacer.Replace(v)
-		for _, s := range chunk(v, 60) {
-			w.WriteByte('\n')
-			w.Indent()
-			w.WriteString(s)
-		}
-		w.IndentDecrease()
+	d = spaceReplacer.Replace(d)
+	for _, s := range chunk(d, 60) {
+		w.WriteByte('\n')
+		w.Indent()
+		w.WriteString(s)
 	}
 	w.IndentDecrease()
 }
--- a/yaml/pretty/secret_test.go
+++ b/yaml/pretty/secret_test.go
@ -15,15 +15,6 @@ func TestSecret(t *testing.T) {
 	}
 }

-func TestExternalSecret(t *testing.T) {
-	ok, err := diff("testdata/secret_extern.yml")
-	if err != nil {
-		t.Error(err)
-	} else if !ok {
-		t.Errorf("Unepxected formatting")
-	}
-}
-
 func TestGetSecret(t *testing.T) {
 	ok, err := diff("testdata/secret_get.yml")
 	if err != nil {
--- a/yaml/pretty/testdata/manifest.yml
+++ b/yaml/pretty/testdata/manifest.yml
@ -35,17 +35,10 @@ depends_on:
 - foo
 - bar

---
-kind: registry
-data:
-  index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
-
 ---
 kind: secret
-type: general
-data:
-  username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
-  password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
+name: username
+data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK

 ---
 kind: cron
@ -60,5 +53,3 @@ spec:
 ---
 kind: signature
 hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
-
-...
--- a/yaml/pretty/testdata/manifest.yml.golden
+++ b/yaml/pretty/testdata/manifest.yml.golden
@ -35,19 +35,11 @@ depends_on:
 - foo
 - bar

---
-kind: registry
-data:
-  index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
-
 ---
 kind: secret
-type: general
-data:
-  password: >
-    YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
-  username: >
-    N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
+name: username
+data: >
+  N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK

 ---
 kind: cron
--- a/yaml/pretty/testdata/secret.yml
+++ b/yaml/pretty/testdata/secret.yml
@ -1,6 +1,4 @@
 kind: secret
-type: general
+name: username

-data:
-  username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
-  password: NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlmNDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
+data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
--- a/yaml/pretty/testdata/secret.yml.golden
+++ b/yaml/pretty/testdata/secret.yml.golden
@ -1,12 +1,7 @@
 ---
 kind: secret
-type: general
-data:
-  password: >
-    NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5
-    NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlm
-    NDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
-  username: >
-    N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
+name: username
+data: >
+  N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK

 ...
--- a/yaml/pretty/testdata/secret_extern.yml
+++ b/yaml/pretty/testdata/secret_extern.yml
@ -1,10 +0,0 @@
-kind: secret
-
-external_data:
-  username:
-    path: secrets/data/docker
-    name: username
-
-  password:
-    path: secrets/data/docker
-    name: password
--- a/yaml/pretty/testdata/secret_extern.yml.golden
+++ b/yaml/pretty/testdata/secret_extern.yml.golden
@ -1,12 +0,0 @@
---
-kind: secret
-type: general
-external_data:
-  password:
-    path: secrets/data/docker
-    name: password
-  username:
-    path: secrets/data/docker
-    name: username
-
-...
--- a/yaml/secret.go
+++ b/yaml/secret.go
@ -28,9 +28,8 @@ type (
 		Type    string `json:"type,omitempty"`
 		Name    string `json:"name,omitempty"`

-		Data     map[string]string       `json:"data,omitempty"`
-		External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"`
-		Get      SecretGet               `json:"get,omitempty"`
+		Data string    `json:"data,omitempty"`
+		Get  SecretGet `json:"get,omitempty"`
 	}

 	// SecretGet defines a request to get a secret from
@ -58,7 +57,7 @@ func (s *Secret) GetKind() string { return s.Kind }

 // Validate returns an error if the secret is invalid.
 func (s *Secret) Validate() error {
-	if len(s.Data) == 0 && len(s.External) == 0 {
+	if len(s.Data) == 0 && len(s.Get.Path) == 0 && len(s.Get.Name) == 0 {
 		return errors.New("yaml: invalid secret resource")
 	}
 	return nil
--- a/yaml/secret_test.go
+++ b/yaml/secret_test.go
@ -4,9 +4,7 @@

 package yaml

-import (
-	"testing"
-)
+import "testing"

 func TestSecretUnmarshal(t *testing.T) {
 	diff, err := diff("testdata/secret.yml")
@ -22,18 +20,20 @@ func TestSecretUnmarshal(t *testing.T) {
 func TestSecretValidate(t *testing.T) {
 	secret := new(Secret)

-	secret.Data = map[string]string{"foo": "bar"}
+	secret.Data = "some-data"
 	if err := secret.Validate(); err != nil {
 		t.Error(err)
 		return
 	}

-	secret.Data = map[string]string{}
-	if err := secret.Validate(); err == nil {
-		t.Errorf("Expect invalid secret error")
+	secret.Get.Path = "secret/data/docker"
+	if err := secret.Validate(); err != nil {
+		t.Error(err)
+		return
 	}

-	secret.Data = nil
+	secret.Data = ""
+	secret.Get.Path = ""
 	if err := secret.Validate(); err == nil {
 		t.Errorf("Expect invalid secret error")
 	}
--- a/yaml/testdata/secret.yml
+++ b/yaml/testdata/secret.yml
@ -1,7 +1,5 @@
 ---
 kind: secret
-type: encrypted
+name: username

-data:
-  username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
-  password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
+data: b2N0b2NhdA==
--- a/yaml/testdata/secret.yml.golden
+++ b/yaml/testdata/secret.yml.golden
@ -1,10 +1,7 @@
 [
  {
    "kind": "secret",
-    "type": "encrypted",
-    "data": {
-      "password": "YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK",
-      "username": "N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK"
-    }
+    "name": "username",
+    "data": "b2N0b2NhdA=="
  }
 ]