use data attribute for secret

This commit is contained in:
Brad Rydzewski 2019-03-17 19:25:35 -07:00
parent b32d023dca
commit c38254d4f1
15 changed files with 34 additions and 176 deletions

View File

@ -29,8 +29,6 @@ func Print(w io.Writer, v *yaml.Manifest) {
printCron(state, t) printCron(state, t)
case *yaml.Secret: case *yaml.Secret:
printSecret(state, t) printSecret(state, t)
case *yaml.Registry:
printRegistry(state, t)
case *yaml.Signature: case *yaml.Signature:
printSignature(state, t) printSignature(state, t)
case *yaml.Pipeline: case *yaml.Pipeline:

View File

@ -1,34 +0,0 @@
// Copyright 2019 Drone IO, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package pretty
import (
"github.com/drone/drone-yaml/yaml"
)
// helper function pretty prints the registry resource.
func printRegistry(w writer, v *yaml.Registry) {
w.WriteString("---")
w.WriteTagValue("version", v.Version)
w.WriteTagValue("kind", v.Kind)
w.WriteTagValue("type", v.Type)
if v.Type == "encrypted" {
printData(w, v.Data)
} else {
w.WriteTagValue("data", v.Data)
}
w.WriteByte('\n')
w.WriteByte('\n')
}

View File

@ -1,16 +0,0 @@
// Copyright 2019 Drone.IO Inc. All rights reserved.
// Use of this source code is governed by the Drone Non-Commercial License
// that can be found in the LICENSE file.
package pretty
import "testing"
func TestRegistry(t *testing.T) {
ok, err := diff("testdata/registry.yml")
if err != nil {
t.Error(err)
} else if !ok {
t.Errorf("Unepxected formatting")
}
}

View File

@ -28,19 +28,13 @@ func printSecret(w writer, v *yaml.Secret) {
w.WriteString("---") w.WriteString("---")
w.WriteTagValue("version", v.Version) w.WriteTagValue("version", v.Version)
w.WriteTagValue("kind", v.Kind) w.WriteTagValue("kind", v.Kind)
w.WriteTagValue("type", v.Type)
if len(v.Data) > 0 { if len(v.Data) > 0 {
w.WriteTagValue("type", toSecretType(v.Type))
w.WriteTagValue("name", v.Name) w.WriteTagValue("name", v.Name)
printData(w, v.Data) printData(w, v.Data)
} }
if len(v.External) > 0 {
w.WriteTagValue("type", toSecretType(v.Type))
w.WriteTagValue("name", v.Name)
printExternalData(w, v.External)
}
if isSecretGetEmpty(v.Get) == false { if isSecretGetEmpty(v.Get) == false {
w.WriteTagValue("type", v.Type)
w.WriteTagValue("name", v.Name) w.WriteTagValue("name", v.Name)
w.WriteByte('\n') w.WriteByte('\n')
printGet(w, v.Get) printGet(w, v.Get)
@ -49,17 +43,6 @@ func printSecret(w writer, v *yaml.Secret) {
w.WriteByte('\n') w.WriteByte('\n')
} }
// helper function returns the secret type text.
func toSecretType(s string) string {
s = strings.ToLower(s)
switch s {
case "docker", "ecr", "general":
return s
default:
return "general"
}
}
// helper function prints the get block. // helper function prints the get block.
func printGet(w writer, v yaml.SecretGet) { func printGet(w writer, v yaml.SecretGet) {
w.WriteTag("get") w.WriteTag("get")
@ -91,28 +74,16 @@ func printExternalData(w writer, d map[string]yaml.ExternalData) {
w.IndentDecrease() w.IndentDecrease()
} }
func printData(w writer, d map[string]string) { func printData(w writer, d string) {
var keys []string
for k := range d {
keys = append(keys, k)
}
sort.Strings(keys)
w.WriteTag("data") w.WriteTag("data")
w.WriteByte(' ')
w.WriteByte('>')
w.IndentIncrease() w.IndentIncrease()
for _, k := range keys { d = spaceReplacer.Replace(d)
v := d[k] for _, s := range chunk(d, 60) {
w.WriteTag(k) w.WriteByte('\n')
w.WriteByte(' ') w.Indent()
w.WriteByte('>') w.WriteString(s)
w.IndentIncrease()
v = spaceReplacer.Replace(v)
for _, s := range chunk(v, 60) {
w.WriteByte('\n')
w.Indent()
w.WriteString(s)
}
w.IndentDecrease()
} }
w.IndentDecrease() w.IndentDecrease()
} }

View File

@ -15,15 +15,6 @@ func TestSecret(t *testing.T) {
} }
} }
func TestExternalSecret(t *testing.T) {
ok, err := diff("testdata/secret_extern.yml")
if err != nil {
t.Error(err)
} else if !ok {
t.Errorf("Unepxected formatting")
}
}
func TestGetSecret(t *testing.T) { func TestGetSecret(t *testing.T) {
ok, err := diff("testdata/secret_get.yml") ok, err := diff("testdata/secret_get.yml")
if err != nil { if err != nil {

View File

@ -35,17 +35,10 @@ depends_on:
- foo - foo
- bar - bar
---
kind: registry
data:
index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
--- ---
kind: secret kind: secret
type: general name: username
data: data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
--- ---
kind: cron kind: cron
@ -60,5 +53,3 @@ spec:
--- ---
kind: signature kind: signature
hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
...

View File

@ -35,19 +35,11 @@ depends_on:
- foo - foo
- bar - bar
---
kind: registry
data:
index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
--- ---
kind: secret kind: secret
type: general name: username
data: data: >
password: > N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
username: >
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
--- ---
kind: cron kind: cron

View File

@ -1,6 +1,4 @@
kind: secret kind: secret
type: general name: username
data: data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
password: NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlmNDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK

View File

@ -1,12 +1,7 @@
--- ---
kind: secret kind: secret
type: general name: username
data: data: >
password: > N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5
NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlm
NDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
username: >
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
... ...

View File

@ -1,10 +0,0 @@
kind: secret
external_data:
username:
path: secrets/data/docker
name: username
password:
path: secrets/data/docker
name: password

View File

@ -1,12 +0,0 @@
---
kind: secret
type: general
external_data:
password:
path: secrets/data/docker
name: password
username:
path: secrets/data/docker
name: username
...

View File

@ -28,9 +28,8 @@ type (
Type string `json:"type,omitempty"` Type string `json:"type,omitempty"`
Name string `json:"name,omitempty"` Name string `json:"name,omitempty"`
Data map[string]string `json:"data,omitempty"` Data string `json:"data,omitempty"`
External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"` Get SecretGet `json:"get,omitempty"`
Get SecretGet `json:"get,omitempty"`
} }
// SecretGet defines a request to get a secret from // SecretGet defines a request to get a secret from
@ -58,7 +57,7 @@ func (s *Secret) GetKind() string { return s.Kind }
// Validate returns an error if the secret is invalid. // Validate returns an error if the secret is invalid.
func (s *Secret) Validate() error { func (s *Secret) Validate() error {
if len(s.Data) == 0 && len(s.External) == 0 { if len(s.Data) == 0 && len(s.Get.Path) == 0 && len(s.Get.Name) == 0 {
return errors.New("yaml: invalid secret resource") return errors.New("yaml: invalid secret resource")
} }
return nil return nil

View File

@ -4,9 +4,7 @@
package yaml package yaml
import ( import "testing"
"testing"
)
func TestSecretUnmarshal(t *testing.T) { func TestSecretUnmarshal(t *testing.T) {
diff, err := diff("testdata/secret.yml") diff, err := diff("testdata/secret.yml")
@ -22,18 +20,20 @@ func TestSecretUnmarshal(t *testing.T) {
func TestSecretValidate(t *testing.T) { func TestSecretValidate(t *testing.T) {
secret := new(Secret) secret := new(Secret)
secret.Data = map[string]string{"foo": "bar"} secret.Data = "some-data"
if err := secret.Validate(); err != nil { if err := secret.Validate(); err != nil {
t.Error(err) t.Error(err)
return return
} }
secret.Data = map[string]string{} secret.Get.Path = "secret/data/docker"
if err := secret.Validate(); err == nil { if err := secret.Validate(); err != nil {
t.Errorf("Expect invalid secret error") t.Error(err)
return
} }
secret.Data = nil secret.Data = ""
secret.Get.Path = ""
if err := secret.Validate(); err == nil { if err := secret.Validate(); err == nil {
t.Errorf("Expect invalid secret error") t.Errorf("Expect invalid secret error")
} }

View File

@ -1,7 +1,5 @@
--- ---
kind: secret kind: secret
type: encrypted name: username
data: data: b2N0b2NhdA==
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK

View File

@ -1,10 +1,7 @@
[ [
{ {
"kind": "secret", "kind": "secret",
"type": "encrypted", "name": "username",
"data": { "data": "b2N0b2NhdA=="
"password": "YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK",
"username": "N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK"
}
} }
] ]