mirror of
https://github.com/thegeeklab/drone-yaml.git
synced 2024-11-21 17:40:39 +00:00
use data attribute for secret
This commit is contained in:
parent
b32d023dca
commit
c38254d4f1
@ -29,8 +29,6 @@ func Print(w io.Writer, v *yaml.Manifest) {
|
|||||||
printCron(state, t)
|
printCron(state, t)
|
||||||
case *yaml.Secret:
|
case *yaml.Secret:
|
||||||
printSecret(state, t)
|
printSecret(state, t)
|
||||||
case *yaml.Registry:
|
|
||||||
printRegistry(state, t)
|
|
||||||
case *yaml.Signature:
|
case *yaml.Signature:
|
||||||
printSignature(state, t)
|
printSignature(state, t)
|
||||||
case *yaml.Pipeline:
|
case *yaml.Pipeline:
|
||||||
|
@ -1,34 +0,0 @@
|
|||||||
// Copyright 2019 Drone IO, Inc.
|
|
||||||
//
|
|
||||||
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
||||||
// you may not use this file except in compliance with the License.
|
|
||||||
// You may obtain a copy of the License at
|
|
||||||
//
|
|
||||||
// http://www.apache.org/licenses/LICENSE-2.0
|
|
||||||
//
|
|
||||||
// Unless required by applicable law or agreed to in writing, software
|
|
||||||
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
||||||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
||||||
// See the License for the specific language governing permissions and
|
|
||||||
// limitations under the License.
|
|
||||||
|
|
||||||
package pretty
|
|
||||||
|
|
||||||
import (
|
|
||||||
"github.com/drone/drone-yaml/yaml"
|
|
||||||
)
|
|
||||||
|
|
||||||
// helper function pretty prints the registry resource.
|
|
||||||
func printRegistry(w writer, v *yaml.Registry) {
|
|
||||||
w.WriteString("---")
|
|
||||||
w.WriteTagValue("version", v.Version)
|
|
||||||
w.WriteTagValue("kind", v.Kind)
|
|
||||||
w.WriteTagValue("type", v.Type)
|
|
||||||
if v.Type == "encrypted" {
|
|
||||||
printData(w, v.Data)
|
|
||||||
} else {
|
|
||||||
w.WriteTagValue("data", v.Data)
|
|
||||||
}
|
|
||||||
w.WriteByte('\n')
|
|
||||||
w.WriteByte('\n')
|
|
||||||
}
|
|
@ -1,16 +0,0 @@
|
|||||||
// Copyright 2019 Drone.IO Inc. All rights reserved.
|
|
||||||
// Use of this source code is governed by the Drone Non-Commercial License
|
|
||||||
// that can be found in the LICENSE file.
|
|
||||||
|
|
||||||
package pretty
|
|
||||||
|
|
||||||
import "testing"
|
|
||||||
|
|
||||||
func TestRegistry(t *testing.T) {
|
|
||||||
ok, err := diff("testdata/registry.yml")
|
|
||||||
if err != nil {
|
|
||||||
t.Error(err)
|
|
||||||
} else if !ok {
|
|
||||||
t.Errorf("Unepxected formatting")
|
|
||||||
}
|
|
||||||
}
|
|
@ -28,19 +28,13 @@ func printSecret(w writer, v *yaml.Secret) {
|
|||||||
w.WriteString("---")
|
w.WriteString("---")
|
||||||
w.WriteTagValue("version", v.Version)
|
w.WriteTagValue("version", v.Version)
|
||||||
w.WriteTagValue("kind", v.Kind)
|
w.WriteTagValue("kind", v.Kind)
|
||||||
|
w.WriteTagValue("type", v.Type)
|
||||||
|
|
||||||
if len(v.Data) > 0 {
|
if len(v.Data) > 0 {
|
||||||
w.WriteTagValue("type", toSecretType(v.Type))
|
|
||||||
w.WriteTagValue("name", v.Name)
|
w.WriteTagValue("name", v.Name)
|
||||||
printData(w, v.Data)
|
printData(w, v.Data)
|
||||||
}
|
}
|
||||||
if len(v.External) > 0 {
|
|
||||||
w.WriteTagValue("type", toSecretType(v.Type))
|
|
||||||
w.WriteTagValue("name", v.Name)
|
|
||||||
printExternalData(w, v.External)
|
|
||||||
}
|
|
||||||
if isSecretGetEmpty(v.Get) == false {
|
if isSecretGetEmpty(v.Get) == false {
|
||||||
w.WriteTagValue("type", v.Type)
|
|
||||||
w.WriteTagValue("name", v.Name)
|
w.WriteTagValue("name", v.Name)
|
||||||
w.WriteByte('\n')
|
w.WriteByte('\n')
|
||||||
printGet(w, v.Get)
|
printGet(w, v.Get)
|
||||||
@ -49,17 +43,6 @@ func printSecret(w writer, v *yaml.Secret) {
|
|||||||
w.WriteByte('\n')
|
w.WriteByte('\n')
|
||||||
}
|
}
|
||||||
|
|
||||||
// helper function returns the secret type text.
|
|
||||||
func toSecretType(s string) string {
|
|
||||||
s = strings.ToLower(s)
|
|
||||||
switch s {
|
|
||||||
case "docker", "ecr", "general":
|
|
||||||
return s
|
|
||||||
default:
|
|
||||||
return "general"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
// helper function prints the get block.
|
// helper function prints the get block.
|
||||||
func printGet(w writer, v yaml.SecretGet) {
|
func printGet(w writer, v yaml.SecretGet) {
|
||||||
w.WriteTag("get")
|
w.WriteTag("get")
|
||||||
@ -91,28 +74,16 @@ func printExternalData(w writer, d map[string]yaml.ExternalData) {
|
|||||||
w.IndentDecrease()
|
w.IndentDecrease()
|
||||||
}
|
}
|
||||||
|
|
||||||
func printData(w writer, d map[string]string) {
|
func printData(w writer, d string) {
|
||||||
var keys []string
|
|
||||||
for k := range d {
|
|
||||||
keys = append(keys, k)
|
|
||||||
}
|
|
||||||
sort.Strings(keys)
|
|
||||||
|
|
||||||
w.WriteTag("data")
|
w.WriteTag("data")
|
||||||
|
w.WriteByte(' ')
|
||||||
|
w.WriteByte('>')
|
||||||
w.IndentIncrease()
|
w.IndentIncrease()
|
||||||
for _, k := range keys {
|
d = spaceReplacer.Replace(d)
|
||||||
v := d[k]
|
for _, s := range chunk(d, 60) {
|
||||||
w.WriteTag(k)
|
w.WriteByte('\n')
|
||||||
w.WriteByte(' ')
|
w.Indent()
|
||||||
w.WriteByte('>')
|
w.WriteString(s)
|
||||||
w.IndentIncrease()
|
|
||||||
v = spaceReplacer.Replace(v)
|
|
||||||
for _, s := range chunk(v, 60) {
|
|
||||||
w.WriteByte('\n')
|
|
||||||
w.Indent()
|
|
||||||
w.WriteString(s)
|
|
||||||
}
|
|
||||||
w.IndentDecrease()
|
|
||||||
}
|
}
|
||||||
w.IndentDecrease()
|
w.IndentDecrease()
|
||||||
}
|
}
|
||||||
|
@ -15,15 +15,6 @@ func TestSecret(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestExternalSecret(t *testing.T) {
|
|
||||||
ok, err := diff("testdata/secret_extern.yml")
|
|
||||||
if err != nil {
|
|
||||||
t.Error(err)
|
|
||||||
} else if !ok {
|
|
||||||
t.Errorf("Unepxected formatting")
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func TestGetSecret(t *testing.T) {
|
func TestGetSecret(t *testing.T) {
|
||||||
ok, err := diff("testdata/secret_get.yml")
|
ok, err := diff("testdata/secret_get.yml")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
13
yaml/pretty/testdata/manifest.yml
vendored
13
yaml/pretty/testdata/manifest.yml
vendored
@ -35,17 +35,10 @@ depends_on:
|
|||||||
- foo
|
- foo
|
||||||
- bar
|
- bar
|
||||||
|
|
||||||
---
|
|
||||||
kind: registry
|
|
||||||
data:
|
|
||||||
index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: username
|
||||||
data:
|
data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
||||||
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
|
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: cron
|
kind: cron
|
||||||
@ -60,5 +53,3 @@ spec:
|
|||||||
---
|
---
|
||||||
kind: signature
|
kind: signature
|
||||||
hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
||||||
|
|
||||||
...
|
|
||||||
|
14
yaml/pretty/testdata/manifest.yml.golden
vendored
14
yaml/pretty/testdata/manifest.yml.golden
vendored
@ -35,19 +35,11 @@ depends_on:
|
|||||||
- foo
|
- foo
|
||||||
- bar
|
- bar
|
||||||
|
|
||||||
---
|
|
||||||
kind: registry
|
|
||||||
data:
|
|
||||||
index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: username
|
||||||
data:
|
data: >
|
||||||
password: >
|
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
||||||
YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
|
|
||||||
username: >
|
|
||||||
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
|
|
||||||
---
|
---
|
||||||
kind: cron
|
kind: cron
|
||||||
|
6
yaml/pretty/testdata/secret.yml
vendored
6
yaml/pretty/testdata/secret.yml
vendored
@ -1,6 +1,4 @@
|
|||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: username
|
||||||
|
|
||||||
data:
|
data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
||||||
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
password: NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlmNDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
|
|
||||||
|
11
yaml/pretty/testdata/secret.yml.golden
vendored
11
yaml/pretty/testdata/secret.yml.golden
vendored
@ -1,12 +1,7 @@
|
|||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: general
|
name: username
|
||||||
data:
|
data: >
|
||||||
password: >
|
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
||||||
NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5
|
|
||||||
NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlm
|
|
||||||
NDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
|
|
||||||
username: >
|
|
||||||
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
|
|
||||||
...
|
...
|
||||||
|
10
yaml/pretty/testdata/secret_extern.yml
vendored
10
yaml/pretty/testdata/secret_extern.yml
vendored
@ -1,10 +0,0 @@
|
|||||||
kind: secret
|
|
||||||
|
|
||||||
external_data:
|
|
||||||
username:
|
|
||||||
path: secrets/data/docker
|
|
||||||
name: username
|
|
||||||
|
|
||||||
password:
|
|
||||||
path: secrets/data/docker
|
|
||||||
name: password
|
|
12
yaml/pretty/testdata/secret_extern.yml.golden
vendored
12
yaml/pretty/testdata/secret_extern.yml.golden
vendored
@ -1,12 +0,0 @@
|
|||||||
---
|
|
||||||
kind: secret
|
|
||||||
type: general
|
|
||||||
external_data:
|
|
||||||
password:
|
|
||||||
path: secrets/data/docker
|
|
||||||
name: password
|
|
||||||
username:
|
|
||||||
path: secrets/data/docker
|
|
||||||
name: username
|
|
||||||
|
|
||||||
...
|
|
@ -28,9 +28,8 @@ type (
|
|||||||
Type string `json:"type,omitempty"`
|
Type string `json:"type,omitempty"`
|
||||||
Name string `json:"name,omitempty"`
|
Name string `json:"name,omitempty"`
|
||||||
|
|
||||||
Data map[string]string `json:"data,omitempty"`
|
Data string `json:"data,omitempty"`
|
||||||
External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"`
|
Get SecretGet `json:"get,omitempty"`
|
||||||
Get SecretGet `json:"get,omitempty"`
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// SecretGet defines a request to get a secret from
|
// SecretGet defines a request to get a secret from
|
||||||
@ -58,7 +57,7 @@ func (s *Secret) GetKind() string { return s.Kind }
|
|||||||
|
|
||||||
// Validate returns an error if the secret is invalid.
|
// Validate returns an error if the secret is invalid.
|
||||||
func (s *Secret) Validate() error {
|
func (s *Secret) Validate() error {
|
||||||
if len(s.Data) == 0 && len(s.External) == 0 {
|
if len(s.Data) == 0 && len(s.Get.Path) == 0 && len(s.Get.Name) == 0 {
|
||||||
return errors.New("yaml: invalid secret resource")
|
return errors.New("yaml: invalid secret resource")
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
|
@ -4,9 +4,7 @@
|
|||||||
|
|
||||||
package yaml
|
package yaml
|
||||||
|
|
||||||
import (
|
import "testing"
|
||||||
"testing"
|
|
||||||
)
|
|
||||||
|
|
||||||
func TestSecretUnmarshal(t *testing.T) {
|
func TestSecretUnmarshal(t *testing.T) {
|
||||||
diff, err := diff("testdata/secret.yml")
|
diff, err := diff("testdata/secret.yml")
|
||||||
@ -22,18 +20,20 @@ func TestSecretUnmarshal(t *testing.T) {
|
|||||||
func TestSecretValidate(t *testing.T) {
|
func TestSecretValidate(t *testing.T) {
|
||||||
secret := new(Secret)
|
secret := new(Secret)
|
||||||
|
|
||||||
secret.Data = map[string]string{"foo": "bar"}
|
secret.Data = "some-data"
|
||||||
if err := secret.Validate(); err != nil {
|
if err := secret.Validate(); err != nil {
|
||||||
t.Error(err)
|
t.Error(err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
secret.Data = map[string]string{}
|
secret.Get.Path = "secret/data/docker"
|
||||||
if err := secret.Validate(); err == nil {
|
if err := secret.Validate(); err != nil {
|
||||||
t.Errorf("Expect invalid secret error")
|
t.Error(err)
|
||||||
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
secret.Data = nil
|
secret.Data = ""
|
||||||
|
secret.Get.Path = ""
|
||||||
if err := secret.Validate(); err == nil {
|
if err := secret.Validate(); err == nil {
|
||||||
t.Errorf("Expect invalid secret error")
|
t.Errorf("Expect invalid secret error")
|
||||||
}
|
}
|
||||||
|
6
yaml/testdata/secret.yml
vendored
6
yaml/testdata/secret.yml
vendored
@ -1,7 +1,5 @@
|
|||||||
---
|
---
|
||||||
kind: secret
|
kind: secret
|
||||||
type: encrypted
|
name: username
|
||||||
|
|
||||||
data:
|
data: b2N0b2NhdA==
|
||||||
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
|
|
||||||
password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
|
|
||||||
|
7
yaml/testdata/secret.yml.golden
vendored
7
yaml/testdata/secret.yml.golden
vendored
@ -1,10 +1,7 @@
|
|||||||
[
|
[
|
||||||
{
|
{
|
||||||
"kind": "secret",
|
"kind": "secret",
|
||||||
"type": "encrypted",
|
"name": "username",
|
||||||
"data": {
|
"data": "b2N0b2NhdA=="
|
||||||
"password": "YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK",
|
|
||||||
"username": "N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK"
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
]
|
]
|
Loading…
Reference in New Issue
Block a user