use data attribute for secret

2019-03-17 19:25:35 -07:00 · 2019-03-17 19:25:35 -07:00 · c38254d4f1
parent b32d023dca
commit c38254d4f1
15 changed files with 34 additions and 176 deletions
--- a/yaml/pretty/pretty.go
+++ b/yaml/pretty/pretty.go
@ -29,8 +29,6 @@ func Print(w io.Writer, v *yaml.Manifest) {
 			printCron(state, t)
 		case *yaml.Secret:
 			printSecret(state, t)
 		case *yaml.Registry:
 			printRegistry(state, t)
 		case *yaml.Signature:
 			printSignature(state, t)
 		case *yaml.Pipeline:
--- a/yaml/pretty/registry.go
+++ b/yaml/pretty/registry.go
@ -1,34 +0,0 @@
 // Copyright 2019 Drone IO, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 package pretty
 import (
 	"github.com/drone/drone-yaml/yaml"
 )
 // helper function pretty prints the registry resource.
 func printRegistry(w writer, v *yaml.Registry) {
 	w.WriteString("---")
 	w.WriteTagValue("version", v.Version)
 	w.WriteTagValue("kind", v.Kind)
 	w.WriteTagValue("type", v.Type)
 	if v.Type == "encrypted" {
 		printData(w, v.Data)
 	} else {
 		w.WriteTagValue("data", v.Data)
 	}
 	w.WriteByte('\n')
 	w.WriteByte('\n')
 }
--- a/yaml/pretty/registry_test.go
+++ b/yaml/pretty/registry_test.go
@ -1,16 +0,0 @@
 // Copyright 2019 Drone.IO Inc. All rights reserved.
 // Use of this source code is governed by the Drone Non-Commercial License
 // that can be found in the LICENSE file.
 package pretty
 import "testing"
 func TestRegistry(t *testing.T) {
 	ok, err := diff("testdata/registry.yml")
 	if err != nil {
 		t.Error(err)
 	} else if !ok {
 		t.Errorf("Unepxected formatting")
 	}
 }
--- a/yaml/pretty/secret.go
+++ b/yaml/pretty/secret.go
@ -28,19 +28,13 @@ func printSecret(w writer, v *yaml.Secret) {
 	w.WriteString("---")
 	w.WriteTagValue("version", v.Version)
 	w.WriteTagValue("kind", v.Kind)
 	w.WriteTagValue("type", v.Type)
 	if len(v.Data) > 0 {
 		w.WriteTagValue("type", toSecretType(v.Type))
 		w.WriteTagValue("name", v.Name)
 		printData(w, v.Data)
 	}
 	if len(v.External) > 0 {
 		w.WriteTagValue("type", toSecretType(v.Type))
 		w.WriteTagValue("name", v.Name)
 		printExternalData(w, v.External)
 	}
 	if isSecretGetEmpty(v.Get) == false {
 		w.WriteTagValue("type", v.Type)
 		w.WriteTagValue("name", v.Name)
 		w.WriteByte('\n')
 		printGet(w, v.Get)
@ -49,17 +43,6 @@ func printSecret(w writer, v *yaml.Secret) {
 	w.WriteByte('\n')
 }
 // helper function returns the secret type text.
 func toSecretType(s string) string {
 	s = strings.ToLower(s)
 	switch s {
 	case "docker", "ecr", "general":
 		return s
 	default:
 		return "general"
 	}
 }
 // helper function prints the get block.
 func printGet(w writer, v yaml.SecretGet) {
 	w.WriteTag("get")
@ -91,28 +74,16 @@ func printExternalData(w writer, d map[string]yaml.ExternalData) {
 	w.IndentDecrease()
 }
-func printData(w writer, d map[string]string) {
+func printData(w writer, d string) {
 	var keys []string
 	for k := range d {
 		keys = append(keys, k)
 	}
 	sort.Strings(keys)
 	w.WriteTag("data")
 	w.WriteByte(' ')
 	w.WriteByte('>')
 	w.IndentIncrease()
-	for _, k := range keys {
+	d = spaceReplacer.Replace(d)
-		v := d[k]
+	for _, s := range chunk(d, 60) {
-		w.WriteTag(k)
+		w.WriteByte('\n')
-		w.WriteByte(' ')
+		w.Indent()
-		w.WriteByte('>')
+		w.WriteString(s)
 		w.IndentIncrease()
 		v = spaceReplacer.Replace(v)
 		for _, s := range chunk(v, 60) {
 			w.WriteByte('\n')
 			w.Indent()
 			w.WriteString(s)
 		}
 		w.IndentDecrease()
 	}
 	w.IndentDecrease()
 }
--- a/yaml/pretty/secret_test.go
+++ b/yaml/pretty/secret_test.go
@ -15,15 +15,6 @@ func TestSecret(t *testing.T) {
 	}
 }
 func TestExternalSecret(t *testing.T) {
 	ok, err := diff("testdata/secret_extern.yml")
 	if err != nil {
 		t.Error(err)
 	} else if !ok {
 		t.Errorf("Unepxected formatting")
 	}
 }
 func TestGetSecret(t *testing.T) {
 	ok, err := diff("testdata/secret_get.yml")
 	if err != nil {
--- a/yaml/pretty/testdata/manifest.yml
+++ b/yaml/pretty/testdata/manifest.yml
@ -35,17 +35,10 @@ depends_on:
 - foo
 - bar
 ---
 kind: registry
 data:
  index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
 ---
 kind: secret
-type: general
+name: username
-data:
+data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
  username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
  password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
 ---
 kind: cron
@ -60,5 +53,3 @@ spec:
 ---
 kind: signature
 hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
 ...
--- a/yaml/pretty/testdata/manifest.yml.golden
+++ b/yaml/pretty/testdata/manifest.yml.golden
@ -35,19 +35,11 @@ depends_on:
 - foo
 - bar
 ---
 kind: registry
 data:
  index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
 ---
 kind: secret
-type: general
+name: username
-data:
+data: >
-  password: >
+  N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
    YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
  username: >
    N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
 ---
 kind: cron
--- a/yaml/pretty/testdata/secret.yml
+++ b/yaml/pretty/testdata/secret.yml
@ -1,6 +1,4 @@
 kind: secret
-type: general
+name: username
-data:
+data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
  username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
  password: NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlmNDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
--- a/yaml/pretty/testdata/secret.yml.golden
+++ b/yaml/pretty/testdata/secret.yml.golden
@ -1,12 +1,7 @@
 ---
 kind: secret
-type: general
+name: username
-data:
+data: >
-  password: >
+  N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
    NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5
    NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlm
    NDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
  username: >
    N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
 ...
--- a/yaml/pretty/testdata/secret_extern.yml
+++ b/yaml/pretty/testdata/secret_extern.yml
@ -1,10 +0,0 @@
 kind: secret
 external_data:
  username:
    path: secrets/data/docker
    name: username
  password:
    path: secrets/data/docker
    name: password
--- a/yaml/pretty/testdata/secret_extern.yml.golden
+++ b/yaml/pretty/testdata/secret_extern.yml.golden
@ -1,12 +0,0 @@
 ---
 kind: secret
 type: general
 external_data:
  password:
    path: secrets/data/docker
    name: password
  username:
    path: secrets/data/docker
    name: username
 ...
--- a/yaml/secret.go
+++ b/yaml/secret.go
@ -28,9 +28,8 @@ type (
 		Type    string `json:"type,omitempty"`
 		Name    string `json:"name,omitempty"`
-		Data     map[string]string       `json:"data,omitempty"`
+		Data string    `json:"data,omitempty"`
-		External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"`
+		Get  SecretGet `json:"get,omitempty"`
 		Get      SecretGet               `json:"get,omitempty"`
 	}
 	// SecretGet defines a request to get a secret from
@ -58,7 +57,7 @@ func (s *Secret) GetKind() string { return s.Kind }
 // Validate returns an error if the secret is invalid.
 func (s *Secret) Validate() error {
-	if len(s.Data) == 0 && len(s.External) == 0 {
+	if len(s.Data) == 0 && len(s.Get.Path) == 0 && len(s.Get.Name) == 0 {
 		return errors.New("yaml: invalid secret resource")
 	}
 	return nil
--- a/yaml/secret_test.go
+++ b/yaml/secret_test.go
@ -4,9 +4,7 @@
 package yaml
-import (
+import "testing"
 	"testing"
 )
 func TestSecretUnmarshal(t *testing.T) {
 	diff, err := diff("testdata/secret.yml")
@ -22,18 +20,20 @@ func TestSecretUnmarshal(t *testing.T) {
 func TestSecretValidate(t *testing.T) {
 	secret := new(Secret)
-	secret.Data = map[string]string{"foo": "bar"}
+	secret.Data = "some-data"
 	if err := secret.Validate(); err != nil {
 		t.Error(err)
 		return
 	}
-	secret.Data = map[string]string{}
+	secret.Get.Path = "secret/data/docker"
-	if err := secret.Validate(); err == nil {
+	if err := secret.Validate(); err != nil {
-		t.Errorf("Expect invalid secret error")
+		t.Error(err)
 		return
 	}
-	secret.Data = nil
+	secret.Data = ""
 	secret.Get.Path = ""
 	if err := secret.Validate(); err == nil {
 		t.Errorf("Expect invalid secret error")
 	}
--- a/yaml/testdata/secret.yml
+++ b/yaml/testdata/secret.yml
@ -1,7 +1,5 @@
 ---
 kind: secret
-type: encrypted
+name: username
-data:
+data: b2N0b2NhdA==
  username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
  password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
--- a/yaml/testdata/secret.yml.golden
+++ b/yaml/testdata/secret.yml.golden
@ -1,10 +1,7 @@
 [
  {
    "kind": "secret",
-    "type": "encrypted",
+    "name": "username",
-    "data": {
+    "data": "b2N0b2NhdA=="
      "password": "YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK",
      "username": "N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK"
    }
  }
 ]