use data attribute for secret

This commit is contained in:
Brad Rydzewski 2019-03-17 19:25:35 -07:00
parent b32d023dca
commit c38254d4f1
15 changed files with 34 additions and 176 deletions

View File

@ -29,8 +29,6 @@ func Print(w io.Writer, v *yaml.Manifest) {
printCron(state, t)
case *yaml.Secret:
printSecret(state, t)
case *yaml.Registry:
printRegistry(state, t)
case *yaml.Signature:
printSignature(state, t)
case *yaml.Pipeline:

View File

@ -1,34 +0,0 @@
// Copyright 2019 Drone IO, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package pretty
import (
"github.com/drone/drone-yaml/yaml"
)
// helper function pretty prints the registry resource.
func printRegistry(w writer, v *yaml.Registry) {
w.WriteString("---")
w.WriteTagValue("version", v.Version)
w.WriteTagValue("kind", v.Kind)
w.WriteTagValue("type", v.Type)
if v.Type == "encrypted" {
printData(w, v.Data)
} else {
w.WriteTagValue("data", v.Data)
}
w.WriteByte('\n')
w.WriteByte('\n')
}

View File

@ -1,16 +0,0 @@
// Copyright 2019 Drone.IO Inc. All rights reserved.
// Use of this source code is governed by the Drone Non-Commercial License
// that can be found in the LICENSE file.
package pretty
import "testing"
func TestRegistry(t *testing.T) {
ok, err := diff("testdata/registry.yml")
if err != nil {
t.Error(err)
} else if !ok {
t.Errorf("Unepxected formatting")
}
}

View File

@ -28,19 +28,13 @@ func printSecret(w writer, v *yaml.Secret) {
w.WriteString("---")
w.WriteTagValue("version", v.Version)
w.WriteTagValue("kind", v.Kind)
w.WriteTagValue("type", v.Type)
if len(v.Data) > 0 {
w.WriteTagValue("type", toSecretType(v.Type))
w.WriteTagValue("name", v.Name)
printData(w, v.Data)
}
if len(v.External) > 0 {
w.WriteTagValue("type", toSecretType(v.Type))
w.WriteTagValue("name", v.Name)
printExternalData(w, v.External)
}
if isSecretGetEmpty(v.Get) == false {
w.WriteTagValue("type", v.Type)
w.WriteTagValue("name", v.Name)
w.WriteByte('\n')
printGet(w, v.Get)
@ -49,17 +43,6 @@ func printSecret(w writer, v *yaml.Secret) {
w.WriteByte('\n')
}
// helper function returns the secret type text.
func toSecretType(s string) string {
s = strings.ToLower(s)
switch s {
case "docker", "ecr", "general":
return s
default:
return "general"
}
}
// helper function prints the get block.
func printGet(w writer, v yaml.SecretGet) {
w.WriteTag("get")
@ -91,30 +74,18 @@ func printExternalData(w writer, d map[string]yaml.ExternalData) {
w.IndentDecrease()
}
func printData(w writer, d map[string]string) {
var keys []string
for k := range d {
keys = append(keys, k)
}
sort.Strings(keys)
func printData(w writer, d string) {
w.WriteTag("data")
w.IndentIncrease()
for _, k := range keys {
v := d[k]
w.WriteTag(k)
w.WriteByte(' ')
w.WriteByte('>')
w.IndentIncrease()
v = spaceReplacer.Replace(v)
for _, s := range chunk(v, 60) {
d = spaceReplacer.Replace(d)
for _, s := range chunk(d, 60) {
w.WriteByte('\n')
w.Indent()
w.WriteString(s)
}
w.IndentDecrease()
}
w.IndentDecrease()
}
// replace spaces and newlines.

View File

@ -15,15 +15,6 @@ func TestSecret(t *testing.T) {
}
}
func TestExternalSecret(t *testing.T) {
ok, err := diff("testdata/secret_extern.yml")
if err != nil {
t.Error(err)
} else if !ok {
t.Errorf("Unepxected formatting")
}
}
func TestGetSecret(t *testing.T) {
ok, err := diff("testdata/secret_get.yml")
if err != nil {

View File

@ -35,17 +35,10 @@ depends_on:
- foo
- bar
---
kind: registry
data:
index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
---
kind: secret
type: general
data:
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
name: username
data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
---
kind: cron
@ -60,5 +53,3 @@ spec:
---
kind: signature
hmac: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
...

View File

@ -35,18 +35,10 @@ depends_on:
- foo
- bar
---
kind: registry
data:
index.docker.io: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
---
kind: secret
type: general
data:
password: >
YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
username: >
name: username
data: >
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
---

View File

@ -1,6 +1,4 @@
kind: secret
type: general
name: username
data:
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
password: NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlmNDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
data: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK

View File

@ -1,12 +1,7 @@
---
kind: secret
type: general
data:
password: >
NGZhNjY5YWMxZjhlYzJkNzE1ODlkZDliN2I4MDMwOTEzNGZhZTk3ZjcyNzk5
NzNmZmQ3ZWRmNGY0YWJmYjFlMGY3ZmI2MmQ2MmNjMDQ1NDQwNmU5Nzc5NTlm
NDEyYzM2YzI1ZjdhOWVkOTc1OTI5YmE5OTY1ZGRhOTk3NTQ1NDAK
username: >
name: username
data: >
N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
...

View File

@ -1,10 +0,0 @@
kind: secret
external_data:
username:
path: secrets/data/docker
name: username
password:
path: secrets/data/docker
name: password

View File

@ -1,12 +0,0 @@
---
kind: secret
type: general
external_data:
password:
path: secrets/data/docker
name: password
username:
path: secrets/data/docker
name: username
...

View File

@ -28,8 +28,7 @@ type (
Type string `json:"type,omitempty"`
Name string `json:"name,omitempty"`
Data map[string]string `json:"data,omitempty"`
External map[string]ExternalData `json:"external_data,omitempty" yaml:"external_data"`
Data string `json:"data,omitempty"`
Get SecretGet `json:"get,omitempty"`
}
@ -58,7 +57,7 @@ func (s *Secret) GetKind() string { return s.Kind }
// Validate returns an error if the secret is invalid.
func (s *Secret) Validate() error {
if len(s.Data) == 0 && len(s.External) == 0 {
if len(s.Data) == 0 && len(s.Get.Path) == 0 && len(s.Get.Name) == 0 {
return errors.New("yaml: invalid secret resource")
}
return nil

View File

@ -4,9 +4,7 @@
package yaml
import (
"testing"
)
import "testing"
func TestSecretUnmarshal(t *testing.T) {
diff, err := diff("testdata/secret.yml")
@ -22,18 +20,20 @@ func TestSecretUnmarshal(t *testing.T) {
func TestSecretValidate(t *testing.T) {
secret := new(Secret)
secret.Data = map[string]string{"foo": "bar"}
secret.Data = "some-data"
if err := secret.Validate(); err != nil {
t.Error(err)
return
}
secret.Data = map[string]string{}
if err := secret.Validate(); err == nil {
t.Errorf("Expect invalid secret error")
secret.Get.Path = "secret/data/docker"
if err := secret.Validate(); err != nil {
t.Error(err)
return
}
secret.Data = nil
secret.Data = ""
secret.Get.Path = ""
if err := secret.Validate(); err == nil {
t.Errorf("Expect invalid secret error")
}

View File

@ -1,7 +1,5 @@
---
kind: secret
type: encrypted
name: username
data:
username: N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK
password: YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK
data: b2N0b2NhdA==

View File

@ -1,10 +1,7 @@
[
{
"kind": "secret",
"type": "encrypted",
"data": {
"password": "YjgwNDc4ZDY4NmQzNzQzYjNkYmUwYmE3YjMwOTM2OWUK",
"username": "N2NmYjA3ODQwNTY1ODFlY2E5MGJmOWI1NDk0NDFhMTEK"
}
"name": "username",
"data": "b2N0b2NhdA=="
}
]