kjuulh/cuddle
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

feat: with updated docker file and friends
Some checks failed
continuous-integration/drone/push Build is failing
Details

Browse Source 
Signed-off-by: kjuulh <contact@kjuulh.io>
This commit is contained in:
Kasper Juul Hermansen
2023-07-27 15:04:46 +02:00
parent 33e1ff0e37
commit 68b46e4bec
9 changed files with 147 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cuddle_cli/Cargo.toml
View File

@@ -37,3 +37,4 @@ tempfile = { version = "3.6.0" }
serde_json = "1.0.97"
rlua = "0.19.5"
rlua-searcher = { git = "https://git.front.kjuulh.io/kjuulh/rlua-searcher.git", rev = "2b29a9d0e86ec7f91b31dd844a58168969b7b74b" }
dotenv = { version = "0.15.0", features = ["clap"] }

7
cuddle_cli/src/actions/mod.rs
View File

@@ -48,7 +48,12 @@ impl CuddleAction {
for (k, v) in args {
let var = match v {
CuddleShellScriptArg::Env(e) => {
let env_var = matches.get_one::<String>(&e.key).cloned().unwrap();
let env_var = matches.get_one::<String>(&k).cloned().ok_or(
anyhow::anyhow!(
"failed to find env variable with key: {}",
&e.key
),
)?;
CuddleVariable::new(k.clone(), env_var)
}

63
cuddle_cli/src/cli/mod.rs
View File

@@ -41,6 +41,16 @@ impl CuddleCli {
config,
};
if let Ok(provider) = std::env::var("CUDDLE_SECRETS_PROVIDER") {
let provider = provider
.split(",")
.map(|p| p.to_string())
.collect::<Vec<_>>();
tracing::trace!("secrets-provider enabled, handling for each entry");
handle_providers(provider)?;
std::thread::sleep(std::time::Duration::from_millis(100));
}
match context {
Some(_) => {
tracing::debug!("build full cli");
@@ -180,7 +190,7 @@ impl CuddleCli {
.subcommand_required(true)
.arg_required_else_help(true)
.propagate_version(true)
.arg(clap::Arg::new("secrets-provider").long("secrets-provider"));
.arg(clap::Arg::new("secrets-provider").long("secrets-provider").env("CUDDLE_SECRETS_PROVIDER"));
root_cmd = subcommands::x::build_command(root_cmd, self.clone());
root_cmd = subcommands::render_template::build_command(root_cmd);
@@ -211,11 +221,6 @@ impl CuddleCli {
if let Some(cli) = self.command.clone() {
let matches = cli.clone().get_matches();
if let Some(provider) = matches.get_many::<String>("secrets-provider") {
tracing::trace!("secrets-provider enabled, handling for each entry");
handle_providers(provider.cloned().collect::<Vec<_>>())?
}
let res = match matches.subcommand() {
Some(("x", exe_submatch)) => subcommands::x::execute_x(exe_submatch, self.clone()),
Some(("render_template", sub_matches)) => {
@@ -254,11 +259,15 @@ impl TryFrom<String> for SecretProvider {
fn try_from(value: String) -> Result<Self, Self::Error> {
match value.as_str() {
"1password" => {
let one_password_inject = std::env::var("ONE_PASSWORD_INJECT")?;
let one_password_dot_env = std::env::var("ONE_PASSWORD_DOT_ENV")?;
let one_password_inject = std::env::var("CUDDLE_ONE_PASSWORD_INJECT")
.ok()
.filter(|f| f.as_str() != "");
let one_password_dot_env = std::env::var("CUDDLE_ONE_PASSWORD_DOT_ENV").ok();
let injectables = one_password_inject
.unwrap_or(String::new())
.split(",")
.filter(|s| s.contains('='))
.map(|i| i.to_string())
.collect::<Vec<_>>();
@@ -267,11 +276,12 @@ impl TryFrom<String> for SecretProvider {
// anyhow::bail!("1pass injectable path doesn't exist: {}", i);
// }
// }
if &one_password_dot_env != "" {
if let Some(one_password_dot_env) = &one_password_dot_env {
if let Ok(dir) = std::env::current_dir() {
tracing::trace!(
current_dir = dir.display().to_string(),
dotenv = &one_password_dot_env,
exists = PathBuf::from(&one_password_dot_env).exists(),
"1password dotenv inject"
);
}
@@ -279,14 +289,24 @@ impl TryFrom<String> for SecretProvider {
Ok(Self::OnePassword {
inject: injectables,
dotenv: if PathBuf::from(&one_password_dot_env).exists() {
Some(one_password_dot_env)
dotenv: if let Some(one_password_dot_env) = one_password_dot_env {
if PathBuf::from(&one_password_dot_env).exists() {
Some(one_password_dot_env)
} else {
None
}
} else {
None
},
})
}
_ => Err(anyhow::anyhow!("value is not one of supported values")),
value => {
tracing::debug!(
"provided secrets manager doesn't match any allowed values {}",
value
);
Err(anyhow::anyhow!("value is not one of supported values"))
}
}
}
}
@@ -317,23 +337,32 @@ fn handle_providers(provider: Vec<String>) -> anyhow::Result<()> {
Ok(secrets_pair)
}
let res: anyhow::Result<Vec<()>> = provider
let res = provider
.into_iter()
.map(|p| SecretProvider::try_from(p))
.flatten()
.collect::<anyhow::Result<Vec<_>>>();
let res = res?;
let res = res
.into_iter()
.map(|p| match p {
SecretProvider::OnePassword { inject, dotenv } => {
tracing::trace!(
inject = inject.join(","),
dotenv = dotenv,
"handling 1password"
);
if let Some(dotenv) = dotenv {
let pairs = execute_1password_inject(&dotenv)?;
let pairs = execute_1password_inject(&dotenv).unwrap();
for (key, value) in pairs {
tracing::debug!(env_name = &key, "set var from 1password");
tracing::debug!(env_name = &key, value=&value, "set var from 1password");
std::env::set_var(key, value);
}
}
for i in inject {
let (env_var_name, op_lookup) = i.split_once("=").ok_or(anyhow::anyhow!(
"ONE_PASSWORD_INJECT is not a key value pair ie. key:value,key2=value2"
"CUDDLE_ONE_PASSWORD_INJECT is not a key value pair ie. key:value,key2=value2"
))?;
let secret = execute_1password(&op_lookup)?;
std::env::set_var(&env_var_name, secret);

2
cuddle_cli/src/main.rs
View File

@@ -1,5 +1,4 @@
use config::CuddleConfig;
use tracing::Level;
use tracing_subscriber::prelude::*;
use tracing_subscriber::{fmt, EnvFilter};
@@ -12,6 +11,7 @@ mod util;
fn main() -> anyhow::Result<()> {
init_logging()?;
let _ = dotenv::dotenv();
let config = CuddleConfig::from_env()?;