diff --git a/.editorconfig b/.editorconfig index bc7badc6..2872125f 100644 --- a/.editorconfig +++ b/.editorconfig @@ -4,6 +4,9 @@ root = true end_of_line = lf insert_final_newline = true +[*.cmd] +end_of_line = crlf + [*.{sh,bash,bats}] indent_style = space indent_size = 4 diff --git a/CHANGELOG.md b/CHANGELOG.md index d0a18591..0fe2e1c6 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 Allow override sops version on installation +## [Unreleased] + +### Added +- Better lookup for unix shells on Windows (https://github.com/jkroepke/helm-secrets/pull/42) + ## [3.3.4] - 2020-09-09 ### Added diff --git a/plugin.yaml b/plugin.yaml index 55fee033..cf5a451d 100644 --- a/plugin.yaml +++ b/plugin.yaml @@ -5,10 +5,10 @@ description: |- This plugin provides secrets values encryption for Helm charts secure storing useTunnel: false hooks: - install: "$HELM_PLUGIN_DIR/scripts/install.sh" - update: "$HELM_PLUGIN_DIR/scripts/install.sh" + install: "$HELM_PLUGIN_DIR/scripts/wrapper/run.cmd $HELM_PLUGIN_DIR/scripts/install.sh" + update: "$HELM_PLUGIN_DIR/scripts/wrapper/run.cmd $HELM_PLUGIN_DIR/scripts/install.sh" command: "$HELM_PLUGIN_DIR/scripts/run.sh" platformCommand: - os: windows - command: "sh $HELM_PLUGIN_DIR/scripts/run.sh" + command: "cmd /c $HELM_PLUGIN_DIR/wrapper/sh.cmd $HELM_PLUGIN_DIR/scripts/run.sh" diff --git a/scripts/drivers/sops.sh b/scripts/drivers/sops.sh index 6522d2d1..6a1bc619 100644 --- a/scripts/drivers/sops.sh +++ b/scripts/drivers/sops.sh @@ -1,5 +1,7 @@ #!/usr/bin/env sh +_SOPS="${HELM_SECRETS_SOPS_BIN:-sops}" + driver_is_file_encrypted() { input="${1}" @@ -12,9 +14,9 @@ driver_encrypt_file() { output="${3}" if [ "${input}" = "${output}" ]; then - sops --encrypt --input-type "${type}" --output-type "${type}" --in-place "${input}" + $_SOPS --encrypt --input-type "${type}" --output-type "${type}" --in-place "${input}" else - sops --encrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" + $_SOPS --encrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" fi } @@ -25,9 +27,9 @@ driver_decrypt_file() { output="${3:-}" if [ "${output}" != "" ]; then - sops --decrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" + $_SOPS --decrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" else - sops --decrypt --input-type "${type}" --output-type "${type}" "${input}" + $_SOPS --decrypt --input-type "${type}" --output-type "${type}" "${input}" fi } @@ -35,5 +37,5 @@ driver_edit_file() { type="${1}" input="${2}" - sops --input-type yaml --output-type yaml "${input}" + $_SOPS --input-type yaml --output-type yaml "${input}" } diff --git a/scripts/run.sh b/scripts/run.sh index 16be25cc..51cd753e 100755 --- a/scripts/run.sh +++ b/scripts/run.sh @@ -80,6 +80,11 @@ load_secret_driver() { load_secret_driver "$SECRET_DRIVER" +# ./run.sh vs bash run.sh +if [ "$(basename "$1")" = "run.sh" ]; then + shift +fi + while true; do case "${1:-}" in enc) diff --git a/scripts/wrapper/run.cmd b/scripts/wrapper/run.cmd new file mode 100755 index 00000000..999102dc --- /dev/null +++ b/scripts/wrapper/run.cmd @@ -0,0 +1,9 @@ +:; exec "$@" # +:; exit $? # + +:: .bat bash hybrid script +:: https://stackoverflow.com/a/17623721 + +@echo off +%HELM_PLUGIN_DIR%\wrapper\sh.cmd %* +exit /b diff --git a/scripts/wrapper/sh.cmd b/scripts/wrapper/sh.cmd new file mode 100644 index 00000000..99132722 --- /dev/null +++ b/scripts/wrapper/sh.cmd @@ -0,0 +1,117 @@ +@setlocal enableextensions enabledelayedexpansion +@echo off + +:: If HELM_SECRETS_WINDOWS_SHELL is provided, use it. +if not "%HELM_SECRETS_WINDOWS_SHELL%"=="" GOTO :ENVSH + + +:: check for cygwin installation or git for windows is inside %PATH% +"sh" -c exit >nul 2>&1 +IF %ERRORLEVEL% EQU 0 GOTO :SH + + +:: check for git-bash +"%programfiles%\Git\bin\bash.exe" -c exit >nul 2>&1 +IF %ERRORLEVEL% EQU 0 GOTO :GITBASH + + +:: check for git-bash (32-bit) +"%programfiles(x86)%\Git\bin\bash.exe" -c exit >nul 2>&1 +IF %ERRORLEVEL% EQU 0 GOTO :GITBASH32 + + +:: check git for windows +where.exe git.exe >nul 2>&1 +IF %ERRORLEVEL% EQU 0 GOTO :GITBASH_CUSTOM +:RETURN_GITBASH + + +:: check for wsl +wsl sh -c exit >nul 2>&1 +IF %ERRORLEVEL% EQU 0 GOTO :WSL + +GOTO :NOSHELL + + + +:ENVSH +IF "%HELM_SECRETS_WINDOWS_SHELL%"=="wsl" GOTO :WSL + +"%HELM_SECRETS_WINDOWS_SHELL%" "%HELM_PLUGIN_DIR%\scripts\run.sh" %* +GOTO :EOF + + + + +:SH +"sh" "%HELM_PLUGIN_DIR%\scripts\run.sh" %* +GOTO :EOF + + + + +:GITBASH +"%programfiles%\Git\bin\bash.exe" "%HELM_PLUGIN_DIR%\scripts\run.sh" %* +GOTO :EOF + + + + + +:GITBASH32 +"%programfiles(x86)%\Git\bin\bash.exe" "%HELM_PLUGIN_DIR%\scripts\run.sh" %* +GOTO :EOF + + + + +:GITBASH_CUSTOM +:: CMD output to variable - https://stackoverflow.com/a/6362922/8087167 +FOR /F "tokens=* USEBACKQ" %%F IN (`where.exe git.exe`) DO ( + SET GIT_FILEPATH=%%F +) + +IF "%GIT_FILEPATH%"=="" GOTO :RETURN_GITBASH + +FOR %%F in ("%GIT_FILEPATH%") DO SET GIT_DIRPATH=%%~dpF + +:: check for git-bash +"%GIT_DIRPATH%..\bin\bash.exe" -c exit >nul 2>&1 + +IF %ERRORLEVEL% NEQ 0 GOTO :RETURN_GITBASH + +"%GIT_DIRPATH%..\bin\bash.exe" "%HELM_PLUGIN_DIR%\scripts\run.sh" %* +GOTO :EOF + + + + +:WSL +:: Use WSL, but convert all paths (script + arguments) to wsl paths +SET ARGS= + +:: Loop through all parameters - https://stackoverflow.com/a/34019557/8087167 +:LOOP +if "%1"=="" goto ENDLOOP + +:: CMD output to variable - https://stackoverflow.com/a/6362922/8087167 +FOR /F "tokens=* USEBACKQ" %%F IN (`wsl wslpath "%1"`) DO ( + SET WSLPATH=%%F +) +SET ARGS=%ARGS% %WSLPATH% + +shift +goto LOOP +:ENDLOOP + +wsl bash %ARGS% +GOTO :EOF + + + + +:NOSHELL +:: If no *nix shell found, raise an error. +echo helm-secrets needs a unix shell. Please install WSL, cygwin or Git for Windows. +exit /B 1 +GOTO :EOF