diff --git a/.editorconfig b/.editorconfig index bc7badc6..2872125f 100644 --- a/.editorconfig +++ b/.editorconfig @@ -4,6 +4,9 @@ root = true end_of_line = lf insert_final_newline = true +[*.cmd] +end_of_line = crlf + [*.{sh,bash,bats}] indent_style = space indent_size = 4 diff --git a/plugin.yaml b/plugin.yaml index 55fee033..fe0290df 100644 --- a/plugin.yaml +++ b/plugin.yaml @@ -5,10 +5,10 @@ description: |- This plugin provides secrets values encryption for Helm charts secure storing useTunnel: false hooks: - install: "$HELM_PLUGIN_DIR/scripts/install.sh" - update: "$HELM_PLUGIN_DIR/scripts/install.sh" + install: "$HELM_PLUGIN_DIR/wrapper/run.cmd $HELM_PLUGIN_DIR/scripts/install.sh" + update: "$HELM_PLUGIN_DIR/wrapper/run.cmd $HELM_PLUGIN_DIR/scripts/install.sh" command: "$HELM_PLUGIN_DIR/scripts/run.sh" platformCommand: - os: windows - command: "sh $HELM_PLUGIN_DIR/scripts/run.sh" + command: "$HELM_PLUGIN_DIR/wrapper/sh.cmd $HELM_PLUGIN_DIR/scripts/run.sh" diff --git a/scripts/drivers/sops.sh b/scripts/drivers/sops.sh index 6522d2d1..6a1bc619 100644 --- a/scripts/drivers/sops.sh +++ b/scripts/drivers/sops.sh @@ -1,5 +1,7 @@ #!/usr/bin/env sh +_SOPS="${HELM_SECRETS_SOPS_BIN:-sops}" + driver_is_file_encrypted() { input="${1}" @@ -12,9 +14,9 @@ driver_encrypt_file() { output="${3}" if [ "${input}" = "${output}" ]; then - sops --encrypt --input-type "${type}" --output-type "${type}" --in-place "${input}" + $_SOPS --encrypt --input-type "${type}" --output-type "${type}" --in-place "${input}" else - sops --encrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" + $_SOPS --encrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" fi } @@ -25,9 +27,9 @@ driver_decrypt_file() { output="${3:-}" if [ "${output}" != "" ]; then - sops --decrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" + $_SOPS --decrypt --input-type "${type}" --output-type "${type}" --output "${output}" "${input}" else - sops --decrypt --input-type "${type}" --output-type "${type}" "${input}" + $_SOPS --decrypt --input-type "${type}" --output-type "${type}" "${input}" fi } @@ -35,5 +37,5 @@ driver_edit_file() { type="${1}" input="${2}" - sops --input-type yaml --output-type yaml "${input}" + $_SOPS --input-type yaml --output-type yaml "${input}" } diff --git a/wrapper/run.cmd b/wrapper/run.cmd new file mode 100755 index 00000000..c9c2d072 --- /dev/null +++ b/wrapper/run.cmd @@ -0,0 +1,6 @@ +:; exec "$@" # +:; exit $? # + +@echo off +%HELM_PLUGIN_DIR%\wrapper\sh.sh %* +exit /b diff --git a/wrapper/sh.cmd b/wrapper/sh.cmd new file mode 100644 index 00000000..c45dba91 --- /dev/null +++ b/wrapper/sh.cmd @@ -0,0 +1,70 @@ +@setlocal enableextensions enabledelayedexpansion +@echo off + +:: If HELM_SECRETS_WINDOWS_SHELL is provided, use it. +if "%HELM_SECRETS_WINDOWS_SHELL%"!="" GOTO :ENVSH + +:: check for cygwin installation or git for windows is inside %PATH% +sh -c exit >nul 2>&1 + +IF %ERRORLEVEL% EQU 0 GOTO :SH + +:: check for git-bash +C:\Program^ Files\Git\bin\bash.exe -c exit >nul 2>&1 + +IF %ERRORLEVEL% EQU 0 GOTO :GITBASH + +:: check for git-bash (32-bit) +C:\Program^ Files^ (x86)\Git\bin\bash.exe -c exit >nul 2>&1 + +IF %ERRORLEVEL% EQU 0 GOTO :GITBASH32 + +:: check for wsl +wsl sh -c exit >nul 2>&1 + +IF %ERRORLEVEL% EQU 0 GOTO :WSL + +GOTO :NOSHELL + +:ENVSH +%HELM_SECRETS_WINDOWS_SHELL% "%*" +GOTO :EOF + +:SH +sh "'%HELM_PLUGIN_DIR%\scripts\run.sh' %*" +GOTO :EOF + +:GITBASH +C:\Program^ Files\Git\bin\bash.exe "%*" +GOTO :EOF + +:GITBASH32 +C:\Program^ Files^ (x86)\Git\bin\bash.exe "%*" +GOTO :EOF + +:WSL +:: Use WSL, but convert all paths (script + arguments) to wsl paths +SET ARGS= + +:: Loop through all parameters - https://stackoverflow.com/a/34019557/8087167 +:LOOP +if "%1"=="" goto ENDLOOP + +:: CMD output to variable - https://stackoverflow.com/a/6362922/8087167 +FOR /F "tokens=* USEBACKQ" %%F IN (`wsl wslpath "%1"`) DO ( + SET WSLPATH=%%F +) +SET ARGS=%ARGS% %WSLPATH% + +shift +goto LOOP +:ENDLOOP + +wsl bash -x -c "%ARGS%" +GOTO :EOF + +:NOSHELL +:: If no *nix shell found, raise an error. +echo helm-secrets needs a unix shell. Please install WSL, cygwin or Git for Windows. +exit /B 1 +GOTO :EOF