forked from jkroepke/helm-secrets
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy path_custom.sh
81 lines (65 loc) · 2.11 KB
/
_custom.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
#!/usr/bin/env sh
# shellcheck source=scripts/lib/http.sh
. "${SCRIPT_DIR}/lib/sed.sh"
_custom_driver_is_yaml() {
false
}
_custom_driver_get_secret() {
echo "Please override function '_custom_driver_get_secret' in your driver!" >&2
exit 1
}
driver_is_file_encrypted() {
input="${1}"
grep -q -e "${_DRIVER_REGEX}" "${input}"
}
driver_encrypt_file() {
echo "Encrypting files is not supported!"
exit 1
}
driver_decrypt_file() {
type="${1}"
input="${2}"
# if omit then output to stdout
output="${3:-}"
output_yaml="$(mktemp)"
output_yaml_anchors="$(mktemp)"
# Strip yaml separator
sed -e '/^---$/d' "${input}" >"${output_yaml}"
# Grab all patterns, deduplicate and pass it to loop
# https://github.com/koalaman/shellcheck/wiki/SC2013
if ! grep -o -e "${_DRIVER_REGEX}" "${input}" | sort | uniq | while IFS= read -r EXPRESSION; do
# remove prefix
_SECRET="${EXPRESSION#* }"
if ! SECRET=$(_custom_driver_get_secret "${type}" "${_SECRET}"); then
exit 1
fi
# generate yaml anchor name
YAML_ANCHOR=$(printf 'helm-secret-%s' "${_SECRET}" | tr '#$/' '_')
# Replace vault expression with yaml anchor
EXPRESSION="$(echo "${EXPRESSION}" | _regex_escape)"
_sed_i "s/${EXPRESSION}/*${YAML_ANCHOR}/g" "${output_yaml}"
if _custom_driver_is_yaml "${type}" "${_SECRET}"; then
{
printf '.%s: &%s\n' "${YAML_ANCHOR}" "${YAML_ANCHOR}"
printf '%s\n\n' "${SECRET}" | sed -e 's/^/ /g'
} >>"${output_yaml_anchors}"
else
{
printf '.%s: &%s ' "${YAML_ANCHOR}" "${YAML_ANCHOR}"
printf '%s\n\n' "${SECRET}"
} >>"${output_yaml_anchors}"
fi
done; then
# pass exit from pipe/sub shell to main shell
exit 1
fi
if [ "${output}" = "" ]; then
cat "${output_yaml_anchors}" "${output_yaml}"
else
cat "${output_yaml_anchors}" "${output_yaml}" >"${output}"
fi
}
driver_edit_file() {
echo "Editing files is not supported!"
exit 1
}