Skip to content

Commit

Permalink
added list secrets command
Browse files Browse the repository at this point in the history
  • Loading branch information
shubhamvernekar committed Nov 4, 2023
1 parent 9daa5ec commit a706a54
Show file tree
Hide file tree
Showing 7 changed files with 69 additions and 12 deletions.
9 changes: 9 additions & 0 deletions client/client.go
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,15 @@ func (c *Client) GetOrgPublicKeys(env string) (OrgPublicKeys, error) {
return OrgPublicKeys{Recipients: recps}, nil
}

func (c *Client) GetSecretList() ([]google.SecretObject, error) {
resp, err := c.Service.store.ListObject(c.ctx, c.bucket, c.prefix)
if err != nil {
return nil, err
}

return resp, nil
}

func New(ctx context.Context, cfg config.Client) (*Client, error) {
if err := cfg.Valid(); err != nil {
return nil, err
Expand Down
5 changes: 3 additions & 2 deletions client/gcs_service.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ import (

"github.com/rs/zerolog/log"
"github.com/scalescape/dolores/config"
"github.com/scalescape/dolores/store/google"
)

var ErrInvalidPublicKeys = errors.New("invalid public keys")
Expand All @@ -23,7 +24,7 @@ type Service struct {
type gcsStore interface {
WriteToObject(ctx context.Context, bucketName, fileName string, data []byte) error
ReadObject(ctx context.Context, bucketName, fileName string) ([]byte, error)
ListObject(ctx context.Context, bucketName, path string) ([]string, error)
ListObject(ctx context.Context, bucketName, path string) ([]google.SecretObject, error)
ExistsObject(ctx context.Context, bucketName, fileName string) (bool, error)
}

Expand Down Expand Up @@ -83,7 +84,7 @@ func (s Service) GetOrgPublicKeys(ctx context.Context, env, bucketName, path str
}
keys := make([]string, len(resp))
for i, obj := range resp {
key, err := s.store.ReadObject(ctx, bucketName, obj)
key, err := s.store.ReadObject(ctx, bucketName, obj.Name)
if err != nil {
return nil, fmt.Errorf("failed to read object %s: %w", obj, err)
}
Expand Down
5 changes: 5 additions & 0 deletions client/monart.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (

"github.com/rs/zerolog/log"
"github.com/scalescape/dolores/config"
"github.com/scalescape/dolores/store/google"
)

type credentials struct {
Expand Down Expand Up @@ -109,6 +110,10 @@ func (s MonartClient) call(req *http.Request, dest any) (*http.Response, error)
return resp, nil
}

func (c MonartClient) GetSecretList() ([]google.SecretObject, error) {
return nil, nil
}

func NewMonart(ctx context.Context, cfg *config.Monart) MonartClient {
cred := credentials{APIToken: cfg.APIToken, ID: cfg.ID}
return MonartClient{cli: http.DefaultClient, cred: cred, ctx: ctx}
Expand Down
12 changes: 9 additions & 3 deletions cmd/dolores/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ package main

import (
"context"
"fmt"
"os"

"github.com/rs/zerolog"
"github.com/rs/zerolog/log"
Expand Down Expand Up @@ -77,7 +77,13 @@ func (c *ConfigCommand) decryptAction(ctx *cli.Context) error {
}

func (c *ConfigCommand) listSecretAction(ctx *cli.Context) error {
fmt.Println("List secrets ")
env := ctx.String("environment")
log := c.log.With().Str("cmd", "config.list").Str("environment", env).Logger()
secMan := secrets.NewSecretsManager(log, c.rcli(ctx.Context))
req := secrets.ListSecretConfig{Environment: env, Out: os.Stdout}
if err := secMan.ListSecret(req); err != nil {
return err
}
return nil
}

Expand Down Expand Up @@ -144,7 +150,7 @@ func EditCommand(action cli.ActionFunc) *cli.Command {

func ListSecretCommand(action cli.ActionFunc) *cli.Command {
return &cli.Command{
Name: "list_secret",
Name: "list",
Usage: "shows the list of secrets uploaded in cloud",
Action: action,
}
Expand Down
2 changes: 2 additions & 0 deletions cmd/dolores/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ import (
"github.com/rs/zerolog/log"
"github.com/scalescape/dolores/client"
"github.com/scalescape/dolores/config"
"github.com/scalescape/dolores/store/google"
"github.com/urfave/cli/v2"
)

Expand All @@ -17,6 +18,7 @@ type secretsClient interface {
FetchSecrets(req client.FetchSecretRequest) ([]byte, error)
GetOrgPublicKeys(env string) (client.OrgPublicKeys, error)
Init(ctx context.Context, bucket string, cfg client.Configuration) error
GetSecretList() ([]google.SecretObject, error)
}

type CtxKey string
Expand Down
33 changes: 29 additions & 4 deletions secrets/manager.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,14 @@ import (
"github.com/rs/zerolog"
"github.com/scalescape/dolores"
"github.com/scalescape/dolores/client"
"github.com/scalescape/dolores/store/google"
)

type secClient interface {
FetchSecrets(req client.FetchSecretRequest) ([]byte, error)
UploadSecrets(req client.EncryptedConfig) error
GetOrgPublicKeys(env string) (client.OrgPublicKeys, error)
GetSecretList() ([]google.SecretObject, error)
}

type EncryptConfig struct {
Expand Down Expand Up @@ -132,21 +134,44 @@ func (sm SecretManager) Decrypt(cfg DecryptConfig) error {

type ListSecretConfig struct {
Environment string
KeyFile string
Out io.Writer
}

func (c ListSecretConfig) Valid() error {
if c.KeyFile == "" {
return ErrInvalidKeyFile
func (c ListSecretConfig) Output() io.Writer {
if c.Out == nil {
return os.Stdout
}
return c.Out
}

func (c ListSecretConfig) Valid() error {
if strings.ToLower(c.Environment) != "production" && strings.ToLower(c.Environment) != "staging" {
return ErrInvalidEnvironment
}
return nil
}

func (sm SecretManager) ListSecret(cfg ListSecretConfig) error {
if err := cfg.Valid(); err != nil {
return fmt.Errorf("invalid config: %w", err)
}
resp, err := sm.client.GetSecretList()
if err != nil {
return fmt.Errorf("failed to get secrets: %w", err)
}
if _, err := cfg.Output().Write([]byte(fmt.Sprintf("%-20s %-40s %-40s %-40s\n", "Name", "Bucket", "Create At", "Updated At"))); err != nil {
return err
}
for _, obj := range resp {
if !strings.HasSuffix(obj.Name, ".key") && !strings.HasSuffix(obj.Name, "/") {
if _, err := cfg.Output().Write([]byte(fmt.Sprintf("%-20s %-40s %-40s %-40s\n", obj.Name, obj.Bucket, obj.CreatedAt, obj.UpdatedAt))); err != nil {
return err
}
}
}
return nil
}

func NewSecretsManager(log zerolog.Logger, rcli secClient) SecretManager {
return SecretManager{client: rcli, log: log}
}
15 changes: 12 additions & 3 deletions store/google/gcs.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import (
"fmt"
"io"
"os"
"time"

"cloud.google.com/go/storage"
"github.com/rs/zerolog/log"
Expand All @@ -25,6 +26,13 @@ type Config struct {
ServiceAccountFile string
}

type SecretObject struct {
Name string `json:"name"`
Bucket string `json:"bucket"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
}

type ServiceAccount struct {
Type string `json:"type"`
ProjectID string `json:"project_id"`
Expand Down Expand Up @@ -105,12 +113,12 @@ func (s StorageClient) ListBuckets(ctx context.Context) ([]string, error) {
return buckets, nil
}

func (s StorageClient) ListObject(ctx context.Context, bucketName, path string) ([]string, error) {
func (s StorageClient) ListObject(ctx context.Context, bucketName, path string) ([]SecretObject, error) {
bucket := s.Client.Bucket(bucketName)
if _, err := bucket.Attrs(ctx); err != nil {
return nil, fmt.Errorf("failed to get bucket: %w", err)
}
objs := make([]string, 0)
objs := make([]SecretObject, 0)
iter := bucket.Objects(ctx, &storage.Query{Prefix: path})
for {
attrs, err := iter.Next()
Expand All @@ -120,7 +128,8 @@ func (s StorageClient) ListObject(ctx context.Context, bucketName, path string)
if err != nil {
return nil, fmt.Errorf("failed to iterate object list: %w", err)
}
objs = append(objs, attrs.Name)
o := SecretObject{Name: attrs.Name, CreatedAt: attrs.Created, UpdatedAt: attrs.Updated, Bucket: attrs.Bucket}
objs = append(objs, o)
}
log.Trace().Msgf("list of objects from path: %s %+v", path, objs)
return objs, nil
Expand Down

0 comments on commit a706a54

Please sign in to comment.