forked from argoproj-labs/argocd-vault-plugin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathgenerate.go
112 lines (96 loc) · 3.23 KB
/
generate.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package cmd
import (
"fmt"
"strconv"
"strings"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
"github.com/argoproj-labs/argocd-vault-plugin/pkg/config"
"github.com/argoproj-labs/argocd-vault-plugin/pkg/kube"
"github.com/argoproj-labs/argocd-vault-plugin/pkg/types"
"github.com/argoproj-labs/argocd-vault-plugin/pkg/utils"
"github.com/spf13/cobra"
"github.com/spf13/viper"
)
// NewGenerateCommand initializes the generate command
func NewGenerateCommand() *cobra.Command {
const StdIn = "-"
var configPath, secretName string
var verboseOutput bool
var command = &cobra.Command{
Use: "generate <path>",
Short: "Generate manifests from templates with Vault values",
Args: func(cmd *cobra.Command, args []string) error {
if len(args) < 1 {
return fmt.Errorf("<path> argument required to generate manifests")
}
return nil
},
RunE: func(cmd *cobra.Command, args []string) error {
var manifests []unstructured.Unstructured
var err error
path := args[0]
if path == StdIn {
manifests, err = readManifestData(cmd.InOrStdin())
if err != nil {
return err
}
} else {
files, err := listFiles(path)
if len(files) < 1 {
return fmt.Errorf("no YAML or JSON files were found in %s", path)
}
if err != nil {
return err
}
var errs []error
manifests, errs = readFilesAsManifests(files)
if len(errs) != 0 {
errMessages := make([]string, len(errs))
for idx, err := range errs {
errMessages[idx] = err.Error()
}
return fmt.Errorf("could not read YAML/JSON files:\n%s", strings.Join(errMessages, "\n"))
}
}
v := viper.New()
viper.Set("verboseOutput", verboseOutput)
cmdConfig, err := config.New(v, &config.Options{
SecretName: secretName,
ConfigPath: configPath,
})
if err != nil {
return err
}
err = cmdConfig.Backend.Login()
if err != nil {
return err
}
for _, manifest := range manifests {
template, err := kube.NewTemplate(manifest, cmdConfig.Backend)
if err != nil {
return err
}
annotations := manifest.GetAnnotations()
avpIgnore, _ := strconv.ParseBool(annotations[types.AVPIgnoreAnnotation])
if !avpIgnore {
err = template.Replace()
if err != nil {
return err
}
} else {
utils.VerboseToStdErr("skipping %s.%s because %s annotation is present", manifest.GetNamespace(), manifest.GetName(), types.AVPIgnoreAnnotation)
}
output, err := template.ToYAML()
if err != nil {
return err
}
fmt.Fprintf(cmd.OutOrStdout(), "%s---\n", output)
}
return nil
},
}
command.Flags().StringVarP(&configPath, "config-path", "c", "", "path to a file containing Vault configuration (YAML, JSON, envfile) to use")
command.Flags().StringVarP(&secretName, "secret-name", "s", "", "name of a Kubernetes Secret in the argocd namespace containing Vault configuration data in the argocd namespace of your ArgoCD host (Only available when used in ArgoCD). The namespace can be overridden by using the format <namespace>:<name>")
command.Flags().BoolVar(&verboseOutput, "verbose-sensitive-output", false, "enable verbose mode for detailed info to help with debugging. Includes sensitive data (credentials), logged to stderr")
return command
}