2022-05-10 22:31:17 +02:00
|
|
|
package yaml
|
|
|
|
|
|
|
|
import (
|
|
|
|
"bytes"
|
|
|
|
"io"
|
|
|
|
"net/url"
|
|
|
|
"path"
|
|
|
|
"path/filepath"
|
2022-07-29 17:47:11 +02:00
|
|
|
"strings"
|
2022-05-10 22:31:17 +02:00
|
|
|
|
|
|
|
"forge.cadoles.com/wpetit/formidable/internal/data/format"
|
|
|
|
"github.com/pkg/errors"
|
|
|
|
"gopkg.in/yaml.v3"
|
|
|
|
)
|
|
|
|
|
2022-07-29 17:47:11 +02:00
|
|
|
const YAMLTagAnsibleVaultValuesQueryParam = "ansible_vault"
|
|
|
|
|
2022-05-10 22:31:17 +02:00
|
|
|
type EncoderHandler struct{}
|
|
|
|
|
|
|
|
func (d *EncoderHandler) Match(url *url.URL) bool {
|
|
|
|
ext := filepath.Ext(path.Join(url.Host, url.Path))
|
|
|
|
|
|
|
|
return ExtensionYAML.MatchString(ext) ||
|
|
|
|
format.MatchURLQueryFormat(url, FormatYAML)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (d *EncoderHandler) Encode(url *url.URL, data interface{}) (io.Reader, error) {
|
2022-07-29 17:47:11 +02:00
|
|
|
var output bytes.Buffer
|
2022-05-10 22:31:17 +02:00
|
|
|
|
2022-07-29 17:47:11 +02:00
|
|
|
encoder := yaml.NewEncoder(&output)
|
2022-05-10 22:31:17 +02:00
|
|
|
|
|
|
|
if err := encoder.Encode(data); err != nil {
|
|
|
|
return nil, errors.WithStack(err)
|
|
|
|
}
|
|
|
|
|
2022-07-29 17:47:11 +02:00
|
|
|
if shouldTransformAnsibleVault(url) {
|
|
|
|
if err := tagAnsibleVaultValues(&output); err != nil {
|
|
|
|
return nil, errors.WithStack(err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return &output, nil
|
2022-05-10 22:31:17 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
func NewEncoderHandler() *EncoderHandler {
|
|
|
|
return &EncoderHandler{}
|
|
|
|
}
|
2022-07-29 17:47:11 +02:00
|
|
|
|
|
|
|
func shouldTransformAnsibleVault(url *url.URL) bool {
|
|
|
|
return !url.Query().Has(YAMLTagAnsibleVaultValuesQueryParam) || url.Query().Get(YAMLTagAnsibleVaultValuesQueryParam) == "yes"
|
|
|
|
}
|
|
|
|
|
|
|
|
func tagAnsibleVaultValues(buf *bytes.Buffer) error {
|
|
|
|
decoder := yaml.NewDecoder(buf)
|
|
|
|
|
|
|
|
var node yaml.Node
|
|
|
|
|
|
|
|
if err := decoder.Decode(&node); err != nil {
|
|
|
|
return errors.WithStack(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
walkNodeTree(&node, func(node *yaml.Node) {
|
|
|
|
isAnsibleVaultNode := node.Tag == "!!str" && strings.HasPrefix(strings.TrimSpace(node.Value), "$ANSIBLE_VAULT")
|
|
|
|
if !isAnsibleVaultNode {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
node.Tag = "!vault"
|
|
|
|
node.Style = yaml.LiteralStyle | yaml.TaggedStyle
|
|
|
|
})
|
|
|
|
|
|
|
|
buf.Reset()
|
|
|
|
|
|
|
|
encoder := yaml.NewEncoder(buf)
|
|
|
|
|
|
|
|
if err := encoder.Encode(node.Content[0]); err != nil {
|
|
|
|
return errors.WithStack(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func walkNodeTree(node *yaml.Node, fn func(node *yaml.Node)) {
|
|
|
|
fn(node)
|
|
|
|
|
|
|
|
if node.Content == nil {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, sub := range node.Content {
|
|
|
|
walkNodeTree(sub, fn)
|
|
|
|
}
|
|
|
|
}
|