use ga actions lib instead of own stuff
This commit is contained in:
parent
d7ac55f64d
commit
94b74d2931
2
go.mod
2
go.mod
|
@ -5,6 +5,7 @@ go 1.21.1
|
|||
require (
|
||||
github.com/hashicorp/vault/api v1.10.0
|
||||
github.com/pkg/errors v0.9.1
|
||||
github.com/sethvargo/go-githubactions v1.1.0
|
||||
github.com/sirupsen/logrus v1.9.3
|
||||
)
|
||||
|
||||
|
@ -23,6 +24,7 @@ require (
|
|||
github.com/mitchellh/go-homedir v1.1.0 // indirect
|
||||
github.com/mitchellh/mapstructure v1.5.0 // indirect
|
||||
github.com/ryanuber/go-glob v1.0.0 // indirect
|
||||
github.com/sethvargo/go-envconfig v0.8.0 // indirect
|
||||
golang.org/x/crypto v0.6.0 // indirect
|
||||
golang.org/x/net v0.7.0 // indirect
|
||||
golang.org/x/sys v0.5.0 // indirect
|
||||
|
|
5
go.sum
5
go.sum
|
@ -14,6 +14,7 @@ github.com/go-test/deep v1.0.2/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3a
|
|||
github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
|
||||
github.com/google/go-cmp v0.5.7 h1:81/ik6ipDQS2aGcBfIN5dHDB36BwrStyeAQquSYCV4o=
|
||||
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
|
||||
github.com/google/go-cmp v0.5.8 h1:e6P7q2lk1O+qJJb4BtCQXlK8vWEO8V1ZeuEdJNOqZyg=
|
||||
github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
||||
github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I=
|
||||
github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
|
||||
|
@ -62,6 +63,10 @@ github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndr
|
|||
github.com/ryanuber/columnize v2.1.0+incompatible/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
|
||||
github.com/ryanuber/go-glob v1.0.0 h1:iQh3xXAumdQ+4Ufa5b25cRpC5TYKlno6hsv6Cb3pkBk=
|
||||
github.com/ryanuber/go-glob v1.0.0/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
|
||||
github.com/sethvargo/go-envconfig v0.8.0 h1:AcmdAewSFAc7pQ1Ghz+vhZkilUtxX559QlDuLLiSkdI=
|
||||
github.com/sethvargo/go-envconfig v0.8.0/go.mod h1:Iz1Gy1Sf3T64TQlJSvee81qDhf7YIlt8GMUX6yyNFs0=
|
||||
github.com/sethvargo/go-githubactions v1.1.0 h1:mg03w+b+/s5SMS298/2G6tHv8P0w0VhUFaqL1THIqzY=
|
||||
github.com/sethvargo/go-githubactions v1.1.0/go.mod h1:qIboSF7yq2Qnaw2WXDsqCReM0Lo1gU4QXUWmhBC3pxE=
|
||||
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
|
||||
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
|
||||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
|
||||
|
|
75
main.go
75
main.go
|
@ -1,21 +1,15 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
vault "github.com/hashicorp/vault/api"
|
||||
"github.com/pkg/errors"
|
||||
ga "github.com/sethvargo/go-githubactions"
|
||||
"github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
const (
|
||||
eol = "\n"
|
||||
multiLineFileDelim = "_GitHubActionsFileCommandDelimeter_"
|
||||
multilineFileCmd = "%s<<" + multiLineFileDelim + eol + "%s" + eol + multiLineFileDelim // ${name}<<${delimiter}${os.EOL}${convertedVal}${os.EOL}${delimiter}
|
||||
)
|
||||
|
||||
var vaultClient *vault.Client
|
||||
|
||||
func main() {
|
||||
|
@ -24,25 +18,25 @@ func main() {
|
|||
logrus.Printf("Environment: %s", os.Environ())
|
||||
|
||||
vaultClient, err = vault.NewClient(&vault.Config{
|
||||
Address: getInput("url"),
|
||||
Address: ga.GetInput("url"),
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
logrus.WithError(err).Fatal("error creating vault client")
|
||||
}
|
||||
|
||||
switch getInput("method") {
|
||||
switch ga.GetInput("method") {
|
||||
case "approle":
|
||||
if err := setVaultTokenFromRoleID(); err != nil {
|
||||
logrus.WithError(err).Fatal("error setting vault token from role id")
|
||||
}
|
||||
case "token":
|
||||
vaultClient.SetToken(getInput("token"))
|
||||
vaultClient.SetToken(ga.GetInput("token"))
|
||||
default:
|
||||
logrus.Fatal("no credentials found")
|
||||
}
|
||||
|
||||
exprs := strings.Split(getInput("secrets"), ";")
|
||||
exprs := strings.Split(ga.GetInput("secrets"), ";")
|
||||
for _, expr := range exprs {
|
||||
p, k, o := parseExpression(strings.TrimSpace(expr))
|
||||
logrus.Infof("%q => %q => %q", p, k, o)
|
||||
|
@ -52,9 +46,8 @@ func main() {
|
|||
logrus.WithError(err).Fatal("error reading credential")
|
||||
}
|
||||
|
||||
if err := setOutput(o, s); err != nil {
|
||||
logrus.WithError(err).WithField("key", o).Fatal("error setting output")
|
||||
}
|
||||
ga.SetOutput(o, s)
|
||||
ga.SetEnv(o, s)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -113,11 +106,11 @@ func getVaultSecret(p string) (*vault.Secret, error) {
|
|||
|
||||
func setVaultTokenFromRoleID() error {
|
||||
data := map[string]any{
|
||||
"role_id": getInput("roleid"),
|
||||
"role_id": ga.GetInput("roleid"),
|
||||
}
|
||||
|
||||
if getInput("secretid") != "" {
|
||||
data["secret_id"] = getInput("secretid")
|
||||
if ga.GetInput("secretid") != "" {
|
||||
data["secret_id"] = ga.GetInput("secretid")
|
||||
}
|
||||
|
||||
loginSecret, err := vaultClient.Logical().Write("auth/approle/login", data)
|
||||
|
@ -129,51 +122,3 @@ func setVaultTokenFromRoleID() error {
|
|||
|
||||
return nil
|
||||
}
|
||||
|
||||
func getInput(i string) string {
|
||||
e := strings.ReplaceAll(i, " ", "_")
|
||||
e = strings.ToUpper(e)
|
||||
e = "INPUT_" + e
|
||||
|
||||
return strings.ReplaceAll(strings.TrimSpace(os.Getenv(e)), "\\n", "\n")
|
||||
}
|
||||
|
||||
func setOutput(k, v string) (err error) {
|
||||
msg := fmt.Sprintf(multilineFileCmd, k, v)
|
||||
outputFilepath := os.Getenv("GITHUB_OUTPUT")
|
||||
|
||||
f, err := os.OpenFile(outputFilepath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "open output file")
|
||||
}
|
||||
|
||||
defer func() {
|
||||
if cErr := f.Close(); cErr != nil && err == nil {
|
||||
err = cErr
|
||||
}
|
||||
}()
|
||||
|
||||
if _, err = f.Write([]byte(msg)); err != nil {
|
||||
return errors.Wrap(err, "write to output")
|
||||
}
|
||||
|
||||
envFilepath := os.Getenv("GITHUB_ENV")
|
||||
|
||||
envFile, err := os.OpenFile(envFilepath, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0o644)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "open env file")
|
||||
}
|
||||
|
||||
defer func() {
|
||||
if cErr := envFile.Close(); cErr != nil && err == nil {
|
||||
err = cErr
|
||||
}
|
||||
}()
|
||||
envMsg := fmt.Sprintf("%s=\"%s\"\n", k, strings.ReplaceAll(v, "\n", "\\n"))
|
||||
|
||||
if _, err := envFile.Write([]byte(envMsg)); err != nil {
|
||||
return errors.Wrap(err, "write to env file")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user