store and vault refactoring

turnerlabs · Oct 7, 2019 · c5ef305 · c5ef305
1 parent 3a77217
commit c5ef305
Show file tree

Hide file tree

Showing 18 changed files with 391 additions and 842 deletions.
diff --git a/README.md b/README.md
@@ -202,6 +202,9 @@ $ cstore pull -t "dev|qa" # config must have either tag
 $ cstore pull -t dev -e # raw file contents
 ```
 ```bash
+$ cstore pull service/dev/.env -g json-object # JSON object format
+```
+```bash
 $ eval $( cstore pull service/dev/.env -g terminal-export ) # export environment variables
 ```
 

diff --git a/cli/cmd/pull.go b/cli/cmd/pull.go
@@ -298,7 +298,7 @@ func Pull(catalogPath string, opt cfg.UserOptions, io models.IO) (int, int, erro
 func compatibleFormat(format, fileType string) bool {
 
 	switch format {
-	case "task-def-secrets", "task-def-env", "terminal-export":
+	case "task-def-secrets", "task-def-env", "terminal-export", "json-object":
 		return fileType == "env"
 	case "":
 		return true

diff --git a/components/catalog/model.go b/components/catalog/model.go
@@ -6,9 +6,6 @@ import (
 	"path/filepath"
 	"strings"
 
-	"github.com/turnerlabs/cstore/components/cfg"
-
-	"github.com/turnerlabs/cstore/components/models"
 	"github.com/turnerlabs/cstore/components/path"
 )
 
@@ -191,12 +188,6 @@ func (f File) Missing(version string) bool {
 // Name ...
 func (f File) Name() string { return "*.yml" }
 
-// Description ...
-func (f File) Description() string { return "" }
-
-// Pre ...
-func (f File) Pre(clog Catalog, fileEntry *File, uo cfg.UserOptions, io models.IO) error { return nil }
-
 // Set ...
 func (f *File) Set(contextID, group, prop, value string) error {
 	if f.Data == nil {
@@ -215,11 +206,7 @@ func (f *File) Delete(contextID, group, prop string) error {
 
 // BuildKey ...
 func (f File) BuildKey(contextID, group, prop string) string {
-	if len(prop) > 0 {
-		return strings.ToUpper(fmt.Sprintf("%s_%s", group, prop))
-	}
-
-	return strings.ToUpper(group)
+	return strings.ToUpper(prop)
 }
 
 // Get ...

diff --git a/components/contract/vault.go b/components/contract/vault.go
@@ -33,14 +33,18 @@ type IVault interface {
 	// "fileEntry" represents the file this vault will operatate on.
 	// If any data needs
 	//
+	// "access" is used to get secrets required to access the vault.
+	// It is common to set the vault on the struct to allow other
+	// methods access to them.
+	//
 	// "uo" specifies if the user requested settings.
 	//
 	// "io" contains readers and writers that should be used when
 	// displaying instructions to or reading data from the command
 	// line.
 	//
 	// "error" should return nil if the operation was successful.
-	Pre(clog catalog.Catalog, fileEntry *catalog.File, uo cfg.UserOptions, io models.IO) error
+	Pre(clog catalog.Catalog, fileEntry *catalog.File, access IVault, uo cfg.UserOptions, io models.IO) error
 
 	// Get should return the requested secret or an error.
 	//
@@ -62,10 +66,10 @@ type IVault interface {
 	// "contextID" is a guid which represents the context of the
 	// catalog. It can be used to guarantee uniqueness for secret values.
 	//
-	// "group" is a collection of props. The same group could be passed
-	// with different props and values. This method should not always
-	// overwrite the group, but should append/update the group to ensure
-	// other props in the same group are not overwritten.
+	// "group" is a collection of props. The same group could be set
+	// with different props and values. This method should not overwrite
+	// the group, but should append/update the group to ensure other
+	// props in the same group are not overwritten.
 	//
 	// "prop" is the name for the value being set.
 	//

diff --git a/components/remote/init.go b/components/remote/init.go
@@ -21,19 +21,19 @@ type Components struct {
 func InitComponents(fileEntry *catalog.File, clog catalog.Catalog, uo cfg.UserOptions, io models.IO) (Components, error) {
 	remote := Components{}
 
-	v, err := vault.GetBy(fileEntry.Vaults.Secrets, cfg.DefaultSecretsVault, clog, fileEntry, uo, io)
+	v, err := vault.GetBy(fileEntry.Vaults.Access, cfg.DefaultAccessVault, clog, fileEntry, nil, uo, io)
 	if err != nil {
 		return remote, err
 	}
-	remote.Secrets = v
-	fileEntry.Vaults.Secrets = v.Name()
+	remote.Access = v
+	fileEntry.Vaults.Access = v.Name()
 
-	v, err = vault.GetBy(fileEntry.Vaults.Access, cfg.DefaultAccessVault, clog, fileEntry, uo, io)
+	v, err = vault.GetBy(fileEntry.Vaults.Secrets, cfg.DefaultSecretsVault, clog, fileEntry, remote.Access, uo, io)
 	if err != nil {
 		return remote, err
 	}
-	remote.Access = v
-	fileEntry.Vaults.Access = v.Name()
+	remote.Secrets = v
+	fileEntry.Vaults.Secrets = v.Name()
 
 	st, err := store.Select(fileEntry, clog, remote.Access, uo, io)
 	if err != nil {

diff --git a/components/setting/setting.go b/components/setting/setting.go
@@ -9,6 +9,16 @@ import (
 	"github.com/turnerlabs/cstore/components/prompt"
 )
 
+type IKeyValueStore interface {
+	Name() string
+
+	Get(contextID, group, prop string) (string, error)
+	Set(contextID, group, prop, value string) error
+	Delete(contextID, group, prop string) error
+
+	BuildKey(contextID, group, prop string) string
+}
+
 // Setting ...
 type Setting struct {
 	Group string
@@ -22,7 +32,7 @@ type Setting struct {
 	HideInput bool
 	AutoSave  bool
 
-	Vault contract.IVault
+	Vault IKeyValueStore
 }
 
 // Key ...

diff --git a/components/store/aws.go b/components/store/aws.go
@@ -6,6 +6,10 @@ const (
 	awsSecretAccessKey = "AWS_SECRET_ACCESS_KEY"
 	awsAccessKeyID     = "AWS_ACCESS_KEY_ID"
 
+	awsBucketSetting = "AWS_S3_BUCKET"
+
+	awsStoreKMSKeyID = "AWS_STORE_KMS_KEY_ID"
+
 	awsDefaultRegion  = "us-east-1"
 	awsDefaultProfile = "default"
 )