Skip to content
This repository was archived by the owner on Feb 16, 2023. It is now read-only.

Commit 9e9b268

Browse files
edif2008edif2008
authored
Merge pull request #390 from secrethub/fix/migrate-config-whitespaces
Enable migrating templates without whitespaces
2 parents af3917c + 6c6e9d3 commit 9e9b268

2 files changed

Lines changed: 174 additions & 6 deletions

File tree

internals/secrethub/migrate_config_templates.go

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ import (
1212
)
1313

1414
var regexpSecretTemplatePath = regexp.MustCompile(`[A-Za-z0-9_\.\-\$\{\}]{2,}\/[A-Za-z0-9_\.\-\$\{\}]{2,}\/[A-Za-z0-9_\.\-\$\{\}\/]{2,}`)
15-
var regexpSecretTemplateTags = regexp.MustCompile(`{{(\s)*?(` + regexpSecretTemplatePath.String() + `)(\s)*?}}`)
15+
var regexpSecretTemplateTags = regexp.MustCompile(`{{\s*?(` + regexpSecretTemplatePath.String() + `)\s*?}}`)
1616

1717
func (cmd *MigrateConfigTemplatesCommand) Run() error {
1818
plan, err := getPlan(cmd.planFile)
@@ -59,11 +59,7 @@ func (cmd *MigrateConfigTemplatesCommand) Run() error {
5959
func migrateTemplateTags(inFileContents string, mapping referenceMapping, formatString string) (string, int, error) {
6060
var hits, misses []string
6161
output := regexpSecretTemplateTags.ReplaceAllStringFunc(inFileContents, func(templateTag string) string {
62-
path := regexpSecretTemplatePath.FindString(templateTag)
63-
if path == "" {
64-
misses = append(misses, templateTag)
65-
return ""
66-
}
62+
path := regexpSecretTemplateTags.FindStringSubmatch(templateTag)[1]
6763

6864
opRef, ok := mapping[path]
6965
if !ok {

internals/secrethub/migrate_config_test.go

Lines changed: 172 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -36,6 +36,50 @@ func TestMigrateTemplates(t *testing.T) {
3636
"secrethub://org/repo/dir/password": "op://vault/item/password",
3737
},
3838
},
39+
"json no whitespaces": {
40+
in: `
41+
{
42+
"db_host": "db.internal",
43+
"db_user": "{{org/repo/dir/user}}",
44+
"db_password": "{{org/repo/dir/password}}",
45+
"db_port": 5432
46+
}
47+
`,
48+
expected: `
49+
{
50+
"db_host": "db.internal",
51+
"db_user": "{{ op://vault/item/user }}",
52+
"db_password": "{{ op://vault/item/password }}",
53+
"db_port": 5432
54+
}
55+
`,
56+
mapping: map[string]string{
57+
"secrethub://org/repo/dir/user": "op://vault/item/user",
58+
"secrethub://org/repo/dir/password": "op://vault/item/password",
59+
},
60+
},
61+
"json one whitespaces": {
62+
in: `
63+
{
64+
"db_host": "db.internal",
65+
"db_user": "{{org/repo/dir/user }}",
66+
"db_password": "{{ org/repo/dir/password}}",
67+
"db_port": 5432
68+
}
69+
`,
70+
expected: `
71+
{
72+
"db_host": "db.internal",
73+
"db_user": "{{ op://vault/item/user }}",
74+
"db_password": "{{ op://vault/item/password }}",
75+
"db_port": 5432
76+
}
77+
`,
78+
mapping: map[string]string{
79+
"secrethub://org/repo/dir/user": "op://vault/item/user",
80+
"secrethub://org/repo/dir/password": "op://vault/item/password",
81+
},
82+
},
3983
"yaml": {
4084
in: `
4185
db_host: db.internal
@@ -89,6 +133,52 @@ func TestMigrateTemplates(t *testing.T) {
89133
"env": {"dev", "prod"},
90134
},
91135
},
136+
"with vars no whitespaces": {
137+
in: `
138+
db_host: db.internal
139+
db_user: "{{org/repo/$env/dir/user}}"
140+
db_password: {{org/repo/$env/dir/password}}
141+
db_port: 5432
142+
`,
143+
expected: `
144+
db_host: db.internal
145+
db_user: "{{ op://vault-$ENV/item/user }}"
146+
db_password: {{ op://vault-$ENV/item/password }}
147+
db_port: 5432
148+
`,
149+
mapping: map[string]string{
150+
"secrethub://org/repo/prod/dir/user": "op://vault-prod/item/user",
151+
"secrethub://org/repo/prod/dir/password": "op://vault-prod/item/password",
152+
"secrethub://org/repo/dev/dir/user": "op://vault-dev/item/user",
153+
"secrethub://org/repo/dev/dir/password": "op://vault-dev/item/password",
154+
},
155+
vars: map[string][]string{
156+
"env": {"dev", "prod"},
157+
},
158+
},
159+
"with vars one whitespaces": {
160+
in: `
161+
db_host: db.internal
162+
db_user: "{{ org/repo/$env/dir/user}}"
163+
db_password: {{org/repo/$env/dir/password }}
164+
db_port: 5432
165+
`,
166+
expected: `
167+
db_host: db.internal
168+
db_user: "{{ op://vault-$ENV/item/user }}"
169+
db_password: {{ op://vault-$ENV/item/password }}
170+
db_port: 5432
171+
`,
172+
mapping: map[string]string{
173+
"secrethub://org/repo/prod/dir/user": "op://vault-prod/item/user",
174+
"secrethub://org/repo/prod/dir/password": "op://vault-prod/item/password",
175+
"secrethub://org/repo/dev/dir/user": "op://vault-dev/item/user",
176+
"secrethub://org/repo/dev/dir/password": "op://vault-dev/item/password",
177+
},
178+
vars: map[string][]string{
179+
"env": {"dev", "prod"},
180+
},
181+
},
92182
"no op": {
93183
in: `
94184
db_user: "db-user"
@@ -146,6 +236,42 @@ func TestMigrateEnvfile(t *testing.T) {
146236
"secrethub://org/repo/dir/password": "op://vault/item/password",
147237
},
148238
},
239+
"envfile no whitespaces": {
240+
in: `
241+
DB_HOST=db.internal
242+
DB_USER={{org/repo/dir/user}}
243+
DB_PASSWORD={{org/repo/dir/password}}
244+
DB_PORT=5432
245+
`,
246+
expected: `
247+
DB_HOST=db.internal
248+
DB_USER=op://vault/item/user
249+
DB_PASSWORD=op://vault/item/password
250+
DB_PORT=5432
251+
`,
252+
mapping: map[string]string{
253+
"secrethub://org/repo/dir/user": "op://vault/item/user",
254+
"secrethub://org/repo/dir/password": "op://vault/item/password",
255+
},
256+
},
257+
"envfile one whitespace": {
258+
in: `
259+
DB_HOST=db.internal
260+
DB_USER={{org/repo/dir/user }}
261+
DB_PASSWORD={{ org/repo/dir/password}}
262+
DB_PORT=5432
263+
`,
264+
expected: `
265+
DB_HOST=db.internal
266+
DB_USER=op://vault/item/user
267+
DB_PASSWORD=op://vault/item/password
268+
DB_PORT=5432
269+
`,
270+
mapping: map[string]string{
271+
"secrethub://org/repo/dir/user": "op://vault/item/user",
272+
"secrethub://org/repo/dir/password": "op://vault/item/password",
273+
},
274+
},
149275
"with comments": {
150276
in: `
151277
# Database config
@@ -202,6 +328,52 @@ func TestMigrateEnvfile(t *testing.T) {
202328
"env": {"dev", "prod"},
203329
},
204330
},
331+
"with vars no whitespaces": {
332+
in: `
333+
DB_HOST=db.internal
334+
DB_USER={{org/repo/$env/dir/user}}
335+
DB_PASSWORD={{org/repo/$env/dir/password}}
336+
DB_PORT=5432
337+
`,
338+
expected: `
339+
DB_HOST=db.internal
340+
DB_USER=op://vault-$ENV/item/user
341+
DB_PASSWORD=op://vault-$ENV/item/password
342+
DB_PORT=5432
343+
`,
344+
mapping: map[string]string{
345+
"secrethub://org/repo/prod/dir/user": "op://vault-prod/item/user",
346+
"secrethub://org/repo/prod/dir/password": "op://vault-prod/item/password",
347+
"secrethub://org/repo/dev/dir/user": "op://vault-dev/item/user",
348+
"secrethub://org/repo/dev/dir/password": "op://vault-dev/item/password",
349+
},
350+
vars: map[string][]string{
351+
"env": {"dev", "prod"},
352+
},
353+
},
354+
"with vars one whitespace": {
355+
in: `
356+
DB_HOST=db.internal
357+
DB_USER={{org/repo/$env/dir/user }}
358+
DB_PASSWORD={{ org/repo/$env/dir/password}}
359+
DB_PORT=5432
360+
`,
361+
expected: `
362+
DB_HOST=db.internal
363+
DB_USER=op://vault-$ENV/item/user
364+
DB_PASSWORD=op://vault-$ENV/item/password
365+
DB_PORT=5432
366+
`,
367+
mapping: map[string]string{
368+
"secrethub://org/repo/prod/dir/user": "op://vault-prod/item/user",
369+
"secrethub://org/repo/prod/dir/password": "op://vault-prod/item/password",
370+
"secrethub://org/repo/dev/dir/user": "op://vault-dev/item/user",
371+
"secrethub://org/repo/dev/dir/password": "op://vault-dev/item/password",
372+
},
373+
vars: map[string][]string{
374+
"env": {"dev", "prod"},
375+
},
376+
},
205377
"composite secrets": {
206378
in: `
207379
DB_ADDRESS={{ org/repo/dir/host }}:5432

0 commit comments

Comments
 (0)