add validate flag

2025-03-31 04:14:37 +00:00 · 2020-07-19 11:32:59 +01:00 · 2020-07-19 11:32:59 +01:00 · 4224ec9ede
commit 4224ec9ede
parent 241c7f1c07
2 changed files with 41 additions and 5 deletions
--- a/pkgs/sops-install-secrets/main.go
+++ b/pkgs/sops-install-secrets/main.go
@ -4,6 +4,7 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"errors"
+	"flag"
 	"fmt"
 	"io/ioutil"
 	"os"
@ -41,7 +42,7 @@ type manifest struct {
 	SecretsMountPoint string   `json:"secretsMountpoint"`
 	SymlinkPath       string   `json:"symlinkPath"`
 	SSHKeyPaths       []string `json:"sshKeyPaths"`
-	GnupgHome         string   `json:"gnupgHome`
+	GnupgHome         string   `json:"gnupgHome"`
 }

 func readManifest(path string) (*manifest, error) {
@ -357,11 +358,38 @@ func setupGPGKeyring(sshKeys []string, parentDir string) (*keyring, error) {
 	return &k, nil
 }

-func installSecrets(args []string) error {
-	if len(args) <= 1 {
-		return fmt.Errorf("USAGE: %s manifest.json", args)
+type options struct {
+	check    bool
+	manifest string
+}
+
+func parseFlags(args []string) (*options, error) {
+	var opts options
+	fs := flag.NewFlagSet(args[0], flag.ContinueOnError)
+	fs.Usage = func() {
+		fmt.Fprintf(flag.CommandLine.Output(), "Usage: %s [OPTION] manifest.json\n", args[0])
+		fs.PrintDefaults()
 	}
-	manifest, err := readManifest(args[1])
+	fs.BoolVar(&opts.check, "check", false, "Validate manifest instead installing it")
+	if err := fs.Parse(args[1:]); err != nil {
+		return nil, err
+	}
+
+	if fs.NArg() != 1 {
+		flag.Usage()
+		return nil, flag.ErrHelp
+	}
+	opts.manifest = fs.Arg(0)
+	return &opts, nil
+}
+
+func installSecrets(args []string) error {
+	opts, err := parseFlags(args)
+	if err != nil {
+		return err
+	}
+
+	manifest, err := readManifest(opts.manifest)
 	if err != nil {
 		return err
 	}
@ -370,6 +398,10 @@ func installSecrets(args []string) error {
 		return fmt.Errorf("Manifest is not valid: %s", err)
 	}

+	if opts.check {
+		return nil
+	}
+
 	keysGid, err := lookupKeysGroup()
 	if err != nil {
 		return err
@ -413,6 +445,9 @@ func installSecrets(args []string) error {

 func main() {
 	if err := installSecrets(os.Args); err != nil {
+		if err == flag.ErrHelp {
+			return
+		}
 		fmt.Fprintf(os.Stderr, "%s: %s\n", os.Args[0], err)
 		os.Exit(1)
 	}
--- a/pkgs/sops-install-secrets/main_test.go
+++ b/pkgs/sops-install-secrets/main_test.go
@ -171,6 +171,7 @@ func testGPG(t *testing.T) {

 	content, err = ioutil.ReadFile(binarySecret.Path)
 	ok(t, err)
+	equals(t, 13, len(content))

 	testInstallSecret(t, testdir, &manifest)