From 80ad73c347f330a8c1b4bb2f48731bc503d5cadd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= Date: Wed, 27 Jan 2021 07:22:19 +0100 Subject: [PATCH] fix sops files that contains lists fixes #68 --- pkgs/sops-install-secrets/main.go | 9 +++++++-- pkgs/sops-install-secrets/test-assets/secrets.yaml | 10 +++++++--- 2 files changed, 14 insertions(+), 5 deletions(-) diff --git a/pkgs/sops-install-secrets/main.go b/pkgs/sops-install-secrets/main.go index 3680e21..bae6814 100644 --- a/pkgs/sops-install-secrets/main.go +++ b/pkgs/sops-install-secrets/main.go @@ -198,7 +198,7 @@ func symlinkSecrets(targetDir string, secrets []secret) error { } type plainData struct { - data map[string]string + data map[string]interface{} binary []byte } @@ -227,10 +227,15 @@ func decryptSecret(s *secret, sourceFiles map[string]plainData) error { s.value = sourceFile.binary } else { val, ok := sourceFile.data[s.Key] + if !ok { return fmt.Errorf("The key '%s' cannot be found in '%s'", s.Key, s.SopsFile) } - s.value = []byte(val) + strVal, ok := val.(string) + if !ok { + return fmt.Errorf("The value of key '%s' in '%s' is not a string", s.Key, s.SopsFile) + } + s.value = []byte(strVal) } sourceFiles[s.SopsFile] = sourceFile return nil diff --git a/pkgs/sops-install-secrets/test-assets/secrets.yaml b/pkgs/sops-install-secrets/test-assets/secrets.yaml index a721aac..018b08e 100644 --- a/pkgs/sops-install-secrets/test-assets/secrets.yaml +++ b/pkgs/sops-install-secrets/test-assets/secrets.yaml @@ -1,10 +1,14 @@ test_key: ENC[AES256_GCM,data:4cC2PTi7xVPZPA==,iv:voX4IQemcgt0O97oLExy5r2V85nn687cIyWmHNDhUag=,tag:ZaKi9m6ziFKNV+gx7XedTw==,type:str] +a_list: +- ENC[AES256_GCM,data:5K0=,iv:5P+1UQyIYOW8xXgsvTXC17msGcA6IGB3N8n+pstfqjo=,tag:Op0+iEYzV+gfYGveN3VKKg==,type:str] +- ENC[AES256_GCM,data:9dM=,iv:LbGS8DjM6Vnr2nU7QokzQlg0gL+XMWhqbN+ypP7ZIZo=,tag:HvbERoLZcUOjEd4AwLVNEg==,type:str] sops: kms: [] gcp_kms: [] azure_kv: [] - lastmodified: '2020-07-12T08:04:25Z' - mac: ENC[AES256_GCM,data:Sw+u03EAxagKQ9qd4Vwr5BRrnAdtPlUC660fpaVb62W481YVmcUo/CW+SBwdZhn1oSAqGDFE0exqWp4+FRhBPNnxcatI2kjnJ/m9INZhrjgTGVcSVC+pLfXYrmtqCxJCS1clREuQ89QG3inDQvgJ2M+A8S6qhlwPfXlIhuyHMI8=,iv:zpdbtNjicBx74MnYqLwMkY0atPFe7BDJI8o4VDhGlb0=,tag:yGnUUSrs+6uFZGuX33yVJg==,type:str] + hc_vault: [] + lastmodified: '2021-01-27T06:12:22Z' + mac: ENC[AES256_GCM,data:/lwT78drEKdCoWW9TPU2H/IWlq/9uEmJocrTvftKTD1Au9e/7AMCUWGWMPGJKMg9R0FWV2pn3tgwli5YXRrIe4L9tIkeM5vJvz85IeQIc+vviby7PM8VtbO1ArisHh95cVwZuASR3KSbumnxURjayZ61J9Jiz0viBeuEmCP50u4=,iv:FX6XDUqetDaRTtLLfMaJAkPZmiZx59wnuDRm0SvmTJM=,tag:HnQ4dHsCCNim2v8WPXyLdw==,type:str] pgp: - created_at: '2020-07-12T08:03:51Z' enc: | @@ -40,4 +44,4 @@ sops: -----END PGP MESSAGE----- fp: 2504791468B153B8A3963CC97BA53D1919C5DFD4 unencrypted_suffix: _unencrypted - version: 3.5.0 + version: 3.6.1