Implement gopass infrastructure

This commit is contained in:
bom 2024-10-11 13:14:22 +02:00
parent a4f1e69808
commit 8f8f0d643a
3 changed files with 85 additions and 0 deletions

51
src/dda/build/gopass.clj Normal file
View file

@ -0,0 +1,51 @@
(ns dda.build.gopass
(:require [orchestra.core :refer [defn-spec]]
[clojure.spec.test.alpha :as st]
[cheshire.core :refer [parse-string generate-string]]
[dda.build.devops :as d]
[dda.build.gopass.domain :as domain]
[dda.build.c4k.domain :as c4k-d]
[dda.build.infrastructure :as i]))
(def default
(merge d/default {:c4k-auth-filename "c4k-auth.yaml"}))
(defn-spec run-gopass-command! string?
[devops ::d/devops
entry ::domain/gopass-entry]
(let [config (merge default devops)
c (domain/gopass-show-command entry)]
(i/execute-output! c config)))
(defn-spec resolve-gopass! ::resolved-config
"Resolves gopass values inside a map of key names and entries
entries may either contain only a path
{:path \"test/path\"}
or a path and a field
{:path \"test/path\" :field \"field\"}
"
[devops ::d/devops
config ::domain/config]
(update-vals config #(run-gopass-command! devops %)))
(defn-spec insert-gopass! nil?
"Inserts values from the resolved auth config into the c4k auth
Default: c4k-auth.yaml
can be changed by adding another value for ':c4k-auth-filename'
"
[devops ::d/devops
resolved-config ::resolved-config]
(let [config (merge default devops)
default-c4k-auth (parse-string (slurp (c4k-d/auth-path config))
(fn [k] (keyword (.toLowerCase k))))]
(->> default-c4k-auth
(merge resolved-config)
(generate-string)
(spit (domain/config-path config)))))
(st/instrument `run-gopass-command!)
(st/instrument `resolve-gopass!)
(st/instrument `insert-gopass!)

View file

@ -0,0 +1,21 @@
(ns dda.build.gopass.domain
(:require [clojure.spec.alpha :as s]
[orchestra.core :refer [defn-spec]]))
(s/def ::path string?)
(s/def ::field string?)
(s/def ::gopass-entry (s/keys :req-un [::path]
:opt-un [::field]))
(s/def ::config (s/map-of keyword? ::gopass-entry))
(s/def ::resolved-config (s/map-of keyword? string?))
(s/def ::gopass-command (s/coll-of string?))
(s/def ::gopass-commands (s/coll-of ::gopass-command))
(defn-spec gopass-show-command ::gopass-command
[entry ::gopass-entry]
(let [{:keys [path field] :or {field nil}} entry]
(if (nil? field)
["gopass" "show" "-y" "-o" path]
["gopass" "show" "-y" "-o" path field])))

View file

@ -0,0 +1,13 @@
(ns dda.build.gopass.domain-test
(:require
[clojure.test :refer [deftest is]]
[clojure.spec.test.alpha :as st]
[dda.build.gopass.domain :as cut]))
(st/instrument `cut/gopass-show-command)
(deftest should-show-gopass-command
(is (= ["gopass" "show" "-y" "-o" "test/pass"]
(cut/gopass-show-command {:path "test/pass"})))
(is (= ["gopass" "show" "-y" "-o" "test/pass" "field"]
(cut/gopass-show-command {:path "test/pass" :field "field"}))))