vault2env/main.go

package main

import (
	"fmt"
	"log"
	"os"
	"os/exec"

	"github.com/Luzifer/go_helpers/env"
	"github.com/Luzifer/rconfig"
	"github.com/hashicorp/vault/api"
)

var (
	cfg = struct {
		VaultAddress   string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"`
		VaultAppID     string `flag:"vault-app-id" env:"VAULT_APP_ID" default:"" description:"The app-id to use for authentication"`
		VaultUserID    string `flag:"vault-user-id" env:"VAULT_USER_ID" default:"" description:"The user-id to use for authentication"`
		VaultToken     string `flag:"vault-token" env:"VAULT_TOKEN" default:"" description:"Specify a token to use instead of app-id auth"`
		Export         bool   `flag:"export,e" default:"false" description:"Show export statements instead of running the command specified"`
		VersionAndExit bool   `flag:"version" default:"false" description:"Print program version and exit"`
	}{}
	version = "dev"
)

func init() {
	rconfig.Parse(&cfg)

	if cfg.VersionAndExit {
		fmt.Printf("vault2env %s\n", version)
		os.Exit(0)
	}

	if (cfg.VaultAppID == "" || cfg.VaultUserID == "") && cfg.VaultToken == "" {
		log.Fatalf("[ERR] You need to either set vault-app-id and vault-user-id or set vault-token")
	}

	if cfg.Export {
		if len(rconfig.Args()) != 2 {
			log.Fatalf("[ERR] Usage: vault2env --export [secret path]")
		}
	} else {
		if len(rconfig.Args()) < 3 {
			log.Fatalf("[ERR] Usage: vault2env [secret path] [command]")
		}
	}
}

func main() {
	client, err := api.NewClient(&api.Config{
		Address: cfg.VaultAddress,
	})
	if err != nil {
		log.Fatalf("Unable to create client: %s", err)
	}

	if cfg.VaultToken == "" {
		loginSecret, lserr := client.Logical().Write("auth/app-id/login/"+cfg.VaultAppID, map[string]interface{}{
			"user_id": cfg.VaultUserID,
		})
		if lserr != nil || loginSecret.Auth == nil {
			log.Fatalf("Unable to fetch authentication token: %s", lserr)
		}

		client.SetToken(loginSecret.Auth.ClientToken)
		defer client.Auth().Token().RevokeSelf(client.Token())
	} else {
		client.SetToken(cfg.VaultToken)
	}

	data, err := client.Logical().Read(rconfig.Args()[1])
	if err != nil {
		log.Fatalf("Unable to fetch data: %s", err)
	}

	if cfg.Export {
		for k, v := range data.Data {
			fmt.Printf("export %s=\"%s\"\n", k, v)
		}
		return
	}

	emap := env.ListToMap(os.Environ())
	for k, v := range data.Data {
		emap[k] = v.(string)
	}

	cmd := exec.Command(rconfig.Args()[2], rconfig.Args()[3:]...)
	cmd.Stdout = os.Stdout
	cmd.Stderr = os.Stderr
	cmd.Stdin = os.Stdin
	cmd.Env = env.MapToList(emap)
	if err := cmd.Run(); err != nil {
		log.Fatal("Command exitted unclean (code != 0)")
	}
}
First version 2016-05-28 23:35:17 +00:00			`package main`

			`import (`
			`"fmt"`
			`"log"`
Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`"os"`
			`"os/exec"`
First version 2016-05-28 23:35:17 +00:00
Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`"github.com/Luzifer/go_helpers/env"`
First version 2016-05-28 23:35:17 +00:00			`"github.com/Luzifer/rconfig"`
			`"github.com/hashicorp/vault/api"`
			`)`

			`var (`
			`cfg = struct {`
Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			VaultAddress string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"`
			VaultAppID string `flag:"vault-app-id" env:"VAULT_APP_ID" default:"" description:"The app-id to use for authentication"`
			VaultUserID string `flag:"vault-user-id" env:"VAULT_USER_ID" default:"" description:"The user-id to use for authentication"`
Enable token auth 2016-05-29 00:17:04 +00:00			VaultToken string `flag:"vault-token" env:"VAULT_TOKEN" default:"" description:"Specify a token to use instead of app-id auth"`
Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			Export bool `flag:"export,e" default:"false" description:"Show export statements instead of running the command specified"`
			VersionAndExit bool `flag:"version" default:"false" description:"Print program version and exit"`
First version 2016-05-28 23:35:17 +00:00			`}{}`
			`version = "dev"`
			`)`

			`func init() {`
			`rconfig.Parse(&cfg)`

Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`if cfg.VersionAndExit {`
			`fmt.Printf("vault2env %s\n", version)`
			`os.Exit(0)`
			`}`

Enable token auth 2016-05-29 00:17:04 +00:00			`if (cfg.VaultAppID == "" \|\| cfg.VaultUserID == "") && cfg.VaultToken == "" {`
			`log.Fatalf("[ERR] You need to either set vault-app-id and vault-user-id or set vault-token")`
First version 2016-05-28 23:35:17 +00:00			`}`

Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`if cfg.Export {`
			`if len(rconfig.Args()) != 2 {`
			`log.Fatalf("[ERR] Usage: vault2env --export [secret path]")`
			`}`
			`} else {`
			`if len(rconfig.Args()) < 3 {`
			`log.Fatalf("[ERR] Usage: vault2env [secret path] [command]")`
			`}`
First version 2016-05-28 23:35:17 +00:00			`}`
			`}`

			`func main() {`
			`client, err := api.NewClient(&api.Config{`
			`Address: cfg.VaultAddress,`
			`})`
			`if err != nil {`
			`log.Fatalf("Unable to create client: %s", err)`
			`}`

Enable token auth 2016-05-29 00:17:04 +00:00			`if cfg.VaultToken == "" {`
Fix: Removed shadowing of variables (LINTER) 2016-05-29 00:21:29 +00:00			`loginSecret, lserr := client.Logical().Write("auth/app-id/login/"+cfg.VaultAppID, map[string]interface{}{`
Enable token auth 2016-05-29 00:17:04 +00:00			`"user_id": cfg.VaultUserID,`
			`})`
Fix: Removed shadowing of variables (LINTER) 2016-05-29 00:21:29 +00:00			`if lserr != nil \|\| loginSecret.Auth == nil {`
			`log.Fatalf("Unable to fetch authentication token: %s", lserr)`
Enable token auth 2016-05-29 00:17:04 +00:00			`}`
First version 2016-05-28 23:35:17 +00:00
Enable token auth 2016-05-29 00:17:04 +00:00			`client.SetToken(loginSecret.Auth.ClientToken)`
			`defer client.Auth().Token().RevokeSelf(client.Token())`
			`} else {`
Fix: Removed shadowing of variables (LINTER) 2016-05-29 00:21:29 +00:00			`client.SetToken(cfg.VaultToken)`
Enable token auth 2016-05-29 00:17:04 +00:00			`}`
First version 2016-05-28 23:35:17 +00:00
			`data, err := client.Logical().Read(rconfig.Args()[1])`
			`if err != nil {`
			`log.Fatalf("Unable to fetch data: %s", err)`
			`}`

Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`if cfg.Export {`
			`for k, v := range data.Data {`
			`fmt.Printf("export %s=\"%s\"\n", k, v)`
			`}`
			`return`
			`}`

			`emap := env.ListToMap(os.Environ())`
First version 2016-05-28 23:35:17 +00:00			`for k, v := range data.Data {`
Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`emap[k] = v.(string)`
First version 2016-05-28 23:35:17 +00:00			`}`

Fix: Remove program name from program args 2016-05-29 00:23:19 +00:00			`cmd := exec.Command(rconfig.Args()[2], rconfig.Args()[3:]...)`
Added command execution in addition to execution 2016-05-29 00:04:23 +00:00			`cmd.Stdout = os.Stdout`
			`cmd.Stderr = os.Stderr`
			`cmd.Stdin = os.Stdin`
			`cmd.Env = env.MapToList(emap)`
			`if err := cmd.Run(); err != nil {`
			`log.Fatal("Command exitted unclean (code != 0)")`
First version 2016-05-28 23:35:17 +00:00			`}`
			`}`