diff --git a/main.go b/main.go index 433c0ee..2c201a9 100644 --- a/main.go +++ b/main.go @@ -26,6 +26,7 @@ var ( Token string `flag:"vault-token" env:"VAULT_TOKEN" vardefault:"vault-token" description:"Specify a token to use instead of app-id auth"` } Transform []string `flag:"transform,t" default:"" description:"Translates keys to different names (oldkey=newkey)"` + TransformSet []string `flag:"transform-set" default:"" description:"Apply predefined transform sets (Available: STS)"` VaultAddress string `flag:"vault-addr" env:"VAULT_ADDR" default:"https://127.0.0.1:8200" description:"Vault API address"` VaultKeys []string `flag:"key,k" default:"" description:"Keys to read and use for environment variables"` VersionAndExit bool `flag:"version" default:"false" description:"Print program version and exit"` @@ -109,6 +110,14 @@ func main() { } envData := map[string]string{} + + for _, setName := range cfg.TransformSet { + if set, ok := transformSets[setName]; ok { + cfg.Transform = append(cfg.Transform, set...) + } else { + log.Warnf("Transform set %q was not found, ignoring", setName) + } + } transformMap := env.ListToMap(cfg.Transform) for _, vaultKey := range cfg.VaultKeys { @@ -143,7 +152,7 @@ func main() { if cfg.Export { for k, v := range envData { - fmt.Printf("export %s=\"%s\"\n", k, v) + fmt.Printf("export %s=%q\n", k, v) } return } diff --git a/transform_sets.go b/transform_sets.go new file mode 100644 index 0000000..f9b70ff --- /dev/null +++ b/transform_sets.go @@ -0,0 +1,9 @@ +package main + +var transformSets = map[string][]string{ + "STS": []string{ + "access_key=AWS_ACCESS_KEY_ID", + "secret_key=AWS_SECRET_ACCESS_KEY", + "security_token=AWS_SECURITY_TOKEN", + }, +}