-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.go
89 lines (77 loc) · 2.49 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
package main
import (
"flag"
"fmt"
"log"
"os"
"strings"
"github.com/aws/aws-sdk-go/service/secretsmanager"
)
var config struct {
SecretAssignments AssignmentsMap
SecretJSONKeyStringAssignments AssignmentsMap
SecretJSONKeyAssignments AssignmentsMap
SecretJSONKeyStrings map[string]secretJSONKey
SecretJSONKeys map[string]secretJSONKey
FileMode uint
Profile string
PrintVersionAndExit bool
}
var (
app = "aws-secretsmanager-files"
version = "SNAPSHOT"
)
type secretJSONKey struct {
SecretID string
JSONKey string
}
func init() {
config.SecretJSONKeyStrings = make(map[string]secretJSONKey)
config.SecretJSONKeys = make(map[string]secretJSONKey)
log.SetOutput(os.Stderr)
log.SetFlags(log.LstdFlags | log.Ldate)
log.SetPrefix(fmt.Sprintf("[%s] ", app))
flag.Var(&config.SecretAssignments, "secret", "a key/value pair `FILE_PATH=SECRET_ARN` (may be specified repeatedly)")
flag.Var(&config.SecretJSONKeyStringAssignments, "secret-json-key-string", "a key/value pair `FILE_PATH=SECRET_ARN#JSON_KEY` (may be specified repeatedly)")
flag.Var(&config.SecretJSONKeyAssignments, "secret-json-key", "a key/value pair `FILE_PATH=SECRET_ARN#JSON_KEY` (may be specified repeatedly)")
flag.StringVar(&config.Profile, "profile", "", "override the current AWS_PROFILE setting")
flag.UintVar(&config.FileMode, "file-mode", 0400, "file mode for secret files")
flag.BoolVar(&config.PrintVersionAndExit, "version", false, "print version and exit")
flag.Parse()
if config.PrintVersionAndExit {
fmt.Printf("%s %s", app, version)
fmt.Println()
os.Exit(0)
}
for key, value := range config.SecretJSONKeyStringAssignments.Values {
i := strings.IndexRune(value, '#')
if i < 0 {
log.Fatalf(`"%s" must have the form SECRET_ID#JSON_KEY`, value)
}
secretID, jsonKey := value[:i], value[i+1:]
config.SecretJSONKeyStrings[key] = secretJSONKey{
SecretID: secretID,
JSONKey: jsonKey,
}
}
for key, value := range config.SecretJSONKeyAssignments.Values {
i := strings.IndexRune(value, '#')
if i < 0 {
log.Fatalf(`"%s" must have the form SECRET_ID#JSON_KEY`, value)
}
secretID, jsonKey := value[:i], value[i+1:]
config.SecretJSONKeys[key] = secretJSONKey{
SecretID: secretID,
JSONKey: jsonKey,
}
}
}
func main() {
awsSession, err := awsSession()
if err != nil {
log.Fatalf("aws: %v", err)
}
if err := awsSecretsFiles(secretsmanager.New(awsSession)); err != nil {
log.Fatalf("error(s) while generating secret files: %v", err)
}
}