github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/creds/secret_var_lookup.go (about) 1 package creds 2 3 import ( 4 "github.com/pf-qiu/concourse/v6/vars" 5 ) 6 7 type VariableLookupFromSecrets struct { 8 Secrets Secrets 9 LookupPaths []SecretLookupPath 10 } 11 12 func NewVariables(secrets Secrets, teamName string, pipelineName string, allowRootPath bool) vars.Variables { 13 return VariableLookupFromSecrets{ 14 Secrets: secrets, 15 LookupPaths: secrets.NewSecretLookupPaths(teamName, pipelineName, allowRootPath), 16 } 17 } 18 19 func (sl VariableLookupFromSecrets) Get(ref vars.Reference) (interface{}, bool, error) { 20 val, found, err := sl.get(ref.Path) 21 if err != nil { 22 return nil, false, err 23 } 24 if !found { 25 return nil, false, nil 26 } 27 result, err := vars.Traverse(val, ref.String(), ref.Fields) 28 if err != nil { 29 return nil, false, err 30 } 31 return result, true, nil 32 } 33 34 func (sl VariableLookupFromSecrets) get(path string) (interface{}, bool, error) { 35 if len(sl.LookupPaths) == 0 { 36 // if no paths are specified (i.e. for fake & noop secret managers), then try 1-to-1 var->secret mapping 37 result, _, found, err := sl.Secrets.Get(path) 38 return result, found, err 39 } 40 // try to find a secret according to our var->secret lookup paths 41 for _, rule := range sl.LookupPaths { 42 // prepends any additional prefix paths to front of the path 43 secretPath, err := rule.VariableToSecretPath(path) 44 if err != nil { 45 return nil, false, err 46 } 47 result, _, found, err := sl.Secrets.Get(secretPath) 48 if err != nil { 49 return nil, false, err 50 } 51 if !found { 52 continue 53 } 54 return result, true, nil 55 } 56 return nil, false, nil 57 } 58 59 func (sl VariableLookupFromSecrets) List() ([]vars.Reference, error) { 60 return nil, nil 61 }