github.com/zntrio/harp/v2@v2.0.9/pkg/bundle/selector/match_secret.go

github.com/zntrio/harp/v2@v2.0.9/pkg/bundle/selector/match_secret.go (about)

     1  // Licensed to Elasticsearch B.V. under one or more contributor
     2  // license agreements. See the NOTICE file distributed with
     3  // this work for additional information regarding copyright
     4  // ownership. Elasticsearch B.V. licenses this file to you under
     5  // the Apache License, Version 2.0 (the "License"); you may
     6  // not use this file except in compliance with the License.
     7  // You may obtain a copy of the License at
     8  //
     9  //     http://www.apache.org/licenses/LICENSE-2.0
    10  //
    11  // Unless required by applicable law or agreed to in writing,
    12  // software distributed under the License is distributed on an
    13  // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
    14  // KIND, either express or implied.  See the License for the
    15  // specific language governing permissions and limitations
    16  // under the License.
    17  
    18  package selector
    19  
    20  import (
    21  	"regexp"
    22  
    23  	"github.com/gobwas/glob"
    24  
    25  	bundlev1 "github.com/zntrio/harp/v2/api/gen/go/harp/bundle/v1"
    26  )
    27  
    28  // MatchSecretStrict returns a secret key matcher specification with strict profile.
    29  func MatchSecretStrict(value string) Specification {
    30  	return &matchSecret{
    31  		strict: value,
    32  	}
    33  }
    34  
    35  // MatchSecretRegex returns a secret key matcher specification with regexp.
    36  func MatchSecretRegex(regex *regexp.Regexp) Specification {
    37  	return &matchSecret{
    38  		regex: regex,
    39  	}
    40  }
    41  
    42  // MatchSecretGlob returns a secret key matcher specification with glob query.
    43  func MatchSecretGlob(pattern string) Specification {
    44  	return &matchPath{
    45  		g: glob.MustCompile(pattern),
    46  	}
    47  }
    48  
    49  // matchSecret checks if secret key match the given string.
    50  type matchSecret struct {
    51  	strict string
    52  	regex  *regexp.Regexp
    53  	g      glob.Glob
    54  }
    55  
    56  // IsSatisfiedBy returns specification satisfaction status.
    57  func (s *matchSecret) IsSatisfiedBy(object interface{}) bool {
    58  	match := false
    59  
    60  	// If object is a package
    61  	if p, ok := object.(*bundlev1.Package); ok {
    62  		// Ignore nil secret package
    63  		if p.Secrets == nil {
    64  			return false
    65  		}
    66  
    67  		for _, kv := range p.Secrets.Data {
    68  			switch {
    69  			case s.strict != "":
    70  				return kv.Key == s.strict
    71  			case s.regex != nil:
    72  				return s.regex.MatchString(kv.Key)
    73  			case s.g != nil:
    74  				return s.g.Match(kv.Key)
    75  			}
    76  		}
    77  	}
    78  
    79  	return match
    80  }