Skip to content

Commit

Permalink
Merge pull request #454 from aisrael/secrets-set-visibility
Browse files Browse the repository at this point in the history
[FEATURE] Support doppler secrets set --visibility
  • Loading branch information
nmanoogian authored Apr 3, 2024
2 parents b1a71ed + 8c844d3 commit 6d63650
Show file tree
Hide file tree
Showing 3 changed files with 47 additions and 14 deletions.
45 changes: 37 additions & 8 deletions pkg/cmd/secrets.go
Original file line number Diff line number Diff line change
Expand Up @@ -236,10 +236,14 @@ func setSecrets(cmd *cobra.Command, args []string) {
raw := utils.GetBoolFlag(cmd, "raw")
canPromptUser := !utils.GetBoolFlag(cmd, "no-interactive")
localConfig := configuration.LocalConfig(cmd)
visibility := cmd.Flag("visibility").Value.String()
visibilityModified := visibility != ""

utils.RequireValue("token", localConfig.Token.Value)

secrets := map[string]interface{}{}
var changeRequests []models.ChangeRequest
changeRequests = make([]models.ChangeRequest, 0)

var keys []string

// if only one arg, read from stdin
Expand Down Expand Up @@ -307,33 +311,57 @@ func setSecrets(cmd *cobra.Command, args []string) {
value := strings.Join(input, "\n")

keys = append(keys, key)
secrets[key] = value
changeRequest := models.ChangeRequest{
Name: key,
Value: &value,
}
if visibilityModified {
changeRequest.Visibility = &visibility
}
changeRequests = append(changeRequests, changeRequest)
} else if len(args) == 2 && !strings.Contains(args[0], "=") {
// format: 'doppler secrets set KEY value'
key := args[0]
value := args[1]
keys = append(keys, key)
secrets[key] = value
changeRequest := models.ChangeRequest{
Name: key,
Value: &value,
}
if visibilityModified {
changeRequest.Visibility = &visibility
}
changeRequests = append(changeRequests, changeRequest)
} else {
// format: 'doppler secrets set KEY=value'
for _, arg := range args {
secretArr := strings.SplitN(arg, "=", 2)
keys = append(keys, secretArr[0])
key := secretArr[0]
keys = append(keys, key)

changeRequest := models.ChangeRequest{
Name: key,
}

if len(secretArr) < 2 {
secrets[secretArr[0]] = ""
changeRequest.Value = nil // don't change existing value
} else {
secrets[secretArr[0]] = secretArr[1]
changeRequest.Value = &secretArr[1]
}
if visibilityModified {
changeRequest.Visibility = &visibility
}
changeRequests = append(changeRequests, changeRequest)
}
}

response, err := http.SetSecrets(localConfig.APIHost.Value, utils.GetBool(localConfig.VerifyTLS.Value, true), localConfig.Token.Value, localConfig.EnclaveProject.Value, localConfig.EnclaveConfig.Value, secrets, nil)
response, err := http.SetSecrets(localConfig.APIHost.Value, utils.GetBool(localConfig.VerifyTLS.Value, true), localConfig.Token.Value, localConfig.EnclaveProject.Value, localConfig.EnclaveConfig.Value, nil, changeRequests)
if !err.IsNil() {
utils.HandleError(err.Unwrap(), err.Message)
}

if !utils.Silent {
printer.Secrets(response, keys, jsonFlag, false, raw, false, false)
printer.Secrets(response, keys, jsonFlag, false, raw, false, visibilityModified)
}
}

Expand Down Expand Up @@ -626,6 +654,7 @@ func init() {
}
secretsSetCmd.Flags().Bool("raw", false, "print the raw secret value without processing variables")
secretsSetCmd.Flags().Bool("no-interactive", false, "do not allow entering secret value via interactive mode")
secretsSetCmd.Flags().StringP("visibility", "", "", "visibility (e.g. masked, unmasked, or restricted)")
secretsCmd.AddCommand(secretsSetCmd)

secretsUploadCmd.Flags().StringP("project", "p", "", "project (e.g. backend)")
Expand Down
14 changes: 9 additions & 5 deletions pkg/models/api.go
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,15 @@ type ComputedSecret struct {

// ChangeRequest can be used to smartly update secrets
type ChangeRequest struct {
OriginalName interface{} `json:"originalName"`
OriginalValue interface{} `json:"originalValue,omitempty"`
Name string `json:"name"`
Value string `json:"value"`
ShouldDelete bool `json:"shouldDelete"`
Name string `json:"name"`
OriginalName interface{} `json:"originalName"`
Value interface{} `json:"value"`
OriginalValue interface{} `json:"originalValue,omitempty"`
Visibility *string `json:"visibility,omitempty"`
OriginalVisibility *string `json:"originalVisibility,omitempty"`
ShouldPromote *bool `json:"shouldPromote,omitempty"`
ShouldDelete *bool `json:"shouldDelete,omitempty"`
ShouldConverge *bool `json:"shouldConverge,omitempty"`
}

// SecretNote contains a secret and its note
Expand Down
2 changes: 1 addition & 1 deletion pkg/tui/gui/cmp_secret_view.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ func (svm *SecretViewModel) ToChangeRequest() models.ChangeRequest {
OriginalName: svm.originalName,
Name: svm.nameView.TextArea.GetContent(),
Value: svm.valueView.TextArea.GetContent(),
ShouldDelete: svm.shouldDelete,
ShouldDelete: &svm.shouldDelete,
}

if svm.originalVisibility != "restricted" {
Expand Down

0 comments on commit 6d63650

Please sign in to comment.