Skip to content

Commit

Permalink
#29 - refactoring
Browse files Browse the repository at this point in the history
  • Loading branch information
apanasiuk-el committed Dec 17, 2024
1 parent bf028e7 commit 20e0ccf
Show file tree
Hide file tree
Showing 5 changed files with 41 additions and 41 deletions.
18 changes: 9 additions & 9 deletions cmd/config.go
Original file line number Diff line number Diff line change
Expand Up @@ -314,12 +314,12 @@ func initAWSProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.Gi
}

if len(secrets) == 0 {
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s secrets",
conf.Tenant, strings.ToUpper(aws_provider.AWSClusterProvider))
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in AWS Secrets Manager secrets",
conf.Tenant)
}

for key, val := range secrets {
zap.S().Infof("download AWS secret %s to %s",
zap.S().Infof("download AWS Secrets Manager secret %s to %s",
key, filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
if err := os.WriteFile(filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
return err
Expand Down Expand Up @@ -399,12 +399,12 @@ func initAzureProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.
}

if len(secrets) == 0 {
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s key vault secrets",
conf.Tenant, strings.ToUpper(aws_provider.AWSClusterProvider))
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in Azure Key Vault secrets",
conf.Tenant)
}

for key, val := range secrets {
zap.S().Infof("download Azure key vault secret %s to %s",
zap.S().Infof("download Azure Key Vault secret %s to %s",
key, filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
if err := os.WriteFile(filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
return err
Expand Down Expand Up @@ -447,12 +447,12 @@ func initGCPProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.Gi
}

if len(secrets) == 0 {
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s secrets",
conf.Tenant, strings.ToUpper(aws_provider.AWSClusterProvider))
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in GCP Secrets Manager secrets",
conf.Tenant)
}

for key, val := range secrets {
zap.S().Infof("download GCP secret %s to %s",
zap.S().Infof("download GCP Secrets Manager secret %s to %s",
key, filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
if err := os.WriteFile(filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
return err
Expand Down
18 changes: 9 additions & 9 deletions cmd/secret.go
Original file line number Diff line number Diff line change
Expand Up @@ -162,12 +162,12 @@ func (sc *SecretCommands) DownloadKeys() error {
}

if len(secrets) == 0 {
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s secrets",
sc.Conf.Tenant, strings.ToUpper(aws_provider.AWSClusterProvider))
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in AWS Secrets Manager secrets",
sc.Conf.Tenant)
}

for key, val := range secrets {
zap.S().Infof("download AWS secret %s to %s",
zap.S().Infof("download AWS Secrets Manager secret %s to %s",
key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
return err
Expand All @@ -186,12 +186,12 @@ func (sc *SecretCommands) DownloadKeys() error {
}

if len(secrets) == 0 {
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s secrets",
sc.Conf.Tenant, strings.ToUpper(aws_provider.AWSClusterProvider))
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in Azure Key Vault secrets",
sc.Conf.Tenant)
}

for key, val := range secrets {
zap.S().Infof("download Azure key vault secret %s to %s",
zap.S().Infof("download Azure Key Vault secret %s to %s",
key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
return err
Expand All @@ -208,12 +208,12 @@ func (sc *SecretCommands) DownloadKeys() error {
}

if len(secrets) == 0 {
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s secrets",
sc.Conf.Tenant, strings.ToUpper(aws_provider.AWSClusterProvider))
zap.S().Warnf("SOPS Age keys contents for tenant %s not found in GCP Secrets Manager secrets",
sc.Conf.Tenant)
}

for key, val := range secrets {
zap.S().Infof("download GCP secret %s to %s",
zap.S().Infof("download GCP Secrets Manager secret %s to %s",
key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
return err
Expand Down
14 changes: 7 additions & 7 deletions providers/aws_provider/aws.go
Original file line number Diff line number Diff line change
Expand Up @@ -464,7 +464,7 @@ func (a *AwsConfigure) CreateAWSEC2SSHKey(clusterName string) error {
}

if sshKey != nil {
zap.S().Infof("created SSHKey %s with id %s", aws.ToString(sshKey.KeyName), aws.ToString(sshKey.KeyPairId))
zap.S().Infof("created AWS EC2 SSHKey %s with id %s", aws.ToString(sshKey.KeyName), aws.ToString(sshKey.KeyPairId))
}

return nil
Expand All @@ -488,7 +488,7 @@ func (a *AwsConfigure) DeleteAWSEC2SSHKey(clusterName string) error {
}

if sshKey.KeyPairId != nil {
zap.S().Infof("deleted SSHKey %s with id %s", clusterName, aws.ToString(sshKey.KeyPairId))
zap.S().Infof("deleted AWS EC2 SSHKey %s with id %s", clusterName, aws.ToString(sshKey.KeyPairId))
}

return nil
Expand Down Expand Up @@ -523,7 +523,7 @@ func (a *AwsConfigure) GetAWSSecrets(tenant string) (map[string][]byte, error) {
results, err := client.BatchGetSecretValue(a.Ctx, params)
if err != nil {
if errors.As(err, &respError) && respError.ErrorCode() == apiErrorAccessDeniedException {
zap.S().Warnf("permission denied to get AWS batch secret values")
zap.S().Warnf("permission denied to get AWS Secrets Manager batch secret values")

return nil, nil
}
Expand Down Expand Up @@ -553,7 +553,7 @@ func (a *AwsConfigure) SetAWSSecret(tenant, keyName string, value []byte) error

createParams := &secretsmanager.CreateSecretInput{
Name: aws.String(keyName),
Description: aws.String("SOPS Age privet key for Tenant: " + tenant),
Description: aws.String("SOPS Age private key for Tenant: " + tenant),
ForceOverwriteReplicaSecret: true,
SecretString: aws.String(string(value)),
Tags: []smType.Tag{
Expand All @@ -572,7 +572,7 @@ func (a *AwsConfigure) SetAWSSecret(tenant, keyName string, value []byte) error
updateSecret, err := client.UpdateSecret(a.Ctx, updateParams)
if err != nil {
if errors.As(err, &respError) && respError.ErrorCode() == apiErrorAccessDeniedException {
zap.S().Warnf("permission denied to create AWS secret: %s", keyName)
zap.S().Warnf("permission denied to create AWS Secrets Manager secret: %s", keyName)

return nil
}
Expand All @@ -584,15 +584,15 @@ func (a *AwsConfigure) SetAWSSecret(tenant, keyName string, value []byte) error

return nil
} else if errors.As(err, &respError) && respError.ErrorCode() == apiErrorAccessDeniedException {
zap.S().Warnf("permission denied to create AWS secret: %s", keyName)
zap.S().Warnf("permission denied to create AWS Secrets Manager secret: %s", keyName)

return nil
} else {
return err
}
}

zap.S().Infof("created AWS secret: %s, %s", keyName, aws.ToString(createSecret.ARN))
zap.S().Infof("created AWS Secrets Manager secret: %s, %s", keyName, aws.ToString(createSecret.ARN))

return nil
}
Expand Down
20 changes: 10 additions & 10 deletions providers/azure_provider/azure.go
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,7 @@ func (ac *AzureConfigure) createKeyVaultResourceGroup(tenant string) error {
if err != nil {
var respErr *azcore.ResponseError
if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to create Azure resource group: %s", tenant+"-"+util.SopsRootName)
zap.S().Warnf("permission denied to create Azure Resource Group: %s", tenant+"-"+util.SopsRootName)
return nil
}

Expand All @@ -204,7 +204,7 @@ func (ac *AzureConfigure) createKeyVaultResourceGroup(tenant string) error {

ac.ResourceGroupName = *update.Name

zap.S().Infof("created Azure resource group: %s", ac.ResourceGroupName)
zap.S().Infof("created Azure Resource Group: %s", ac.ResourceGroupName)

return nil
}
Expand All @@ -214,7 +214,7 @@ func (ac *AzureConfigure) existsKeyVaultResourceGroup(tenant string) (bool, erro
if err != nil {
var respErr *azcore.ResponseError
if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to check existence of Azure resource group: %s",
zap.S().Warnf("permission denied to check existence of Azure Resource Group: %s",
tenant+"-"+util.SopsRootName)
return false, nil
}
Expand Down Expand Up @@ -252,7 +252,7 @@ func (ac *AzureConfigure) CreateAzureKeyVault(tenant string) error {
if err != nil {
var respErr *azcore.ResponseError
if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to create Azure key vault: %s",
zap.S().Warnf("permission denied to create Azure Key Vault: %s",
ac.KeyVaultName)
return nil
}
Expand All @@ -267,7 +267,7 @@ func (ac *AzureConfigure) CreateAzureKeyVault(tenant string) error {

ac.KeyVaultURI = *result.Properties.VaultURI

zap.S().Infof("created Azure key vault: %s, %s", ac.KeyVaultName, ac.KeyVaultURI)
zap.S().Infof("created Azure Key Vault: %s, %s", ac.KeyVaultName, ac.KeyVaultURI)

return nil
}
Expand All @@ -290,7 +290,7 @@ func (ac *AzureConfigure) GetAzureKeyVault(tenant string) (bool, error) {
}

if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to get Azure key vault: %s", ac.KeyVaultName)
zap.S().Warnf("permission denied to get Azure Key Vault: %s", ac.KeyVaultName)
return false, nil
}

Expand Down Expand Up @@ -320,7 +320,7 @@ func (ac *AzureConfigure) GetAzureSecrets() (map[string][]byte, error) {
if err != nil {
var respErr *azcore.ResponseError
if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to list Azure key vault secrets")
zap.S().Warnf("permission denied to list Azure Key Vault secrets")
return nil, nil
}

Expand All @@ -335,7 +335,7 @@ func (ac *AzureConfigure) GetAzureSecrets() (map[string][]byte, error) {
if err != nil {
var respErr *azcore.ResponseError
if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to get of Azure key vault secret: %s", name)
zap.S().Warnf("permission denied to get of Azure Key Vault secret: %s", name)
return nil, nil
}

Expand Down Expand Up @@ -363,14 +363,14 @@ func (ac *AzureConfigure) SetAzureSecret(keyName, value string) error {
if err != nil {
var respErr *azcore.ResponseError
if errors.As(err, &respErr) && respErr.StatusCode == 403 {
zap.S().Warnf("permission denied to create Azure key vault secret: %s", keyName)
zap.S().Warnf("permission denied to create Azure Key Vault secret: %s", keyName)
return nil
}

return err
}

zap.S().Infof("created Azure key vault secret: %s, %s", keyName, *secret.ID)
zap.S().Infof("created Azure Key Vault secret: %s, %s", keyName, *secret.ID)

return nil
}
12 changes: 6 additions & 6 deletions providers/google_provider/gcp.go
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ func (gcp *GCPConfigure) GetGCPSecrets(tenant string) (map[string][]byte, error)
if err != nil {
var respError *apierror.APIError
if errors.As(err, &respError) && respError.GRPCStatus().Code().String() == gRPCErrorPermissionDenied {
zap.S().Warnf("permission denied to list GCP secrets")
zap.S().Warnf("permission denied to list GCP Secrets Manager secrets")
return nil, nil
} else {
return nil, err
Expand All @@ -125,7 +125,7 @@ func (gcp *GCPConfigure) GetGCPSecrets(tenant string) (map[string][]byte, error)
if err != nil {
var respError *apierror.APIError
if errors.As(err, &respError) && respError.GRPCStatus().Code().String() == gRPCErrorPermissionDenied {
zap.S().Warnf("permission denied to get access to GCP secrets values")
zap.S().Warnf("permission denied to get access to GCP Secrets Manager secrets values")
return nil, nil
} else {
return nil, err
Expand All @@ -135,7 +135,7 @@ func (gcp *GCPConfigure) GetGCPSecrets(tenant string) (map[string][]byte, error)
crc32c := crc32.MakeTable(crc32.Castagnoli)
checksum := int64(crc32.Checksum(result.Payload.Data, crc32c))
if checksum != *result.Payload.DataCrc32C {
return nil, fmt.Errorf("data corruption detected for GCP secrets value: %s", resp.Name)
return nil, fmt.Errorf("data corruption detected for GCP Secrets Manager secrets value: %s", resp.Name)
}

secrets[filepath.Base(resp.Name)] = result.Payload.Data
Expand Down Expand Up @@ -175,7 +175,7 @@ func (gcp *GCPConfigure) SetGCPSecret(tenant, region, keyName string, value []by
if err != nil {
var respError *apierror.APIError
if errors.As(err, &respError) && respError.GRPCStatus().Code().String() == gRPCErrorPermissionDenied {
zap.S().Warnf("permission denied to create GCP secret: %s", keyName)
zap.S().Warnf("permission denied to create GCP Secrets Manager secret: %s", keyName)
} else if respError.GRPCStatus().Code().String() != gRPCErrorAlreadyExists {
return err
}
Expand All @@ -190,13 +190,13 @@ func (gcp *GCPConfigure) SetGCPSecret(tenant, region, keyName string, value []by
if err != nil {
var respError *apierror.APIError
if errors.As(err, &respError) && respError.GRPCStatus().Code().String() == gRPCErrorPermissionDenied {
zap.S().Warnf("permission denied to add GCP secret %s value", keyName)
zap.S().Warnf("permission denied to add GCP Secrets Manager secret %s value", keyName)
} else {
return err
}
}

zap.S().Infof("created GCP secret: %s, %s", keyName, version.Name)
zap.S().Infof("created GCP Secrets Manager secret: %s, %s", keyName, version.Name)

return nil
}
Expand Down

0 comments on commit 20e0ccf

Please sign in to comment.