Merge pull request #54 from edenlabllc/bugfix/v0.45.0

#29 - add support downloading exists SOPS Age keys.

cmd/config.go

@@ -4,7 +4,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"os"
-	"path/filepath"
 	"regexp"
 	"strconv"
 	"strings"
@@ -313,20 +312,8 @@ func initAWSProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.Gi
 		return err
 	}
 
-	if len(secrets) == 0 {
-		zap.S().Warnf("SOPS Age keys contents for tenant %s not found in AWS Secrets Manager secrets",
-			conf.Tenant)
-	}
-
-	for key, val := range secrets {
-		zap.S().Infof("download AWS Secrets Manager secret %s to %s",
-			key, filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
-		if err := os.WriteFile(filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
-			return err
-		}
-	}
-
-	return nil
+	return newSecretCommands(conf, c, util.GetPwdPath("")).
+		WriteKeysInRootDir(secrets, "AWS Secrets Manager")
 }
 
 func initAzureProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.GitSpec) error {
@@ -398,17 +385,9 @@ func initAzureProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.
 			return err
 		}
 
-		if len(secrets) == 0 {
-			zap.S().Warnf("SOPS Age keys contents for tenant %s not found in Azure Key Vault secrets",
-				conf.Tenant)
-		}
-
-		for key, val := range secrets {
-			zap.S().Infof("download Azure Key Vault secret %s to %s",
-				key, filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
-			if err := os.WriteFile(filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
-				return err
-			}
+		if err := newSecretCommands(conf, c, util.GetPwdPath("")).
+			WriteKeysInRootDir(secrets, "Azure Key Vault"); err != nil {
+			return err
 		}
 	}
 
@@ -446,20 +425,8 @@ func initGCPProfile(c *cli.Context, conf *config.Config, gitSpec *git_handler.Gi
 		return err
 	}
 
-	if len(secrets) == 0 {
-		zap.S().Warnf("SOPS Age keys contents for tenant %s not found in GCP Secrets Manager secrets",
-			conf.Tenant)
-	}
-
-	for key, val := range secrets {
-		zap.S().Infof("download GCP Secrets Manager secret %s to %s",
-			key, filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
-		if err := os.WriteFile(filepath.Join(conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
-			return err
-		}
-	}
-
-	return nil
+	return newSecretCommands(conf, c, util.GetPwdPath("")).
+		WriteKeysInRootDir(secrets, "GCP Secrets Manager")
 }
 
 func configDeleteAction(conf *config.Config) cli.ActionFunc {

cmd/secret.go

@@ -153,6 +153,27 @@ func (sc *SecretCommands) CreateKeys() error {
 	return nil
 }
 
+func (sc *SecretCommands) WriteKeysInRootDir(secrets map[string][]byte, logOutput string) error {
+	if len(secrets) == 0 {
+		zap.S().Warnf("SOPS Age keys contents for tenant %s not found in %s secrets",
+			sc.Conf.Tenant, logOutput)
+	} else {
+		if err := os.MkdirAll(sc.Conf.SopsAgeKeys, 0775); err != nil {
+			return err
+		}
+	}
+
+	for key, val := range secrets {
+		zap.S().Infof("download %s secret %s to %s",
+			logOutput, key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
+		if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func (sc *SecretCommands) DownloadKeys() error {
 	switch sc.Conf.ClusterProvider {
 	case aws_provider.AWSClusterProvider:
@@ -161,20 +182,7 @@ func (sc *SecretCommands) DownloadKeys() error {
 			return err
 		}
 
-		if len(secrets) == 0 {
-			zap.S().Warnf("SOPS Age keys contents for tenant %s not found in AWS Secrets Manager secrets",
-				sc.Conf.Tenant)
-		}
-
-		for key, val := range secrets {
-			zap.S().Infof("download AWS Secrets Manager secret %s to %s",
-				key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
-			if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
-				return err
-			}
-		}
-
-		return nil
+		return sc.WriteKeysInRootDir(secrets, "AWS Secrets Manager")
 	case azure_provider.AzureClusterProvider:
 		if err := sc.Conf.NewAzureClient(sc.Ctx.Context, sc.Conf.Name); err != nil {
 			return err
@@ -185,20 +193,7 @@ func (sc *SecretCommands) DownloadKeys() error {
 			return err
 		}
 
-		if len(secrets) == 0 {
-			zap.S().Warnf("SOPS Age keys contents for tenant %s not found in Azure Key Vault secrets",
-				sc.Conf.Tenant)
-		}
-
-		for key, val := range secrets {
-			zap.S().Infof("download Azure Key Vault secret %s to %s",
-				key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
-			if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
-				return err
-			}
-		}
-
-		return nil
+		return sc.WriteKeysInRootDir(secrets, "Azure Key Vault")
 	case google_provider.GoogleClusterProvider:
 		gcp := google_provider.NewGCPConfigure(sc.Ctx.Context, sc.Conf.GCPConfigure.AppCredentialsPath)
 
@@ -207,20 +202,7 @@ func (sc *SecretCommands) DownloadKeys() error {
 			return err
 		}
 
-		if len(secrets) == 0 {
-			zap.S().Warnf("SOPS Age keys contents for tenant %s not found in GCP Secrets Manager secrets",
-				sc.Conf.Tenant)
-		}
-
-		for key, val := range secrets {
-			zap.S().Infof("download GCP Secrets Manager secret %s to %s",
-				key, filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt))
-			if err := os.WriteFile(filepath.Join(sc.Conf.SopsAgeKeys, key+util.SopsAgeKeyExt), val, 0644); err != nil {
-				return err
-			}
-		}
-
-		return nil
+		return sc.WriteKeysInRootDir(secrets, "GCP Secrets Manager")
 	default:
 		return nil
 	}

docs/release-notes.md

@@ -4,6 +4,7 @@
 - #29 - Added support for the AWS provider in Cluster API.
 - #29 - Added support for the GCP provider in Cluster API.
 - #29 - Added support for the Azure provider in Cluster API.
+- #29 - Added support for downloading existing SOPS Age keys.
 - #29 - Added the ability to create an SSH key pair for the AWS provider.
 - #29 - Added GCP NAT router creation for the GCP provider.
 - #29 - Added commands for managing Cluster API clusters to the cluster category commands.