-
Notifications
You must be signed in to change notification settings - Fork 3
/
main.go
58 lines (48 loc) · 1.26 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
package main
import (
"fmt"
"github.com/go-chef/chef"
"io/ioutil"
"os"
)
func main() {
if len(os.Args) != 2 {
printAndExit(fmt.Errorf("No argument given"))
}
variablePath := os.Args[1]
bagName, bagItem, keyName, err := parsePath(variablePath)
if err != nil {
printAndExit(fmt.Errorf("Path '%s' is invalid", variablePath))
}
nodeName := readEnvVar("CHEF_NODE_NAME")
clientKeyPath := readEnvVar("CHEF_CLIENT_KEY_PATH")
serverUrl := readEnvVar("CHEF_SERVER_URL")
decryptionKeyPath := readEnvVar("CHEF_DECRYPTION_KEY_PATH")
key, err := ioutil.ReadFile(clientKeyPath)
if err != nil {
printAndExit(err)
}
decryptionKey, err := ioutil.ReadFile(decryptionKeyPath)
if err != nil {
printAndExit(err)
}
client, err := chef.NewClient(&chef.Config{
Name: nodeName,
Key: string(key),
BaseURL: fmt.Sprintf("%s/foo", serverUrl), // /foo is needed here because of how URLs are parsed by go-chef
SkipSSL: (os.Getenv("CHEF_SKIP_SSL") == "1"),
})
if err != nil {
printAndExit(err)
}
item, err := client.DataBags.GetItem(bagName, bagItem)
if err != nil {
printAndExit(err)
}
encrypted := NewEncryptedDataBagItem(item)
unencrypted, err := encrypted.DecryptKey(keyName, decryptionKey)
if err != nil {
printAndExit(err)
}
fmt.Print(unencrypted)
}