wip: Add support for secrets

internal/config/release/release.go

@@ -8,6 +8,7 @@ import (
 	"git.badhouseplants.net/allanger/shoebill/internal/config/repository"
 	"git.badhouseplants.net/allanger/shoebill/internal/lockfile"
 	"git.badhouseplants.net/allanger/shoebill/internal/utils/helmhelper"
+	"git.badhouseplants.net/allanger/shoebill/internal/utils/sopshelper"
 	"github.com/sirupsen/logrus"
 )
 
@@ -24,12 +25,20 @@ type Release struct {
 	Namespace string
 	// Value files
 	Values []string
+	// Secrets SOPS encrypted
+	Secrets []string
 	// Private fields that should be pupulated during the run-time
-	RepositoryObj *repository.Repository `yaml:"-"`
+	RepositoryObj      *repository.Repository `yaml:"-"`
+	UnencryptedSecrets map[string][]byte      `yaml:"-"`
 }
 
 type Releases []*Release
 
+// Preare the release object
+func (r *Release) InitRelease() {
+	r.UnencryptedSecrets = map[string][]byte{}
+}
+
 // RepositoryObjFromName gather the whole repository object by its name
 func (r *Release) RepositoryObjFromName(repos repository.Repositories) error {
 	for _, repo := range repos {
@@ -68,6 +77,18 @@ func (r *Release) ValuesHandler(dir string) {
 	}
 }
 
+func (r *Release) SecretsHandler(dir string, sops sopshelper.SopsHelper) error {
+	for i := range r.Secrets {
+		path := fmt.Sprintf("%s/%s", dir, strings.ReplaceAll(r.Secrets[i], "./", ""))
+		res, err := sops.Decrypt(path)
+		if err != nil {
+			return err
+		}
+		r.UnencryptedSecrets[path] = res
+	}
+	return nil
+}
+
 func FindReleaseByNames(releases []string, releasesObj Releases) Releases {
 	result := Releases{}
 	for _, rObj := range releasesObj {