wip: Add support for secrets

internal/utils/diff/diff.go

@@ -101,7 +101,6 @@ func (diff *Diff) Resolve(repositories repository.Repositories, path string) (lo
 		found := false
 		i := 0
 		for _, repoWished := range reposWished {
-			logrus.Infof("DEBUG: exst %s tp wished %s", repoExisting.Name, repoWished.Name)
 			// If there is the same repo in the wished repos and in the lockfile
 			// We need either to udpate, or preserve. If it can't be found, just remove
 			// from the reposWished slice
@@ -115,10 +114,8 @@ func (diff *Diff) Resolve(repositories repository.Repositories, path string) (lo
 					return nil, err
 				}
 				if !reflect.DeepEqual(reposWished, repoExisting) {
-					logrus.Info("DEBUG: Exists")
 					diff.UpdatedRepositories = append(diff.UpdatedRepositories, repoWished)
 				} else {
-					logrus.Info("DEBUG: Updated")
 					diff.PreservedRepositories = append(diff.PreservedRepositories, repoWished)
 				}
 				// Delete the
@@ -135,9 +132,6 @@ func (diff *Diff) Resolve(repositories repository.Repositories, path string) (lo
 		}
 	}
 
-	for _, repo := range reposWished {
-		logrus.Infof("DEBUG: Will add %s", repo.Name)
-	}
 	diff.AddedRepositories = append(diff.AddedRepositories, reposWished...)
 
 	return lockfile, nil

internal/utils/kustomize/kustomize.go

@@ -1,11 +1,15 @@
 package kustomize
 
 import (
+	"bytes"
+	"errors"
 	"fmt"
+	"html/template"
 	"os"
 	"path/filepath"
 
 	"git.badhouseplants.net/allanger/shoebill/internal/utils/githelper"
+	"github.com/sirupsen/logrus"
 	kustomize_types "sigs.k8s.io/kustomize/api/types"
 	"sigs.k8s.io/yaml"
 )
@@ -13,6 +17,7 @@ import (
 type Kusmtomize struct {
 	Files      []string
 	ConfigMaps []string
+	Secrets    []string
 }
 
 func (k *Kusmtomize) PopulateResources(path string) error {
@@ -35,6 +40,57 @@ func (k *Kusmtomize) PopulateResources(path string) error {
 	for _, file := range files {
 		k.ConfigMaps = append(k.ConfigMaps, fmt.Sprintf("src/values/%s", file.Name()))
 	}
+
+	// Secrets
+	files, err = os.ReadDir(fmt.Sprintf("%s/src/secrets", path))
+	if err != nil {
+		return err
+	}
+
+	for _, file := range files {
+		k.Secrets = append(k.Secrets, fmt.Sprintf("src/secrets/%s", file.Name()))
+	}
+
+	return nil
+}
+
+func (k *Kusmtomize) SecGeneratorCreate(path string) error {
+	logrus.Info("preparing the secret generator file")
+	genFileTmpl := `---
+apiVersion: viaduct.ai/v1
+kind: ksops
+metadata:
+  name: shoebill-secret-gen
+files:
+{{- range $val := . }}
+  - {{ $val }}
+{{- end }}
+`
+
+	destFileName := fmt.Sprintf("%s/sec-generator.yaml", path)
+	t := template.Must(template.New("tmpl").Parse(genFileTmpl))
+	var genFileData bytes.Buffer
+	t.Execute(&genFileData, k.Secrets)
+	var genFile *os.File
+	if _, err := os.Stat(destFileName); err == nil {
+		genFile, err := os.Open(destFileName)
+		if err != nil {
+			return err
+		}
+		defer genFile.Close()
+	} else if errors.Is(err, os.ErrNotExist) {
+		genFile, err = os.Create(destFileName)
+		if err != nil {
+			return nil
+		}
+		defer genFile.Close()
+	} else {
+		return err
+	}
+	if err := os.WriteFile(destFileName, genFileData.Bytes(), os.ModeExclusive); err != nil {
+		return nil
+	}
+
 	return nil
 }
 
@@ -53,6 +109,7 @@ func (k *Kusmtomize) CmGeneratorFromFiles() []kustomize_types.ConfigMapArgs {
 		}
 		cmGens = append(cmGens, *cmGen)
 	}
+
 	return cmGens
 }
 
@@ -77,6 +134,13 @@ func Generate(path string, gh githelper.Githelper) error {
 		},
 		ConfigMapGenerator: kustomize.CmGeneratorFromFiles(),
 	}
+	if len(kustomize.Secrets) > 0 {
+		kustomization.Generators = []string{"sec-generator.yaml"}
+		if err := kustomize.SecGeneratorCreate(path); err != nil {
+			return err
+		}
+
+	}
 	manifest, err := yaml.Marshal(kustomization)
 	if err != nil {
 		return err

internal/utils/sopshelper/mock.go

@@ -0,0 +1,11 @@
+package sopshelper
+
+type SopsMock struct{}
+
+func NewSopsMock() SopsHelper {
+	return &SopsMock{}
+}
+
+func (sops *SopsMock) Decrypt(filepath string) ([]byte, error) {
+	return nil, nil
+}

internal/utils/sopshelper/sops.go

@@ -0,0 +1,27 @@
+package sopshelper
+
+import (
+	// "go.mozilla.org/sops/v3/decrypt"
+	"os"
+
+	"github.com/getsops/sops/v3/decrypt"
+	"github.com/sirupsen/logrus"
+)
+
+type Sops struct{}
+
+func NewSops() SopsHelper {
+	return &Sops{}
+}
+func (sops Sops) Decrypt(filepath string) ([]byte, error) {
+	logrus.Infof("trying to decrypt: %s", filepath)
+	encFile, err := os.ReadFile(filepath)
+	if err != nil {
+		return nil, err
+	}
+	res, err := decrypt.Data(encFile, "yaml")
+	if err != nil {
+		return nil, err
+	}
+	return res, nil
+}

internal/utils/sopshelper/types.go

@@ -0,0 +1,5 @@
+package sopshelper
+
+type SopsHelper interface {
+	Decrypt(filepath string) ([]byte, error)
+}

internal/utils/workdir/workdir.go

@@ -7,7 +7,7 @@ func CreateWorkdir(path string) (workdir string, err error) {
 		// Create a dir using the path
 		// It should not be removed after the execution
 		if err := os.Mkdir(path, 0777); err != nil {
-			return "", err
+			return path, err
 		}
 		// TODO(@allanger): I've got a feeling that it doesn't have to look that bad
 		workdir = path
@@ -16,7 +16,7 @@ func CreateWorkdir(path string) (workdir string, err error) {
 		// It should be removed after the execution
 		workdir, err = os.MkdirTemp("", "shoebill")
 		if err != nil {
-			return "", err
+			return workdir, err
 		}
 
 	}