Merge pull request #1700 from akhilmhdh/feat/cli-template

feat(cli): added template feature to cli export command
Infisical · Apr 18, 2024 · 0111ee9 · 0111ee9
2 parents 4b463c6 + 581ffc6
commit 0111ee9
Show file tree

Hide file tree

Showing 3 changed files with 61 additions and 0 deletions.
diff --git a/cli/packages/cmd/agent.go b/cli/packages/cmd/agent.go
@@ -381,6 +381,12 @@ func ProcessTemplate(templateId int, templatePath string, data interface{}, acce
 	funcs := template.FuncMap{
 		"secret":         secretFunction,
 		"dynamic_secret": dynamicSecretFunction,
+		"minus": func(a, b int) int {
+			return a - b
+		},
+		"add": func(a, b int) int {
+			return a + b
+		},
 	}
 
 	templateName := path.Base(templatePath)

diff --git a/cli/packages/cmd/export.go b/cli/packages/cmd/export.go
@@ -7,6 +7,7 @@ import (
 	"encoding/csv"
 	"encoding/json"
 	"fmt"
+	"os"
 	"strings"
 
 	"github.com/Infisical/infisical-merge/packages/models"
@@ -59,6 +60,11 @@ var exportCmd = &cobra.Command{
 			util.HandleError(err)
 		}
 
+		templatePath, err := cmd.Flags().GetString("template")
+		if err != nil {
+			util.HandleError(err)
+		}
+
 		secretOverriding, err := cmd.Flags().GetBool("secret-overriding")
 		if err != nil {
 			util.HandleError(err, "Unable to parse flag")
@@ -93,6 +99,31 @@ var exportCmd = &cobra.Command{
 			request.UniversalAuthAccessToken = token.Token
 		}
 
+		if templatePath != "" {
+			sigChan := make(chan os.Signal, 1)
+			dynamicSecretLeases := NewDynamicSecretLeaseManager(sigChan)
+			newEtag := ""
+
+			accessToken := ""
+			if token != nil {
+				accessToken = token.Token
+			} else {
+				log.Debug().Msg("GetAllEnvironmentVariables: Trying to fetch secrets using logged in details")
+				loggedInUserDetails, err := util.GetCurrentLoggedInUserDetails()
+				if err != nil {
+					util.HandleError(err)
+				}
+				accessToken = loggedInUserDetails.UserCredentials.JTWToken
+			}
+
+			processedTemplate, err := ProcessTemplate(1, templatePath, nil, accessToken, "", &newEtag, dynamicSecretLeases)
+			if err != nil {
+				util.HandleError(err)
+			}
+			fmt.Print(processedTemplate.String())
+			return
+		}
+
 		secrets, err := util.GetAllEnvironmentVariables(request, "")
 		if err != nil {
 			util.HandleError(err, "Unable to fetch secrets")
@@ -140,6 +171,7 @@ func init() {
 	exportCmd.Flags().StringP("tags", "t", "", "filter secrets by tag slugs")
 	exportCmd.Flags().String("projectId", "", "manually set the projectId to fetch secrets from")
 	exportCmd.Flags().String("path", "/", "get secrets within a folder path")
+	exportCmd.Flags().String("template", "", "The path to the template file used to render secrets")
 }
 
 // Format according to the format flag

diff --git a/docs/cli/commands/export.mdx b/docs/cli/commands/export.mdx
@@ -33,6 +33,9 @@ Export environment variables from the platform into a file format.
 
   # Export variables to a YAML file
   infisical export --format=yaml > secrets.yaml
+
+  # Render secrets using a custom template file
+  infisical export --template=<path to template>
   ```
 
   ### Environment variables
@@ -57,6 +60,26 @@ Export environment variables from the platform into a file format.
   </Accordion>
 
   ### flags 
+  <Accordion title="--template">
+    The `--template` flag specifies the path to the template file used for rendering secrets. When using templates, you can omit the other format flags.
+
+		```text my-template-file
+    {{$secrets := secret "<infisical-project-id>" "<environment-slug>" "<folder-path>"}}
+    {{$length := len $secrets}}
+    {{- "{"}}
+    {{- with $secrets }}
+      {{- range $index, $secret := . }}
+        "{{ $secret.Key }}": "{{ $secret.Value }}"{{if lt $index (minus $length 1)}},{{end}}
+      {{- end }}
+    {{- end }}
+    {{ "}" -}}
+		```
+
+    ```bash
+    # Example
+    infisical export --template="/path/to/template/file"
+    ```
+  </Accordion>
   <Accordion title="--env">
     Used to set the environment that secrets are pulled from.