From d368a5f788c35153bce30036bf0a456df9edceeb Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 11:05:17 +0200 Subject: [PATCH 01/10] add gofmt to pre-commit config --- .pre-commit-config.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index b690c372..c65528de 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -67,3 +67,12 @@ repos: types: [file, rust] language: system files: ^rust/ + + - id: gofmt + name: go format + description: Run gofmt on files included in the commit. + entry: bash -c 'cd go && gofmt -s -w' + pass_filenames: true + types: [file, go] + language: system + files: ^go/ From ae94ac8492640c09c0ddd28b194e9f5278a46117 Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 11:05:33 +0200 Subject: [PATCH 02/10] add readme entry for gofmt --- go/README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/go/README.md b/go/README.md index 09fd9efa..44d675d0 100644 --- a/go/README.md +++ b/go/README.md @@ -16,3 +16,12 @@ To build the `nitor-vault` tool, follow these steps: ```shell go build -o nitor-vault ./cmd/nitor_vault +``` + +## Format code + +Using [gofmt](https://pkg.go.dev/cmd/gofmt) + +```shell +gofmt -s -w . +``` From 913ade8a9a2774b130ddaa7e7c4322db5b4b0eaf Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 11:23:08 +0200 Subject: [PATCH 03/10] format code --- go/cmd/nitor_vault/main.go | 9 +++++---- go/vault/vault.go | 8 ++++++++ 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/go/cmd/nitor_vault/main.go b/go/cmd/nitor_vault/main.go index ab3485d2..a76f667e 100644 --- a/go/cmd/nitor_vault/main.go +++ b/go/cmd/nitor_vault/main.go @@ -8,7 +8,7 @@ import ( ) func main() { - //TODO: replace "flag" implementation with e.g. https://github.com/spf13/cobra + // TODO: replace "flag" implementation with e.g. https://github.com/spf13/cobra aFlag := flag.Bool("a", false, "list all flag") lFlag := flag.String("l", "", "lookup flag, usage: -l ") sFlag := flag.String("s", "", "store flag, usage together with -v: -s -v ") @@ -41,7 +41,7 @@ func main() { } } -// CLI helper funcs +// CLI helper functions func initVault() vault.Vault { vault, err := vault.LoadVault() if err != nil { @@ -49,6 +49,7 @@ func initVault() vault.Vault { } return vault } + func all(vault vault.Vault) { all, err := vault.All() if err != nil { @@ -58,16 +59,16 @@ func all(vault vault.Vault) { fmt.Println(key) } } -func lookup(vault vault.Vault, key *string) { +func lookup(vault vault.Vault, key *string) { res, err := vault.Lookup(*key) if err != nil { log.Fatal(err) } fmt.Printf("%s", res) } -func store(vault vault.Vault, key *string, value []byte) { +func store(vault vault.Vault, key *string, value []byte) { err := vault.Store(*key, value) if err != nil { log.Fatal(err) diff --git a/go/vault/vault.go b/go/vault/vault.go index 7ef33fb6..0051f69a 100644 --- a/go/vault/vault.go +++ b/go/vault/vault.go @@ -35,10 +35,12 @@ type CloudFormationParams struct { BucketName string KeyArn string } + type Meta struct { Alg string `json:"alg"` Nonce string `json:"nonce"` } + type EncryptedObject struct { DataKey []byte EncryptedBlob []byte @@ -108,6 +110,7 @@ func getCloudformationParams(cfg *aws.Config, stackName string) (CloudFormationP } return res, nil } + func (v Vault) All() ([]string, error) { res := []string{} @@ -125,6 +128,7 @@ func (v Vault) All() ([]string, error) { } return res, nil } + func (v Vault) getS3Object(key string) ([]byte, error) { var res []byte dataKey, err := v.s3Client.GetObject(context.TODO(), &s3.GetObjectInput{Bucket: &v.cloudformationParams.BucketName, Key: &key}) @@ -138,6 +142,7 @@ func (v Vault) getS3Object(key string) ([]byte, error) { } return res, nil } + func (v Vault) Lookup(key string) (string, error) { res := "" dataKeyBlob, err := v.getS3Object(fmt.Sprintf("%s.key", key)) @@ -183,6 +188,7 @@ func (v Vault) Lookup(key string) (string, error) { } return string(plaintext), nil } + func (v Vault) Exists(key string) (bool, error) { keyName := fmt.Sprintf("%s.key", key) _, err := v.s3Client.HeadObject(context.TODO(), &s3.HeadObjectInput{Bucket: &v.cloudformationParams.BucketName, Key: &keyName}) @@ -195,6 +201,7 @@ func (v Vault) Exists(key string) (bool, error) { } return true, nil } + func (v Vault) putS3Object(key string, value io.Reader, c chan error) { _, err := v.s3Client.PutObject(context.TODO(), &s3.PutObjectInput{Bucket: &v.cloudformationParams.BucketName, Key: &key, Body: value}) if err != nil { @@ -203,6 +210,7 @@ func (v Vault) putS3Object(key string, value io.Reader, c chan error) { } c <- nil } + func (v Vault) Store(key string, value []byte) error { encrypted, err := v.encrypt(value) if err != nil { From 369b834e71846b17c2ac1a443f44bdccbb0dab27 Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 11:23:25 +0200 Subject: [PATCH 04/10] gitignore go binary --- .gitignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.gitignore b/.gitignore index 7b7fbd94..d63efc68 100644 --- a/.gitignore +++ b/.gitignore @@ -108,3 +108,6 @@ node_modules/ *.versionsBackup *~ dependency-reduced-pom.xml + +# Go binary +go/nitor-vault From 7f18d11f5d9f6191647b6104e53bbf7003ce70c6 Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 11:23:42 +0200 Subject: [PATCH 05/10] add version info --- go/cmd/nitor_vault/main.go | 49 ++++++++++++++++++++++++++++------- go/cmd/nitor_vault/version.go | 6 +++++ 2 files changed, 46 insertions(+), 9 deletions(-) create mode 100644 go/cmd/nitor_vault/version.go diff --git a/go/cmd/nitor_vault/main.go b/go/cmd/nitor_vault/main.go index a76f667e..b328c0a9 100644 --- a/go/cmd/nitor_vault/main.go +++ b/go/cmd/nitor_vault/main.go @@ -5,6 +5,8 @@ import ( "fmt" "log" "nitor_vault/vault" + "os" + "runtime/debug" ) func main() { @@ -14,19 +16,25 @@ func main() { sFlag := flag.String("s", "", "store flag, usage together with -v: -s -v ") vFlag := flag.String("v", "", "value used with store flag") wFlag := flag.Bool("w", false, "overwrite flag used with store flag") + versionFlag := flag.Bool("version", false, "print version information and exit") flag.Parse() + if *versionFlag { + fmt.Println(VersionInfo()) + os.Exit(0) + } + // Check if the flags are provided and act accordingly if *aFlag { - vault := initVault() - all(vault) + nVault := initVault() + all(nVault) } else if *lFlag != "" { - vault := initVault() - lookup(vault, lFlag) + nVault := initVault() + lookup(nVault, lFlag) } else if *sFlag != "" && *vFlag != "" { - vault := initVault() + nVault := initVault() if !*wFlag { - exists, err := vault.Exists(*sFlag) + exists, err := nVault.Exists(*sFlag) if err != nil { log.Fatal(err) } @@ -35,7 +43,7 @@ func main() { return } } - store(vault, sFlag, []byte(*vFlag)) + store(nVault, sFlag, []byte(*vFlag)) } else { flag.CommandLine.Usage() } @@ -43,11 +51,11 @@ func main() { // CLI helper functions func initVault() vault.Vault { - vault, err := vault.LoadVault() + nVault, err := vault.LoadVault() if err != nil { log.Fatal(err) } - return vault + return nVault } func all(vault vault.Vault) { @@ -74,3 +82,26 @@ func store(vault vault.Vault, key *string, value []byte) { log.Fatal(err) } } + +// VersionInfo Returns formatted build version info string. +func VersionInfo() string { + if info, ok := debug.ReadBuildInfo(); ok { + goVersion := info.GoVersion + commit := "unknown" + timestamp := "unknown" + arch := "unknown" + for _, setting := range info.Settings { + if setting.Key == "vcs.revision" { + commit = setting.Value + } + if setting.Key == "vcs.time" { + timestamp = setting.Value + } + if setting.Key == "GOARCH" { + arch = setting.Value + } + } + return fmt.Sprintf("%s %s %s %s %s %s", VersionNumber, timestamp, GitBranch, commit, goVersion, arch) + } + return "" +} diff --git a/go/cmd/nitor_vault/version.go b/go/cmd/nitor_vault/version.go new file mode 100644 index 00000000..5ba3621e --- /dev/null +++ b/go/cmd/nitor_vault/version.go @@ -0,0 +1,6 @@ +package main + +// Generated automatically; DO NOT EDIT MANUALLY. + +const VersionNumber = "1.0.0" +const GitBranch = "main" From 49d0788a6499751c8a7563c92adfc99ca030c513 Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 12:15:50 +0200 Subject: [PATCH 06/10] add go scripts --- .pre-commit-config.yaml | 2 +- common.sh | 11 +++++- go/README.md | 16 ++++++++ go/build.sh | 76 ++++++++++++++++++++++++++++++++++++ go/update_version.sh | 85 +++++++++++++++++++++++++++++++++++++++++ 5 files changed, 188 insertions(+), 2 deletions(-) create mode 100755 go/build.sh create mode 100755 go/update_version.sh diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c65528de..54637bfc 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -71,7 +71,7 @@ repos: - id: gofmt name: go format description: Run gofmt on files included in the commit. - entry: bash -c 'cd go && gofmt -s -w' + entry: bash -c 'cd go && gofmt -s -l' pass_filenames: true types: [file, go] language: system diff --git a/common.sh b/common.sh index ad46fc2a..8f089f7b 100644 --- a/common.sh +++ b/common.sh @@ -3,7 +3,8 @@ set -eo pipefail # Common shell functions and definitions -export REPO_ROOT=$(git rev-parse --show-toplevel || (cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)) +REPO_ROOT=$(git rev-parse --show-toplevel || (cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)) +export REPO_ROOT # Check platform case "$(uname -s)" in @@ -81,3 +82,11 @@ run_command() { "$@" fi } + +# Set variables GIT_HASH and GIT_BRANCH +set_version_info() { + GIT_HASH=$(git -C "$REPO_ROOT" rev-parse --short HEAD) + GIT_BRANCH=$(git -C "$REPO_ROOT" branch --show-current) + export GIT_HASH + export GIT_BRANCH +} diff --git a/go/README.md b/go/README.md index 44d675d0..f27e0d9f 100644 --- a/go/README.md +++ b/go/README.md @@ -25,3 +25,19 @@ Using [gofmt](https://pkg.go.dev/cmd/gofmt) ```shell gofmt -s -w . ``` + +## Update version number + +Increment minor version: + +```shell +./update_version.sh +``` + +Override version manually: + +```shell +./update_version.sh --version 1.2.3 +# this also works +VERSION=1.2.3 ./update_version.sh +``` diff --git a/go/build.sh b/go/build.sh new file mode 100755 index 00000000..5dc21439 --- /dev/null +++ b/go/build.sh @@ -0,0 +1,76 @@ +#!/bin/bash +set -eo pipefail + +# Import common functions +DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) +# shellcheck source=../common.sh +source "$DIR/../common.sh" + +USAGE="Usage: $(basename "$0") [OPTIONS] + +OPTIONS: All options are optional + -h | --help + Display these instructions. + + -v | --verbose + Display commands being executed." + +init_options() { + while [ $# -gt 0 ]; do + case "$1" in + -h | --help) + echo "$USAGE" + exit 1 + ;; + -v | --verbose) + set -x + ;; + esac + shift + done + + # Get absolute path to repo root + REPO_ROOT=$(git rev-parse --show-toplevel || (cd "$(dirname "../${BASH_SOURCE[0]}")" && pwd)) + PROJECT_PATH="$REPO_ROOT/go" + + if [ "$PLATFORM" = windows ]; then + EXECUTABLE="nitor-vault.exe" + else + EXECUTABLE="nitor-vault" + fi +} + +build_project() { + print_magenta "Building Nitor Vault (Go)..." + if [ -z "$(command -v go)" ]; then + print_error_and_exit "go not found in path" + else + go version + fi + + pushd "$PROJECT_PATH" > /dev/null + rm -f "$EXECUTABLE" + time go build -v -o nitor-vault ./cmd/nitor_vault + + file "$EXECUTABLE" + ./"$EXECUTABLE" --version + popd > /dev/null +} + +update_version_file() { + set_version_info + VERSION_FILE="$PROJECT_PATH/cmd/nitor_vault/version.go" + CURRENT_VERSION="$(grep "const VersionNumber =" "$VERSION_FILE" | cut -d\" -f 2)" + { + echo "package main" + echo "" + echo "// Generated automatically; DO NOT EDIT MANUALLY." + echo "" + echo "const VersionNumber = \"$CURRENT_VERSION\"" + echo "const GitBranch = \"$GIT_BRANCH\"" + } > "$VERSION_FILE" +} + +init_options "$@" +update_version_file +build_project diff --git a/go/update_version.sh b/go/update_version.sh new file mode 100755 index 00000000..9a1bd872 --- /dev/null +++ b/go/update_version.sh @@ -0,0 +1,85 @@ +#!/bin/bash +set -eo pipefail + +# Import common functions +DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) +# shellcheck source=../common.sh +source "$DIR/../common.sh" + +USAGE="Usage: $(basename "$0") [OPTIONS] + +OPTIONS: All options are optional + -h | --help + Display these instructions. + + -m | --major + Increment major version. + + -v | --version + Use given version as the new version number. + + --verbose + Display commands being executed." + +init_options() { + INCREMENT_MAJOR=false + while [ $# -gt 0 ]; do + case "$1" in + -h | --help) + echo "$USAGE" + exit 1 + ;; + -m | --major) + INCREMENT_MAJOR=true + ;; + -v | --version) + VERSION="$2" + shift + ;; + --verbose) + set -x + ;; + esac + shift + done +} + +init_options "$@" + +VERSION_FILE="$DIR/cmd/nitor_vault/version.go" + +CURRENT_VERSION="$(grep "const VersionNumber =" "$VERSION_FILE" | cut -d\" -f 2)" +MAJOR=$(echo "$CURRENT_VERSION" | cut -d '.' -f 1) +MINOR=$(echo "$CURRENT_VERSION" | cut -d '.' -f 2) + +if [ -n "$VERSION" ] && [ "$INCREMENT_MAJOR" = true ]; then + print_warn "Conflicting version arguments, using $VERSION" +fi + +if [ -n "$VERSION" ]; then + NEW_VERSION="$VERSION" +elif [ "$INCREMENT_MAJOR" = true ]; then + MAJOR=$((MAJOR + 1)) + NEW_VERSION="$MAJOR.0.0" +else + echo "Incrementing minor version" + MINOR=$((MINOR + 1)) + NEW_VERSION="$MAJOR.$MINOR.0" +fi + +echo "Current version: $CURRENT_VERSION" +if [[ "$NEW_VERSION" =~ ^[0-9]+(\.[0-9]+){2}$ ]]; then + print_green "New version number: $NEW_VERSION" +else + print_error_and_exit "Version number needs to be in format 'X.X.X', got: $NEW_VERSION" +fi + +set_version_info +{ + echo "package main" + echo "" + echo "// Generated automatically; DO NOT EDIT MANUALLY." + echo "" + echo "const VersionNumber = \"$NEW_VERSION\"" + echo "const GitBranch = \"$GIT_BRANCH\"" +} > "$VERSION_FILE" From aec43a5637538d03a37c9b890a1a3a853e61d5a5 Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 12:30:21 +0200 Subject: [PATCH 07/10] check all go files --- .pre-commit-config.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 54637bfc..9a1b0fe2 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -71,8 +71,8 @@ repos: - id: gofmt name: go format description: Run gofmt on files included in the commit. - entry: bash -c 'cd go && gofmt -s -l' - pass_filenames: true + entry: bash -c 'cd go && gofmt -s -w .' + pass_filenames: false types: [file, go] language: system files: ^go/ From 26c93ad15d8f1025db33a97c80e1e414faf642dd Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 12:40:56 +0200 Subject: [PATCH 08/10] simplify project structure * move main.go to root like go expects --- .gitignore | 3 ++- go/README.md | 8 +++++++- go/build.sh | 6 +++--- go/{cmd/nitor_vault => }/main.go | 2 +- go/update_version.sh | 4 ++-- go/{cmd/nitor_vault => vault}/version.go | 2 +- 6 files changed, 16 insertions(+), 9 deletions(-) rename go/{cmd/nitor_vault => }/main.go (95%) rename go/{cmd/nitor_vault => vault}/version.go (88%) diff --git a/.gitignore b/.gitignore index d63efc68..c910df27 100644 --- a/.gitignore +++ b/.gitignore @@ -110,4 +110,5 @@ node_modules/ dependency-reduced-pom.xml # Go binary -go/nitor-vault +/go/nitor-vault +/go/nitor_vault diff --git a/go/README.md b/go/README.md index f27e0d9f..5d336262 100644 --- a/go/README.md +++ b/go/README.md @@ -15,7 +15,13 @@ Before you begin, ensure you have met the following requirements: To build the `nitor-vault` tool, follow these steps: ```shell -go build -o nitor-vault ./cmd/nitor_vault +./build.sh +``` + +Or manually: + +```shell +go build -v -o nitor-vault ``` ## Format code diff --git a/go/build.sh b/go/build.sh index 5dc21439..0e59cf4f 100755 --- a/go/build.sh +++ b/go/build.sh @@ -50,7 +50,7 @@ build_project() { pushd "$PROJECT_PATH" > /dev/null rm -f "$EXECUTABLE" - time go build -v -o nitor-vault ./cmd/nitor_vault + time go build -v -o nitor-vault file "$EXECUTABLE" ./"$EXECUTABLE" --version @@ -59,10 +59,10 @@ build_project() { update_version_file() { set_version_info - VERSION_FILE="$PROJECT_PATH/cmd/nitor_vault/version.go" + VERSION_FILE="$PROJECT_PATH/vault/version.go" CURRENT_VERSION="$(grep "const VersionNumber =" "$VERSION_FILE" | cut -d\" -f 2)" { - echo "package main" + echo "package vault" echo "" echo "// Generated automatically; DO NOT EDIT MANUALLY." echo "" diff --git a/go/cmd/nitor_vault/main.go b/go/main.go similarity index 95% rename from go/cmd/nitor_vault/main.go rename to go/main.go index b328c0a9..a29cb3bf 100644 --- a/go/cmd/nitor_vault/main.go +++ b/go/main.go @@ -101,7 +101,7 @@ func VersionInfo() string { arch = setting.Value } } - return fmt.Sprintf("%s %s %s %s %s %s", VersionNumber, timestamp, GitBranch, commit, goVersion, arch) + return fmt.Sprintf("%s %s %s %s %s %s", vault.VersionNumber, timestamp, vault.GitBranch, commit, goVersion, arch) } return "" } diff --git a/go/update_version.sh b/go/update_version.sh index 9a1bd872..59be6254 100755 --- a/go/update_version.sh +++ b/go/update_version.sh @@ -46,7 +46,7 @@ init_options() { init_options "$@" -VERSION_FILE="$DIR/cmd/nitor_vault/version.go" +VERSION_FILE="$DIR/vault/version.go" CURRENT_VERSION="$(grep "const VersionNumber =" "$VERSION_FILE" | cut -d\" -f 2)" MAJOR=$(echo "$CURRENT_VERSION" | cut -d '.' -f 1) @@ -76,7 +76,7 @@ fi set_version_info { - echo "package main" + echo "package vault" echo "" echo "// Generated automatically; DO NOT EDIT MANUALLY." echo "" diff --git a/go/cmd/nitor_vault/version.go b/go/vault/version.go similarity index 88% rename from go/cmd/nitor_vault/version.go rename to go/vault/version.go index 5ba3621e..7d2fbc43 100644 --- a/go/cmd/nitor_vault/version.go +++ b/go/vault/version.go @@ -1,4 +1,4 @@ -package main +package vault // Generated automatically; DO NOT EDIT MANUALLY. From 56179584315cbe480e377a54bdac7d2d7f4fe863 Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 12:52:07 +0200 Subject: [PATCH 09/10] enable data race detection --- go/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go/build.sh b/go/build.sh index 0e59cf4f..7ba2d7cf 100755 --- a/go/build.sh +++ b/go/build.sh @@ -50,7 +50,7 @@ build_project() { pushd "$PROJECT_PATH" > /dev/null rm -f "$EXECUTABLE" - time go build -v -o nitor-vault + time go build -v -race -o nitor-vault file "$EXECUTABLE" ./"$EXECUTABLE" --version From c70c8a3cb7f0255cb570bc71173301c5f897722e Mon Sep 17 00:00:00 2001 From: Akseli Lukkarila Date: Mon, 6 Nov 2023 13:07:55 +0200 Subject: [PATCH 10/10] fix indent, why is my shfmt not working :thinking: --- go/build.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/go/build.sh b/go/build.sh index 7ba2d7cf..c6b8a621 100755 --- a/go/build.sh +++ b/go/build.sh @@ -43,7 +43,7 @@ init_options() { build_project() { print_magenta "Building Nitor Vault (Go)..." if [ -z "$(command -v go)" ]; then - print_error_and_exit "go not found in path" + print_error_and_exit "go not found in path" else go version fi