From 2f6e0081214b4033132725065014c5022b997c92 Mon Sep 17 00:00:00 2001
From: Vincent Ambo <tazjin@gmail.com>
Date: Thu, 9 Feb 2017 15:33:03 +0100
Subject: feat templater: Add 'pass' lookup function

This introduces support for looking up secret values in the 'pass' command line
tool (https://www.passwordstore.org/).

Values like passwords can be interpolated from pass and even more complex
structures like certificates for Kubernetes Secrets can be retrieved and base64-
encoded as necessary.

Fixes #2
---
 templater/pass.go      | 32 ++++++++++++++++++++++++++++++++
 templater/templater.go |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 templater/pass.go

(limited to 'templater')

diff --git a/templater/pass.go b/templater/pass.go
new file mode 100644
index 000000000000..f1dc82986174
--- /dev/null
+++ b/templater/pass.go
@@ -0,0 +1,32 @@
+// This file contains the implementation of a template function for retrieving variables from 'pass', the standard UNIX
+// password manager.
+package templater
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+
+	"github.com/polydawn/meep"
+)
+
+type PassError struct {
+	meep.TraitAutodescribing
+	meep.TraitCausable
+	Output string
+}
+
+func GetFromPass(key string) (string, error) {
+	fmt.Fprintf(os.Stderr, "Attempting to look up %s in pass\n", key)
+	pass := exec.Command("pass", "show", key)
+
+	output, err := pass.CombinedOutput()
+	if err != nil {
+		return "", meep.New(
+			&PassError{Output: string(output)},
+			meep.Cause(err),
+		)
+	}
+
+	return string(output), nil
+}
diff --git a/templater/templater.go b/templater/templater.go
index fc7433ff10e3..5e38ddf893d0 100644
--- a/templater/templater.go
+++ b/templater/templater.go
@@ -158,6 +158,7 @@ func templateFuncs() template.FuncMap {
 		b, _ := json.Marshal(data)
 		return string(b)
 	}
+	m["passLookup"] = GetFromPass
 
 	return m
 }
-- 
cgit 1.4.1