fix: add hashicorp vault

KVv2 secrets engine with token auth only

Author: dnitsch

Makefile

@@ -1,8 +1,8 @@
 
 OWNER := dnitsch
 NAME := configmanager
-GIT_TAG := "1.13.0"
-VERSION := "v1.13.0"
+GIT_TAG := "1.14.0"
+VERSION := "v1.14.0"
 # VERSION := "$(shell git describe --tags --abbrev=0)"
 REVISION := $(shell git rev-parse --short HEAD)
 
@@ -51,3 +51,6 @@ echo:
 	echo $(REVISION)
 
 tagbuildrelease: tag cross-build release
+
+coverage_interactive: test
+	go tool cover -html=.coverage/out

configmanager.go

@@ -39,7 +39,7 @@ func (c *ConfigManager) RetrieveWithInputReplaced(input string, config generator
 func retrieveWithInputReplaced(input string, gv generator.Generatoriface) (string, error) {
 	tokens := []string{}
 	for k := range generator.VarPrefix {
-		matches := regexp.MustCompile(`(?s)`+regexp.QuoteMeta(k)+`.(`+TERMINATING_CHAR+`+)`).FindAllString(input, -1)
+		matches := regexp.MustCompile(`(?s)`+regexp.QuoteMeta(string(k))+`.(`+TERMINATING_CHAR+`+)`).FindAllString(input, -1)
 		tokens = append(tokens, matches...)
 	}
 

configmanager_test.go

@@ -61,14 +61,14 @@ func Test_retrieve(t *testing.T) {
 		t.Run(tt.name, func(t *testing.T) {
 			pm, err := retrieve(tt.tokens, tt.genvar)
 			if err != nil {
-				t.Errorf(testutils.TestPhrase, nil, err)
+				t.Errorf(testutils.TestPhrase, err, nil)
 			}
 			for k, v := range pm {
 				if k != tt.expectKey {
-					t.Errorf(testutils.TestPhrase, tt.expectKey, k)
+					t.Errorf(testutils.TestPhrase, k, tt.expectKey)
 				}
 				if v != tt.expectVal {
-					t.Errorf(testutils.TestPhrase, tt.expectVal, k)
+					t.Errorf(testutils.TestPhrase, v, tt.expectVal)
 				}
 			}
 		})
@@ -180,7 +180,7 @@ foo23 = val1
 				t.Errorf("failed with %v", err)
 			}
 			if got != tt.expect {
-				t.Errorf(testutils.TestPhrase, tt.expect, got)
+				t.Errorf(testutils.TestPhrase, got, tt.expect)
 			}
 		})
 	}
@@ -218,7 +218,7 @@ db:
 		t.Run(tt.name, func(t *testing.T) {
 			got := replaceString(tt.parsedMap, tt.inputStr)
 			if got != tt.expectStr {
-				t.Errorf(testutils.TestPhrase, tt.expectStr, got)
+				t.Errorf(testutils.TestPhrase, got, tt.expectStr)
 			}
 		})
 	}

internal/cmdutils/cmdutils.go

@@ -19,7 +19,7 @@ type confMgrRetrieveWithInputReplacediface interface {
 }
 
 type CmdUtils struct {
-	cfgmgr    configmanager.CMRetrieveWithInputReplacediface
+	cfgmgr    confMgrRetrieveWithInputReplacediface
 	generator generator.GenVarsiface
 }
 

internal/cmdutils/cmdutils_test.go

@@ -88,7 +88,7 @@ func Test_generateStrOutFromInput(t *testing.T) {
 				t.Fatal(err)
 			}
 			if string(got) != string(want) {
-				t.Errorf(testutils.TestPhrase, string(want), string(got))
+				t.Errorf(testutils.TestPhrase, string(got), string(want))
 			}
 		})
 	}
@@ -137,7 +137,7 @@ func Test_generateFromStrOutOverwrite(t *testing.T) {
 				t.Fatal(err)
 			}
 			if string(got) != string(want) {
-				t.Errorf(testutils.TestPhrase, string(want), string(got))
+				t.Errorf(testutils.TestPhrase, string(got), string(want))
 			}
 		})
 	}

internal/testutils/testutils.go

@@ -1,5 +1,5 @@
 package testutils
 
 const (
-	TestPhrase string = "Want: %v\nGot: %v"
+	TestPhrase string = "got: %v want: %v\n"
 )

pkg/generator/generator.go

@@ -12,25 +12,32 @@ import (
 	"github.com/dnitsch/configmanager/pkg/log"
 )
 
+type ImplementationPrefix string
+
+const (
+	// AWS SecretsManager prefix
+	SecretMgrPrefix ImplementationPrefix = "AWSSECRETS"
+	// AWS Parameter Store prefix
+	ParamStorePrefix ImplementationPrefix = "AWSPARAMSTR"
+	// Azure Key Vault Secrets prefix
+	AzKeyVaultSecretsPrefix ImplementationPrefix = "AZKVSECRET"
+	// Hashicorp Vault prefix
+	HashicorpVaultPrefix ImplementationPrefix = "VAULT"
+)
+
 const (
 	// tokenSeparator used for identifying the end of a prefix and beginning of token
 	// see notes about special consideration for AZKVSECRET tokens
 	tokenSeparator = "#"
 	// keySeparator used for accessing nested objects within the retrieved map
 	keySeparator = "|"
-	// AWS SecretsManager prefix
-	SecretMgrPrefix = "AWSSECRETS"
-	// AWS Parameter Store prefix
-	ParamStorePrefix = "AWSPARAMSTR"
-	// Azure Key Vault Secrets prefix
-	AzKeyVaultSecretsPrefix = "AZKVSECRET"
 )
 
 var (
 	// default varPrefix used by the replacer function
-	// any token msut beging with one of these else
+	// any token must beging with one of these else
 	// it will be skipped as not a replaceable token
-	VarPrefix = map[string]bool{SecretMgrPrefix: true, ParamStorePrefix: true, AzKeyVaultSecretsPrefix: true}
+	VarPrefix = map[ImplementationPrefix]bool{SecretMgrPrefix: true, ParamStorePrefix: true, AzKeyVaultSecretsPrefix: true, HashicorpVaultPrefix: true}
 )
 
 // Generatoriface describes the exported methods
@@ -163,7 +170,7 @@ func (c *GenVars) Generate(tokens []string) (ParsedMap, error) {
 	rawTokenPrefixMap := map[string]string{}
 	for _, token := range tokens {
 		prefix := strings.Split(token, c.config.tokenSeparator)[0]
-		if found := VarPrefix[prefix]; found {
+		if found := VarPrefix[ImplementationPrefix(prefix)]; found {
 			rawTokenPrefixMap[token] = prefix
 		}
 	}
@@ -200,11 +207,11 @@ func (c *GenVars) generate(rawMap map[string]string) (ParsedMap, error) {
 
 	wg.Add(initChanLen)
 	for token, prefix := range rawMap {
-		go func(a, p string) {
+		go func(a string, p ImplementationPrefix) {
 			defer wg.Done()
 			rs := newRetrieveStrategy(NewDefatultStrategy(), c.config)
 			outCh <- rs.retrieveSpecificCh(c.ctx, p, a)
-		}(token, prefix)
+		}(token, ImplementationPrefix(prefix))
 	}
 
 	go func() {

pkg/generator/generator_test.go

@@ -27,7 +27,7 @@ func newFixture(t *testing.T) *fixture {
 	return f
 }
 
-func (f *fixture) goodGenVars(op, ts string) {
+func (f *fixture) configGenVars(op, ts string) {
 	conf := NewConfig().WithOutputPath(op).WithTokenSeparator(ts)
 	gv := NewGenerator().WithConfig(conf)
 	f.rs = newRetrieveStrategy(NewDefatultStrategy(), *conf)
@@ -38,40 +38,46 @@ func TestGenVarsWithConfig(t *testing.T) {
 
 	f := newFixture(t)
 
-	f.goodGenVars(customop, customts)
+	f.configGenVars(customop, customts)
 	if f.c.config.outpath != customop {
-		f.t.Errorf(testutils.TestPhrase, customop, f.c.config.outpath)
+		f.t.Errorf(testutils.TestPhrase, f.c.config.outpath, customop)
 	}
 	if f.c.config.tokenSeparator != customts {
-		f.t.Errorf(testutils.TestPhrase, customts, f.c.config.tokenSeparator)
+		f.t.Errorf(testutils.TestPhrase, f.c.config.tokenSeparator, customts)
 	}
 }
 
 func TestStripPrefixNormal(t *testing.T) {
-
-	want := "/normal/without/prefix"
-	prefix := SecretMgrPrefix
-	f := newFixture(t)
-	f.goodGenVars(standardop, standardts)
-
-	got := f.rs.stripPrefix(fmt.Sprintf("%s#%s", prefix, want), prefix)
-	if got != want {
-		f.t.Errorf(testutils.TestPhrase, want, got)
+	ttests := map[string]struct {
+		prefix         ImplementationPrefix
+		token          string
+		keySeparator   string
+		tokenSeparator string
+		f              *fixture
+		expect         string
+	}{
+		"standard azkv":               {AzKeyVaultSecretsPrefix, "AZKVSECRET://vault1/secret2", "|", "://", newFixture(t), "vault1/secret2"},
+		"standard hashivault":         {HashicorpVaultPrefix, "VAULT://vault1/secret2", "|", "://", newFixture(t), "vault1/secret2"},
+		"custom separator hashivault": {HashicorpVaultPrefix, "VAULT#vault1/secret2", "|", "#", newFixture(t), "vault1/secret2"},
 	}
-
-	gotNegative := f.rs.stripPrefix(fmt.Sprintf("%s___%s", prefix, want), prefix)
-	if gotNegative == want {
-		f.t.Errorf(testutils.TestPhrase, want, gotNegative)
+	for name, tt := range ttests {
+		t.Run(name, func(t *testing.T) {
+			tt.f.configGenVars(tt.keySeparator, tt.tokenSeparator)
+			got := tt.f.rs.stripPrefix(tt.token, tt.prefix)
+			if got != tt.expect {
+				t.Errorf(testutils.TestPhrase, got, tt.expect)
+			}
+		})
 	}
 }
 
 func Test_stripPrefix(t *testing.T) {
 	f := newFixture(t)
-	f.goodGenVars(standardop, standardts)
+	f.configGenVars(standardop, standardts)
 	tests := []struct {
 		name   string
 		token  string
-		prefix string
+		prefix ImplementationPrefix
 		expect string
 	}{
 		{
@@ -99,7 +105,7 @@ func Test_stripPrefix(t *testing.T) {
 
 func Test_NormaliseMap(t *testing.T) {
 	f := newFixture(t)
-	f.goodGenVars(standardop, standardts)
+	f.configGenVars(standardop, standardts)
 	tests := []struct {
 		name     string
 		gv       *GenVars
@@ -133,7 +139,7 @@ func Test_NormaliseMap(t *testing.T) {
 
 func Test_KeyLookup(t *testing.T) {
 	f := newFixture(t)
-	f.goodGenVars(standardop, standardts)
+	f.configGenVars(standardop, standardts)
 
 	tests := []struct {
 		name   string
@@ -206,7 +212,7 @@ func Test_ConvertToExportVars(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			f := newFixture(t)
-			f.goodGenVars(standardop, standardts)
+			f.configGenVars(standardop, standardts)
 			f.c.rawMap = tt.rawMap
 			f.c.ConvertToExportVar()
 			got := f.c.outString