Skip to content

Commit bb248fb

Browse files
jvehentjvehent
committed
Merge branch 'master' of github.com:mozilla/sops
2 parents 63d11bb + 160f095 commit bb248fb

File tree

1 file changed

+39
-31
lines changed

1 file changed

+39
-31
lines changed

cmd/sops/main.go

Lines changed: 39 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -367,13 +367,15 @@ func main() {
367367
var output []byte
368368
var err error
369369
if c.Bool("encrypt") {
370-
keyGroups, err := keyGroups(c, fileName)
370+
var groups []sops.KeyGroup
371+
groups, err = keyGroups(c, fileName)
371372
if err != nil {
372-
return err
373+
return toExitError(err)
373374
}
374-
shamirThreshold, err := shamirThreshold(c, fileName)
375+
var threshold int
376+
threshold, err = shamirThreshold(c, fileName)
375377
if err != nil {
376-
return err
378+
return toExitError(err)
377379
}
378380
output, err = encrypt(encryptOpts{
379381
OutputStore: outputStore,
@@ -382,16 +384,14 @@ func main() {
382384
Cipher: aes.NewCipher(),
383385
UnencryptedSuffix: c.String("unencrypted-suffix"),
384386
KeyServices: svcs,
385-
KeyGroups: keyGroups,
386-
GroupThreshold: shamirThreshold,
387+
KeyGroups: groups,
388+
GroupThreshold: threshold,
387389
})
388-
if err != nil {
389-
return err
390-
}
391390
}
392391

393392
if c.Bool("decrypt") {
394-
extract, err := parseTreePath(c.String("extract"))
393+
var extract []interface{}
394+
extract, err = parseTreePath(c.String("extract"))
395395
if err != nil {
396396
return cli.NewExitError(fmt.Errorf("error parsing --extract path: %s", err), codes.InvalidTreePathFormat)
397397
}
@@ -404,9 +404,6 @@ func main() {
404404
KeyServices: svcs,
405405
IgnoreMAC: c.Bool("ignore-mac"),
406406
})
407-
if err != nil {
408-
return err
409-
}
410407
}
411408
if c.Bool("rotate") {
412409
var addMasterKeys []keys.MasterKey
@@ -441,15 +438,14 @@ func main() {
441438
AddMasterKeys: addMasterKeys,
442439
RemoveMasterKeys: rmMasterKeys,
443440
})
444-
if err != nil {
445-
return err
446-
}
447441
}
448442

449443
if c.String("set") != "" {
450-
path, value, err := extractSetArguments(c.String("set"))
444+
var path []interface{}
445+
var value interface{}
446+
path, value, err = extractSetArguments(c.String("set"))
451447
if err != nil {
452-
return err
448+
return toExitError(err)
453449
}
454450
output, err = set(setOpts{
455451
OutputStore: outputStore,
@@ -461,9 +457,6 @@ func main() {
461457
Value: value,
462458
TreePath: path,
463459
})
464-
if err != nil {
465-
return err
466-
}
467460
}
468461

469462
isEditMode := !c.Bool("encrypt") && !c.Bool("decrypt") && !c.Bool("rotate") && c.String("set") == ""
@@ -483,25 +476,27 @@ func main() {
483476
output, err = edit(opts)
484477
} else {
485478
// File doesn't exist, edit the example file instead
486-
keyGroups, err := keyGroups(c, fileName)
479+
var groups []sops.KeyGroup
480+
groups, err := keyGroups(c, fileName)
487481
if err != nil {
488-
return err
482+
return toExitError(err)
489483
}
490-
shamirThreshold, err := shamirThreshold(c, fileName)
484+
var threshold int
485+
threshold, err = shamirThreshold(c, fileName)
491486
if err != nil {
492-
return err
487+
return toExitError(err)
493488
}
494489
output, err = editExample(editExampleOpts{
495490
editOpts: opts,
496491
UnencryptedSuffix: c.String("unencrypted-suffix"),
497-
KeyGroups: keyGroups,
498-
GroupThreshold: shamirThreshold,
492+
KeyGroups: groups,
493+
GroupThreshold: threshold,
499494
})
500495
}
501496
}
502497

503498
if err != nil {
504-
return err
499+
return toExitError(err)
505500
}
506501
// We open the file *after* the operations on the tree have been
507502
// executed to avoid truncating it when there's errors
@@ -513,17 +508,26 @@ func main() {
513508
defer file.Close()
514509
_, err = file.Write(output)
515510
if err != nil {
516-
return err
511+
return toExitError(err)
517512
}
518513
log.Info("File written successfully")
519514
return nil
520515
}
521516
_, err = os.Stdout.Write(output)
522-
return err
517+
return toExitError(err)
523518
}
524519
app.Run(os.Args)
525520
}
526521

522+
func toExitError(err error) error {
523+
if cliErr, ok := err.(*cli.ExitError); ok && cliErr != nil {
524+
return cliErr
525+
} else if err != nil {
526+
return cli.NewExitError(err, codes.ErrorGeneric)
527+
}
528+
return nil
529+
}
530+
527531
func keyservices(c *cli.Context) (svcs []keyservice.KeyServiceClient) {
528532
if c.Bool("enable-local-keyservice") {
529533
svcs = append(svcs, keyservice.NewLocalClient())
@@ -634,6 +638,7 @@ func keyGroups(c *cli.Context, file string) ([]sops.KeyGroup, error) {
634638
var err error
635639
var configPath string
636640
if c.String("config") != "" {
641+
configPath = c.String("config")
637642
} else {
638643
configPath, err = config.FindConfigFile(".")
639644
if err != nil {
@@ -660,10 +665,13 @@ func shamirThreshold(c *cli.Context, file string) (int, error) {
660665
var err error
661666
var configPath string
662667
if c.String("config") != "" {
668+
configPath = c.String("config")
663669
} else {
664670
configPath, err = config.FindConfigFile(".")
665671
if err != nil {
666-
return 0, fmt.Errorf("config file not found and no keys provided through command line options")
672+
// If shamir flag isn't set and we can't find a config file,
673+
// assume we don't want Shamir
674+
return 0, nil
667675
}
668676
}
669677
conf, err := config.LoadForFile(configPath, file, nil)

0 commit comments

Comments
 (0)