Filter by regex

Author: leocomelli

gcp.go

@@ -4,7 +4,6 @@ import (
 	"context"
 	"fmt"
 	"path"
-	"strings"
 
 	secretmanager "cloud.google.com/go/secretmanager/apiv1"
 	"google.golang.org/api/iterator"
@@ -13,6 +12,7 @@ import (
 
 // GCPSecretManager represents the Google Cloud Platform Secret Manager
 type GCPSecretManager struct {
+	GenericProvider
 	client *secretmanager.Client
 }
 
@@ -55,7 +55,8 @@ func (s *GCPSecretManager) ListSecrets(project string, prefix string) ([]*Secret
 		}
 
 		name := path.Base(resp.GetName())
-		if strings.HasPrefix(name, prefix) {
+
+		if s.Filter(name, prefix) {
 			content, err := s.client.AccessSecretVersion(context.Background(), &secretmanagerpb.AccessSecretVersionRequest{Name: resp.GetName() + "/versions/latest"})
 			if err != nil {
 				return nil, err

provider.go

@@ -1,7 +1,18 @@
 package main
 
+import "regexp"
+
 // SecretProvider defines the behaviors for a secret provider
 type SecretProvider interface {
 	Init() error
+	Filter(string, string) bool
 	ListSecrets(string, string) ([]*SecretData, error)
 }
+
+type GenericProvider struct{}
+
+// Filter the secrets by regex
+func (s *GenericProvider) Filter(name string, exp string) bool {
+	re := regexp.MustCompile(exp)
+	return re.MatchString(name)
+}

provider_test.go

@@ -0,0 +1,39 @@
+package main
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+)
+
+func TestFilter(t *testing.T) {
+
+	expected := []struct {
+		value string
+		exp   string
+		r     bool
+	}{
+		{
+			"myapp_password",
+			`^myapp*`,
+			true,
+		},
+		{
+			"xxx_password",
+			`^myapp*|^xxx*`,
+			true,
+		},
+		{
+			"app_password",
+			`^myapp*|^xxx*`,
+			false,
+		},
+	}
+
+	gcp := &GCPSecretManager{}
+
+	for _, e := range expected {
+		r := gcp.Filter(e.value, e.exp)
+		assert.Equal(t, e.r, r)
+	}
+}

runner_test.go

@@ -8,6 +8,7 @@ import (
 )
 
 type MockProvider struct {
+	GenericProvider
 }
 
 func (m *MockProvider) Init() error {