Skip to content

Commit

Permalink
reformat with gofumpt
Browse files Browse the repository at this point in the history
  • Loading branch information
Mic92 committed Nov 3, 2023
1 parent cc2cfe5 commit c59da7a
Show file tree
Hide file tree
Showing 6 changed files with 42 additions and 46 deletions.
1 change: 0 additions & 1 deletion pkgs/sops-import-keys-hook/hook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -71,5 +71,4 @@ func TestShellHook(t *testing.T) {
if !strings.Contains(stderr, expectedStderr) {
t.Fatalf("'%v' not in '%v'", expectedStderr, stdout)
}

}
4 changes: 2 additions & 2 deletions pkgs/sops-install-secrets/darwin.go
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ func SecureSymlinkChown(symlinkToCheck string, expectedTarget string, owner, gro
// newfs_hfs $mydev
// mount -t hfs $mydev /tmp/mymount
func MountSecretFs(mountpoint string, keysGid int, _useTmpfs bool, userMode bool) error {
if err := os.MkdirAll(mountpoint, 0751); err != nil {
if err := os.MkdirAll(mountpoint, 0o751); err != nil {
return fmt.Errorf("Cannot create directory '%s': %w", mountpoint, err)
}
if _, err := os.Stat(mountpoint + "/sops-nix-secretfs"); !errors.Is(err, os.ErrNotExist) {
Expand Down Expand Up @@ -90,7 +90,7 @@ func MountSecretFs(mountpoint string, keysGid int, _useTmpfs bool, userMode bool
// There is no documented way to check for memfs mountpoint. Thus we place a file.
_, err = os.Create(mountpoint + "/sops-nix-secretfs")

// This would be the way to check on unix.
// This would be the way to check on unix.
//buf := unix.Statfs_t{}
//if err := unix.Statfs(mountpoint, &buf); err != nil {
// return fmt.Errorf("Cannot get statfs for directory '%s': %w", mountpoint, err)
Expand Down
18 changes: 9 additions & 9 deletions pkgs/sops-install-secrets/linux.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,18 @@
package main

import (
"fmt"
"os"
"fmt"
"os"

"golang.org/x/sys/unix"
)

func RuntimeDir() (string, error) {
rundir, ok := os.LookupEnv("XDG_RUNTIME_DIR")
if !ok {
return "", fmt.Errorf("$XDG_RUNTIME_DIR is not set!")
}
return rundir, nil
rundir, ok := os.LookupEnv("XDG_RUNTIME_DIR")
if !ok {
return "", fmt.Errorf("$XDG_RUNTIME_DIR is not set!")
}
return rundir, nil
}

func SecureSymlinkChown(symlinkToCheck, expectedTarget string, owner, group int) error {
Expand Down Expand Up @@ -51,11 +51,11 @@ func SecureSymlinkChown(symlinkToCheck, expectedTarget string, owner, group int)
}

func MountSecretFs(mountpoint string, keysGid int, useTmpfs bool, userMode bool) error {
if err := os.MkdirAll(mountpoint, 0751); err != nil {
if err := os.MkdirAll(mountpoint, 0o751); err != nil {
return fmt.Errorf("Cannot create directory '%s': %w", mountpoint, err)
}

// We can't create a ramfs as user
// We can't create a ramfs as user
if userMode {
return nil
}
Expand Down
55 changes: 27 additions & 28 deletions pkgs/sops-install-secrets/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,9 @@ import (
"github.com/Mic92/sops-nix/pkgs/sops-install-secrets/sshkeys"
agessh "github.com/Mic92/ssh-to-age"

"github.com/joho/godotenv"
"github.com/mozilla-services/yaml"
"go.mozilla.org/sops/v3/decrypt"
"github.com/joho/godotenv"
)

type secret struct {
Expand Down Expand Up @@ -79,10 +79,10 @@ const (
func IsValidFormat(format string) bool {
switch format {
case string(Yaml),
string(Json),
string(Binary),
string(Dotenv),
string(Ini):
string(Json),
string(Binary),
string(Dotenv),
string(Ini):
return true
default:
return false
Expand All @@ -94,7 +94,7 @@ func (f *FormatType) UnmarshalJSON(b []byte) error {
if err := json.Unmarshal(b, &s); err != nil {
return err
}
var t = FormatType(s)
t := FormatType(s)
switch t {
case "":
*f = Yaml
Expand Down Expand Up @@ -304,8 +304,10 @@ func decryptSecrets(secrets []secret) error {
return nil
}

const RAMFS_MAGIC int32 = -2054924042
const TMPFS_MAGIC int32 = 16914836
const (
RAMFS_MAGIC int32 = -2054924042
TMPFS_MAGIC int32 = 16914836
)

func prepareSecretsDir(secretMountpoint string, linkName string, keysGid int, userMode bool) (*string, error) {
var generation uint64
Expand All @@ -328,7 +330,7 @@ func prepareSecretsDir(secretMountpoint string, linkName string, keysGid int, us
return nil, fmt.Errorf("Cannot remove existing %s: %w", dir, err)
}
}
if err := os.Mkdir(dir, os.FileMode(0751)); err != nil {
if err := os.Mkdir(dir, os.FileMode(0o751)); err != nil {
return nil, fmt.Errorf("mkdir(): %w", err)
}
if !userMode {
Expand All @@ -347,7 +349,7 @@ func writeSecrets(secretDir string, secrets []secret, keysGid int, userMode bool
pathSoFar := secretDir
for _, dir := range dirs {
pathSoFar = filepath.Join(pathSoFar, dir)
if err := os.MkdirAll(pathSoFar, 0751); err != nil {
if err := os.MkdirAll(pathSoFar, 0o751); err != nil {
return fmt.Errorf("Cannot create directory '%s' for %s: %w", pathSoFar, fp, err)
}
if !userMode {
Expand Down Expand Up @@ -382,15 +384,15 @@ func lookupGroup(groupname string) (int, error) {
}

func lookupKeysGroup() (int, error) {
gid, err1 := lookupGroup("keys")
if err1 == nil {
return gid, nil
}
gid, err2 := lookupGroup("nogroup")
if err2 == nil {
return gid, nil
}
return 0, fmt.Errorf("Can't find group 'keys' nor 'nogroup' (%w).", err2)
gid, err1 := lookupGroup("keys")
if err1 == nil {
return gid, nil
}
gid, err2 := lookupGroup("nogroup")
if err2 == nil {
return gid, nil
}
return 0, fmt.Errorf("Can't find group 'keys' nor 'nogroup' (%w).", err2)
}

func (app *appContext) loadSopsFile(s *secret) (*secretFile, error) {
Expand Down Expand Up @@ -435,7 +437,6 @@ func (app *appContext) loadSopsFile(s *secret) (*secretFile, error) {
keys: keys,
firstSecret: s,
}, nil

}

func (app *appContext) validateSopsFile(s *secret, file *secretFile) error {
Expand All @@ -444,7 +445,7 @@ func (app *appContext) validateSopsFile(s *secret, file *secretFile) error {
s.Name, s.SopsFile, s.Format,
file.firstSecret.Format, file.firstSecret.Name)
}
if app.checkMode != Manifest && (!(s.Format == Binary || s.Format == Dotenv || s.Format == Ini )) {
if app.checkMode != Manifest && (!(s.Format == Binary || s.Format == Dotenv || s.Format == Ini)) {
_, err := recurseSecretKey(file.keys, s.Key)
if err != nil {
return fmt.Errorf("secret %s in %s is not valid: %w", s.Name, s.SopsFile, err)
Expand Down Expand Up @@ -605,7 +606,7 @@ func pruneGenerations(secretsMountPoint, secretsDir string, keepGenerations int)
func importSSHKeys(logcfg loggingConfig, keyPaths []string, gpgHome string) error {
secringPath := filepath.Join(gpgHome, "secring.gpg")

secring, err := os.OpenFile(secringPath, os.O_WRONLY|os.O_CREATE, 0600)
secring, err := os.OpenFile(secringPath, os.O_WRONLY|os.O_CREATE, 0o600)
if err != nil {
return fmt.Errorf("Cannot create %s: %w", secringPath, err)
}
Expand Down Expand Up @@ -661,7 +662,6 @@ func importAgeSSHKeys(logcfg loggingConfig, keyPaths []string, ageFile os.File)
// Inspired by https://github.com/facebookarchive/symwalk
func symlinkWalk(filename string, linkDirname string, walkFn filepath.WalkFunc) error {
symWalkFunc := func(path string, info os.FileInfo, err error) error {

if fname, err := filepath.Rel(filename, path); err == nil {
path = filepath.Join(linkDirname, fname)
} else {
Expand Down Expand Up @@ -735,7 +735,7 @@ func handleModifications(isDry bool, logcfg loggingConfig, symlinkPath string, s

writeLines := func(list []string, file string) error {
if len(list) != 0 {
f, err := os.OpenFile(file, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0600)
f, err := os.OpenFile(file, os.O_APPEND|os.O_WRONLY|os.O_CREATE, 0o600)
if err != nil {
return err
}
Expand Down Expand Up @@ -893,9 +893,9 @@ func installSecrets(args []string) error {
}

if manifest.UserMode {
rundir, err := RuntimeDir()
rundir, err := RuntimeDir()
if opts.checkMode == Off && err != nil {
return fmt.Errorf("Error: %v", err)
return fmt.Errorf("Error: %v", err)
}
manifest.SecretsMountPoint = replaceRuntimeDir(manifest.SecretsMountPoint, rundir)
manifest.SymlinkPath = replaceRuntimeDir(manifest.SymlinkPath, rundir)
Expand Down Expand Up @@ -953,7 +953,7 @@ func installSecrets(args []string) error {
keyfile := filepath.Join(manifest.SecretsMountPoint, "age-keys.txt")
os.Setenv("SOPS_AGE_KEY_FILE", keyfile)
// Create the keyfile
ageFile, err := os.OpenFile(keyfile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600)
ageFile, err := os.OpenFile(keyfile, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600)
if err != nil {
return fmt.Errorf("Cannot create '%s': %w", keyfile, err)
}
Expand Down Expand Up @@ -1013,7 +1013,6 @@ func installSecrets(args []string) error {
}

return nil

}

func main() {
Expand Down
9 changes: 4 additions & 5 deletions pkgs/sops-install-secrets/main_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ func equals(tb testing.TB, exp, act interface{}) {

func writeManifest(t *testing.T, dir string, m *manifest) string {
filename := path.Join(dir, "manifest.json")
f, err := os.OpenFile(filename, os.O_RDWR|os.O_CREATE, 0755)
f, err := os.OpenFile(filename, os.O_RDWR|os.O_CREATE, 0o755)
ok(t, err)
encoder := json.NewEncoder(f)
ok(t, encoder.Encode(m))
Expand Down Expand Up @@ -82,7 +82,7 @@ func testGPG(t *testing.T) {
gpgHome := path.Join(testdir.path, "gpg-home")
gpgEnv := append(os.Environ(), fmt.Sprintf("GNUPGHOME=%s", gpgHome))

ok(t, os.Mkdir(gpgHome, os.FileMode(0700)))
ok(t, os.Mkdir(gpgHome, os.FileMode(0o700)))
cmd := exec.Command("gpg", "--import", path.Join(assets, "key.asc"))
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
Expand Down Expand Up @@ -144,7 +144,6 @@ func testGPG(t *testing.T) {
iniSecret.SopsFile = path.Join(assets, "secrets.ini")
iniSecret.Path = path.Join(testdir.secretsPath, "test5")


manifest := manifest{
Secrets: []secret{yamlSecret, jsonSecret, binarySecret, dotenvSecret, iniSecret},
SecretsMountPoint: testdir.secretsPath,
Expand All @@ -169,7 +168,7 @@ func testGPG(t *testing.T) {
ok(t, err)

equals(t, true, yamlStat.Mode().IsRegular())
equals(t, 0400, int(yamlStat.Mode().Perm()))
equals(t, 0o400, int(yamlStat.Mode().Perm()))
stat, success := yamlStat.Sys().(*syscall.Stat_t)
equals(t, true, success)
content, err := os.ReadFile(yamlSecret.Path)
Expand All @@ -187,7 +186,7 @@ func testGPG(t *testing.T) {
jsonStat, err := os.Stat(jsonSecret.Path)
ok(t, err)
equals(t, true, jsonStat.Mode().IsRegular())
equals(t, 0700, int(jsonStat.Mode().Perm()))
equals(t, 0o700, int(jsonStat.Mode().Perm()))
if stat, ok := jsonStat.Sys().(*syscall.Stat_t); ok {
equals(t, 0, int(stat.Uid))
equals(t, 0, int(stat.Gid))
Expand Down
1 change: 0 additions & 1 deletion pkgs/sops-pgp-hook/hook_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,5 +65,4 @@ func TestShellHook(t *testing.T) {
if !strings.Contains(stderr, expectedStderr) {
t.Fatalf("'%v' not in '%v'", expectedStderr, stdout)
}

}

0 comments on commit c59da7a

Please sign in to comment.