├── .circleci └── config.yml ├── .github ├── CODEOWNERS └── workflows │ ├── comment_issue.yml │ ├── create_issue.yml │ └── create_issue_on_label.yml ├── .gitignore ├── CHANGELOG.md ├── LICENSE ├── Makefile ├── README.md ├── cmd └── main.go ├── go.mod ├── go.sum ├── install-binary.sh ├── internal ├── ssm.go ├── ssm_test.go ├── template.go └── template_test.go └── plugin.yaml /.circleci/config.yml: -------------------------------------------------------------------------------- 1 | version: 2.1 2 | 3 | orbs: 4 | codacy: codacy/base@9.3.5 5 | 6 | jobs: 7 | build: # runs not using Workflows must have a `build` job as entry point 8 | docker: # run the steps with Docker 9 | - image: cimg/go:1.19 # 10 | 11 | # directory where steps are run. Path must conform to the Go Workspace requirements 12 | working_directory: ~/workdir/helm-ssm 13 | 14 | environment: # environment variables for the build itself 15 | TEST_RESULTS: /tmp/test-results # path to where test results will be saved 16 | 17 | steps: # steps that comprise the `build` job 18 | - attach_workspace: 19 | at: ~/workdir/helm-ssm 20 | 21 | - run: mkdir -p $TEST_RESULTS # create the test results directory 22 | 23 | - restore_cache: # restores saved cache if no changes are detected since last run 24 | # Read about caching dependencies: https://circleci.com/docs/2.0/caching/ 25 | keys: 26 | - v2020-09-pkg-cache 27 | 28 | - run: go install github.com/jstemmer/go-junit-report/v2@v2.0.0 29 | 30 | - run: 31 | name: Run unit tests 32 | # Store the results of our tests in the $TEST_RESULTS directory 33 | command: | 34 | make test | go-junit-report >> ${TEST_RESULTS}/go-test-report.xml 35 | 36 | - run: make dist # pull and build dependencies for the project 37 | 38 | - persist_to_workspace: 39 | root: ~/workdir/helm-ssm 40 | paths: 41 | - '*' 42 | 43 | - save_cache: # Store cache in the /go/pkg directory 44 | key: v1-pkg-cache 45 | paths: 46 | - "/go/pkg" 47 | 48 | - store_artifacts: # Upload test summary for display in Artifacts: https://circleci.com/docs/2.0/artifacts/ 49 | path: /tmp/test-results 50 | destination: raw-test-output 51 | 52 | - store_test_results: # Upload test results for display in Test Summary: https://circleci.com/docs/2.0/collect-test-data/ 53 | path: /tmp/test-results 54 | 55 | publish: # runs not using Workflows must have a `build` job as entry point 56 | docker: # run the steps with Docker 57 | - image: cimg/go:1.19 # 58 | 59 | # directory where steps are run. Path must conform to the Go Workspace requirements 60 | working_directory: ~/workdir/helm-ssm 61 | steps: # steps that comprise the `build` job 62 | - attach_workspace: 63 | at: ~/workdir/helm-ssm 64 | 65 | - run: 66 | name: "Publish Release on GitHub" 67 | command: | 68 | export VERSION="$(cat .version)" 69 | echo "Publishing version ${VERSION}" 70 | ls -lisah ./_dist/ 71 | 72 | curl -L https://github.com/cli/cli/releases/download/v1.1.0/gh_1.1.0_linux_amd64.deb -o gh.deb 73 | sudo dpkg -i gh.deb 74 | echo ${GITHUB_TOKEN} | gh auth login --with-token 75 | gh config set prompt disabled 76 | gh release create ${VERSION} ./_dist/*.tgz 77 | 78 | 79 | workflows: 80 | version: 2 81 | ci: 82 | jobs: 83 | - codacy/checkout_and_version 84 | - build: 85 | requires: 86 | - codacy/checkout_and_version 87 | - codacy/tag_version: 88 | name: tag_version 89 | context: CodacyAWS 90 | requires: 91 | - build 92 | filters: 93 | branches: 94 | only: 95 | - master 96 | - publish: 97 | context: CodacyGitHub 98 | requires: 99 | - tag_version 100 | - codacy/tag_version: 101 | name: tag_version_latest 102 | context: CodacyAWS 103 | version: latest 104 | force: true 105 | requires: 106 | - publish -------------------------------------------------------------------------------- /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @lolgab @ljmf00 @andreaTP @rtfpessoa @bmbferreira @DReigada @pedrocodacy 2 | 3 | *.yml @h314to @paulopontesm 4 | 5 | -------------------------------------------------------------------------------- /.github/workflows/comment_issue.yml: -------------------------------------------------------------------------------- 1 | name: Comment issue on Jira 2 | 3 | on: 4 | issue_comment: 5 | types: [created] 6 | 7 | jobs: 8 | jira: 9 | env: 10 | JIRA_CREATE_COMMENT_AUTO: ${{ secrets.JIRA_CREATE_COMMENT_AUTO }} 11 | runs-on: ubuntu-latest 12 | steps: 13 | 14 | - name: Start workflow if JIRA_CREATE_COMMENT_AUTO is enabled 15 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' 16 | run: echo "Starting workflow" 17 | 18 | - name: Check GitHub Issue type 19 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' 20 | id: github_issue_type 21 | uses: actions/github-script@v2.0.0 22 | with: 23 | result-encoding: string 24 | script: | 25 | // An Issue can be a pull request, you can identify pull requests by the pull_request key 26 | const pullRequest = ${{ toJson(github.event.issue.pull_request) }} 27 | if(pullRequest) { 28 | return "pull-request" 29 | } else { 30 | return "issue" 31 | } 32 | 33 | - name: Check if GitHub Issue has JIRA_ISSUE_LABEL 34 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' 35 | id: github_issue_has_jira_issue_label 36 | uses: actions/github-script@v2.0.0 37 | env: 38 | JIRA_ISSUE_LABEL: ${{ secrets.JIRA_ISSUE_LABEL }} 39 | with: 40 | result-encoding: string 41 | script: | 42 | const labels = ${{ toJson(github.event.issue.labels) }} 43 | if(labels.find(label => label.name == process.env.JIRA_ISSUE_LABEL)) { 44 | return "true" 45 | } else { 46 | return "false" 47 | } 48 | 49 | - name: Continue workflow only for Issues (not Pull Requests) tagged with JIRA_ISSUE_LABEL 50 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' 51 | env: 52 | GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} 53 | GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} 54 | run: echo "GitHub Issue is tracked on Jira, eligilbe to be commented" 55 | 56 | - name: Jira Login 57 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' 58 | id: login 59 | uses: atlassian/gajira-login@v2.0.0 60 | env: 61 | GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} 62 | GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} 63 | JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} 64 | JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} 65 | JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} 66 | 67 | - name: Extract Jira number 68 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' 69 | id: extract_jira_number 70 | uses: actions/github-script@v2.0.0 71 | env: 72 | GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} 73 | GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} 74 | JIRA_PROJECT: ${{ secrets.JIRA_PROJECT }} 75 | GITHUB_TITLE: ${{ github.event.issue.title }} 76 | with: 77 | script: | 78 | const jiraTaskRegex = new RegExp(`\\\[(${process.env.JIRA_PROJECT}-[0-9]+?)\\\]`) 79 | return process.env.GITHUB_TITLE.match(jiraTaskRegex)[1] 80 | result-encoding: string 81 | 82 | - name: Jira Add comment on issue 83 | if: env.JIRA_CREATE_COMMENT_AUTO == 'true' && env.GITHUB_ISSUE_TYPE == 'issue' && env.GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL == 'true' 84 | id: add_comment_jira_issue 85 | uses: atlassian/gajira-comment@v2.0.2 86 | env: 87 | GITHUB_ISSUE_TYPE: ${{ steps.github_issue_type.outputs.result }} 88 | GITHUB_ISSUE_HAS_JIRA_ISSUE_LABEL: ${{ steps.github_issue_has_jira_issue_label.outputs.result }} 89 | with: 90 | issue: ${{ steps.extract_jira_number.outputs.result }} 91 | comment: | 92 | GitHub Comment : ${{ github.event.comment.user.login }} 93 | {quote}${{ github.event.comment.body }}{quote} 94 | ---- 95 | {panel} 96 | _[Github permalink |${{ github.event.comment.html_url }}]_ 97 | {panel} 98 | -------------------------------------------------------------------------------- /.github/workflows/create_issue.yml: -------------------------------------------------------------------------------- 1 | name: Create issue on Jira 2 | 3 | on: 4 | issues: 5 | types: [opened] 6 | 7 | jobs: 8 | jira: 9 | env: 10 | JIRA_CREATE_ISSUE_AUTO: ${{ secrets.JIRA_CREATE_ISSUE_AUTO }} 11 | runs-on: ubuntu-latest 12 | steps: 13 | 14 | - name: Start workflow if JIRA_CREATE_ISSUE_AUTO is enabled 15 | if: env.JIRA_CREATE_ISSUE_AUTO == 'true' 16 | run: echo "Starting workflow" 17 | 18 | - name: Jira Login 19 | if: env.JIRA_CREATE_ISSUE_AUTO == 'true' 20 | id: login 21 | uses: atlassian/gajira-login@v2.0.0 22 | env: 23 | JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} 24 | JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} 25 | JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} 26 | 27 | - name: Jira Create issue 28 | if: env.JIRA_CREATE_ISSUE_AUTO == 'true' 29 | id: create_jira_issue 30 | uses: atlassian/gajira-create@v2.0.1 31 | with: 32 | project: ${{ secrets.JIRA_PROJECT }} 33 | issuetype: ${{ secrets.JIRA_ISSUE_TYPE }} 34 | summary: "[GH#${{ github.event.issue.number }}] ${{ github.event.issue.title }}" 35 | description: | 36 | ${{ github.event.issue.body }} 37 | ---- 38 | {panel} 39 | _[Github permalink |${{ github.event.issue.html_url }}]_ 40 | {panel} 41 | 42 | - name: Update Jira issue if JIRA_UPDATE_ISSUE_BODY is defined 43 | if: env.JIRA_CREATE_ISSUE_AUTO == 'true' && env.JIRA_UPDATE_ISSUE_BODY != '' 44 | env: 45 | JIRA_UPDATE_ISSUE_BODY: ${{ secrets.JIRA_UPDATE_ISSUE_BODY }} 46 | run: > 47 | curl 48 | -u ${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }} 49 | -X PUT 50 | -H 'Content-Type: application/json' 51 | -d '${{ env.JIRA_UPDATE_ISSUE_BODY }}' 52 | ${{ secrets.JIRA_BASE_URL }}/rest/api/2/issue/${{ steps.create_jira_issue.outputs.issue }} 53 | 54 | - name: Update GitHub issue 55 | if: env.JIRA_CREATE_ISSUE_AUTO == 'true' 56 | uses: actions/github-script@v2.0.0 57 | env: 58 | JIRA_ISSUE_NUMBER: ${{ steps.create_jira_issue.outputs.issue }} 59 | GITHUB_ORIGINAL_TITLE: ${{ github.event.issue.title }} 60 | JIRA_ISSUE_LABEL: ${{ secrets.JIRA_ISSUE_LABEL }} 61 | with: 62 | github-token: ${{secrets.GITHUB_TOKEN}} 63 | script: | 64 | const newTitle = `[${process.env.JIRA_ISSUE_NUMBER}] ${process.env.GITHUB_ORIGINAL_TITLE}` 65 | github.issues.update({ 66 | issue_number: context.issue.number, 67 | owner: context.repo.owner, 68 | repo: context.repo.repo, 69 | title: newTitle 70 | }) 71 | github.issues.addLabels({ 72 | issue_number: context.issue.number, 73 | owner: context.repo.owner, 74 | repo: context.repo.repo, 75 | labels: [process.env.JIRA_ISSUE_LABEL] 76 | }) 77 | 78 | 79 | - name: Add comment after sync 80 | if: env.JIRA_CREATE_ISSUE_AUTO == 'true' 81 | uses: actions/github-script@v2.0.0 82 | with: 83 | github-token: ${{secrets.GITHUB_TOKEN}} 84 | script: | 85 | github.issues.createComment({ 86 | issue_number: context.issue.number, 87 | owner: context.repo.owner, 88 | repo: context.repo.repo, 89 | body: 'Internal ticket created : [${{ steps.create_jira_issue.outputs.issue }}](${{ secrets.JIRA_BASE_URL }}/browse/${{ steps.create_jira_issue.outputs.issue }})' 90 | }) 91 | -------------------------------------------------------------------------------- /.github/workflows/create_issue_on_label.yml: -------------------------------------------------------------------------------- 1 | name: Create issue on Jira when labeled with JIRA_ISSUE_LABEL 2 | 3 | on: 4 | issues: 5 | types: [labeled] 6 | 7 | jobs: 8 | jira: 9 | env: 10 | JIRA_ISSUE_LABEL: ${{ secrets.JIRA_ISSUE_LABEL }} 11 | runs-on: ubuntu-latest 12 | steps: 13 | 14 | - name: Start workflow if GitHub issue is tagged with JIRA_ISSUE_LABEL 15 | if: github.event.label.name == env.JIRA_ISSUE_LABEL 16 | run: echo "Starting workflow" 17 | 18 | - name: Jira Login 19 | if: github.event.label.name == env.JIRA_ISSUE_LABEL 20 | id: login 21 | uses: atlassian/gajira-login@v2.0.0 22 | env: 23 | JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }} 24 | JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }} 25 | JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }} 26 | 27 | - name: Jira Create issue 28 | if: github.event.label.name == env.JIRA_ISSUE_LABEL 29 | id: create_jira_issue 30 | uses: atlassian/gajira-create@v2.0.1 31 | with: 32 | project: ${{ secrets.JIRA_PROJECT }} 33 | issuetype: ${{ secrets.JIRA_ISSUE_TYPE }} 34 | summary: "[GH#${{ github.event.issue.number }}] ${{ github.event.issue.title }}" 35 | description: | 36 | ${{ github.event.issue.body }} 37 | ---- 38 | {panel} 39 | _[Github permalink |${{ github.event.issue.html_url }}]_ 40 | {panel} 41 | 42 | - name: Update Jira issue if JIRA_UPDATE_ISSUE_BODY is defined 43 | if: github.event.label.name == env.JIRA_ISSUE_LABEL && env.JIRA_UPDATE_ISSUE_BODY != '' 44 | env: 45 | JIRA_UPDATE_ISSUE_BODY: ${{ secrets.JIRA_UPDATE_ISSUE_BODY }} 46 | run: > 47 | curl 48 | -u ${{ secrets.JIRA_USER_EMAIL }}:${{ secrets.JIRA_API_TOKEN }} 49 | -X PUT 50 | -H 'Content-Type: application/json' 51 | -d '${{ env.JIRA_UPDATE_ISSUE_BODY }}' 52 | ${{ secrets.JIRA_BASE_URL }}/rest/api/2/issue/${{ steps.create_jira_issue.outputs.issue }} 53 | 54 | - name: Change Title 55 | if: github.event.label.name == env.JIRA_ISSUE_LABEL 56 | uses: actions/github-script@v2.0.0 57 | env: 58 | JIRA_ISSUE_NUMBER: ${{ steps.create_jira_issue.outputs.issue }} 59 | GITHUB_ORIGINAL_TITLE: ${{ github.event.issue.title }} 60 | with: 61 | github-token: ${{secrets.GITHUB_TOKEN}} 62 | script: | 63 | const newTitle = `[${process.env.JIRA_ISSUE_NUMBER}] ${process.env.GITHUB_ORIGINAL_TITLE}` 64 | github.issues.update({ 65 | issue_number: context.issue.number, 66 | owner: context.repo.owner, 67 | repo: context.repo.repo, 68 | title: newTitle 69 | }) 70 | 71 | - name: Add comment after sync 72 | if: github.event.label.name == env.JIRA_ISSUE_LABEL 73 | uses: actions/github-script@v2.0.0 74 | with: 75 | github-token: ${{secrets.GITHUB_TOKEN}} 76 | script: | 77 | github.issues.createComment({ 78 | issue_number: context.issue.number, 79 | owner: context.repo.owner, 80 | repo: context.repo.repo, 81 | body: 'Internal ticket created : [${{ steps.create_jira_issue.outputs.issue }}](${{ secrets.JIRA_BASE_URL }}/browse/${{ steps.create_jira_issue.outputs.issue }})' 82 | }) 83 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | vendor 2 | bin 3 | _dist 4 | .version 5 | 6 | .idea/ 7 | .vscode/ 8 | *~ 9 | .*.swp 10 | 11 | 12 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | 3 | ## 3.x 4 | 5 | Helm 2 support is dropped and dependencies on its api were removed. This means helm extensions to go templates 6 | are not supported by this plugin, since the helm engine funcMap is now private. The functions from the 7 | [sprig](http://masterminds.github.io/sprig/) are now used instead. 8 | 9 | ## 2.0.x 10 | 11 | **NOTE:** Some initial versions of the 2.0.x cycle were wrongly published and for that reason they should start on 2.0.2, 12 | you can check [GitHub releases](https://github.com/codacy/helm-ssm/releases) for the last release with artifacts attached. 13 | 14 | - Removed `required` field 15 | - Added `default` field. 16 | Now you should explicitly say you want the `default=` (empty string) instead of that being implicit. 17 | - The input file flag `-t` was changed to `-o` -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 Codacy 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | HELM_PLUGIN_DIR ?= $(shell helm env | grep HELM_PLUGINS | cut -d\" -f2)/helm-ssm 2 | HELM_PLUGIN_NAME := helm-ssm 3 | VERSION := $(shell cat .version) 4 | DIST := $(CURDIR)/_dist 5 | LDFLAGS := "-X main.version=${VERSION}" 6 | 7 | .PHONY: install 8 | install: dist 9 | @if [ ! -f .version ] ; then echo "dev" > .version ; fi 10 | mkdir -p $(HELM_PLUGIN_DIR) 11 | @if [ "$$(uname)" = "Darwin" ]; then file="${HELM_PLUGIN_NAME}-macos"; \ 12 | elif [ "$$(uname)" = "Linux" ]; then file="${HELM_PLUGIN_NAME}-linux"; \ 13 | else file="${HELM_PLUGIN_NAME}-windows"; \ 14 | fi; \ 15 | mkdir -p $(DIST)/$$file ; \ 16 | tar -xf $(DIST)/$$file.tgz -C $(DIST)/$$file ; \ 17 | cp -r $(DIST)/$$file/* $(HELM_PLUGIN_DIR) ;\ 18 | rm -rf $(DIST)/$$file 19 | 20 | .PHONY: hookInstall 21 | hookInstall: build 22 | 23 | .PHONY: build 24 | build: 25 | go build -o bin/${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd 26 | 27 | .PHONY: test 28 | test: 29 | go test -v ./internal 30 | 31 | .PHONY: dist 32 | dist: 33 | mkdir -p $(DIST) 34 | sed -i.bak 's/version:.*/version: "'$(VERSION)'"/g' plugin.yaml && rm plugin.yaml.bak 35 | CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd 36 | tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-linux.tgz ${HELM_PLUGIN_NAME} README.md LICENSE plugin.yaml 37 | CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o ${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd 38 | tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-linux-arm.tgz ${HELM_PLUGIN_NAME} README.md LICENSE plugin.yaml 39 | CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o ${HELM_PLUGIN_NAME} -ldflags $(LDFLAGS) ./cmd 40 | tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-macos.tgz ${HELM_PLUGIN_NAME} README.md LICENSE plugin.yaml 41 | CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o ${HELM_PLUGIN_NAME}.exe -ldflags $(LDFLAGS) ./cmd 42 | tar -zcvf $(DIST)/${HELM_PLUGIN_NAME}-windows.tgz ${HELM_PLUGIN_NAME}.exe README.md LICENSE plugin.yaml 43 | rm ${HELM_PLUGIN_NAME} 44 | rm ${HELM_PLUGIN_NAME}.exe -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Helm SSM Plugin 2 | 3 | [![Codacy Badge](https://api.codacy.com/project/badge/Grade/d3cd080edd8644e085f2f8adfd43510c)](https://www.codacy.com?utm_source=github.com&utm_medium=referral&utm_content=codacy/helm-ssm&utm_campaign=Badge_Grade) 4 | [![CircleCI](https://circleci.com/gh/codacy/helm-ssm.svg?style=svg)](https://circleci.com/gh/codacy/helm-ssm) 5 | 6 | This is a **helm3** plugin to help developers inject values coming from AWS SSM 7 | parameters, on the `values.yaml` file. It also leverages the wonderful [sprig](http://masterminds.github.io/sprig/) 8 | package, thus making all its functions available when parsing. 9 | 10 | Since **helm2 is deprecated** the current version of the plugin only supports helm3. The last version 11 | to support helm2 is [v2.2.1](https://github.com/codacy/helm-ssm/releases/tag/2.2.1). There will be 12 | no further patches or updates to this legacy version. 13 | 14 | ## Usage 15 | 16 | Loads a template file, and writes the output. 17 | 18 | Simply add placeholders like `{{ssm "path" "option1=value1" }}` in your 19 | file, where you want it to be replaced by the plugin. 20 | 21 | Currently the plugin supports the following options: 22 | 23 | - `region=eu-west-1` - to resolve that parameter in a specific region 24 | - `default=some-value` - to give a default **string** value when the ssm parameter is optional. The plugin will throw an error when values are not defined and do not have a default. 25 | - `prefix=/something` - you can use this to specify a given prefix for a parameter without affecting the path. It will be concatenated with the path before resolving. 26 | 27 | ### Values file 28 | 29 | ```yaml 30 | service: 31 | ingress: 32 | enabled: false 33 | hosts: 34 | - service.{{ssm "/exists/subdomain" }} 35 | - service1.{{ssm "/empty/subdomain" "default=codacy.org" }} 36 | - service2.{{ssm "/exists/subdomain" "default=codacy.org" "region=eu-west-1" }} 37 | - service3.{{ssm "/subdomain" "default=codacy.org" "region=eu-west-1" "prefix=/empty" }} 38 | - service4.{{ssm "/securestring" }} 39 | 40 | ``` 41 | 42 | when you do not want a key to be defined, you can use a condition and an empty default value: 43 | 44 | ```yaml 45 | service: 46 | ingress: 47 | enabled: false 48 | hosts: 49 | {{- with $subdomain := (ssm "/exists/subdomain" "default=") }}{{ if $subdomain }} 50 | - service.{{$subdomain}} 51 | {{- end }}{{- end }} 52 | 53 | ``` 54 | 55 | ### Command 56 | 57 | ```sh 58 | $ helm ssm [flags] 59 | ``` 60 | 61 | ### Flags 62 | 63 | ```sh 64 | -c, --clean clean all template commands from file 65 | -d, --dry-run doesn't replace the file content 66 | -h, --help help for ssm 67 | -p, --profile string aws profile to fetch the ssm parameters 68 | -t, --tag-cleaned string replace cleaned template commands with given string 69 | -o, --target-dir string dir to output content 70 | -f, --values valueFilesList specify values in a YAML file (can specify multiple) (default []) 71 | -v, --verbose show the computed YAML values file/s 72 | ``` 73 | 74 | ## Example 75 | 76 | [![asciicast](https://asciinema.org/a/c2zut95zzbiKyk5gJov67bxsP.svg)](https://asciinema.org/a/c2zut95zzbiKyk5gJov67bxsP?t=1) 77 | 78 | ## Install 79 | 80 | Choose the latest version from the releases and install the 81 | appropriate version for your OS as indicated below. 82 | 83 | ```sh 84 | $ helm plugin add https://github.com/codacy/helm-ssm 85 | ``` 86 | 87 | ### Developer (From Source) Install 88 | 89 | If you would like to handle the build yourself, instead of fetching a binary, 90 | this is how we recommend doing it. 91 | 92 | - Make sure you have [Go](http://golang.org) installed. 93 | 94 | - Clone this project 95 | 96 | - In the project directory run 97 | ```sh 98 | $ make install 99 | ``` 100 | 101 | ## What is Codacy 102 | 103 | [Codacy](https://www.codacy.com/) is an Automated Code Review Tool that monitors your technical debt, helps you improve your code quality, teaches best practices to your developers, and helps you save time in Code Reviews. 104 | 105 | ### Among Codacy’s features 106 | 107 | - Identify new Static Analysis issues 108 | - Commit and Pull Request Analysis with GitHub, BitBucket/Stash, GitLab (and also direct git repositories) 109 | - Auto-comments on Commits and Pull Requests 110 | - Integrations with Slack, HipChat, Jira, YouTrack 111 | - Track issues in Code Style, Security, Error Proneness, Performance, Unused Code and other categories 112 | 113 | Codacy also helps keep track of Code Coverage, Code Duplication, and Code Complexity. 114 | 115 | Codacy supports PHP, Python, Ruby, Java, JavaScript, and Scala, among others. 116 | 117 | ## Free for Open Source 118 | 119 | Codacy is free for Open Source projects. 120 | 121 | ## License 122 | 123 | helm-ssm is available under the MIT license. See the LICENSE file for more info. 124 | -------------------------------------------------------------------------------- /cmd/main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "fmt" 5 | "os" 6 | "path/filepath" 7 | "strings" 8 | 9 | hssm "github.com/codacy/helm-ssm/internal" 10 | "github.com/spf13/cobra" 11 | ) 12 | 13 | var valueFiles valueFilesList 14 | var targetDir string 15 | var profile string 16 | var verbose bool 17 | var dryRun bool 18 | var clean bool 19 | var tagCleaned string 20 | var prefix string 21 | 22 | type valueFilesList []string 23 | 24 | func (v *valueFilesList) String() string { 25 | return fmt.Sprint(*v) 26 | } 27 | 28 | func (v *valueFilesList) Type() string { 29 | return "valueFilesList" 30 | } 31 | 32 | func (v *valueFilesList) Set(value string) error { 33 | for _, filePath := range strings.Split(value, ",") { 34 | *v = append(*v, filePath) 35 | } 36 | return nil 37 | } 38 | 39 | func main() { 40 | cmd := &cobra.Command{ 41 | Use: "ssm [flags]", 42 | Short: "", 43 | RunE: run, 44 | } 45 | 46 | f := cmd.Flags() 47 | f.VarP(&valueFiles, "values", "f", "specify values in a YAML file (can specify multiple)") 48 | f.BoolVarP(&verbose, "verbose", "v", false, "show the computed YAML values file/s") 49 | f.BoolVarP(&dryRun, "dry-run", "d", false, "doesn't replace the file content") 50 | f.StringVarP(&targetDir, "target-dir", "o", "", "dir to output content") 51 | f.StringVarP(&profile, "profile", "p", "", "aws profile to fetch the ssm parameters") 52 | f.BoolVarP(&clean, "clean", "c", false, "clean all template commands from file") 53 | f.StringVarP(&tagCleaned, "tag-cleaned", "t", "", "replace cleaned template commands with given string") 54 | f.StringVarP(&prefix, "prefix", "P", "", "prefix for all parameters without affecting the path. ignored if individual prefix is defined") 55 | 56 | cmd.MarkFlagRequired("values") 57 | 58 | if err := cmd.Execute(); err != nil { 59 | fmt.Println(err) 60 | os.Exit(1) 61 | } 62 | } 63 | 64 | func run(cmd *cobra.Command, args []string) error { 65 | funcMap := hssm.GetFuncMap(profile, prefix, clean, tagCleaned) 66 | for _, filePath := range valueFiles { 67 | content, err := hssm.ExecuteTemplate(filePath, funcMap, verbose) 68 | if err != nil { 69 | return err 70 | } 71 | if !dryRun { 72 | write(filePath, targetDir, content) 73 | } 74 | } 75 | return nil 76 | } 77 | 78 | func write(filePath string, targetDir string, content string) error { 79 | if targetDir != "" { 80 | fileName := filepath.Base(filePath) 81 | return hssm.WriteFileD(fileName, targetDir, content) 82 | } 83 | return hssm.WriteFile(filePath, content) 84 | } 85 | -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module github.com/codacy/helm-ssm 2 | 3 | go 1.15 4 | 5 | require ( 6 | github.com/Masterminds/goutils v1.1.1 // indirect 7 | github.com/Masterminds/semver v1.5.0 // indirect 8 | github.com/Masterminds/sprig v2.22.0+incompatible 9 | github.com/aws/aws-sdk-go v1.55.5 10 | github.com/davecgh/go-spew v1.1.1 // indirect 11 | github.com/google/uuid v1.6.0 // indirect 12 | github.com/huandu/xstrings v1.5.0 // indirect 13 | github.com/imdario/mergo v0.3.16 // indirect 14 | github.com/mitchellh/copystructure v1.2.0 // indirect 15 | github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect 16 | github.com/pkg/errors v0.9.1 // indirect 17 | github.com/spf13/cobra v1.8.1 18 | github.com/stretchr/testify v1.2.2 // indirect 19 | golang.org/x/crypto v0.32.0 // indirect 20 | gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b // indirect 21 | gopkg.in/yaml.v2 v2.3.0 // indirect 22 | gotest.tools/v3 v3.0.2 23 | ) 24 | -------------------------------------------------------------------------------- /go.sum: -------------------------------------------------------------------------------- 1 | github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= 2 | github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= 3 | github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww= 4 | github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y= 5 | github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60= 6 | github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o= 7 | github.com/aws/aws-sdk-go v1.55.5 h1:KKUZBfBoyqy5d3swXyiC7Q76ic40rYcbqH7qjh59kzU= 8 | github.com/aws/aws-sdk-go v1.55.5/go.mod h1:eRwEWoyTWFMVYVQzKMNHWP5/RV4xIUGMQfXQHfHkpNU= 9 | github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= 10 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 11 | github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= 12 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= 13 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= 14 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI= 15 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= 16 | github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= 17 | github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= 18 | github.com/huandu/xstrings v1.5.0 h1:2ag3IFq9ZDANvthTwTiqSSZLjDc+BedvHPAp5tJy2TI= 19 | github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= 20 | github.com/imdario/mergo v0.3.16 h1:wwQJbIsHYGMUyLSPrEq1CT16AhnhNJQ51+4fdHUnCl4= 21 | github.com/imdario/mergo v0.3.16/go.mod h1:WBLT9ZmE3lPoWsEzCh9LPo3TiwVN+ZKEjmz+hD27ysY= 22 | github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= 23 | github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= 24 | github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= 25 | github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= 26 | github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= 27 | github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= 28 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= 29 | github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE= 30 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= 31 | github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= 32 | github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= 33 | github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= 34 | github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= 35 | github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= 36 | github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= 37 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 38 | github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= 39 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= 40 | github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= 41 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= 42 | github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= 43 | github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= 44 | github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= 45 | github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= 46 | github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= 47 | github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= 48 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= 49 | github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w= 50 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= 51 | github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= 52 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= 53 | golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= 54 | golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= 55 | golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= 56 | golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= 57 | golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= 58 | golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= 59 | golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= 60 | golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= 61 | golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= 62 | golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= 63 | golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= 64 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= 65 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= 66 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= 67 | golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= 68 | golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= 69 | golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= 70 | golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= 71 | golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= 72 | golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= 73 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 74 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 75 | golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= 76 | golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= 77 | golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= 78 | golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= 79 | golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= 80 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= 81 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= 82 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 83 | golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 84 | golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 85 | golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 86 | golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 87 | golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= 88 | golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= 89 | golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= 90 | golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= 91 | golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= 92 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= 93 | golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= 94 | golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= 95 | golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= 96 | golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= 97 | golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= 98 | golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= 99 | golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= 100 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= 101 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= 102 | golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= 103 | golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= 104 | golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= 105 | golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= 106 | golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= 107 | golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= 108 | golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= 109 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= 110 | golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= 111 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= 112 | golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= 113 | golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= 114 | golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= 115 | golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= 116 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= 117 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 118 | gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b h1:QRR6H1YWRnHb4Y/HeNFCTJLFVxaq6wH4YuVdsUOr75U= 119 | gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= 120 | gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 121 | gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= 122 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= 123 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= 124 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= 125 | gotest.tools/v3 v3.0.2 h1:kG1BFyqVHuQoVQiR1bWGnfz/fmHvvuiSPIV7rvl360E= 126 | gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= 127 | -------------------------------------------------------------------------------- /install-binary.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | # Copied from https://github.com/technosophos/helm-template 4 | # Combination of the Glide and Helm scripts, with my own tweaks. 5 | 6 | PROJECT_NAME="helm-ssm" 7 | PROJECT_GH="codacy/$PROJECT_NAME" 8 | eval $(helm env) 9 | 10 | if [[ $SKIP_BIN_INSTALL == "1" ]]; then 11 | echo "Skipping binary install" 12 | exit 13 | fi 14 | 15 | # initArch discovers the architecture for this system. 16 | initArch() { 17 | ARCH=$(uname -m) 18 | case $ARCH in 19 | armv5*) ARCH="armv5";; 20 | armv6*) ARCH="armv6";; 21 | armv7*) ARCH="armv7";; 22 | aarch64) ARCH="arm64";; 23 | x86) ARCH="386";; 24 | x86_64) ARCH="amd64";; 25 | i686) ARCH="386";; 26 | i386) ARCH="386";; 27 | esac 28 | } 29 | 30 | # initOS discovers the operating system for this system. 31 | initOS() { 32 | OS=$(echo $(uname)|tr '[:upper:]' '[:lower:]') 33 | case "$OS" in 34 | # Msys support 35 | msys*) OS='windows';; 36 | # Minimalist GNU for Windows 37 | mingw*) OS='windows';; 38 | darwin) OS='macos';; 39 | esac 40 | } 41 | 42 | # verifySupported checks that the os/arch combination is supported for 43 | # binary builds. 44 | verifySupported() { 45 | local supported="linux-amd64\nmacos-amd64\nwindows-amd64" 46 | if ! echo "${supported}" | grep -q "${OS}-${ARCH}"; then 47 | echo "No prebuild binary for ${OS}-${ARCH}." 48 | exit 1 49 | fi 50 | 51 | if ! type "curl" > /dev/null && ! type "wget" > /dev/null; then 52 | echo "Either curl or wget is required" 53 | exit 1 54 | fi 55 | } 56 | 57 | # getDownloadURL checks the latest available version. 58 | getDownloadURL() { 59 | # Use the GitHub API to find the latest version for this project. 60 | local latest_url="https://api.github.com/repos/$PROJECT_GH/releases/latest" 61 | local suffix="$OS.tgz" 62 | if type "curl" > /dev/null; then 63 | DOWNLOAD_URL=$(curl -s $latest_url | grep "$suffix" | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') 64 | elif type "wget" > /dev/null; then 65 | DOWNLOAD_URL=$(wget -q -O - $latest_url | awk '/"browser_download_url":/{gsub( /[,"]/,"", $2); print $2}') 66 | fi 67 | } 68 | 69 | # downloadFile downloads the latest binary package and also the checksum 70 | # for that binary. 71 | downloadFile() { 72 | PLUGIN_TMP_FILE="/tmp/${PROJECT_NAME}.tgz" 73 | echo "Downloading $DOWNLOAD_URL" 74 | if type "curl" > /dev/null; then 75 | curl -L "$DOWNLOAD_URL" -o "$PLUGIN_TMP_FILE" 76 | elif type "wget" > /dev/null; then 77 | wget -q -O "$PLUGIN_TMP_FILE" "$DOWNLOAD_URL" 78 | fi 79 | } 80 | 81 | # installFile verifies the SHA256 for the file, then unpacks and 82 | # installs it. 83 | installFile() { 84 | HELM_TMP="/tmp/$PROJECT_NAME" 85 | mkdir -p "$HELM_TMP" 86 | tar xf "$PLUGIN_TMP_FILE" -C "$HELM_TMP" 87 | echo "$HELM_TMP" 88 | HELM_TMP_BIN="$HELM_TMP/helm-ssm" 89 | echo "Preparing to install into ${HELM_PLUGINS}" 90 | # Use * to also copy the file withe the exe suffix on Windows 91 | cp "$HELM_TMP_BIN" "$HELM_PLUGINS/helm-ssm" 92 | } 93 | 94 | # fail_trap is executed if an error occurs. 95 | fail_trap() { 96 | result=$? 97 | if [ "$result" != "0" ]; then 98 | echo "Failed to install $PROJECT_NAME" 99 | echo "For support, go to https://github.com/codacy/helm-ssm." 100 | fi 101 | exit $result 102 | } 103 | 104 | # testVersion tests the installed client to make sure it is working. 105 | testVersion() { 106 | set +e 107 | echo "$PROJECT_NAME installed into $HELM_PLUGINS/$PROJECT_NAME" 108 | # To avoid to keep track of the Windows suffix, 109 | # call the plugin assuming it is in the PATH 110 | PATH=$PATH:$HELM_PLUGINS/$PROJECT_NAME 111 | helm-ssm -h 112 | set -e 113 | } 114 | 115 | # Execution 116 | 117 | #Stop execution on any error 118 | trap "fail_trap" EXIT 119 | set -e 120 | initArch 121 | initOS 122 | verifySupported 123 | getDownloadURL 124 | downloadFile 125 | installFile 126 | testVersion 127 | -------------------------------------------------------------------------------- /internal/ssm.go: -------------------------------------------------------------------------------- 1 | package hssm 2 | 3 | import ( 4 | "fmt" 5 | "regexp" 6 | 7 | "github.com/aws/aws-sdk-go/aws/awserr" 8 | "github.com/aws/aws-sdk-go/service/ssm" 9 | "github.com/aws/aws-sdk-go/service/ssm/ssmiface" 10 | ) 11 | 12 | // GetSSMParameter gets a parameter from the AWS Simple Systems Manager service. 13 | func GetSSMParameter(svc ssmiface.SSMAPI, name string, defaultValue *string, decrypt bool) (*string, error) { 14 | regex := "([a-zA-Z0-9\\.\\-_/]*)" 15 | r, _ := regexp.Compile(regex) 16 | match := r.FindString(name) 17 | if match == "" { 18 | return nil, fmt.Errorf("There is an invalid character in the name of the parameter: %s. It should match %s", name, regex) 19 | } 20 | // Create the request to SSM 21 | getParameterInput := &ssm.GetParameterInput{ 22 | Name: &name, 23 | WithDecryption: &decrypt, 24 | } 25 | 26 | // Get the parameter from SSM 27 | param, err := svc.GetParameter(getParameterInput) 28 | // Cast err to awserr.Error to handle specific error codes. 29 | aerr, ok := err.(awserr.Error) 30 | if ok && aerr.Code() == ssm.ErrCodeParameterNotFound { 31 | // Specific error code handling 32 | if defaultValue != nil { 33 | return defaultValue, nil 34 | } 35 | return nil, err 36 | } 37 | if aerr != nil { 38 | return nil, err 39 | } 40 | return param.Parameter.Value, nil 41 | } 42 | -------------------------------------------------------------------------------- /internal/ssm_test.go: -------------------------------------------------------------------------------- 1 | package hssm 2 | 3 | import ( 4 | "testing" 5 | "time" 6 | 7 | "gotest.tools/v3/assert" 8 | 9 | "github.com/aws/aws-sdk-go/aws/awserr" 10 | "github.com/aws/aws-sdk-go/service/ssm" 11 | "github.com/aws/aws-sdk-go/service/ssm/ssmiface" 12 | ) 13 | 14 | var fakeValue = "value" 15 | var fakeOtherValue = "other-value" 16 | var fakeMissingValue = "missing-value" 17 | 18 | type SSMParameter struct { 19 | value *string 20 | defaultValue *string 21 | expectedValue *string 22 | } 23 | 24 | var fakeSSMStore = map[string]SSMParameter{ 25 | "/root/existing-parameter": SSMParameter{&fakeValue, nil, &fakeValue}, 26 | "/root/existing-parameter-with-default": SSMParameter{&fakeValue, &fakeOtherValue, &fakeValue}, 27 | "/root/non-existing-parameter": SSMParameter{nil, &fakeMissingValue, &fakeMissingValue}, 28 | "/root/non-existing-parameter-without-default": SSMParameter{nil, nil, nil}, 29 | } 30 | 31 | type mockSSMClient struct { 32 | ssmiface.SSMAPI 33 | } 34 | 35 | func TestGetSSMParameter(t *testing.T) { 36 | // Setup Test 37 | mockSvc := &mockSSMClient{} 38 | 39 | for k, v := range fakeSSMStore { 40 | expectedValueStr := "nil" 41 | if v.expectedValue != nil { 42 | expectedValueStr = *v.expectedValue 43 | } 44 | t.Logf("Key: %s should have value: %s", k, expectedValueStr) 45 | 46 | value, err := GetSSMParameter(mockSvc, k, v.defaultValue, false) 47 | 48 | assert.Equal(t, v.expectedValue, value) 49 | if v.expectedValue == nil { 50 | assert.Error(t, err, "ParameterNotFound: Parameter does not exist in SSM") 51 | } 52 | } 53 | } 54 | 55 | func TestGetSSMParameterInvalidChar(t *testing.T) { 56 | key := "&%&/root/parameter5!$%&$&" 57 | t.Logf("Key with invalid characters should be handled") 58 | // Setup Test 59 | mockSvc := &mockSSMClient{} 60 | _, err := GetSSMParameter(mockSvc, key, nil, false) 61 | assert.Error(t, err, "There is an invalid character in the name of the parameter: &%&/root/parameter5!$%&$&. It should match ([a-zA-Z0-9\\.\\-_/]*)") 62 | } 63 | 64 | // GetParameter is a mock for the SSM client 65 | func (m *mockSSMClient) GetParameter(input *ssm.GetParameterInput) (*ssm.GetParameterOutput, error) { 66 | parameterArn := "arn:::::" 67 | parameterLastModifiedDate := time.Now() 68 | parameterType := "String" 69 | parameterValue := fakeSSMStore[*input.Name] 70 | var parameterVersion int64 = 1 71 | 72 | if parameterValue.value == nil { 73 | return nil, awserr.New("ParameterNotFound", "Parameter does not exist in SSM", nil) 74 | } 75 | 76 | parameter := ssm.Parameter{ 77 | ARN: ¶meterArn, 78 | LastModifiedDate: ¶meterLastModifiedDate, 79 | Name: input.Name, 80 | Type: ¶meterType, 81 | Value: parameterValue.value, 82 | Version: ¶meterVersion, 83 | } 84 | getParameterOutput := &ssm.GetParameterOutput{ 85 | Parameter: ¶meter, 86 | } 87 | 88 | return getParameterOutput, nil 89 | } 90 | -------------------------------------------------------------------------------- /internal/template.go: -------------------------------------------------------------------------------- 1 | package hssm 2 | 3 | import ( 4 | "bytes" 5 | "fmt" 6 | "io/ioutil" 7 | "os" 8 | "strings" 9 | "text/template" 10 | 11 | "github.com/Masterminds/sprig" 12 | "github.com/aws/aws-sdk-go/aws" 13 | "github.com/aws/aws-sdk-go/aws/session" 14 | "github.com/aws/aws-sdk-go/service/ssm" 15 | "github.com/aws/aws-sdk-go/service/ssm/ssmiface" 16 | ) 17 | 18 | // WriteFileD dumps a given content on the file with path `targetDir/fileName`. 19 | func WriteFileD(fileName string, targetDir string, content string) error { 20 | targetFilePath := targetDir + "/" + fileName 21 | _ = os.Mkdir(targetDir, os.ModePerm) 22 | return WriteFile(targetFilePath, content) 23 | } 24 | 25 | // WriteFile dumps a given content on the file with path `targetFilePath`. 26 | func WriteFile(targetFilePath string, content string) error { 27 | return ioutil.WriteFile(targetFilePath, []byte(content), 0777) 28 | } 29 | 30 | // ExecuteTemplate loads a template file, executes is against a given function map and writes the output 31 | func ExecuteTemplate(sourceFilePath string, funcMap template.FuncMap, verbose bool) (string, error) { 32 | fileContent, err := ioutil.ReadFile(sourceFilePath) 33 | if err != nil { 34 | return "", err 35 | } 36 | t := template.New("ssmtpl").Funcs(funcMap) 37 | if _, err := t.Parse(string(fileContent)); err != nil { 38 | return "", err 39 | } 40 | var buf bytes.Buffer 41 | vals := map[string]interface{}{} 42 | if err := t.Execute(&buf, vals); err != nil { 43 | return "", err 44 | } 45 | if verbose { 46 | fmt.Println(string(buf.Bytes())) 47 | } 48 | return buf.String(), nil 49 | } 50 | 51 | // GetFuncMap builds the relevant function map to helm_ssm 52 | func GetFuncMap(profile string, prefix string, clean bool, tagCleaned string) template.FuncMap { 53 | 54 | cleanFunc := func(...interface{}) (string, error) { 55 | return tagCleaned, nil 56 | } 57 | // Clone the func map because we are adding context-specific functions. 58 | var funcMap template.FuncMap = map[string]interface{}{} 59 | for k, v := range sprig.GenericFuncMap() { 60 | if clean { 61 | funcMap[k] = cleanFunc 62 | } else { 63 | funcMap[k] = v 64 | } 65 | } 66 | 67 | awsSession := newAWSSession(profile) 68 | if clean { 69 | funcMap["ssm"] = cleanFunc 70 | } else { 71 | funcMap["ssm"] = func(ssmPath string, options ...string) (string, error) { 72 | var hasPrefix = false 73 | for _, s := range options { 74 | if strings.HasPrefix(s, "prefix") { 75 | hasPrefix = true 76 | } 77 | } 78 | 79 | if !hasPrefix { 80 | options = append(options, fmt.Sprintf("prefix=%s", prefix)) 81 | } 82 | 83 | optStr, err := resolveSSMParameter(awsSession, ssmPath, options) 84 | str := "" 85 | if optStr != nil { 86 | str = *optStr 87 | } 88 | return str, err 89 | } 90 | } 91 | return funcMap 92 | } 93 | 94 | func resolveSSMParameter(session *session.Session, ssmPath string, options []string) (*string, error) { 95 | opts, err := handleOptions(options) 96 | if err != nil { 97 | return nil, err 98 | } 99 | 100 | var defaultValue *string 101 | if optDefaultValue, exists := opts["default"]; exists { 102 | defaultValue = &optDefaultValue 103 | } 104 | 105 | var svc ssmiface.SSMAPI 106 | if region, exists := opts["region"]; exists { 107 | svc = ssm.New(session, aws.NewConfig().WithRegion(region)) 108 | } else { 109 | svc = ssm.New(session) 110 | } 111 | 112 | return GetSSMParameter(svc, opts["prefix"]+ssmPath, defaultValue, true) 113 | } 114 | 115 | func handleOptions(options []string) (map[string]string, error) { 116 | validOptions := []string{ 117 | "required", 118 | "prefix", 119 | "region", 120 | } 121 | opts := map[string]string{} 122 | for _, o := range options { 123 | split := strings.Split(o, "=") 124 | if len(split) != 2 { 125 | return nil, fmt.Errorf("Invalid option: %s. Valid options: %s", o, validOptions) 126 | } 127 | opts[split[0]] = split[1] 128 | } 129 | if _, exists := opts["required"]; !exists { 130 | opts["required"] = "true" 131 | } 132 | if _, exists := opts["prefix"]; !exists { 133 | opts["prefix"] = "" 134 | } 135 | return opts, nil 136 | } 137 | 138 | func newAWSSession(profile string) *session.Session { 139 | // Specify profile for config and region for requests 140 | session := session.Must(session.NewSessionWithOptions(session.Options{ 141 | SharedConfigState: session.SharedConfigEnable, 142 | Profile: profile, 143 | })) 144 | return session 145 | } 146 | -------------------------------------------------------------------------------- /internal/template_test.go: -------------------------------------------------------------------------------- 1 | package hssm 2 | 3 | import ( 4 | "io/ioutil" 5 | "syscall" 6 | "testing" 7 | "text/template" 8 | 9 | "github.com/Masterminds/sprig" 10 | ) 11 | 12 | func createTempFile() (string, error) { 13 | file, err := ioutil.TempFile("", "") 14 | if err != nil { 15 | return "", err 16 | } 17 | return file.Name(), nil 18 | } 19 | 20 | func TestExecuteTemplate(t *testing.T) { 21 | templateContent := "example: {{ and true false }}" 22 | expectedOutput := "example: false" 23 | t.Logf("Template with content: %s , should out put a file with content: %s", templateContent, expectedOutput) 24 | 25 | templateFilePath, err := createTempFile() 26 | if err != nil { 27 | panic(err) 28 | } 29 | defer syscall.Unlink(templateFilePath) 30 | ioutil.WriteFile(templateFilePath, []byte(templateContent), 0644) 31 | content, _ := ExecuteTemplate(templateFilePath, template.FuncMap{}, false) 32 | if content != expectedOutput { 33 | t.Errorf("Expected content \"%s\". Got \"%s\"", expectedOutput, content) 34 | } 35 | } 36 | 37 | func TestCleanTemplate(t *testing.T) { 38 | templateContent := "example: {{ssm \"foo\" | quote | indent 8}}" 39 | expectedOutput := "example: " 40 | t.Logf("Template with content: %s , should out put a file with content: %s", templateContent, expectedOutput) 41 | 42 | templateFilePath, err := createTempFile() 43 | if err != nil { 44 | panic(err) 45 | } 46 | defer syscall.Unlink(templateFilePath) 47 | ioutil.WriteFile(templateFilePath, []byte(templateContent), 0644) 48 | cleanFuncMap := GetFuncMap("DUMMY", "", true, "") 49 | content, _ := ExecuteTemplate(templateFilePath, cleanFuncMap, false) 50 | if content != expectedOutput { 51 | t.Errorf("Expected content \"%s\". Got \"%s\"", expectedOutput, content) 52 | } 53 | } 54 | 55 | func TestCleanAndTagTemplate(t *testing.T) { 56 | templateContent := "example: {{ssm \"foo\" | quote | indent 8}}" 57 | cleanTag := "CLEANED_BY_HELM_SSM" 58 | expectedOutput := "example: " + cleanTag 59 | t.Logf("Template with content: %s , should out put a file with content: %s", templateContent, expectedOutput) 60 | 61 | templateFilePath, err := createTempFile() 62 | if err != nil { 63 | panic(err) 64 | } 65 | defer syscall.Unlink(templateFilePath) 66 | ioutil.WriteFile(templateFilePath, []byte(templateContent), 0644) 67 | cleanFuncMap := GetFuncMap("DUMMY", "", true, cleanTag) 68 | content, _ := ExecuteTemplate(templateFilePath, cleanFuncMap, false) 69 | if content != expectedOutput { 70 | t.Errorf("Expected content \"%s\". Got \"%s\"", expectedOutput, content) 71 | } 72 | } 73 | 74 | func TestWriteFile(t *testing.T) { 75 | templateContent := "write_file_example: true" 76 | expectedOutput := "write_file_example: true" 77 | t.Logf("Template with content: %s , should out put a file with content: %s", templateContent, expectedOutput) 78 | 79 | templateFilePath, err := createTempFile() 80 | if err != nil { 81 | panic(err) 82 | } 83 | WriteFile(templateFilePath, templateContent) 84 | fileContent, err := ioutil.ReadFile(templateFilePath) 85 | if err != nil { 86 | panic(err) 87 | } 88 | content := string(fileContent) 89 | if content != expectedOutput { 90 | t.Errorf("Expected file with content \"%s\". Got \"%s\"", expectedOutput, content) 91 | } 92 | } 93 | func TestFailExecuteTemplate(t *testing.T) { 94 | t.Logf("Non existing template should return \"no such file or directory\" error.") 95 | _, err := ExecuteTemplate("", template.FuncMap{}, false) 96 | if err == nil { 97 | t.Error("Should fail with \"no such file or directory\"") 98 | } 99 | } 100 | 101 | func TestSsmFunctionExistsInFuncMap(t *testing.T) { 102 | t.Logf("\"ssm\" function should exist in function map.") 103 | funcMap := GetFuncMap("", "", false, "") 104 | keys := make([]string, len(funcMap)) 105 | for k := range funcMap { 106 | keys = append(keys, k) 107 | } 108 | if _, exists := funcMap["ssm"]; !exists { 109 | t.Errorf("Expected \"ssm\" function in function map. Got the following functions: %s", keys) 110 | } 111 | } 112 | 113 | func TestSprigFunctionsExistInFuncMap(t *testing.T) { 114 | t.Logf("\"quote\" function (from sprig) should exist in function map.") 115 | funcMap := GetFuncMap("", "", false, "") 116 | keys := make([]string, len(funcMap)) 117 | for k := range funcMap { 118 | keys = append(keys, k) 119 | } 120 | 121 | if _, exists := funcMap["quote"]; !exists { 122 | t.Errorf("Expected \"quote\" function in function map. Got the following functions: %s", keys) 123 | } 124 | 125 | t.Logf("number of functions in function map minus custom functions should match those in sprig") 126 | if len(funcMap)-1 != len(sprig.GenericFuncMap()) { 127 | t.Errorf("Expected function map to include all sprig functions. Got the following functions: %s", keys) 128 | } 129 | } 130 | 131 | func TestResolveSSMParameter(t *testing.T) { 132 | t.Logf("TODO") 133 | } 134 | 135 | func TestHandleOptions(t *testing.T) { 136 | t.Logf("TODO") 137 | } 138 | -------------------------------------------------------------------------------- /plugin.yaml: -------------------------------------------------------------------------------- 1 | name: "ssm" 2 | version: "dev" 3 | usage: "Inject AWS SSM parameters into Helm values files" 4 | description: |- 5 | Inject AWS SSM parameters into Helm values files 6 | ignoreFlags: false 7 | useTunnel: false 8 | command: "$HELM_PLUGIN_DIR/helm-ssm" 9 | --------------------------------------------------------------------------------