Add cli indent option for yaml store

Signed-off-by: Bastien Wermeille <bastien.wermeille@gmail.com>
getsops · Sep 8, 2023 · aec089f · aec089f
1 parent 15a4e59
commit aec089f
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 3 deletions.
diff --git a/cmd/sops/main.go b/cmd/sops/main.go
@@ -700,6 +700,10 @@ func main() {
 			Name:  "shamir-secret-sharing-threshold",
 			Usage: "the number of master keys required to retrieve the data key with shamir",
 		},
+		cli.IntFlag{
+			Name:  "indent",
+			Usage: "the number of space to indent yaml encoded file for encryption",
+		},
 		cli.BoolFlag{
 			Name:  "verbose",
 			Usage: "Enable verbose logging output",
@@ -1072,6 +1076,12 @@ func outputStore(context *cli.Context, path string) common.Store {
 		configPath, _ = config.FindConfigFile(".")
 	}
 	storesConf, _ := config.LoadStoresConfig(configPath)
+<<<<<<< Updated upstream
+=======
+	if context.Int("indent") != 0 {
+		storesConf.YAML.Indent = context.Int("indent")
+	}
+>>>>>>> Stashed changes
 
 	return common.DefaultStoreForPathOrFormat(storesConf, path, context.String("output-type"))
 }

diff --git a/decrypt/decrypt.go b/decrypt/decrypt.go
@@ -12,6 +12,7 @@ import (
 	"github.com/getsops/sops/v3/aes"
 	"github.com/getsops/sops/v3/cmd/sops/common"
 	. "github.com/getsops/sops/v3/cmd/sops/formats" // Re-export
+	"github.com/getsops/sops/v3/config"
 )
 
 // File is a wrapper around Data that reads a local encrypted
@@ -32,7 +33,7 @@ func File(path, format string) (cleartext []byte, err error) {
 // decrypts the data and returns its cleartext in an []byte.
 func DataWithFormat(data []byte, format Format) (cleartext []byte, err error) {
 
-	store := common.StoreForFormat(format)
+	store := common.StoreForFormat(format, &config.StoresConfig{})
 
 	// Load SOPS file and access the data key
 	tree, err := store.LoadEncryptedFile(data)

diff --git a/stores/yaml/store.go b/stores/yaml/store.go
@@ -12,6 +12,8 @@ import (
 	"gopkg.in/yaml.v3"
 )
 
+const IndentDefault = 4
+
 // Store handles storage of YAML data
 type Store struct {
 	config config.YAMLStoreConfig
@@ -325,7 +327,11 @@ func (store *Store) LoadPlainFile(in []byte) (sops.TreeBranches, error) {
 func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) {
 	var b bytes.Buffer
 	e := yaml.NewEncoder(io.Writer(&b))
-	e.SetIndent(4)
+	indent := IndentDefault
+	if store.config.Indent != 0 {
+		indent = store.config.Indent
+	}
+	e.SetIndent(indent)
 	for _, branch := range in.Branches {
 		// Document root
 		var doc = yaml.Node{}
@@ -357,7 +363,11 @@ func (store *Store) EmitEncryptedFile(in sops.Tree) ([]byte, error) {
 func (store *Store) EmitPlainFile(branches sops.TreeBranches) ([]byte, error) {
 	var b bytes.Buffer
 	e := yaml.NewEncoder(io.Writer(&b))
-	e.SetIndent(4)
+	indent := IndentDefault
+	if store.config.Indent != 0 {
+		indent = store.config.Indent
+	}
+	e.SetIndent(indent)
 	for _, branch := range branches {
 		// Document root
 		var doc = yaml.Node{}

diff --git a/stores/yaml/store_test.go b/stores/yaml/store_test.go
@@ -4,6 +4,7 @@ import (
 	"testing"
 
 	"github.com/getsops/sops/v3"
+	"github.com/getsops/sops/v3/config"
 	"github.com/stretchr/testify/assert"
 )
 
@@ -158,6 +159,32 @@ e:
     - f
 `)
 
+var INDENT_1_IN = []byte(`## Configuration for prometheus-node-exporter subchart
+##
+prometheus-node-exporter:
+  podLabels:
+    ## Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards
+    ##
+
+    jobLabel: node-exporter
+  extraArgs:
+    - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+)($|/)
+    - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$
+`)
+
+var INDENT_1_OUT = []byte(`## Configuration for prometheus-node-exporter subchart
+##
+prometheus-node-exporter:
+  podLabels:
+    ## Add the 'node-exporter' label to be used by serviceMonitor to match standard common usage in rules and grafana dashboards
+    ##
+    jobLabel: node-exporter
+  extraArgs:
+    - --collector.filesystem.ignored-mount-points=^/(dev|proc|sys|var/lib/docker/.+)($|/)
+    - --collector.filesystem.ignored-fs-types=^(autofs|binfmt_misc|cgroup|configfs|debugfs|devpts|devtmpfs|fusectl|hugetlbfs|mqueue|overlay|proc|procfs|pstore|rpc_pipefs|securityfs|sysfs|tracefs)$
+`)
+
+
 func TestUnmarshalMetadataFromNonSOPSFile(t *testing.T) {
 	data := []byte(`hello: 2`)
 	_, err := (&Store{}).LoadEncryptedFile(data)
@@ -281,3 +308,17 @@ func TestComment7(t *testing.T) {
 	assert.Equal(t, string(COMMENT_7_OUT), string(bytes))
 	assert.Equal(t, COMMENT_7_OUT, bytes)
 }
+
+func TestIndent1(t *testing.T) {
+	// First iteration: load and store
+	branches, err := (&Store{}).LoadPlainFile(INDENT_1_IN)
+	assert.Nil(t, err)
+	bytes, err := (&Store{
+		config: config.YAMLStoreConfig{
+			Indent: 2,
+		},
+	}).EmitPlainFile(branches)
+	assert.Nil(t, err)
+	assert.Equal(t, string(INDENT_1_OUT), string(bytes))
+	assert.Equal(t, INDENT_1_OUT, bytes)
+}