Interrupting parent on error

This commit is contained in:
Donal McBreen
2024-09-04 12:14:47 +01:00
parent 9deb8af4a0
commit 5226d52f8a
11 changed files with 601 additions and 48 deletions

View File

@@ -2,21 +2,39 @@ class Kamal::Cli::Secrets < Kamal::Cli::Base
desc "fetch [SECRETS...]", "Fetch secrets from a vault"
option :adapter, type: :string, aliases: "-a", required: true, desc: "Which vault adapter to use"
option :account, type: :string, required: true, desc: "The account identifier or username"
option :location, type: :string, required: false, desc: "A vault or folder to fetch the secrets from"
option :from, type: :string, required: false, desc: "A vault or folder to fetch the secrets from"
def fetch(*secrets)
ENV["KAMAL_SECRETS_KILL_PARENT"] = "1"
results = adapter(options[:adapter]).fetch(secrets, **options.slice(:account, :location).symbolize_keys)
results = adapter(options[:adapter]).fetch(secrets, **options.slice(:account, :from).symbolize_keys)
puts JSON.dump(results).shellescape
rescue => e
handle_error(e)
end
desc "extract", "Extract a single secret from the results of a fetch call"
def extract(name, secrets)
parsed_secrets = JSON.parse(secrets)
if (value = parsed_secrets[name]).nil?
value = parsed_secrets.find { |k, v| k.end_with?("/#{name}") }&.last
end
raise "Could not find secret #{name}" if value.nil?
puts JSON.parse(secrets).fetch(name)
rescue => e
handle_error(e)
end
private
def adapter(adapter)
Kamal::Secrets::Adapters.lookup(adapter)
end
def handle_error(e)
$stderr.puts " \e[31mERROR (#{e.class}): #{e.message}\e[0m"
$stderr.puts e.backtrace if ENV["VERBOSE"]
Process.kill("INT", Process.ppid) if ENV["KAMAL_SECRETS_INT_PARENT"]
exit 1
end
end