Chore git repository maintenance (#57)

* chore(deps): update dependencies. * feat(engine): add base64 url encoding and url escape functions. * chore(go): update to 1.16.6 * chore(ci): update tools. * fix(lint): fix lint findings after upgrade. * doc(template): add codec documentation.
elastic · Jul 13, 2021 · 89a4f9e · 89a4f9e
1 parent 4812d39
commit 89a4f9e
Show file tree

Hide file tree

Showing 10 changed files with 2,703 additions and 3,243 deletions.
diff --git a/NOTICE.txt b/NOTICE.txt
diff --git a/README.md b/README.md
@@ -122,7 +122,7 @@ Download a [release](https://github.com/elastic/harp/releases) or build from sou
 
 ```sh
 $ go version
-go version go1.16.5 linux/amd64
+go version go1.16.6 linux/amd64
 ```
 
 > Simple go version manager - <https://github.com/stefanmaric/g>

diff --git a/build/mage/golang/init.go b/build/mage/golang/init.go
@@ -27,7 +27,7 @@ import (
 
 // Keep only last 2 versions
 var goVersions = []string{
-	"~1.16.5",
+	"~1.16.6",
 }
 
 func init() {

diff --git a/docs/dependencies.asciidoc b/docs/dependencies.asciidoc
diff --git a/go.mod b/go.mod
@@ -11,12 +11,13 @@ replace github.com/gogo/protobuf => github.com/gogo/protobuf v1.3.2
 require (
 	github.com/Masterminds/semver/v3 v3.1.1
 	github.com/Masterminds/sprig/v3 v3.2.2
+	github.com/alessio/shellescape v1.4.1
 	github.com/awnumar/memguard v0.22.2
 	github.com/basgys/goxml2json v1.1.0
 	github.com/bitly/go-simplejson v0.5.0 // indirect
 	github.com/blang/semver/v4 v4.0.0
 	github.com/cloudflare/tableflip v1.2.2
-	github.com/common-nighthawk/go-figure v0.0.0-20200609044655-c4b36f998cf2
+	github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be
 	github.com/davecgh/go-spew v1.1.1
 	github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5
 	github.com/fatih/color v1.12.0
@@ -25,47 +26,47 @@ require (
 	github.com/go-akka/configuration v0.0.0-20200606091224-a002c0330665
 	github.com/go-ozzo/ozzo-validation/v4 v4.3.0
 	github.com/gobwas/glob v0.2.3
-	github.com/golang/mock v1.5.0
+	github.com/golang/mock v1.6.0
 	github.com/golang/protobuf v1.5.2
-	github.com/golang/snappy v0.0.3
+	github.com/golang/snappy v0.0.4
 	github.com/google/cel-go v0.7.3
 	github.com/google/go-cmp v0.5.6
 	github.com/google/gofuzz v1.2.0
-	github.com/google/gops v0.3.18
+	github.com/google/gops v0.3.19
 	github.com/gosimple/slug v1.9.0
 	github.com/hashicorp/go-cleanhttp v0.5.2
 	github.com/hashicorp/hcl v1.0.0
 	github.com/hashicorp/hcl/v2 v2.10.0
 	github.com/hashicorp/vault/api v1.1.0
-	github.com/iancoleman/strcase v0.1.3
+	github.com/iancoleman/strcase v0.2.0
 	github.com/imdario/mergo v0.3.12
 	github.com/jmespath/go-jmespath v0.4.0
 	github.com/magefile/mage v1.11.0
 	github.com/mcuadros/go-defaults v1.2.0
 	github.com/miscreant/miscreant.go v0.0.0-20200214223636-26d376326b75
 	github.com/oklog/run v1.1.0
 	github.com/onsi/ginkgo v1.16.4
-	github.com/onsi/gomega v1.13.0
-	github.com/pelletier/go-toml v1.9.1
+	github.com/onsi/gomega v1.14.0
+	github.com/pelletier/go-toml v1.9.3
 	github.com/pkg/errors v0.9.1
 	github.com/sethvargo/go-diceware v0.2.1
 	github.com/sethvargo/go-password v0.2.0
 	github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
 	github.com/spf13/afero v1.6.0
-	github.com/spf13/cobra v1.1.3
-	github.com/spf13/viper v1.7.1
+	github.com/spf13/cobra v1.2.1
+	github.com/spf13/viper v1.8.1
 	github.com/stretchr/testify v1.7.0
 	github.com/ugorji/go/codec v1.2.6
-	github.com/zclconf/go-cty v1.8.3
+	github.com/zclconf/go-cty v1.9.0
 	gitlab.com/NebulousLabs/merkletree v0.0.0-20200118113624-07fbf710afc4
-	go.uber.org/zap v1.17.0
-	golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a
+	go.uber.org/zap v1.18.1
+	golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97
 	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
-	golang.org/x/sys v0.0.0-20210603125802-9665404d3644
-	golang.org/x/term v0.0.0-20210503060354-a79de5458b56
-	google.golang.org/genproto v0.0.0-20210604141403-392c879c8b08
-	google.golang.org/grpc v1.38.0
-	google.golang.org/protobuf v1.26.0
-	gopkg.in/square/go-jose.v2 v2.5.1
+	golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c
+	golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b
+	google.golang.org/genproto v0.0.0-20210713002101-d411969a0d9a
+	google.golang.org/grpc v1.39.0
+	google.golang.org/protobuf v1.27.1
+	gopkg.in/square/go-jose.v2 v2.6.0
 	sigs.k8s.io/yaml v1.2.0
 )
diff --git a/go.sum b/go.sum
diff --git a/pkg/template/engine/funcs.go b/pkg/template/engine/funcs.go
@@ -18,9 +18,12 @@
 package engine
 
 import (
+	"encoding/base64"
+	"net/url"
 	"text/template"
 
 	"github.com/Masterminds/sprig/v3"
+	"github.com/alessio/shellescape"
 
 	"github.com/elastic/harp/pkg/sdk/security/crypto"
 	"github.com/elastic/harp/pkg/sdk/security/crypto/bech32"
@@ -71,6 +74,21 @@ func FuncMap(secretReaders []SecretReaderFunc) template.FuncMap {
 		// Bech32
 		"bech32enc": bech32.Encode,
 		"bech32dec": crypto.Bech32Decode,
+		// URL
+		"urlPathEscape":    url.PathEscape,
+		"urlPathUnescape":  url.PathUnescape,
+		"urlQueryEscape":   url.QueryEscape,
+		"urlQueryUnescape": url.QueryUnescape,
+		// Escape
+		"shellEscape": shellescape.Quote,
+		// Base64
+		"b64urlenc": func(in string) string {
+			return base64.URLEncoding.EncodeToString([]byte(in))
+		},
+		"b64urldec": func(in string) (string, error) {
+			out, err := base64.URLEncoding.DecodeString(in)
+			return string(out), err
+		},
 	}
 
 	for k, v := range extra {

diff --git a/pkg/template/values/hcl2/convert.go b/pkg/template/values/hcl2/convert.go
@@ -73,7 +73,7 @@ func (c *converter) convertBody(body *hclsyntax.Body) (jsonObj, error) {
 }
 
 func (c *converter) convertBlock(block *hclsyntax.Block, out jsonObj) error {
-	var key string = block.Type
+	var key = block.Type
 	value, err := c.convertBody(block.Body)
 	if err != nil {
 		return err

diff --git a/samples/onboarding/1-template-engine/2-functions.md b/samples/onboarding/1-template-engine/2-functions.md
@@ -8,6 +8,71 @@ You can find all implemented functions in the external library import nammed
 In order to be able to generate secret values, we have added secret generation
 specialized functions.
 
+### Encoders
+
+#### b64urlenc / b64urldec
+
+Apply BASE64 URL encoding to given input.
+
+```ruby
+{{ paranoidPassword | b64urlenc }}
+fjYySGJoa00iQkdTaXRUQ2d-RVgwfHMwI2tvcG5Yc0xne3RfQV9HZU5YQ3ZTT243XWUyeDVqNjVNQnRMJEdzNA==
+```
+
+Decode a BASE64 URL encoded string.
+
+```ruby
+{{ "fjYySGJoa00iQkdTaXRUQ2d-RVgwfHMwI2tvcG5Yc0xne3RfQV9HZU5YQ3ZTT243XWUyeDVqNjVNQnRMJEdzNA==" | b64urldec }}
+~62HbhkM"BGSitTCg~EX0|s0#kopnXsLg{t_A_GeNXCvSOn7]e2x5j65MBtL$Gs4
+```
+
+#### bech32enc / bech32dec
+
+[Bech32](https://en.bitcoin.it/wiki/Bech32) is an encoding used for many wallet
+address in blockchain space.
+You can encode a binary array with a human readable prefix (HRP), very useful to
+encode crypto-material and keep ownership visible to humans.
+
+> This is the encoding used by container sealing identities.
+
+```ruby
+{{ bechenc <HRP> <[]BYTE> }}
+```
+
+For example with an Ed25519 Public key:
+
+```ruby
+{{ $key := cryptoPair "ed25519" }}
+{{ bech32enc "security" $key.Public }}
+security19f29qq5vq73tdrhspdzkqcdf2exewg2g6xcxe5h74y72qsv7c00sx57ny0
+```
+
+#### shellescape
+
+Apply Shell escaping strategy to allow a string to be safely used in a shell script.
+
+```ruby
+{{ paranoidPassword | shellescape }}
+'tGO48jRkfOiXv8=p?eV^wi7tqJz`ABeQy1ZXk2WE(E1XWuS6%$j+X>QVx93W*WEY'
+```
+
+#### urlPathEscape / urlPathUnescape
+
+Apply url character escaping strategy for components used in path
+
+```ruby
+https://ingester.es.cloud/{{ tenant | urlPathEscape }}/api/v1
+```
+
+#### urlQueryEscape / urlQueryUnescape
+
+Apply url character escaping strategy for components used in query
+
+```ruby
+https://logstash:{{ paranoidPassword | urlQueryEscape }}@ingester.es.cloud:1234
+https://logstash:K3iDayow9%5Cav67HawD6%210k~8lhcm8oLVUBt2wE%3E%5DLBJQJVj%3AfIx%2Fuo%40%7B%3D6kvgXHK@ingester.es.cloud:1234%
+```
+
 ### Secret loader
 
 #### secret

diff --git a/tools/go.mod b/tools/go.mod
@@ -11,15 +11,15 @@ require (
 	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
 	github.com/fatih/color v1.12.0
 	github.com/frapposelli/wwhrd v0.4.0
-	github.com/golang/mock v1.5.0
-	github.com/golangci/golangci-lint v1.40.1
+	github.com/golang/mock v1.6.0
+	github.com/golangci/golangci-lint v1.41.1
 	github.com/google/wire v0.5.0
 	github.com/izumin5210/gex v0.6.1
 	github.com/magefile/mage v1.11.0
 	github.com/stephens2424/writerset v1.0.2 // indirect
 	go.elastic.co/go-licence-detector v0.5.0
 	google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0
-	google.golang.org/protobuf v1.26.0
+	google.golang.org/protobuf v1.27.1
 	gotest.tools/gotestsum v1.6.4
 	mvdan.cc/gofumpt v0.1.1
 )