Add the write-file command

fpco · Mar 13, 2022 · a4842de · a4842de
1 parent 8f8c1a1
commit a4842de
Show file tree

Hide file tree

Showing 6 changed files with 33 additions and 3 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
 # Change log for Amber
 
+## 0.1.3 (2022-03-13)
+
+* Add the `write-file` command
+
 ## 0.1.2 (2022-01-18)
 
 * Allow `encrypt` subcommand to take secret value from `stdin` [#15](https://github.com/fpco/amber/issues/15)

diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "amber"
-version = "0.1.2"
+version = "0.1.3"
 authors = ["Michael Snoyman <[email protected]>"]
 edition = "2018"
 description = "Manage secret values in-repo via public key cryptography"

diff --git a/src/cli.rs b/src/cli.rs
@@ -53,6 +53,15 @@ pub enum SubCommand {
         /// Command line arguments to pass to the command
         args: Vec<String>,
     },
+    /// Write the contents of a secret to the given file.
+    WriteFile {
+        /// The key for the secret
+        #[clap(long)]
+        key: String,
+        /// File path to write to
+        #[clap(long)]
+        dest: PathBuf,
+    },
 }
 
 #[derive(Parser, Debug)]

diff --git a/src/config.rs b/src/config.rs
@@ -203,6 +203,14 @@ impl Config {
                 .map(|plain| (key, plain))
         })
     }
+
+    /// Look up a specific secret value
+    pub(crate) fn get_secret(&self, key: &str, secret_key: &SecretKey) -> Result<String> {
+        self.secrets
+            .get(key)
+            .with_context(|| format!("Key does not exist: {}", key))
+            .and_then(|secret| secret.decrypt(&self.public_key, secret_key, key))
+    }
 }
 
 impl Secret {

diff --git a/src/main.rs b/src/main.rs
@@ -3,7 +3,7 @@ mod config;
 mod exec;
 mod mask;
 
-use std::io::Read;
+use std::{io::Read, path::Path};
 
 use anyhow::*;
 use exec::CommandExecExt;
@@ -38,6 +38,7 @@ fn main() -> Result<()> {
         cli::SubCommand::Remove { key } => remove(cmd.opt, key),
         cli::SubCommand::Print { style } => print(cmd.opt, style),
         cli::SubCommand::Exec { cmd: cmd_, args } => exec(cmd.opt, cmd_, args),
+        cli::SubCommand::WriteFile { key, dest } => write_file(cmd.opt, &key, &dest),
     }
 }
 
@@ -169,3 +170,11 @@ fn exec(mut opt: cli::Opt, cmd: String, args: Vec<String>) -> Result<()> {
 
     Ok(())
 }
+
+fn write_file(mut opt: cli::Opt, key: &str, dest: &Path) -> Result<()> {
+    let config = config::Config::load(opt.find_amber_yaml()?)?;
+    let secret_key = config.load_secret_key()?;
+    let value = config.get_secret(key, &secret_key)?;
+    std::fs::write(dest, value)
+        .with_context(|| format!("Unable to write to file {}", dest.display()))
+}