support encrypted strings

justmiles · Aug 28, 2018 · e33c1a3 · e33c1a3
1 parent 0c1a294
commit e33c1a3
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 11 deletions.
diff --git a/lib/Diff.go b/lib/Diff.go
@@ -59,20 +59,26 @@ func (diff *Diff) AppendDeleteChange(path string) error {
 }
 
 // AppendAddChange appends a line to delete
-func (diff *Diff) AppendAddChange(path, desiredValue, currentValue string) error {
+func (diff *Diff) AppendAddChange(path, desiredValue, currentValue string, encryptionKey *string) error {
 	if currentValue != "" {
 		diff.asVisual = append(diff.asVisual, color.YellowString(fmt.Sprintf("~\t%s\t%s  -->  %s", path, currentValue, desiredValue)))
 	} else {
 		diff.asVisual = append(diff.asVisual, color.GreenString(fmt.Sprintf("+\t%s\t%s", path, desiredValue)))
 	}
 
-	diff.additions = append(diff.additions, &ssm.PutParameterInput{
-		// KeyId: ""
+	add := &ssm.PutParameterInput{
 		Name:      aws.String(path),
 		Overwrite: aws.Bool(true),
 		Type:      aws.String("String"),
 		Value:     aws.String(desiredValue),
-	})
+	}
+
+	if encryptionKey != nil {
+		add.KeyId = encryptionKey
+		add.Type = aws.String("SecureString")
+	}
+
+	diff.additions = append(diff.additions, add)
 
 	return nil
 }
diff --git a/lib/ParameterStates.go b/lib/ParameterStates.go
@@ -52,18 +52,22 @@ func (p *ParameterStates) diff(current ParameterStates) (diffs Diff, err error)
 
 	for path, ps := range *p {
 		for key, value := range ps.Parameters {
-
+			var encryptionKey *string
+			pathAndKey := fmt.Sprintf("%s/%s", path, key)
+			if stringInSlice(key, ps.EncryptedKeys) {
+				encryptionKey = ps.EncryptionKey
+			}
 			// Add because the path does not exist in current
 			if current[path] == nil {
-				diffs.AppendAddChange(fmt.Sprintf("%s/%s", path, key), value, "")
+				diffs.AppendAddChange(pathAndKey, value, "", encryptionKey)
 
 				// Add because the key does not exist in current
 			} else if current[path].Parameters[key] == "" {
-				diffs.AppendAddChange(fmt.Sprintf("%s/%s", path, key), value, "")
+				diffs.AppendAddChange(pathAndKey, value, "", encryptionKey)
 
 				// Add because the key is not up to date in current
 			} else if value != current[path].Parameters[key] {
-				diffs.AppendAddChange(fmt.Sprintf("%s/%s", path, key), value, current[path].Parameters[key])
+				diffs.AppendAddChange(pathAndKey, value, current[path].Parameters[key], encryptionKey)
 
 			}
 		}

diff --git a/lib/commands_test.go b/lib/commands_test.go
@@ -5,7 +5,7 @@ import (
 )
 
 func TestRun(t *testing.T) {
-	CMDPull([]string{"/dev", "/ops"}, "yaml", "/home/justmiles/go/src/github.com/justmiles/ssm-parameter-store/scratch")
-	// CMDPush([]string{"/dev", "/ops"}, "yaml", "/home/justmiles/go/src/github.com/justmiles/ssm-parameter-store/scratch")
-	// CMDDiff([]string{"/dev", "/ops"}, "yaml", "/home/justmiles/go/src/github.com/justmiles/ssm-parameter-store/scratch")
+	CMDPull([]string{"/ops", "/ops"}, "yaml", "/home/justmiles/go/src/github.com/justmiles/ssm-parameter-store/scratch")
+	CMDPush([]string{"/ops"}, "yaml", "/home/justmiles/go/src/github.com/justmiles/ssm-parameter-store/scratch")
+	CMDDiff([]string{"/ops"}, "yaml", "/home/justmiles/go/src/github.com/justmiles/ssm-parameter-store/scratch")
 }
diff --git a/lib/util.go b/lib/util.go
@@ -112,3 +112,12 @@ func Check(err error) {
 		os.Exit(1)
 	}
 }
+
+func stringInSlice(a string, list []string) bool {
+	for _, b := range list {
+		if b == a {
+			return true
+		}
+	}
+	return false
+}