tullo/sealed-secret-scanner.go

## sealed-secret-scanner.go
package main

import (
	"bytes"
	"fmt"
	"strings"
	"text/scanner"
)

const src = `
envs:
  staging:
    - name: my-app
      sealedSecrets:
        secret1: value1
        secret2: value2
  production:
    - name: my-app
      sealedSecrets:
        secret1: prod1
        secret2: prod2
`

func main() {

	buf := make([]byte, 0, len(src)*2)
	out := bytes.NewBuffer(buf)

	var s scanner.Scanner
	s.Init(strings.NewReader(src))
	s.Whitespace ^= scanner.GoWhitespace

	var sec, val scanner.Position
	for t := s.Scan(); t != scanner.EOF; t = s.Scan() {
		switch t {
		case '\n', '\r', ' ', ':', '-':
			out.WriteString(s.TokenText())
			continue
		case scanner.Ident:
			switch s.TokenText() {
			case "sealedSecrets":
				// Set expected start position.
				sec.Line = s.Position.Line + 1
				sec.Column = s.Position.Column + 2
				out.WriteString(s.TokenText())
				continue
			}

			if s.Position.Line == sec.Line {
				if s.Position.Column == sec.Column {
					// Secret key.
					out.WriteString(s.TokenText())
					if s.Next() == ':' {
						out.WriteRune(':')
						// Set expected start position.
						val = sec
						val.Column = s.Pos().Column + 1
						continue
					}
				}
				if s.Position.Column == val.Column {
					value := s.TokenText()
					// TODO encrypt value
					// sv,err := sealValue(pubKey, value)
					// https://github.com/gimlet-io/gimlet-cli/blob/main/commands/seal/seal.go#L185
					out.WriteString("encrypted-" + value)
					sec.Line += 1
					continue
				}
			}

			out.WriteString(s.TokenText())
		}
	}

	fmt.Print(out.String())
}
	package main

	import (
	"bytes"
	"fmt"
	"strings"
	"text/scanner"
	)

	const src = `
	envs:
	staging:
	- name: my-app
	sealedSecrets:
	secret1: value1
	secret2: value2
	production:
	- name: my-app
	sealedSecrets:
	secret1: prod1
	secret2: prod2
	`

	func main() {

	buf := make([]byte, 0, len(src)*2)
	out := bytes.NewBuffer(buf)

	var s scanner.Scanner
	s.Init(strings.NewReader(src))
	s.Whitespace ^= scanner.GoWhitespace

	var sec, val scanner.Position
	for t := s.Scan(); t != scanner.EOF; t = s.Scan() {
	switch t {
	case '\n', '\r', ' ', ':', '-':
	out.WriteString(s.TokenText())
	continue
	case scanner.Ident:
	switch s.TokenText() {
	case "sealedSecrets":
	// Set expected start position.
	sec.Line = s.Position.Line + 1
	sec.Column = s.Position.Column + 2
	out.WriteString(s.TokenText())
	continue
	}

	if s.Position.Line == sec.Line {
	if s.Position.Column == sec.Column {
	// Secret key.
	out.WriteString(s.TokenText())
	if s.Next() == ':' {
	out.WriteRune(':')
	// Set expected start position.
	val = sec
	val.Column = s.Pos().Column + 1
	continue
	}
	}
	if s.Position.Column == val.Column {
	value := s.TokenText()
	// TODO encrypt value
	// sv,err := sealValue(pubKey, value)
	// https://github.com/gimlet-io/gimlet-cli/blob/main/commands/seal/seal.go#L185
	out.WriteString("encrypted-" + value)
	sec.Line += 1
	continue
	}
	}

	out.WriteString(s.TokenText())
	}
	}

	fmt.Print(out.String())
	}