diff --git a/plugins/doppler/doppler.go b/plugins/doppler/doppler.go new file mode 100644 index 00000000..ff9ca8c2 --- /dev/null +++ b/plugins/doppler/doppler.go @@ -0,0 +1,27 @@ +package doppler + +import ( + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/needsauth" + "github.com/1Password/shell-plugins/sdk/schema" + "github.com/1Password/shell-plugins/sdk/schema/credname" +) + +func DopplerCLI() schema.Executable { + return schema.Executable{ + Name: "Doppler CLI", + Runs: []string{"doppler"}, + DocsURL: sdk.URL("https://docs.doppler.com/docs/cli"), + NeedsAuth: needsauth.IfAll( + needsauth.NotForHelpOrVersion(), + needsauth.NotWithoutArgs(), + needsauth.NotWhenContainsArgs("__complete"), + needsauth.NotWhenContainsArgs("--token"), + ), + Uses: []schema.CredentialUsage{ + { + Name: credname.PersonalAccessToken, + }, + }, + } +} diff --git a/plugins/doppler/personal_access_token.go b/plugins/doppler/personal_access_token.go new file mode 100644 index 00000000..45099858 --- /dev/null +++ b/plugins/doppler/personal_access_token.go @@ -0,0 +1,78 @@ +package doppler + +import ( + "context" + "strings" + + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/importer" + "github.com/1Password/shell-plugins/sdk/provision" + "github.com/1Password/shell-plugins/sdk/schema" + "github.com/1Password/shell-plugins/sdk/schema/credname" + "github.com/1Password/shell-plugins/sdk/schema/fieldname" +) + +func PersonalAccessToken() schema.CredentialType { + return schema.CredentialType{ + Name: credname.PersonalAccessToken, + DocsURL: sdk.URL("https://docs.doppler.com/docs/cli"), + ManagementURL: sdk.URL("https://dashboard.doppler.com/"), + Fields: []schema.CredentialField{ + { + Name: fieldname.Token, + MarkdownDescription: "Personal or CLI token used to authenticate to Doppler. Personal Tokens (dp.pt.) are created in the dashboard; CLI tokens (dp.ct.) are created by `doppler login`. Both grant access to your account.", + Secret: true, + Composition: &schema.ValueComposition{ + Prefix: "dp.", + Charset: schema.Charset{ + Uppercase: true, + Lowercase: true, + Digits: true, + Specific: []rune{'.'}, + }, + }, + }, + }, + DefaultProvisioner: provision.EnvVars(defaultEnvVarMapping), + Importer: importer.TryAll( + importer.TryEnvVarPair(defaultEnvVarMapping), + TryDopplerConfigFile(), + ), + } +} + +var defaultEnvVarMapping = map[string]sdk.FieldName{ + "DOPPLER_TOKEN": fieldname.Token, +} + +func TryDopplerConfigFile() sdk.Importer { + return importer.TryFile("~/.doppler/.doppler.yaml", func(ctx context.Context, contents importer.FileContents, in sdk.ImportInput, out *sdk.ImportAttempt) { + var config Config + if err := contents.ToYAML(&config); err != nil { + out.AddError(err) + return + } + + for _, scope := range config.Scoped { + if !strings.HasPrefix(scope.Token, "dp.pt.") && !strings.HasPrefix(scope.Token, "dp.ct.") { + continue + } + + out.AddCandidate(sdk.ImportCandidate{ + Fields: map[sdk.FieldName]string{ + fieldname.Token: scope.Token, + }, + NameHint: importer.SanitizeNameHint(scope.Project), + }) + } + }) +} + +type Config struct { + Scoped map[string]ConfigScope `yaml:"scoped"` +} + +type ConfigScope struct { + Token string `yaml:"token"` + Project string `yaml:"enclave.project"` +} diff --git a/plugins/doppler/personal_access_token_test.go b/plugins/doppler/personal_access_token_test.go new file mode 100644 index 00000000..1fc6e47c --- /dev/null +++ b/plugins/doppler/personal_access_token_test.go @@ -0,0 +1,54 @@ +package doppler + +import ( + "testing" + + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/plugintest" + "github.com/1Password/shell-plugins/sdk/schema/fieldname" +) + +func TestPersonalAccessTokenImporter(t *testing.T) { + plugintest.TestImporter(t, PersonalAccessToken().Importer, map[string]plugintest.ImportCase{ + "DOPPLER_TOKEN environment variable": { + Environment: map[string]string{ + "DOPPLER_TOKEN": "dp.pt.SQgRDoLc2lBYVu5Vr2T4XHPvBcp0HlhMZq8F11whbvQEXAMPLE", + }, + ExpectedCandidates: []sdk.ImportCandidate{ + { + Fields: map[sdk.FieldName]string{ + fieldname.Token: "dp.pt.SQgRDoLc2lBYVu5Vr2T4XHPvBcp0HlhMZq8F11whbvQEXAMPLE", + }, + }, + }, + }, + "config file": { + Files: map[string]string{ + "~/.doppler/.doppler.yaml": plugintest.LoadFixture(t, "doppler.yaml"), + }, + ExpectedCandidates: []sdk.ImportCandidate{ + { + Fields: map[sdk.FieldName]string{ + fieldname.Token: "dp.ct.0nFkB2tJ8wQxZ5pYcR7vLmA3sD6gH9jKqW1eU4iO0EXAMPLE", + }, + NameHint: "example-project", + }, + }, + }, + }) +} + +func TestPersonalAccessTokenProvisioner(t *testing.T) { + plugintest.TestProvisioner(t, PersonalAccessToken().DefaultProvisioner, map[string]plugintest.ProvisionCase{ + "default": { + ItemFields: map[sdk.FieldName]string{ + fieldname.Token: "dp.pt.SQgRDoLc2lBYVu5Vr2T4XHPvBcp0HlhMZq8F11whbvQEXAMPLE", + }, + ExpectedOutput: sdk.ProvisionOutput{ + Environment: map[string]string{ + "DOPPLER_TOKEN": "dp.pt.SQgRDoLc2lBYVu5Vr2T4XHPvBcp0HlhMZq8F11whbvQEXAMPLE", + }, + }, + }, + }) +} diff --git a/plugins/doppler/plugin.go b/plugins/doppler/plugin.go new file mode 100644 index 00000000..0ea1cd9a --- /dev/null +++ b/plugins/doppler/plugin.go @@ -0,0 +1,22 @@ +package doppler + +import ( + "github.com/1Password/shell-plugins/sdk" + "github.com/1Password/shell-plugins/sdk/schema" +) + +func New() schema.Plugin { + return schema.Plugin{ + Name: "doppler", + Platform: schema.PlatformInfo{ + Name: "Doppler", + Homepage: sdk.URL("https://doppler.com"), + }, + Credentials: []schema.CredentialType{ + PersonalAccessToken(), + }, + Executables: []schema.Executable{ + DopplerCLI(), + }, + } +} diff --git a/plugins/doppler/test-fixtures/doppler.yaml b/plugins/doppler/test-fixtures/doppler.yaml new file mode 100644 index 00000000..5e651846 --- /dev/null +++ b/plugins/doppler/test-fixtures/doppler.yaml @@ -0,0 +1,11 @@ +scoped: + /: + token: dp.ct.0nFkB2tJ8wQxZ5pYcR7vLmA3sD6gH9jKqW1eU4iO0EXAMPLE + enclave.project: example-project + enclave.config: dev + /home/user/app: + token: dp.st.dev.aB3cD6gH9jKqW1eU4iO0nFkB2tJ8wQxZ5pYcR7vLmEXAMPLE + enclave.project: app + enclave.config: dev +version-check: + lastversioncheck: 0