harness-drone/store/secret/secret.go
2019-02-20 15:15:29 -08:00

221 lines
5.1 KiB
Go

// Copyright 2019 Drone IO, Inc.
// Copyright 2016 The Linux Foundation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package secret
import (
"context"
"github.com/drone/drone/core"
"github.com/drone/drone/store/shared/db"
"github.com/drone/drone/store/shared/encrypt"
)
// New returns a new Secret database store.
func New(db *db.DB, enc encrypt.Encrypter) core.SecretStore {
return &secretStore{
db: db,
enc: enc,
}
}
type secretStore struct {
db *db.DB
enc encrypt.Encrypter
}
func (s *secretStore) List(ctx context.Context, id int64) ([]*core.Secret, error) {
var out []*core.Secret
err := s.db.View(func(queryer db.Queryer, binder db.Binder) error {
params := map[string]interface{}{"secret_repo_id": id}
stmt, args, err := binder.BindNamed(queryRepo, params)
if err != nil {
return err
}
rows, err := queryer.Query(stmt, args...)
if err != nil {
return err
}
out, err = scanRows(s.enc, rows)
return err
})
return out, err
}
func (s *secretStore) Find(ctx context.Context, id int64) (*core.Secret, error) {
out := &core.Secret{ID: id}
err := s.db.View(func(queryer db.Queryer, binder db.Binder) error {
params, err := toParams(s.enc, out)
if err != nil {
return err
}
query, args, err := binder.BindNamed(queryKey, params)
if err != nil {
return err
}
row := queryer.QueryRow(query, args...)
return scanRow(s.enc, row, out)
})
return out, err
}
func (s *secretStore) FindName(ctx context.Context, id int64, name string) (*core.Secret, error) {
out := &core.Secret{Name: name, RepoID: id}
err := s.db.View(func(queryer db.Queryer, binder db.Binder) error {
params, err := toParams(s.enc, out)
if err != nil {
return err
}
query, args, err := binder.BindNamed(queryName, params)
if err != nil {
return err
}
row := queryer.QueryRow(query, args...)
return scanRow(s.enc, row, out)
})
return out, err
}
func (s *secretStore) Create(ctx context.Context, secret *core.Secret) error {
if s.db.Driver() == db.Postgres {
return s.createPostgres(ctx, secret)
}
return s.create(ctx, secret)
}
func (s *secretStore) create(ctx context.Context, secret *core.Secret) error {
return s.db.Lock(func(execer db.Execer, binder db.Binder) error {
params, err := toParams(s.enc, secret)
if err != nil {
return err
}
stmt, args, err := binder.BindNamed(stmtInsert, params)
if err != nil {
return err
}
res, err := execer.Exec(stmt, args...)
if err != nil {
return err
}
secret.ID, err = res.LastInsertId()
return err
})
}
func (s *secretStore) createPostgres(ctx context.Context, secret *core.Secret) error {
return s.db.Lock(func(execer db.Execer, binder db.Binder) error {
params, err := toParams(s.enc, secret)
if err != nil {
return err
}
stmt, args, err := binder.BindNamed(stmtInsertPg, params)
if err != nil {
return err
}
return execer.QueryRow(stmt, args...).Scan(&secret.ID)
})
}
func (s *secretStore) Update(ctx context.Context, secret *core.Secret) error {
return s.db.Lock(func(execer db.Execer, binder db.Binder) error {
params, err := toParams(s.enc, secret)
if err != nil {
return err
}
stmt, args, err := binder.BindNamed(stmtUpdate, params)
if err != nil {
return err
}
_, err = execer.Exec(stmt, args...)
return err
})
}
func (s *secretStore) Delete(ctx context.Context, secret *core.Secret) error {
return s.db.Lock(func(execer db.Execer, binder db.Binder) error {
params, err := toParams(s.enc, secret)
if err != nil {
return err
}
stmt, args, err := binder.BindNamed(stmtDelete, params)
if err != nil {
return err
}
_, err = execer.Exec(stmt, args...)
return err
})
}
const queryBase = `
SELECT
secret_id
,secret_repo_id
,secret_name
,secret_data
,secret_pull_request
,secret_pull_request_push
`
const queryKey = queryBase + `
FROM secrets
WHERE secret_id = :secret_id
LIMIT 1
`
const queryName = queryBase + `
FROM secrets
WHERE secret_name = :secret_name
AND secret_repo_id = :secret_repo_id
LIMIT 1
`
const queryRepo = queryBase + `
FROM secrets
WHERE secret_repo_id = :secret_repo_id
ORDER BY secret_name
`
const stmtUpdate = `
UPDATE secrets SET
secret_data = :secret_data
,secret_pull_request = :secret_pull_request
,secret_pull_request_push = :secret_pull_request_push
WHERE secret_id = :secret_id
`
const stmtDelete = `
DELETE FROM secrets
WHERE secret_id = :secret_id
`
const stmtInsert = `
INSERT INTO secrets (
secret_repo_id
,secret_name
,secret_data
,secret_pull_request
,secret_pull_request_push
) VALUES (
:secret_repo_id
,:secret_name
,:secret_data
,:secret_pull_request
,:secret_pull_request_push
)
`
const stmtInsertPg = stmtInsert + `
RETURNING secret_id
`