Add bitwarden support

crumbhole · Jun 24, 2021 · d838525 · d838525
1 parent 3f89d82
commit d838525
Show file tree

Hide file tree

Showing 3 changed files with 62 additions and 1 deletion.
diff --git a/go.mod b/go.mod
@@ -3,6 +3,7 @@ module github.com/crumbhole/argocd-vault-replacer
 go 1.15
 
 require (
+	github.com/crumbhole/bitwardenwrapper v0.0.0-20210601150013-4e4109398d96
 	github.com/hashicorp/vault v1.7.1
 	github.com/hashicorp/vault/api v1.0.5-0.20210210214158-405eced08457
 	golang.org/x/crypto v0.0.0-20210220033148-5ea612d1eb83

diff --git a/main.go b/main.go
@@ -3,6 +3,7 @@ package main
 import (
 	"bufio"
 	"fmt"
+	"github.com/crumbhole/argocd-vault-replacer/src/bwValueSource"
 	"github.com/crumbhole/argocd-vault-replacer/src/substitution"
 	"github.com/crumbhole/argocd-vault-replacer/src/vaultValueSource"
 	"io/ioutil"
@@ -51,9 +52,17 @@ func (s *scanner) scanDir(path string) error {
 	return filepath.Walk(path, s.scanFile)
 }
 
+func selectValueSource() substitution.ValueSource {
+	// This would be better with a factory pattern
+	if _, bwpresent := os.LookupEnv(`BW_SESSION`); bwpresent {
+		return bwValueSource.BitwardenValueSource{}
+	}
+	return vaultValueSource.VaultValueSource{}
+}
+
 func main() {
 	stat, _ := os.Stdin.Stat()
-	s := scanner{source: vaultValueSource.VaultValueSource{}}
+	s := scanner{source: selectValueSource()}
 	if (stat.Mode() & os.ModeCharDevice) == 0 {
 		reader := bufio.NewReader(os.Stdin)
 		filecontents, err := ioutil.ReadAll(reader)

diff --git a/src/bwValueSource/bwValueSource.go b/src/bwValueSource/bwValueSource.go
@@ -0,0 +1,51 @@
+package bwValueSource
+
+import (
+	"errors"
+	"os"
+	"strings"
+
+	bwwrap "github.com/crumbhole/bitwardenwrapper"
+)
+
+const (
+	envCheck = "BW_SESSION"
+)
+
+type BitwardenValueSource struct{}
+
+func (_ BitwardenValueSource) getItemSplitPath(path string) (*bwwrap.BwItem, error) {
+	pathParts := strings.Split(string(path), `/`)
+	keyUsed := pathParts[len(pathParts)-1]
+	pathUsed := strings.Join(pathParts[:len(pathParts)-1], `/`)
+	return bwwrap.GetItemFromFolder(keyUsed, pathUsed)
+}
+
+func (m BitwardenValueSource) GetValue(path []byte, key []byte) (*[]byte, error) {
+	if _, present := os.LookupEnv(envCheck); !present {
+		return nil, errors.New("Bitwarden session key not present")
+	}
+	switch string(key) {
+	default:
+		item, err := bwwrap.GetItemFromFolder(string(key), string(path))
+		if err != nil {
+			return nil, err
+		}
+		value := []byte(item.Notes)
+		return &value, nil
+	case `username`:
+		item, err := m.getItemSplitPath(string(path))
+		if err != nil {
+			return nil, err
+		}
+		value := []byte(item.Login.Username)
+		return &value, nil
+	case `password`:
+		item, err := m.getItemSplitPath(string(path))
+		if err != nil {
+			return nil, err
+		}
+		value := []byte(item.Login.Password)
+		return &value, nil
+	}
+}