From 96416e0c26e31dab3e7952610764cdabc046c207 Mon Sep 17 00:00:00 2001
From: Bill Wang <bill.wang@team.telstra.com>
Date: Thu, 14 Jun 2018 17:15:56 +1000
Subject: [PATCH] Add template lookup feature

---
 credstash.py | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/credstash.py b/credstash.py
index 2780158..a1d89b5 100755
--- a/credstash.py
+++ b/credstash.py
@@ -713,6 +713,32 @@ def get_session_params(profile, arn):
     return params
 
 
+@clean_fail
+def template_lookup(args, region, **session_params):
+    '''convert credstash secrets in template file for pattern "{{ secrect_key_name }}"
+    '''
+
+    file = args.file
+    with open(file, 'r+') as f:
+        data = f.read()
+        pattern = re.compile(r'({{ ([^}]+) }})')
+        match = pattern.findall(data)
+
+        for source, key in match:
+            try:
+                secret = getSecret(key)
+            except Exception:
+                print("Can't get the secret %s, did you set it?" % key)
+                sys.exit(1)
+
+            data = data.replace(source, secret)
+
+        f.seek(0)
+        f.truncate()
+        f.write(data)
+        f.close()
+
+
 def get_parser():
     """get the parsers dict"""
     parsers = {}
@@ -881,6 +907,12 @@ def get_parser():
     parsers[action] = subparsers.add_parser(action,
                                             help='setup the credential store')
     parsers[action].set_defaults(action=action)
+    action = 'template'
+    parsers[action] = subparsers.add_parser(action,
+                                            help='convert secrets in tempalte')
+    parsers[action].add_argument("file", type=str,
+                                 help="name of template file.")
+    parsers[action].set_defaults(action=action)
     return parsers
 
 
@@ -928,6 +960,9 @@ def main():
             createDdbTable(region=region, table=args.table,
                            **session_params)
             return
+        if args.action == "template":
+            template_lookup(args, region, **session_params)
+            return
     else:
         parsers['super'].print_help()