Add sprig functions

go.mod

@@ -16,6 +16,7 @@ require (
  github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/resources/armresources v1.2.0
  github.com/GoogleCloudPlatform/cloudsql-proxy v1.37.0
  github.com/Keyfactor/ejbca-go-client-sdk v1.0.2
+ github.com/Masterminds/sprig/v3 v3.2.3
  github.com/Microsoft/go-winio v0.6.2
  github.com/andres-erbsen/clock v0.0.0-20160526145045-9e14626cd129
  github.com/aws/aws-sdk-go-v2 v1.32.2
@@ -114,7 +115,6 @@ require (
  github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping v0.48.1 // indirect
  github.com/Masterminds/goutils v1.1.1 // indirect
  github.com/Masterminds/semver/v3 v3.2.1 // indirect
- github.com/Masterminds/sprig/v3 v3.2.3 // indirect
  github.com/OneOfOne/xxhash v1.2.8 // indirect
  github.com/agnivade/levenshtein v1.2.0 // indirect
  github.com/armon/go-radix v1.0.0 // indirect

pkg/common/agentpathtemplate/template.go

@@ -2,15 +2,152 @@ package agentpathtemplate
 
 import (
  "bytes"
+ "fmt"
  "text/template"
+
+ sprig "github.com/Masterminds/sprig/v3"
 )
 
+var funcList = []string{
+ "abbrev",
+ "abbrevboth",
+ "trunc",
+ "trim",
+ "upper",
+ "lower",
+ "title",
+ "untitle",
+ "substr",
+ "repeat",
+ "trimAll",
+ "trimSuffix",
+ "trimPrefix",
+ "nospace",
+ "initials",
+ "swapcase",
+ "snakecase",
+ "camelcase",
+ "kebabcase",
+ "wrap",
+ "wrapWith",
+ "contains",
+ "hasPrefix",
+ "hasSuffix",
+ "quote",
+ "squote",
+ "cat",
+ "indent",
+ "nindent",
+ "replace",
+ "plural",
+ "sha1sum",
+ "sha256sum",
+ "adler32sum",
+ "toString",
+ "seq",
+ "splitList",
+ "toStrings",
+ "join",
+ "sortAlpha",
+ "default",
+ "empty",
+ "coalesce",
+ "all",
+ "any",
+ "compact",
+ "mustCompact",
+ "ternary",
+ "base",
+ "dir",
+ "clean",
+ "ext",
+ "isAbs",
+ "b64enc",
+ "b64dec",
+ "b32enc",
+ "b32dec",
+ "tuple",
+ "list",
+ "dict",
+ "get",
+ "set",
+ "unset",
+ "hasKey",
+ "pluck",
+ "keys",
+ "pick",
+ "omit",
+ "merge",
+ "mergeOverwrite",
+ "mustMerge",
+ "mustMergeOverwrite",
+ "values",
+ "append",
+ "push",
+ "mustAppend",
+ "mustPush",
+ "prepend",
+ "mustPrepend",
+ "first",
+ "mustFirst",
+ "rest",
+ "mustRest",
+ "last",
+ "mustLast",
+ "initial",
+ "mustInitial",
+ "reverse",
+ "mustReverse",
+ "uniq",
+ "mustUniq",
+ "without",
+ "mustWithout",
+ "has",
+ "mustHas",
+ "slice",
+ "mustSlice",
+ "concat",
+ "dig",
+ "chunk",
+ "mustChunk",
+ "uuidv4",
+ "fail",
+ "regexMatch",
+ "mustRegexMatch",
+ "regexFindAll",
+ "mustRegexFindAll",
+ "regexFind",
+ "mustRegexFind",
+ "regexReplaceAll",
+ "mustRegexReplaceAll",
+ "regexReplaceAllLiteral",
+ "mustRegexReplaceAllLiteral",
+ "regexSplit",
+ "mustRegexSplit",
+ "regexQuoteMeta",
+ "urlParse",
+ "urlJoin",
+}
+
+var ourMap = make(template.FuncMap)
+
+func init() {
+ sprigMap := sprig.TxtFuncMap()
+ for _, f := range funcList {
+ if fn, ok := sprigMap[f]; ok {
+ ourMap[f] = fn
+ } else {
+ panic(fmt.Errorf("missing sprig function %q", f))
+ }
+ }
+}
+
 // Parse parses an agent path template. It changes the behavior for missing
 // keys to return an error instead of the default behavior, which renders a
 // value that requires percent-encoding to include in a URI, which is against
 // the SPIFFE specification.
 func Parse(text string) (*Template, error) {
- tmpl, err := template.New("agent-path").Option("missingkey=error").Parse(text)
+ tmpl, err := template.New("agent-path").Option("missingkey=error").Funcs(ourMap).Parse(text)
  if err != nil {
  return nil, err
  }

pkg/common/plugin/sshpop/sshpop_test.go

@@ -106,14 +106,13 @@ func TestNewServer(t *testing.T) {
  {
  desc: "success",
  configString: fmt.Sprintf(`cert_authorities = [%q]
- canonical_domain = "local"
- agent_path_template = "/{{ .PluginName}}/{{ .Fingerprint }}"`, testCertAuthority),
+ canonical_domain = "local"`, testCertAuthority),
  trustDomain: "foo.test",
  requireServer: func(t *testing.T, s *Server) {
  require.NotNil(t, s)
  require.Equal(t, "foo.test", s.trustDomain.Name())
  require.Equal(t, "local", s.canonicalDomain)
- require.Equal(t, DefaultAgentPathTemplate, s.agentPathTemplate)
+ require.Same(t, DefaultAgentPathTemplate, s.agentPathTemplate)
  pubkey, _, _, _, err := ssh.ParseAuthorizedKey([]byte(testCertAuthority))
  require.NoError(t, err)
  require.True(t, s.certChecker.IsHostAuthority(pubkey, ""))
@@ -128,7 +127,7 @@ func TestNewServer(t *testing.T) {
  requireServer: func(t *testing.T, s *Server) {
  require.NotNil(t, s)
  require.Equal(t, "foo.test", s.trustDomain.Name())
- require.Equal(t, DefaultAgentPathTemplate, s.agentPathTemplate)
+ require.NotSame(t, DefaultAgentPathTemplate, s.agentPathTemplate)
  pubkey := requireParsePubkey(t, testCertAuthority)
  pubkey2 := requireParsePubkey(t, testCertAuthority2)
  pubkey3 := requireParsePubkey(t, testCertAuthority3)