cuetry

package
v0.2.7 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 6, 2026 License: MIT Imports: 10 Imported by: 0

Documentation

Overview

Package cuetry parses, validates, and resolves CUE remote recipes for honey.

Index

Constants

View Source 
const MatchAllSearchHosts = "*"

MatchAllSearchHosts is a recipe step host value meaning: run this step on every host in the current search result set that has a PrimaryIP (same filter as parallel SSH in the UI).

View Source 
const MatchHostRegexPrefix = "re:"

MatchHostRegexPrefix starts a host value interpreted as a Go regexp (RE2) matched against each search row's Name. Example: re:^prod-kafka-.+$ Use (?i) inside the pattern for case-insensitive matching.

Variables

This section is empty.

Functions

func EffectiveEnv 

func EffectiveEnv(step RecipeStep, defaults *RecipeDefaults) (map[string]string, error)

EffectiveEnv merges recipe.defaults.env with step.env (step wins on duplicate keys).

func EffectiveEnvForRun 

func EffectiveEnvForRun(step RecipeStep, defaults *RecipeDefaults, cliEnv map[string]string, r *hosts.Record) (map[string]string, error)

EffectiveEnvForRun merges recipe env (defaults then step) with cliEnv and adds host variables; cliEnv wins on duplicate keys.

func EffectiveRunAs 

func EffectiveRunAs(step RecipeStep, defaults *RecipeDefaults) string

EffectiveRunAs returns step-level run_as, else recipe defaults.run_as, else "".

func ExpandStepHosts 

func ExpandStepHosts(host string, records []hosts.Record) ([]hosts.Record, error)

ExpandStepHosts returns the host records one step should run against. If host is MatchAllSearchHosts, returns all records with a non-empty PrimaryIP (preserving search order). If host starts with MatchHostRegexPrefix, returns every record with PrimaryIP whose Name matches the regexp. Otherwise returns a single-element slice from ResolveHostFromRecords (literal IP or exact name match).

func ParseEnvKeyValuePairs 

func ParseEnvKeyValuePairs(pairs []string) (map[string]string, error)

ParseEnvKeyValuePairs parses repeated "KEY=value" strings (first '=' separates key from value). Empty entries are skipped. Later duplicates overwrite earlier ones.

func ResolveHostFromRecords 

func ResolveHostFromRecords(host string, records []hosts.Record) (hosts.Record, error)

ResolveHostFromRecords maps recipe "host" to a record with PrimaryIP. If host looks like an IP address, it returns a synthetic record (Name=host). Otherwise it matches Record.Name with case-insensitive equality; multiple matches are an error.

func ResolveLocalAgainstRecipe 

func ResolveLocalAgainstRecipe(recipeDir, local string) (string, error)

ResolveLocalAgainstRecipe returns an absolute local path: absolute paths are unchanged; relative paths are joined to recipeDir.

func ScriptRunAfterUpload 

func ScriptRunAfterUpload(remotePath, runAs string, env map[string]string) (string, error)

ScriptRunAfterUpload builds the remote shell command to execute an uploaded file with POSIX sh (after SFTP). Optional run_as wraps the run like command steps. Optional env is applied as export assignments before `sh remotePath` (same as command steps). Scripts should be compatible with `sh` (or rely on a shebang if the kernel honors it when executed as argument to sh — use POSIX sh syntax for portability).

func ShellExportPrefixForRemote 

func ShellExportPrefixForRemote(env map[string]string, inner string) (string, error)

ShellExportPrefixForRemote prepends stable `export KEY='value'; ` assignments before inner (remote shell).

func ValidateHostField 

func ValidateHostField(host string) error

ValidateHostField checks host syntax (empty, regex compile). Call from ParseRemoteRecipe; ExpandStepHosts enforces match counts at runtime.

func ValidateRecipeEnvMap 

func ValidateRecipeEnvMap(m map[string]string) error

ValidateRecipeEnvMap checks every key/value pair for safe use in POSIX export assignments.

func ValidateRemoteRecipe 

func ValidateRemoteRecipe(cueBytes []byte) error

ValidateRemoteRecipe checks that cueBytes is valid CUE and conforms to #Recipe.

func ValidateRunAsUser 

func ValidateRunAsUser(user string) error

ValidateRunAsUser restricts remote account names to a safe POSIX-like subset to avoid shell metacharacters in sudo -u.

func ValidateStepRunAsForKind 

func ValidateStepRunAsForKind(kind StepKind, step RecipeStep) error

ValidateStepRunAsForKind rejects per-step run_as on put/get (SFTP only). Script steps allow run_as for the execute phase; defaults.run_as applies there too.

func WrapRemoteShell 

func WrapRemoteShell(runAs, innerCommand string) (string, error)

WrapRemoteShell runs the inner command as SSH login user; if runAs is set, wraps with: sudo -n -u '<runAs>' -- sh -lc '<inner>' (non-interactive sudo).

Types

type Recipe 

type Recipe struct {
	Name     string          `json:"name"`
	Defaults *RecipeDefaults `json:"defaults,omitempty"`
	Steps    []RecipeStep    `json:"steps"`
}

Recipe is the decoded "recipe" block from a CUE document.

func ParseRemoteRecipe 

func ParseRemoteRecipe(cueBytes []byte, records []hosts.Record) (Recipe, error)

ParseRemoteRecipe validates cueBytes and decodes the recipe into Go values.

type RecipeDefaults 

type RecipeDefaults struct {
	RunAs         string            `json:"run_as,omitempty"`
	Env           map[string]string `json:"env,omitempty"`
	K8sDebugImage string            `json:"k8s_debug_image,omitempty"`
}

RecipeDefaults holds recipe-level defaults (optional fields).

type RecipeFileTransfer 

type RecipeFileTransfer struct {
	Local  string `json:"local"`
	Remote string `json:"remote"`
}

RecipeFileTransfer is a local ↔ remote path pair for SFTP put/get steps.

type RecipeStep 

type RecipeStep struct {
	Host    string              `json:"host"`
	Command string              `json:"command,omitempty"`
	Put     *RecipeFileTransfer `json:"put,omitempty"`
	Get     *RecipeFileTransfer `json:"get,omitempty"`
	Script  *RecipeFileTransfer `json:"script,omitempty"`
	RunAs   string              `json:"run_as,omitempty"`
	Env     map[string]string   `json:"env,omitempty"`
}

RecipeStep is one remote action: exactly one of Command, Put, Get, or Script. Host selects targets: literal IP, exact name, "*", or "re:…" (see resolve.go).

type StepKind 

type StepKind int

StepKind describes which action a recipe step performs. 

const (
	StepKindCommand StepKind = iota
	StepKindPut
	StepKindGet
	StepKindScript
)

StepKind values correspond to exactly one populated field on RecipeStep.

func ClassifyStep 

func ClassifyStep(s RecipeStep) (StepKind, error)

ClassifyStep returns the step kind after validating exactly one of command / put / get / script.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.