feat: rename raw to binary (#1034)

* feat: rename raw to binary

* fix: snapshots

* chore: self mutation

Signed-off-by: github-actions <[email protected]>

---------

Signed-off-by: github-actions <[email protected]>
Co-authored-by: github-actions <[email protected]>

README.md

@@ -57,15 +57,15 @@ Even if using the main functionality should be done in 3 lines of code, there ar
 
 The most useful settings will be explained in the further chapters:
 
-### RAW - Just the raw file
+### Binary - Just the raw file
 
-If you have the need to just upload a sops encrypted raw rile, just name your sops encrypted file *.raw, or specify the option "raw" as format.
+If you have the need to just upload a sops encrypted binary file, just name your sops encrypted file *.binary, or specify the option "binary" as format.
 
 
 ```typescript
 const secret = new SopsSecret(this, 'SopsComplexSecretJSON', {
   ...
-  sopsFilePath: 'secrets/sopsfile-encrypted.raw',
+  sopsFilePath: 'secrets/sopsfile-encrypted.binary',
 });
 ```
 
@@ -75,7 +75,7 @@ or
 const secret = new SopsSecret(this, 'SopsComplexSecretJSON', {
   ...
   sopsFilePath: 'secrets/sopsfile-encrypted.something',
-  sopsFileFormat: 'raw',
+  sopsFileFormat: 'binary',
 });
 ```
 

lambda/events/event_create_s3_raw_simple.json

@@ -5,9 +5,9 @@
     "SecretARN": "arn:aws:secretsmanager:eu-central-1:123456789012:secret:testsecret",
     "SopsS3File": {
       "Bucket": "..",
-      "Key": "../test-secrets/raw/sopsfile.enc-age.raw"
+      "Key": "../test-secrets/binary/sopsfile.enc-age.binary"
     },
-    "Format": "raw",
+    "Format": "binary",
     "ConvertToJSON": "false",
     "SopsAgeKey": "AGE-SECRET-KEY-1EFUWJ0G2XJTJFWTAM2DGMA4VCK3R05W58FSMHZP3MZQ0ZTAQEAFQC6T7T3"
   },

lambda/main.go

@@ -76,8 +76,9 @@ func decryptSopsFileContent(content []byte, format string) (data []byte, err err
 func (a AWS) updateSecret(sopsHash string, secretArn string, secretContent []byte) (data *secretsmanager.PutSecretValueOutput, err error) {
 	secretContentString := string(secretContent)
 	input := &secretsmanager.PutSecretValueInput{
-		SecretId:           &secretArn,
-		SecretString:       &secretContentString,
+		SecretId:     &secretArn,
+		SecretString: &secretContentString,
+
 		ClientRequestToken: &sopsHash,
 	}
 	secretResp, secretErr := a.secretsmanager.PutSecretValue(input)
@@ -192,7 +193,7 @@ func (a AWS) syncSopsToSecretsmanager(ctx context.Context, event cfn.Event) (phy
 				resourceProperties.Flatten = "false"
 				resourceProperties.StringifyValues = "false"
 			}
-		case "raw":
+		case "binary":
 			{
 				resourceProperties.Flatten = "false"
 				resourceProperties.StringifyValues = "false"

src/index.ts

@@ -83,7 +83,7 @@ export interface SopsSyncOptions {
    *
    * @default - The fileformat will be derived from the file ending
    */
-  readonly sopsFileFormat?: undefined | 'json' | 'yaml' | 'dotenv' | 'raw';
+  readonly sopsFileFormat?: undefined | 'json' | 'yaml' | 'dotenv' | 'binary';
 
   /**
    * The kmsKey used to encrypt the sops file. Encrypt permissions
@@ -166,7 +166,7 @@ export class SopsSync extends Construct {
     const provider = props.sopsProvider ?? new SopsSyncProvider(scope);
 
     let uploadType = props.uploadType ?? UploadType.INLINE;
-    let sopsFileFormat: 'json' | 'yaml' | 'dotenv' | 'raw' | undefined =
+    let sopsFileFormat: 'json' | 'yaml' | 'dotenv' | 'binary' | undefined =
       props.sopsFileFormat;
     let sopsAsset: Asset | undefined = undefined;
     let sopsInline: { Content: string; Hash: string } | undefined = undefined;
@@ -205,8 +205,8 @@ export class SopsSync extends Construct {
           sopsFileFormat = 'dotenv';
           break;
         }
-        case 'raw': {
-          sopsFileFormat = 'raw';
+        case 'binary': {
+          sopsFileFormat = 'binary';
           break;
         }
         default: {

test/secret-asset.integ.snapshot/SecretIntegrationAsset.assets.json

@@ -1,15 +1,15 @@
 {
   "version": "15.0.0",
   "files": {
-    "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072": {
+    "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
       "source": {
-        "path": "asset.ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+        "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+          "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }
@@ -68,26 +68,26 @@
     },
     "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b": {
       "source": {
-        "path": "asset.a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.raw",
+        "path": "asset.a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.binary",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.raw",
+          "objectKey": "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.binary",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }
     },
-    "b25db66c3248ae34898b39c2b842dd299c297aa551841bb8d0c1571194ec820c": {
+    "3df20cebd8befd8c2eee521149078eeef238b022cabf42327fc78fa91a5e1539": {
       "source": {
         "path": "SecretIntegrationAsset.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "b25db66c3248ae34898b39c2b842dd299c297aa551841bb8d0c1571194ec820c.json",
+          "objectKey": "3df20cebd8befd8c2eee521149078eeef238b022cabf42327fc78fa91a5e1539.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

test/secret-asset.integ.snapshot/SecretIntegrationAsset.template.json

@@ -208,7 +208,7 @@
               ],
               "Effect": "Allow",
               "Resource": {
-                "Ref": "SopsRawAsRaw871B9402"
+                "Ref": "SopsBinaryAsBinary6FB08519"
               }
             }
           ],
@@ -229,7 +229,7 @@
           "S3Bucket": {
             "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
           },
-          "S3Key": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip"
+          "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
         },
         "Role": {
           "Fn::GetAtt": [
@@ -523,15 +523,15 @@
       "UpdateReplacePolicy": "Delete",
       "DeletionPolicy": "Delete"
     },
-    "SopsRawAsRaw871B9402": {
+    "SopsBinaryAsBinary6FB08519": {
       "Type": "AWS::SecretsManager::Secret",
       "Properties": {
         "GenerateSecretString": {}
       },
       "UpdateReplacePolicy": "Delete",
       "DeletionPolicy": "Delete"
     },
-    "SopsRawAsRawSopsSyncF4C090F5": {
+    "SopsBinaryAsBinarySopsSyncEC998F91": {
       "Type": "Custom::SopsSync",
       "Properties": {
         "ServiceToken": {
@@ -541,17 +541,17 @@
           ]
         },
         "SecretARN": {
-          "Ref": "SopsRawAsRaw871B9402"
+          "Ref": "SopsBinaryAsBinary6FB08519"
         },
         "SopsS3File": {
           "Bucket": {
             "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
           },
-          "Key": "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.raw"
+          "Key": "a8aece61894327fcfc2c7fab967a72583c0f795025e4d5f2e87c248b6e916d4b.binary"
         },
         "ConvertToJSON": true,
         "Flatten": true,
-        "Format": "raw",
+        "Format": "binary",
         "StringifiedValues": true
       },
       "UpdateReplacePolicy": "Delete",

test/secret-asset.integ.ts

@@ -107,8 +107,8 @@ const sopsComplexSecretYAMLasJSONFlat = new SopsSecret(
   },
 );
 
-new SopsSecret(stack, 'SopsRawAsRaw', {
-  sopsFilePath: 'test-secrets/raw/sopsfile.enc-age.raw',
+new SopsSecret(stack, 'SopsBinaryAsBinary', {
+  sopsFilePath: 'test-secrets/binary/sopsfile.enc-age.binary',
   uploadType: UploadType.ASSET,
   // see test-secrets/README.md for further information regarding the test file
   sopsAgeKey: SecretValue.plainText(

test/secret-inline.integ.snapshot/SecretIntegrationInline.assets.json

@@ -1,28 +1,28 @@
 {
   "version": "15.0.0",
   "files": {
-    "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072": {
+    "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
       "source": {
-        "path": "asset.ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+        "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+          "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }
     },
-    "2385a1094ec4b190e08320643c88b132119438fc962474b76aea43e82cd310ee": {
+    "049126fed367ff9a3a1334931bcb725bde8d35e20fb44992ef6b0bc5ff958f86": {
       "source": {
         "path": "SecretIntegrationInline.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "2385a1094ec4b190e08320643c88b132119438fc962474b76aea43e82cd310ee.json",
+          "objectKey": "049126fed367ff9a3a1334931bcb725bde8d35e20fb44992ef6b0bc5ff958f86.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

test/secret-inline.integ.snapshot/SecretIntegrationInline.template.json

@@ -196,7 +196,7 @@
           "S3Bucket": {
             "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
           },
-          "S3Key": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip"
+          "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
         },
         "Role": {
           "Fn::GetAtt": [

test/secret-manual.integ.snapshot/SecretIntegrationAsset.assets.json

@@ -1,28 +1,28 @@
 {
   "version": "15.0.0",
   "files": {
-    "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072": {
+    "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
       "source": {
-        "path": "asset.ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+        "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+          "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }
     },
-    "186ffa5da78dc6077fe8bd1f4bd0a419399ddb21fdba8afaef563086306e895c": {
+    "022d32671e6fbd021c620bba93a72070d50d1939b49527bf8adf048e7389f025": {
       "source": {
         "path": "SecretIntegrationAsset.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "186ffa5da78dc6077fe8bd1f4bd0a419399ddb21fdba8afaef563086306e895c.json",
+          "objectKey": "022d32671e6fbd021c620bba93a72070d50d1939b49527bf8adf048e7389f025.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

test/secret-manual.integ.snapshot/SecretIntegrationAsset.template.json

@@ -70,7 +70,7 @@
           "S3Bucket": {
             "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
           },
-          "S3Key": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip"
+          "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
         },
         "Role": {
           "Fn::GetAtt": [

test/secret-multikms.integ.snapshot/SecretMultiKms.assets.json

@@ -1,28 +1,28 @@
 {
   "version": "15.0.0",
   "files": {
-    "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072": {
+    "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58": {
       "source": {
-        "path": "asset.ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+        "path": "asset.5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip",
+          "objectKey": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }
     },
-    "cdd047fe12277760a6881d50891927ed3e7cd32446cd4e5a8e90f1ea13bf1e33": {
+    "6fd9d449eef6bf5ecffa43e95c14b74b0bdf4edce4045b913fb88cdf08c885e6": {
       "source": {
         "path": "SecretMultiKms.template.json",
         "packaging": "file"
       },
       "destinations": {
         "current_account-current_region": {
           "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
-          "objectKey": "cdd047fe12277760a6881d50891927ed3e7cd32446cd4e5a8e90f1ea13bf1e33.json",
+          "objectKey": "6fd9d449eef6bf5ecffa43e95c14b74b0bdf4edce4045b913fb88cdf08c885e6.json",
           "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
         }
       }

test/secret-multikms.integ.snapshot/SecretMultiKms.template.json

@@ -116,7 +116,7 @@
           "S3Bucket": {
             "Fn::Sub": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}"
           },
-          "S3Key": "ed3a691647469ab3f1695cf4648faf60c1b6b2ca66c823c228ac7b457ccef072.zip"
+          "S3Key": "5d28ae171b06a74255e5da3e3fad8477ed5dffc98b55e885ba99f56afe95cd58.zip"
         },
         "Role": {
           "Fn::GetAtt": [