Add one-shot mode

config.go

@@ -48,6 +48,8 @@ type config struct {
 	execTimeout time.Duration
 	// version flag
 	showVersion bool
+	// one-shot mode
+	oneShot bool
 }
 
 var (
@@ -70,6 +72,7 @@ func init() {
 	flag.DurationVar(&options.execTimeout, "exec-timeout", time.Duration(60)*time.Second, "the timeout applied to commands on the exec option")
 	flag.BoolVar(&options.showVersion, "version", false, "show the vault-sidekick version")
 	flag.Var(options.resources, "cn", "a resource to retrieve and monitor from vault")
+	flag.BoolVar(&options.oneShot, "one-shot", false, "retrieve resources from vault once and then exit")
 }
 
 // parseOptions validate the command line options and validates them

main.go

@@ -20,6 +20,7 @@ import (
 	"fmt"
 	"os"
 	"os/signal"
+	"sync"
 	"syscall"
 
 	"github.com/golang/glog"
@@ -43,6 +44,10 @@ func main() {
 	}
 	glog.Infof("starting the %s, %s", prog, version)
 
+	if options.oneShot {
+		glog.Infof("running in one-shot mode")
+	}
+
 	// step: create a client to vault
 	vault, err := NewVaultService(options.vaultURL)
 	if err != nil {
@@ -64,6 +69,8 @@ func main() {
 		vault.Watch(rn)
 	}
 
+	toProcess := options.resources.items
+	toProcessLock := &sync.Mutex{}
 	// step: we simply wait for events i.e. secrets from vault and write them to the output directory
 	for {
 		select {
@@ -73,6 +80,19 @@ func main() {
 				if err := processResource(evt.Resource, evt.Secret); err != nil {
 					glog.Errorf("failed to write out the update, error: %s", err)
 				}
+				if options.oneShot {
+					toProcessLock.Lock()
+					defer toProcessLock.Unlock()
+					for i, r := range toProcess {
+						if evt.Resource == r {
+							toProcess = append(toProcess[:i], toProcess[i+1:]...)
+						}
+					}
+					if len(toProcess) == 0 {
+						glog.Infof("retrieved all requested resources from vault. exiting...")
+						os.Exit(0)
+					}
+				}
 			}(evt)
 		case <-signalChannel:
 			glog.Infof("recieved a termination signal, shutting down the service")