in pkg/tasks/template/render.go [130:200]
func prepareRenderContext(cfg *renderContextConfig) (engine.Context, error) {
// Load values
valueOpts := tplcmdutil.ValueOptions{
ValueFiles: cfg.ValueFiles,
Values: cfg.Values,
StringValues: cfg.StringValues,
FileValues: cfg.FileValues,
}
values, err := valueOpts.MergeValues()
if err != nil {
return nil, fmt.Errorf("unable to process input values: %w", err)
}
// Load files
var files engine.Files
if !types.IsNil(cfg.FileRootPath) {
var errFs error
files, errFs = tplcmdutil.Files(cfg.FileRootPath, ".")
if errFs != nil {
return nil, fmt.Errorf("unable to process files: %w", errFs)
}
}
// If alternative delimiters is used
if cfg.AltDelims {
cfg.LeftDelims = "[["
cfg.RightDelims = "]]"
}
// Process secret readers
secretReaders := []engine.SecretReaderFunc{}
for _, sr := range cfg.SecretLoaders {
if sr == "vault" {
// Initialize Vault connection
vaultClient, errVault := api.NewClient(api.DefaultConfig())
if errVault != nil {
return nil, fmt.Errorf("unable to initialize vault secret loader: %w", errVault)
}
secretReaders = append(secretReaders, kv.SecretGetter(vaultClient))
continue
}
// Read container
containerReader, errLoader := cmdutil.Reader(sr)
if errLoader != nil {
return nil, fmt.Errorf("unable to read secret container: %w", errLoader)
}
// Load container
b, errBundle := bundle.FromContainerReader(containerReader)
if errBundle != nil {
return nil, fmt.Errorf("unable to decode secret container: %w", err)
}
// Append secret loader
secretReaders = append(secretReaders, bundle.SecretReader(b))
}
// Create rendering context
renderCtx := engine.NewContext(
engine.WithName("template"),
engine.WithDelims(cfg.LeftDelims, cfg.RightDelims),
engine.WithValues(values),
engine.WithFiles(files),
engine.WithSecretReaders(secretReaders...),
)
// No error
return renderCtx, nil
}