fix error reporting

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/ci.yaml

@@ -5,7 +5,7 @@ jobs:
     strategy:
       matrix:
         version: [1.21]
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, macos-latest]
     name: Build
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/pushimage.yaml

@@ -12,7 +12,7 @@ jobs:
       packages: write
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Log in to the Container registry
         uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567

.gitignore

@@ -3,3 +3,4 @@ anydb
 *.db
 coverage.out
 *.json
+releases

Dockerfile

@@ -1,4 +1,4 @@
-FROM golang:1.21-alpine as builder
+FROM golang:1.22-alpine as builder
 
 RUN apk update
 RUN apk upgrade

Makefile

@@ -43,12 +43,12 @@ ifdef HAVE_POD
 	echo "var manpage = \`" >> cmd/$*.go
 	pod2text $*.pod >> cmd/$*.go
 	echo "\`" >> cmd/$*.go
-
-	echo "var usage = \`" >> cmd/$*.go
-	awk '/SYNOPS/{f=1;next} /DESCR/{f=0} f' $*.pod  | sed 's/^    //' >> cmd/$*.go
-	echo "\`" >> cmd/$*.go
 endif
 
+# echo "var usage = \`" >> cmd/$*.go
+# awk '/SYNOPS/{f=1;next} /DESCR/{f=0} f' $*.pod  | sed 's/^    //' >> cmd/$*.go
+# echo "\`" >> cmd/$*.go
+
 buildlocal:
 	go build -ldflags "-X 'github.com/tlinden/anydb/cfg.VERSION=$(VERSION)'"
 

README.md

@@ -15,7 +15,16 @@ reasons:
   anymore. The badger file format on the other hand changes very
   often, which is not good for a tool intended to be used for many
   years.
-- more features
+- more features:
+  - output table in list mode uses <tab> separator
+  - better STDIN + pipe support
+  - supports JSON output
+  - supports more verbose tabular output
+  - filtering using regular expressions
+  - tagging
+  - filtering using tags
+  - encryption of entries
+  - templates for custom output for maximum flexibility
 
 **anydb** can do all the things you can do with skate:
 
@@ -67,8 +76,8 @@ anydb list '[a-z]+\d'
 anydb list -o wide
 KEY     TAGS            SIZE    AGE             VALUE 
 blah    important       4 B     7 seconds ago   haha 
-foo                     3 B     15 seconds ago  bar  
-猫咪                    3 B     3 seconds ago   喵   
+foo                     3 B     15 seconds ago  bar
+猫咪                    3 B     3 seconds ago   喵
 
 # there are shortcuts as well
 anydb ls -l
@@ -83,6 +92,24 @@ anydb export -o backup.json
 # and import it somewhere else
 anydb import -r backup.json
 
+# you can encrypt entries. anydb asks for a passphrase
+# and will do the same when you retrieve the key using the
+# get command.
+anydb set mypassword -e
+
+# using template output mode you can freely design how to print stuff
+# here, we print the values in CSV format ONLY if they have some tag
+anydb ls -m template -T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created}}{{ end }}"
+
+# or, to simulate skate's -k or -v
+anydb ls -m template -T "{{ .Key }}"
+anydb ls -m template -T "{{ .Value }}"
+
+# maybe you want to digest the item in a shell script? also
+# note, that both the list and get commands support templates
+eval $(anydb get foo -m template -T "key='{{ .Key }}' value='{{ .Value }}' ts='{{ .Created}}'")
+echo "$key: $value"
+
 # it comes with a manpage builtin
 anydb man
 ```
@@ -98,21 +125,45 @@ There are multiple ways to install **anydb**:
   
 - The release page also contains a tarball for every supported platform. Unpack it
   to some temporary directory, extract it and execute the following command inside:
-  ```
+  ```shell
   sudo make install
   ```
   
 - You can also install from source. Issue the following commands in your shell:
-  ```
+  ```shell
   git clone https://github.com/TLINDEN/anydb.git
   cd anydb
   make
   sudo make install
   ```
 
+- Or, if you have the GO toolkit installed, just install it like this:
+  ```shell
+  go install github.com/tlinden/anydb@latest
+  ```
+
 If you  do not find a  binary release for your  platform, please don't
 hesitate to ask me about it, I'll add it.
 
+### Using the docker image
+
+A pre-built docker  image is available, which you can  use to test the
+app without  installing it. To download:
+
+```shell
+docker pull ghcr.io/tlinden/anydb:latest
+```
+
+To execute anydb  inside the image do something like this:
+
+```shell
+mkdir myads
+docker run ghcr.io/tlinden/anydb:latest --help
+```
+
+A list of available images is  [here](https://github.com/tlinden/anydb/pkgs/container/anydb/versions?filters%5Bversion_type%5D=tagged)
+
+
 ## Documentation
 
 The  documentation  is  provided  as  a unix  man-page.   It  will  be

TODO.md

@@ -0,0 +1,5 @@
+- rest api gin
+- repl
+- mime-type => exec app + value
+- custom buckets (like skate: key@bucket or key+bucket)
+- encryption per bucket, one key for all entries (in that bucket)

anydb.1

@@ -1,4 +1,4 @@
-.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)
+.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.40)
 .\"
 .\" Standard preamble:
 .\" ========================================================================

app/attr.go

@@ -8,12 +8,13 @@ import (
 )
 
 type DbAttr struct {
-	Key  string
-	Val  string
-	Bin  []byte
-	Args []string
-	Tags []string
-	File string
+	Key       string
+	Val       string
+	Bin       []byte
+	Args      []string
+	Tags      []string
+	File      string
+	Encrypted bool
 }
 
 func (attr *DbAttr) ParseKV() error {
@@ -51,7 +52,7 @@ func (attr *DbAttr) GetFileValue() error {
 	} else {
 		filehandle, err := os.OpenFile(attr.File, os.O_RDONLY, 0600)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to open file %s: %w", attr.File, err)
 		}
 
 		fd = filehandle
@@ -61,7 +62,7 @@ func (attr *DbAttr) GetFileValue() error {
 		// read from file or stdin pipe
 		data, err := io.ReadAll(fd)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to read from pipe: %w", err)
 		}
 
 		// poor man's text file test

app/crypto.go

@@ -0,0 +1,157 @@
+package app
+
+import (
+	"crypto/rand"
+	"encoding/base64"
+	"errors"
+	"fmt"
+	"os"
+	"syscall"
+
+	"golang.org/x/crypto/argon2"
+	"golang.org/x/crypto/chacha20poly1305"
+	"golang.org/x/term"
+)
+
+const (
+	ArgonMem      uint32 = 64 * 1024
+	ArgonIter     uint32 = 5
+	ArgonParallel uint8  = 2
+	ArgonSaltLen  int    = 16
+	ArgonKeyLen   uint32 = 32
+	B64SaltLen    int    = 22
+)
+
+type Key struct {
+	Salt []byte
+	Key  []byte
+}
+
+// called from interactive thread, hides  input and returns clear text
+// password
+func AskForPassword() ([]byte, error) {
+	fmt.Fprint(os.Stderr, "Password: ")
+	pass, err := term.ReadPassword(int(syscall.Stdin))
+	if err != nil {
+		return nil, fmt.Errorf("failed to read password: %w", err)
+	}
+
+	fmt.Fprintln(os.Stderr)
+
+	return pass, nil
+}
+
+// We're  using the  Argon2id  key derivation  algorithm  to derive  a
+// secure  key from  the given  password. This  is important,  because
+// users might  use unsecure  passwords. The resulting  encrypted data
+// might of course easily be decrypted  using brute force methods if a
+// weak password  was used, but  that would  cost, because of  the key
+// derivation. It does several rounds  of hash calculations which take
+// a considerable  amount of cpu  time. For  our legal user  that's no
+// problem because it's being executed  only once, but an attacker has
+// to do it in a forever loop, which will take a lot of time.
+func DeriveKey(password []byte, salt []byte) (*Key, error) {
+	if salt == nil {
+		// none given, new password
+		newsalt, err := GetRandom(ArgonSaltLen, ArgonSaltLen)
+		if err != nil {
+			return nil, err
+		}
+
+		salt = newsalt
+	}
+
+	hash := argon2.IDKey(
+		[]byte(password), salt,
+		ArgonIter,
+		ArgonMem,
+		ArgonParallel,
+		ArgonKeyLen,
+	)
+
+	return &Key{Key: hash, Salt: salt}, nil
+}
+
+// Retrieve a random chunk of given size
+func GetRandom(size int, capacity int) ([]byte, error) {
+	buf := make([]byte, size, capacity)
+	_, err := rand.Read(buf)
+	if err != nil {
+		return nil, fmt.Errorf("failed to retrieve random bytes: %w", err)
+	}
+
+	return buf, nil
+}
+
+// Encrypt clear  text given in  attr using ChaCha20  and auhtenticate
+// using the mac Poly1305. The cipher text will be put into attr, thus
+// modifying it.
+//
+// The cipher text consists of:
+// base64(password-salt) + base64(12 byte nonce + ciphertext + 16 byte mac)
+func Encrypt(pass []byte, attr *DbAttr) error {
+	key, err := DeriveKey(pass, nil)
+	if err != nil {
+		return err
+	}
+
+	aead, err := chacha20poly1305.New(key.Key)
+	if err != nil {
+		return fmt.Errorf("failed to create AEAD cipher: %w", err)
+	}
+
+	var plain []byte
+	if attr.Val != "" {
+		plain = []byte(attr.Val)
+	} else {
+		plain = attr.Bin
+	}
+
+	total := aead.NonceSize() + len(plain) + aead.Overhead()
+
+	nonce, err := GetRandom(aead.NonceSize(), total)
+	if err != nil {
+		return err
+	}
+
+	cipher := aead.Seal(nonce, nonce, plain, nil)
+
+	attr.Bin = nil
+	attr.Val = base64.RawStdEncoding.EncodeToString(key.Salt) +
+		base64.RawStdEncoding.EncodeToString(cipher)
+
+	attr.Encrypted = true
+
+	return nil
+}
+
+// Do the reverse
+func Decrypt(pass []byte, cipherb64 string) ([]byte, error) {
+	salt, err := base64.RawStdEncoding.Strict().DecodeString(cipherb64[0:B64SaltLen])
+	if err != nil {
+		return nil, fmt.Errorf("failed to encode to base64: %w", err)
+	}
+
+	key, err := DeriveKey(pass, salt)
+	if err != nil {
+		return nil, err
+	}
+
+	cipher, err := base64.RawStdEncoding.Strict().DecodeString(cipherb64[B64SaltLen:])
+	if err != nil {
+		return nil, fmt.Errorf("failed to encode to base64: %w", err)
+	}
+
+	aead, err := chacha20poly1305.New(key.Key)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create AEAD cipher: %w", err)
+	}
+
+	if len(cipher) < aead.NonceSize() {
+		return nil, errors.New("ciphertext too short")
+	}
+
+	nonce, ciphertext := cipher[:aead.NonceSize()], cipher[aead.NonceSize():]
+
+	return aead.Open(nil, nonce, ciphertext, nil)
+}

app/db.go

@@ -13,6 +13,8 @@ import (
 	bolt "go.etcd.io/bbolt"
 )
 
+const MaxValueWidth int = 60
+
 type DB struct {
 	Debug  bool
 	Dbfile string
@@ -20,12 +22,33 @@ type DB struct {
 }
 
 type DbEntry struct {
-	Id      string    `json:"id"`
-	Key     string    `json:"key"`
-	Value   string    `json:"value"`
-	Bin     []byte    `json:"bin"`
-	Tags    []string  `json:"tags"`
-	Created time.Time `json:"created"`
+	Id        string    `json:"id"`
+	Key       string    `json:"key"`
+	Value     string    `json:"value"`
+	Encrypted bool      `json:"encrypted"`
+	Bin       []byte    `json:"bin"`
+	Tags      []string  `json:"tags"`
+	Created   time.Time `json:"created"`
+	Size      int
+}
+
+// Post process an entry for list output.
+// Do NOT call it during write processing!
+func (entry *DbEntry) Normalize() {
+	entry.Size = len(entry.Value)
+
+	if entry.Encrypted {
+		entry.Value = "<encrypted-content>"
+	}
+
+	if len(entry.Bin) > 0 {
+		entry.Value = "<binary-content>"
+		entry.Size = len(entry.Bin)
+	}
+
+	if len(entry.Value) > MaxValueWidth {
+		entry.Value = entry.Value[0:MaxValueWidth] + "..."
+	}
 }
 
 type DbEntries []DbEntry
@@ -37,17 +60,19 @@ type DbTag struct {
 const BucketData string = "data"
 
 func New(file string, debug bool) (*DB, error) {
-	if _, err := os.Stat(filepath.Dir(file)); os.IsNotExist(err) {
-		os.MkdirAll(filepath.Dir(file), 0700)
-	}
-
 	return &DB{Debug: debug, Dbfile: file}, nil
 }
 
 func (db *DB) Open() error {
+	if _, err := os.Stat(filepath.Dir(db.Dbfile)); os.IsNotExist(err) {
+		if err := os.MkdirAll(filepath.Dir(db.Dbfile), 0700); err != nil {
+			return err
+		}
+	}
+
 	b, err := bolt.Open(db.Dbfile, 0600, nil)
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to open DB %s: %w", db.Dbfile, err)
 	}
 
 	db.DB = b
@@ -81,7 +106,7 @@ func (db *DB) List(attr *DbAttr) (DbEntries, error) {
 		err := bucket.ForEach(func(key, jsonentry []byte) error {
 			var entry DbEntry
 			if err := json.Unmarshal(jsonentry, &entry); err != nil {
-				return fmt.Errorf("unable to unmarshal json: %s", err)
+				return fmt.Errorf("failed to unmarshal from json: %w", err)
 			}
 
 			var include bool
@@ -128,16 +153,13 @@ func (db *DB) Set(attr *DbAttr) error {
 	}
 	defer db.Close()
 
-	if err := attr.ParseKV(); err != nil {
-		return err
-	}
-
 	entry := DbEntry{
-		Key:     attr.Key,
-		Value:   attr.Val,
-		Bin:     attr.Bin,
-		Tags:    attr.Tags,
-		Created: time.Now(),
+		Key:       attr.Key,
+		Value:     attr.Val,
+		Bin:       attr.Bin,
+		Tags:      attr.Tags,
+		Encrypted: attr.Encrypted,
+		Created:   time.Now(),
 	}
 
 	// check if the  entry already exists and if yes,  check if it has
@@ -156,7 +178,7 @@ func (db *DB) Set(attr *DbAttr) error {
 
 		var oldentry DbEntry
 		if err := json.Unmarshal(jsonentry, &oldentry); err != nil {
-			return fmt.Errorf("unable to unmarshal json: %s", err)
+			return fmt.Errorf("failed to unmarshal from json: %w", err)
 		}
 
 		if len(oldentry.Tags) > 0 && len(entry.Tags) == 0 {
@@ -175,17 +197,17 @@ func (db *DB) Set(attr *DbAttr) error {
 		// insert data
 		bucket, err := tx.CreateBucketIfNotExists([]byte(BucketData))
 		if err != nil {
-			return fmt.Errorf("create bucket: %s", err)
+			return fmt.Errorf("failed to create DB bucket: %w", err)
 		}
 
 		jsonentry, err := json.Marshal(entry)
 		if err != nil {
-			return fmt.Errorf("json marshalling failure: %s", err)
+			return fmt.Errorf("failed to marshall json: %w", err)
 		}
 
 		err = bucket.Put([]byte(entry.Key), []byte(jsonentry))
 		if err != nil {
-			return fmt.Errorf("insert data: %s", err)
+			return fmt.Errorf("failed to insert data: %w", err)
 		}
 
 		return nil
@@ -204,10 +226,6 @@ func (db *DB) Get(attr *DbAttr) (*DbEntry, error) {
 	}
 	defer db.Close()
 
-	if err := attr.ParseKV(); err != nil {
-		return nil, err
-	}
-
 	entry := DbEntry{}
 
 	err := db.DB.View(func(tx *bolt.Tx) error {
@@ -222,14 +240,14 @@ func (db *DB) Get(attr *DbAttr) (*DbEntry, error) {
 		}
 
 		if err := json.Unmarshal(jsonentry, &entry); err != nil {
-			return fmt.Errorf("unable to unmarshal json: %s", err)
+			return fmt.Errorf("failed to unmarshal from json: %w", err)
 		}
 
 		return nil
 	})
 
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("failed to read from DB: %w", err)
 	}
 
 	return &entry, nil
@@ -269,14 +287,14 @@ func (db *DB) Import(attr *DbAttr) error {
 	newfile := db.Dbfile + now.Format("-02.01.2006T03:04.05")
 
 	if err := json.Unmarshal([]byte(attr.Val), &entries); err != nil {
-		return cleanError(newfile, fmt.Errorf("unable to unmarshal json: %s", err))
+		return cleanError(newfile, fmt.Errorf("failed to unmarshal json: %w", err))
 	}
 
 	if fileExists(db.Dbfile) {
 		// backup the old file
 		err := os.Rename(db.Dbfile, newfile)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to rename file %s to %s: %w", db.Dbfile, newfile, err)
 		}
 
 	}
@@ -291,18 +309,18 @@ func (db *DB) Import(attr *DbAttr) error {
 		// insert data
 		bucket, err := tx.CreateBucketIfNotExists([]byte(BucketData))
 		if err != nil {
-			return fmt.Errorf("create bucket: %s", err)
+			return fmt.Errorf("failed to create bucket: %w", err)
 		}
 
 		for _, entry := range entries {
 			jsonentry, err := json.Marshal(entry)
 			if err != nil {
-				return fmt.Errorf("json marshalling failure: %s", err)
+				return fmt.Errorf("failed to marshall json: %w", err)
 			}
 
 			err = bucket.Put([]byte(entry.Key), []byte(jsonentry))
 			if err != nil {
-				return fmt.Errorf("insert data: %s", err)
+				return fmt.Errorf("failed to insert data into DB: %w", err)
 			}
 		}
 

cfg/config.go

@@ -2,14 +2,17 @@ package cfg
 
 import "github.com/tlinden/anydb/app"
 
-var Version string = "v0.0.1"
+var Version string = "v0.0.3"
 
 type Config struct {
-	Debug     bool
-	Dbfile    string
-	Mode      string // wide, table, yaml, json
-	NoHeaders bool
-	DB        *app.DB
-	File      string
-	Tags      []string
+	Debug      bool
+	Dbfile     string
+	Template   string
+	Mode       string // wide, table, yaml, json
+	NoHeaders  bool
+	NoHumanize bool
+	Encrypt    bool
+	DB         *app.DB
+	File       string
+	Tags       []string
 }

cmd/anydb.go

@@ -42,28 +42,3 @@ AUTHORS
     Thomas von Dein tom AT vondein DOT org
 
 `
-var usage = `
-
-Usage:
-  anydb <command> [options] [flags]
-  anydb [command]
-
-Available Commands:
-  completion  Generate the autocompletion script for the specified shell
-  del         Delete key
-  export      Export database to json
-  get         Retrieve value for a key
-  help        Help about any command
-  import      Import database dump
-  list        List database contents
-  set         Insert key/value pair
-
-Flags:
-  -f, --dbfile string   DB file to use (default "/home/scip/.config/anydb/default.db")
-  -d, --debug           Enable debugging
-  -h, --help            help for anydb
-  -v, --version         Print program version
-
-Use "anydb [command] --help" for more information about a command.
-
-`

cmd/maincommands.go

@@ -7,6 +7,7 @@ import (
 	"os"
 	"os/exec"
 	"strings"
+	"unicode/utf8"
 
 	"github.com/spf13/cobra"
 	"github.com/tlinden/anydb/app"
@@ -40,10 +41,29 @@ func Set(conf *cfg.Config) *cobra.Command {
 				attr.Tags = strings.Split(attr.Tags[0], ",")
 			}
 
+			// check if value given as file or via stdin and fill attr accordingly
+			if err := attr.ParseKV(); err != nil {
+				return err
+			}
+
+			// encrypt?
+			if conf.Encrypt {
+				pass, err := app.AskForPassword()
+				if err != nil {
+					return err
+				}
+
+				err = app.Encrypt(pass, &attr)
+				if err != nil {
+					return err
+				}
+			}
+
 			return conf.DB.Set(&attr)
 		},
 	}
 
+	cmd.PersistentFlags().BoolVarP(&conf.Encrypt, "encrypt", "e", false, "encrypt value")
 	cmd.PersistentFlags().StringVarP(&attr.File, "file", "r", "", "Filename or - for STDIN")
 	cmd.PersistentFlags().StringArrayVarP(&attr.Tags, "tags", "t", nil, "tags, multiple allowed")
 
@@ -60,7 +80,7 @@ func Get(conf *cfg.Config) *cobra.Command {
 	)
 
 	var cmd = &cobra.Command{
-		Use:   "get <key> [-o <file>]",
+		Use:   "get  <key> [-o <file>] [-m <mode>] [-n -N] [-T <tpl>]",
 		Short: "Retrieve value for a key",
 		Long:  `Retrieve value for a key`,
 		RunE: func(cmd *cobra.Command, args []string) error {
@@ -80,11 +100,35 @@ func Get(conf *cfg.Config) *cobra.Command {
 				return err
 			}
 
-			return output.Print(os.Stdout, conf, entry)
+			if entry.Encrypted {
+				pass, err := app.AskForPassword()
+				if err != nil {
+					return err
+				}
+
+				clear, err := app.Decrypt(pass, entry.Value)
+				if err != nil {
+					return err
+				}
+
+				if utf8.ValidString(string(clear)) {
+					entry.Value = string(clear)
+				} else {
+					entry.Bin = clear
+				}
+
+				entry.Encrypted = false
+			}
+
+			return output.Print(os.Stdout, conf, &attr, entry)
 		},
 	}
 
-	cmd.PersistentFlags().StringVarP(&conf.Mode, "output", "o", "", "output to file")
+	cmd.PersistentFlags().StringVarP(&attr.File, "output", "o", "", "output value to file (ignores -m)")
+	cmd.PersistentFlags().StringVarP(&conf.Mode, "mode", "m", "", "output format (simple|wide|json) (default 'simple')")
+	cmd.PersistentFlags().BoolVarP(&conf.NoHeaders, "no-headers", "n", false, "omit headers in tables")
+	cmd.PersistentFlags().BoolVarP(&conf.NoHumanize, "no-human", "N", false, "do not translate to human readable values")
+	cmd.PersistentFlags().StringVarP(&conf.Template, "template", "T", "", "go template for '-m template'")
 
 	cmd.Aliases = append(cmd.Aliases, "show")
 	cmd.Aliases = append(cmd.Aliases, "g")
@@ -144,7 +188,7 @@ func Export(conf *cfg.Config) *cobra.Command {
 				return err
 			}
 
-			return output.WriteFile(&attr, conf, entries)
+			return output.WriteJSON(&attr, conf, entries)
 		},
 	}
 
@@ -163,7 +207,7 @@ func List(conf *cfg.Config) *cobra.Command {
 	)
 
 	var cmd = &cobra.Command{
-		Use:   "list [-t <tag>] [-o <mode>] [<filter-regex>]",
+		Use:   "list  [<filter-regex>] [-t <tag>] [-m <mode>] [-n -N] [-T <tpl>]",
 		Short: "List database contents",
 		Long:  `List database contents`,
 		RunE: func(cmd *cobra.Command, args []string) error {
@@ -192,9 +236,11 @@ func List(conf *cfg.Config) *cobra.Command {
 		},
 	}
 
-	cmd.PersistentFlags().StringVarP(&conf.Mode, "output-mode", "o", "", "output format (table|wide|json), wide is a verbose table. (default 'table')")
+	cmd.PersistentFlags().StringVarP(&conf.Mode, "mode", "m", "", "output format (table|wide|json), wide is a verbose table. (default 'table')")
+	cmd.PersistentFlags().StringVarP(&conf.Template, "template", "T", "", "go template for '-m template'")
 	cmd.PersistentFlags().BoolVarP(&wide, "wide-output", "l", false, "output mode: wide")
 	cmd.PersistentFlags().BoolVarP(&conf.NoHeaders, "no-headers", "n", false, "omit headers in tables")
+	cmd.PersistentFlags().BoolVarP(&conf.NoHumanize, "no-human", "N", false, "do not translate to human readable values")
 	cmd.PersistentFlags().StringArrayVarP(&attr.Tags, "tags", "t", nil, "tags, multiple allowed")
 
 	cmd.Aliases = append(cmd.Aliases, "/")

go.mod

@@ -12,6 +12,7 @@ require (
 	github.com/spf13/cobra v1.8.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	go.etcd.io/bbolt v1.3.11 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/term v0.27.0 // indirect
 	golang.org/x/tools v0.22.0 // indirect

go.sum

@@ -34,6 +34,8 @@ go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=
 go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
+golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20191105084925-a882066a44e0/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=

output/export.go

@@ -9,10 +9,10 @@ import (
 	"github.com/tlinden/anydb/cfg"
 )
 
-func WriteFile(attr *app.DbAttr, conf *cfg.Config, entries app.DbEntries) error {
+func WriteJSON(attr *app.DbAttr, conf *cfg.Config, entries app.DbEntries) error {
 	jsonentries, err := json.Marshal(entries)
 	if err != nil {
-		return fmt.Errorf("json marshalling failure: %s", err)
+		return fmt.Errorf("failed to marshall json: %w", err)
 	}
 
 	if attr.File == "-" {
@@ -20,11 +20,11 @@ func WriteFile(attr *app.DbAttr, conf *cfg.Config, entries app.DbEntries) error
 	} else {
 		fd, err := os.OpenFile(attr.File, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
 		if err != nil {
-			return err
+			return fmt.Errorf("failed to open file %s for writing: %w", attr.File, err)
 		}
 
 		if _, err := fd.Write(jsonentries); err != nil {
-			return err
+			return fmt.Errorf("failed writing to file %s: %w", attr.File, err)
 		}
 
 		fmt.Printf("database contents exported to %s\n", attr.File)

output/list.go

@@ -1,11 +1,14 @@
 package output
 
 import (
+	"bytes"
 	"encoding/json"
 	"errors"
 	"fmt"
 	"io"
+	"strconv"
 	"strings"
+	tpl "text/template"
 
 	"github.com/dustin/go-humanize"
 	"github.com/olekukonko/tablewriter"
@@ -16,64 +19,88 @@ import (
 func List(writer io.Writer, conf *cfg.Config, entries app.DbEntries) error {
 	// FIXME: call sort here
 	switch conf.Mode {
-	case "wide":
-		fallthrough
-	case "":
-		fallthrough
-	case "table":
+	case "wide", "", "table":
 		return ListTable(writer, conf, entries)
 	case "json":
 		return ListJson(writer, conf, entries)
+	case "template":
+		return ListTemplate(writer, conf, entries)
 	default:
 		return errors.New("unsupported mode")
 	}
-
-	return nil
 }
 
 func ListJson(writer io.Writer, conf *cfg.Config, entries app.DbEntries) error {
 	jsonentries, err := json.Marshal(entries)
 	if err != nil {
-		return fmt.Errorf("json marshalling failure: %s", err)
+		return fmt.Errorf("failed marshall json: %s", err)
 	}
 
 	fmt.Println(string(jsonentries))
 	return nil
 }
 
+func ListTemplate(writer io.Writer, conf *cfg.Config, entries app.DbEntries) error {
+	tmpl, err := tpl.New("list").Parse(conf.Template)
+	if err != nil {
+		return fmt.Errorf("failed to parse output template: %w", err)
+	}
+
+	buf := bytes.Buffer{}
+
+	for _, row := range entries {
+		row.Normalize()
+
+		buf.Reset()
+		err = tmpl.Execute(&buf, row)
+		if err != nil {
+			return fmt.Errorf("failed to execute output template: %w", err)
+		}
+
+		if buf.Len() > 0 {
+			fmt.Fprintln(writer, buf.String())
+		}
+	}
+
+	return nil
+}
+
 func ListTable(writer io.Writer, conf *cfg.Config, entries app.DbEntries) error {
 	tableString := &strings.Builder{}
 	table := tablewriter.NewWriter(tableString)
 
 	if !conf.NoHeaders {
 		if conf.Mode == "wide" {
-			table.SetHeader([]string{"KEY", "TAGS", "SIZE", "AGE", "VALUE"})
+			table.SetHeader([]string{"KEY", "TAGS", "SIZE", "UPDATED", "VALUE"})
 		} else {
 			table.SetHeader([]string{"KEY", "VALUE"})
 		}
 	}
 
 	for _, row := range entries {
-		size := len(row.Value)
-
-		if len(row.Bin) > 0 {
-			row.Value = "binary-content"
-			size = len(row.Bin)
-		}
-
-		if len(row.Value) > 60 {
-			row.Value = row.Value[0:60] + "..."
-		}
+		row.Normalize()
 
 		if conf.Mode == "wide" {
-			table.Append([]string{
-				row.Key,
-				strings.Join(row.Tags, ","),
-				humanize.Bytes(uint64(size)),
-				//row.Created.Format("02.01.2006T03:04.05"),
-				humanize.Time(row.Created),
-				row.Value,
-			})
+			switch conf.NoHumanize {
+			case true:
+				table.Append([]string{
+					row.Key,
+					strings.Join(row.Tags, ","),
+					strconv.Itoa(row.Size),
+					row.Created.Format("02.01.2006T03:04.05"),
+					row.Value,
+				})
+			default:
+				table.Append([]string{
+					row.Key,
+					strings.Join(row.Tags, ","),
+					humanize.Bytes(uint64(row.Size)),
+					//row.Created.Format("02.01.2006T03:04.05"),
+					humanize.Time(row.Created),
+					row.Value,
+				})
+			}
+
 		} else {
 			table.Append([]string{row.Key, row.Value})
 		}

output/single.go

@@ -1,6 +1,7 @@
 package output
 
 import (
+	"encoding/json"
 	"fmt"
 	"io"
 	"os"
@@ -11,49 +12,67 @@ import (
 	"golang.org/x/term"
 )
 
-func Print(writer io.Writer, conf *cfg.Config, entry *app.DbEntry) error {
-	if conf.Mode != "" {
-		// consider this to be a file
-		fd, err := os.OpenFile(conf.Mode, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0755)
-		if err != nil {
-			return err
-		}
-		defer fd.Close()
-
-		if len(entry.Bin) > 0 {
-			// binary file content
-			_, err = fd.Write(entry.Bin)
-		} else {
-			val := entry.Value
-			if !strings.HasSuffix(val, "\n") {
-				// always add a terminal newline
-				val += "\n"
-			}
-
-			_, err = fd.Write([]byte(val))
-		}
-
-		if err != nil {
-			return err
-		}
-
-		return nil
+func Print(writer io.Writer, conf *cfg.Config, attr *app.DbAttr, entry *app.DbEntry) error {
+	if attr.File != "" {
+		return WriteFile(writer, conf, attr, entry)
 	}
 
 	isatty := term.IsTerminal(int(os.Stdout.Fd()))
-	if len(entry.Bin) > 0 {
-		if isatty {
-			fmt.Println("binary data omitted")
-		} else {
-			os.Stdout.Write(entry.Bin)
-		}
-	} else {
-		fmt.Print(entry.Value)
 
-		if !strings.HasSuffix(entry.Value, "\n") {
-			// always add a terminal newline
-			fmt.Println()
+	switch conf.Mode {
+	case "simple", "":
+		if len(entry.Bin) > 0 {
+			if isatty {
+				fmt.Println("binary data omitted")
+			} else {
+				os.Stdout.Write(entry.Bin)
+			}
+		} else {
+			fmt.Print(entry.Value)
+
+			if !strings.HasSuffix(entry.Value, "\n") {
+				// always add a terminal newline
+				fmt.Println()
+			}
 		}
+	case "json":
+		jsonentry, err := json.Marshal(entry)
+		if err != nil {
+			return fmt.Errorf("failed to marshall json: %s", err)
+		}
+
+		fmt.Println(string(jsonentry))
+	case "wide":
+		return ListTable(writer, conf, app.DbEntries{*entry})
+	case "template":
+		return ListTemplate(writer, conf, app.DbEntries{*entry})
+	}
+
+	return nil
+}
+
+func WriteFile(writer io.Writer, conf *cfg.Config, attr *app.DbAttr, entry *app.DbEntry) error {
+	fd, err := os.OpenFile(attr.File, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0755)
+	if err != nil {
+		return fmt.Errorf("failed to open file %s for writing: %w", attr.File, err)
+	}
+	defer fd.Close()
+
+	if len(entry.Bin) > 0 {
+		// binary file content
+		_, err = fd.Write(entry.Bin)
+	} else {
+		val := entry.Value
+		if !strings.HasSuffix(val, "\n") {
+			// always add a terminal newline
+			val += "\n"
+		}
+
+		_, err = fd.Write([]byte(val))
+	}
+
+	if err != nil {
+		return fmt.Errorf("failed to write to file %s: %w", attr.File, err)
 	}
 
 	return nil

t/workflow.txtar

@@ -9,7 +9,7 @@ exec anydb -f test.db list
 stdout foo.*bar
 
 # wide list
-exec anydb -f test.db list -o wide
+exec anydb -f test.db list -m wide
 stdout 'plant.*now.*grey'
 
 # list tagged
@@ -42,6 +42,13 @@ stdout grey
 exec anydb -f test.db list -t flower
 ! stdout grey
 
+# check json output
+exec anydb -f test.db list -m json
+stdout '^\[\{'
+
+exec anydb -f test.db get color -m json
+stdout '^\{'
+
 # delete entry
 exec anydb -f test.db del foo