2021-08-02 01:10:41 +00:00
|
|
|
package app
|
|
|
|
|
|
|
|
|
|
import (
|
2021-08-30 15:02:08 +00:00
|
|
|
"context"
|
|
|
|
|
"errors"
|
2021-08-02 01:10:41 +00:00
|
|
|
"fmt"
|
2021-09-07 06:27:36 +00:00
|
|
|
"os"
|
2021-08-30 15:02:08 +00:00
|
|
|
"strconv"
|
2021-08-02 01:10:41 +00:00
|
|
|
|
2021-08-30 15:02:08 +00:00
|
|
|
abraFormatter "coopcloud.tech/abra/cli/formatter"
|
2021-08-02 01:10:41 +00:00
|
|
|
"coopcloud.tech/abra/cli/internal"
|
2021-09-05 19:37:03 +00:00
|
|
|
"coopcloud.tech/abra/pkg/client"
|
2021-09-08 11:59:55 +00:00
|
|
|
"coopcloud.tech/abra/pkg/config"
|
2021-09-05 19:37:03 +00:00
|
|
|
"coopcloud.tech/abra/pkg/secret"
|
2021-08-30 15:02:08 +00:00
|
|
|
"github.com/docker/docker/api/types"
|
|
|
|
|
"github.com/docker/docker/api/types/filters"
|
2021-08-02 01:10:41 +00:00
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
|
"github.com/urfave/cli/v2"
|
|
|
|
|
)
|
|
|
|
|
|
2021-08-02 06:36:35 +00:00
|
|
|
var allSecrets bool
|
|
|
|
|
var allSecretsFlag = &cli.BoolFlag{
|
|
|
|
|
Name: "all",
|
2021-09-07 06:27:36 +00:00
|
|
|
Aliases: []string{"A"},
|
2021-08-02 06:36:35 +00:00
|
|
|
Value: false,
|
|
|
|
|
Destination: &allSecrets,
|
|
|
|
|
Usage: "Generate all secrets",
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-30 15:02:08 +00:00
|
|
|
var appSecretGenerateCommand = &cli.Command{
|
2021-08-31 09:59:07 +00:00
|
|
|
Name: "generate",
|
2021-09-04 23:34:56 +00:00
|
|
|
Aliases: []string{"g"},
|
2021-08-31 09:59:07 +00:00
|
|
|
Usage: "Generate secrets",
|
|
|
|
|
ArgsUsage: "<secret> <version>",
|
|
|
|
|
Flags: []cli.Flag{allSecretsFlag, internal.PassFlag},
|
2021-08-30 15:02:08 +00:00
|
|
|
Action: func(c *cli.Context) error {
|
2021-09-05 21:17:35 +00:00
|
|
|
app := internal.ValidateApp(c)
|
2021-08-31 09:59:07 +00:00
|
|
|
|
2021-09-07 06:27:36 +00:00
|
|
|
if c.Args().Len() == 1 && !allSecrets {
|
|
|
|
|
err := errors.New("missing arguments <secret>/<version> or '--all'")
|
|
|
|
|
internal.ShowSubcommandHelpAndError(c, err)
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-31 09:59:07 +00:00
|
|
|
if c.Args().Get(1) != "" && allSecrets {
|
2021-09-07 06:27:36 +00:00
|
|
|
err := errors.New("cannot use '<secret> <version>' and '--all' together")
|
|
|
|
|
internal.ShowSubcommandHelpAndError(c, err)
|
2021-08-31 09:59:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
secretsToCreate := make(map[string]string)
|
2021-09-05 21:17:35 +00:00
|
|
|
secretEnvVars := secret.ReadSecretEnvVars(app.Env)
|
2021-08-31 09:59:07 +00:00
|
|
|
if allSecrets {
|
|
|
|
|
secretsToCreate = secretEnvVars
|
|
|
|
|
} else {
|
|
|
|
|
secretName := c.Args().Get(1)
|
|
|
|
|
secretVersion := c.Args().Get(2)
|
2021-09-07 06:27:36 +00:00
|
|
|
matches := false
|
2021-08-31 15:17:08 +00:00
|
|
|
for sec := range secretEnvVars {
|
2021-08-31 09:59:07 +00:00
|
|
|
parsed := secret.ParseSecretEnvVarName(sec)
|
|
|
|
|
if secretName == parsed {
|
|
|
|
|
secretsToCreate[sec] = secretVersion
|
|
|
|
|
}
|
|
|
|
|
}
|
2021-09-07 06:27:36 +00:00
|
|
|
if !matches {
|
|
|
|
|
logrus.Fatalf("'%s' doesn't exist in the env config?", secretName)
|
|
|
|
|
}
|
2021-08-31 09:59:07 +00:00
|
|
|
}
|
|
|
|
|
|
2021-09-05 21:17:35 +00:00
|
|
|
secretVals, err := secret.GenerateSecrets(secretsToCreate, app.StackName(), app.Server)
|
2021-08-31 09:59:07 +00:00
|
|
|
if err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if internal.Pass {
|
|
|
|
|
for name, data := range secretVals {
|
2021-09-05 21:17:35 +00:00
|
|
|
if err := secret.PassInsertSecret(data, name, app.StackName(), app.Server); err != nil {
|
2021-08-31 09:59:07 +00:00
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-07 06:27:36 +00:00
|
|
|
if len(secretVals) == 0 {
|
|
|
|
|
logrus.Warn("no secrets generated")
|
|
|
|
|
os.Exit(1)
|
|
|
|
|
}
|
|
|
|
|
|
2021-09-07 06:12:37 +00:00
|
|
|
tableCol := []string{"Name", "Value"}
|
|
|
|
|
table := abraFormatter.CreateTable(tableCol)
|
|
|
|
|
for name, val := range secretVals {
|
|
|
|
|
table.Append([]string{name, val})
|
|
|
|
|
}
|
|
|
|
|
table.Render()
|
2021-09-07 06:27:36 +00:00
|
|
|
logrus.Warn("these secrets are not shown again, please take note of them *now*")
|
2021-09-07 06:12:37 +00:00
|
|
|
|
2021-08-30 15:02:08 +00:00
|
|
|
return nil
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var appSecretInsertCommand = &cli.Command{
|
2021-08-31 08:50:02 +00:00
|
|
|
Name: "insert",
|
2021-09-04 23:34:56 +00:00
|
|
|
Aliases: []string{"i"},
|
2021-08-31 08:50:02 +00:00
|
|
|
Usage: "Insert secret",
|
|
|
|
|
Flags: []cli.Flag{internal.PassFlag},
|
|
|
|
|
ArgsUsage: "<secret> <version> <data>",
|
2021-08-30 15:02:08 +00:00
|
|
|
Action: func(c *cli.Context) error {
|
2021-09-05 21:17:35 +00:00
|
|
|
app := internal.ValidateApp(c)
|
2021-08-31 08:50:02 +00:00
|
|
|
|
|
|
|
|
if c.Args().Len() != 4 {
|
|
|
|
|
internal.ShowSubcommandHelpAndError(c, errors.New("missing arguments?"))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
name := c.Args().Get(1)
|
|
|
|
|
version := c.Args().Get(2)
|
|
|
|
|
data := c.Args().Get(3)
|
|
|
|
|
|
2021-09-05 21:17:35 +00:00
|
|
|
secretName := fmt.Sprintf("%s_%s_%s", app.StackName(), name, version)
|
|
|
|
|
if err := client.StoreSecret(secretName, data, app.Server); err != nil {
|
2021-08-31 08:50:02 +00:00
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if internal.Pass {
|
2021-09-05 21:17:35 +00:00
|
|
|
if err := secret.PassInsertSecret(data, name, app.StackName(), app.Server); err != nil {
|
2021-08-31 08:50:02 +00:00
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-30 15:02:08 +00:00
|
|
|
return nil
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var appSecretRmCommand = &cli.Command{
|
2021-08-31 08:31:54 +00:00
|
|
|
Name: "remove",
|
|
|
|
|
Usage: "Remove a secret",
|
|
|
|
|
Aliases: []string{"rm"},
|
|
|
|
|
Flags: []cli.Flag{allSecretsFlag, internal.PassFlag},
|
|
|
|
|
ArgsUsage: "<secret>",
|
2021-08-30 15:02:08 +00:00
|
|
|
Action: func(c *cli.Context) error {
|
2021-09-05 21:17:35 +00:00
|
|
|
app := internal.ValidateApp(c)
|
2021-08-31 08:31:54 +00:00
|
|
|
|
|
|
|
|
if c.Args().Get(1) != "" && allSecrets {
|
|
|
|
|
internal.ShowSubcommandHelpAndError(c, errors.New("cannot use '<secret>' and '--all' together"))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if c.Args().Get(1) == "" && !allSecrets {
|
|
|
|
|
internal.ShowSubcommandHelpAndError(c, errors.New("no secret(s) specified?"))
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctx := context.Background()
|
2021-09-05 21:17:35 +00:00
|
|
|
cl, err := client.New(app.Server)
|
2021-08-31 08:31:54 +00:00
|
|
|
if err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
filters := filters.NewArgs()
|
2021-09-05 21:17:35 +00:00
|
|
|
filters.Add("name", app.StackName())
|
2021-08-31 08:31:54 +00:00
|
|
|
secretList, err := cl.SecretList(ctx, types.SecretListOptions{Filters: filters})
|
|
|
|
|
if err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
secretToRm := c.Args().Get(1)
|
|
|
|
|
for _, cont := range secretList {
|
|
|
|
|
secretName := cont.Spec.Annotations.Name
|
2021-09-05 21:17:35 +00:00
|
|
|
parsed := secret.ParseGeneratedSecretName(secretName, app)
|
2021-08-31 08:31:54 +00:00
|
|
|
if allSecrets {
|
|
|
|
|
if err := cl.SecretRemove(ctx, secretName); err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
if internal.Pass {
|
2021-09-05 21:17:35 +00:00
|
|
|
if err := secret.PassRmSecret(parsed, app.StackName(), app.Server); err != nil {
|
2021-08-31 16:08:25 +00:00
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
2021-08-31 08:31:54 +00:00
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if parsed == secretToRm {
|
|
|
|
|
if err := cl.SecretRemove(ctx, secretName); err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
if internal.Pass {
|
2021-09-05 21:17:35 +00:00
|
|
|
if err := secret.PassRmSecret(parsed, app.StackName(), app.Server); err != nil {
|
2021-08-31 16:08:25 +00:00
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
2021-08-31 08:31:54 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-08-30 15:02:08 +00:00
|
|
|
return nil
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var appSecretLsCommand = &cli.Command{
|
|
|
|
|
Name: "list",
|
|
|
|
|
Usage: "List all secrets",
|
|
|
|
|
Aliases: []string{"ls"},
|
2021-08-02 01:10:41 +00:00
|
|
|
Action: func(c *cli.Context) error {
|
2021-09-05 21:17:35 +00:00
|
|
|
app := internal.ValidateApp(c)
|
|
|
|
|
secrets := secret.ReadSecretEnvVars(app.Env)
|
2021-08-30 15:02:08 +00:00
|
|
|
|
|
|
|
|
tableCol := []string{"Name", "Version", "Generated Name", "Created On Server"}
|
|
|
|
|
table := abraFormatter.CreateTable(tableCol)
|
|
|
|
|
|
|
|
|
|
ctx := context.Background()
|
2021-09-05 21:17:35 +00:00
|
|
|
cl, err := client.New(app.Server)
|
2021-08-30 15:02:08 +00:00
|
|
|
if err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
filters := filters.NewArgs()
|
2021-09-05 21:17:35 +00:00
|
|
|
filters.Add("name", app.StackName())
|
2021-08-30 15:02:08 +00:00
|
|
|
secretList, err := cl.SecretList(ctx, types.SecretListOptions{Filters: filters})
|
2021-08-02 01:10:41 +00:00
|
|
|
if err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
2021-08-30 15:02:08 +00:00
|
|
|
|
|
|
|
|
remoteSecretNames := make(map[string]bool)
|
|
|
|
|
for _, cont := range secretList {
|
|
|
|
|
remoteSecretNames[cont.Spec.Annotations.Name] = true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for sec := range secrets {
|
|
|
|
|
createdRemote := false
|
|
|
|
|
secretName := secret.ParseSecretEnvVarName(sec)
|
|
|
|
|
secVal, err := secret.ParseSecretEnvVarValue(secrets[sec])
|
|
|
|
|
if err != nil {
|
|
|
|
|
logrus.Fatal(err)
|
|
|
|
|
}
|
2021-09-05 21:17:35 +00:00
|
|
|
secretRemoteName := fmt.Sprintf("%s_%s_%s", app.StackName(), secretName, secVal.Version)
|
2021-08-30 15:02:08 +00:00
|
|
|
if _, ok := remoteSecretNames[secretRemoteName]; ok {
|
|
|
|
|
createdRemote = true
|
|
|
|
|
}
|
|
|
|
|
tableRow := []string{secretName, secVal.Version, secretRemoteName, strconv.FormatBool(createdRemote)}
|
|
|
|
|
table.Append(tableRow)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
table.Render()
|
2021-08-02 01:10:41 +00:00
|
|
|
return nil
|
|
|
|
|
},
|
2021-09-08 11:59:55 +00:00
|
|
|
BashComplete: func(c *cli.Context) {
|
|
|
|
|
appNames, err := config.GetAppNames()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
if c.NArg() > 0 {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
for _, a := range appNames {
|
|
|
|
|
fmt.Println(a)
|
|
|
|
|
}
|
|
|
|
|
},
|
2021-08-02 01:10:41 +00:00
|
|
|
}
|
2021-08-30 15:02:08 +00:00
|
|
|
|
|
|
|
|
var appSecretCommand = &cli.Command{
|
|
|
|
|
Name: "secret",
|
2021-09-04 23:34:56 +00:00
|
|
|
Aliases: []string{"s"},
|
2021-08-30 15:02:08 +00:00
|
|
|
Usage: "Manage app secrets",
|
|
|
|
|
ArgsUsage: "<command>",
|
|
|
|
|
Subcommands: []*cli.Command{
|
|
|
|
|
appSecretGenerateCommand,
|
|
|
|
|
appSecretInsertCommand,
|
|
|
|
|
appSecretRmCommand,
|
|
|
|
|
appSecretLsCommand,
|
|
|
|
|
},
|
|
|
|
|
}
|
