fix: only delete secrets from specific app

See coop-cloud/organising#300.
2022-03-12 09:39:30 +01:00 · 2022-03-12 09:39:30 +01:00 · b4b0b464bd
parent d8a1b0ccc1
commit b4b0b464bd
1 changed files with 43 additions and 25 deletions
--- a/cli/app/secret.go
+++ b/cli/app/secret.go
@ -10,10 +10,12 @@ import (
 	"coopcloud.tech/abra/cli/internal"
 	"coopcloud.tech/abra/pkg/autocomplete"
 	"coopcloud.tech/abra/pkg/client"
+	"coopcloud.tech/abra/pkg/config"
 	"coopcloud.tech/abra/pkg/formatter"
 	"coopcloud.tech/abra/pkg/secret"
 	"github.com/docker/docker/api/types"
 	"github.com/docker/docker/api/types/filters"
+	dockerClient "github.com/docker/docker/client"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 )
@ -150,6 +152,25 @@ Example:
 	},
 }

+// secretRm removes a secret.
+func secretRm(cl *dockerClient.Client, app config.App, secretName, parsed string) error {
+	if err := cl.SecretRemove(context.Background(), secretName); err != nil {
+		return err
+	}
+
+	logrus.Infof("deleted %s successfully from server", secretName)
+
+	if internal.Pass {
+		if err := secret.PassRmSecret(parsed, app.StackName(), app.Server); err != nil {
+			return err
+		}
+
+		logrus.Infof("deleted %s successfully from local pass store", secretName)
+	}
+
+	return nil
+}
+
 var appSecretRmCommand = cli.Command{
 	Name:    "remove",
 	Aliases: []string{"rm"},
@ -172,6 +193,7 @@ Example:
 `,
 	Action: func(c *cli.Context) error {
 		app := internal.ValidateApp(c)
+		secrets := secret.ReadSecretEnvVars(app.Env)

 		if c.Args().Get(1) != "" && allSecrets {
 			internal.ShowSubcommandHelpAndError(c, errors.New("cannot use '<secret-name>' and '--all' together"))
@ -193,37 +215,33 @@ Example:
 			logrus.Fatal(err)
 		}

-		secretToRm := c.Args().Get(1)
+		remoteSecretNames := make(map[string]bool)
 		for _, cont := range secretList {
-			secretName := cont.Spec.Annotations.Name
+			remoteSecretNames[cont.Spec.Annotations.Name] = true
+		}
+
+		secretToRm := c.Args().Get(1)
+		for sec := range secrets {
+			secretName := secret.ParseSecretEnvVarName(sec)
 			parsed := secret.ParseGeneratedSecretName(secretName, app)
-			if allSecrets {
-				if err := cl.SecretRemove(context.Background(), secretName); err != nil {
-					logrus.Fatal(err)
-				}
-				logrus.Infof("deleted %s successfully from server", secretName)

-				if internal.Pass {
-					if err := secret.PassRmSecret(parsed, app.StackName(), app.Server); err != nil {
-						logrus.Fatal(err)
-					}
+			secVal, err := secret.ParseSecretEnvVarValue(secrets[sec])
+			if err != nil {
+				logrus.Fatal(err)
+			}

-					logrus.Infof("deleted %s successfully from local pass store", secretName)
-				}
-			} else {
-				if parsed == secretToRm {
-					if err := cl.SecretRemove(context.Background(), secretName); err != nil {
-						logrus.Fatal(err)
-					}
-
-					logrus.Infof("deleted %s successfully from server", secretName)
-
-					if internal.Pass {
-						if err := secret.PassRmSecret(parsed, app.StackName(), app.Server); err != nil {
+			secretRemoteName := fmt.Sprintf("%s_%s_%s", app.StackName(), secretName, secVal.Version)
+			if _, ok := remoteSecretNames[secretRemoteName]; ok {
+				if secretToRm != "" {
+					if parsed == secretToRm {
+						if err := secretRm(cl, app, secretRemoteName, parsed); err != nil {
 							logrus.Fatal(err)
 						}
-
-						logrus.Infof("deleted %s successfully from local pass store", secretName)
+						return nil
+					}
+				} else {
+					if err := secretRm(cl, app, secretRemoteName, parsed); err != nil {
+						logrus.Fatal(err)
 					}
 				}
 			}