feat: add app secret rm

2021-08-31 10:31:54 +02:00 · 2021-08-31 10:31:54 +02:00 · f9ae9c9a56
parent 15651822f1
commit f9ae9c9a56
3 changed files with 91 additions and 4 deletions
--- a/TODO.md
+++ b/TODO.md
@ -29,7 +29,7 @@
    - [ ] `secret` (WIP: decentral1se)
      - [ ] `generate` (WIP: decentral1se)
      - [ ] `insert` (WIP: decentral1se)
-      - [ ] `rm` (WIP: decentral1se)
+      - [x] `rm`
      - [x] `ls`
    - [x] `undeploy`
    - [ ] `volume`
--- a/cli/app/secret.go
+++ b/cli/app/secret.go
@ -42,10 +42,72 @@ var appSecretInsertCommand = &cli.Command{
 }

 var appSecretRmCommand = &cli.Command{
-	Name:    "remove",
-	Usage:   "Remove a secret",
-	Aliases: []string{"rm"},
+	Name:      "remove",
+	Usage:     "Remove a secret",
+	Aliases:   []string{"rm"},
+	Flags:     []cli.Flag{allSecretsFlag, internal.PassFlag},
+	ArgsUsage: "<secret>",
 	Action: func(c *cli.Context) error {
+		appName := c.Args().First()
+		if appName == "" {
+			internal.ShowSubcommandHelpAndError(c, errors.New("no app name provided"))
+		}
+
+		if c.Args().Get(1) != "" && allSecrets {
+			internal.ShowSubcommandHelpAndError(c, errors.New("cannot use '<secret>' and '--all' together"))
+		}
+
+		if c.Args().Get(1) == "" && !allSecrets {
+			internal.ShowSubcommandHelpAndError(c, errors.New("no secret(s) specified?"))
+		}
+
+		appFiles, err := config.LoadAppFiles("")
+		if err != nil {
+			logrus.Fatal(err)
+		}
+
+		appEnv, err := config.GetApp(appFiles, appName)
+		if err != nil {
+			logrus.Fatal(err)
+		}
+
+		host := appFiles[appName].Server
+		ctx := context.Background()
+		cl, err := client.NewClientWithContext(host)
+		if err != nil {
+			logrus.Fatal(err)
+		}
+
+		filters := filters.NewArgs()
+		filters.Add("name", appEnv.StackName())
+		secretList, err := cl.SecretList(ctx, types.SecretListOptions{Filters: filters})
+		if err != nil {
+			logrus.Fatal(err)
+		}
+
+		secretToRm := c.Args().Get(1)
+		for _, cont := range secretList {
+			secretName := cont.Spec.Annotations.Name
+			parsed := secret.ParseGeneratedSecretName(secretName, appEnv)
+			if allSecrets {
+				if err := cl.SecretRemove(ctx, secretName); err != nil {
+					logrus.Fatal(err)
+				}
+				if internal.Pass {
+					secret.PassRmSecret(parsed, appEnv.StackName(), host)
+				}
+			} else {
+				if parsed == secretToRm {
+					if err := cl.SecretRemove(ctx, secretName); err != nil {
+						logrus.Fatal(err)
+					}
+					if internal.Pass {
+						secret.PassRmSecret(parsed, appEnv.StackName(), host)
+					}
+				}
+			}
+		}
+
 		return nil
 	},
 }
--- a/secret/secret.go
+++ b/secret/secret.go
@ -65,6 +65,13 @@ func ParseSecretEnvVarName(secretEnvVar string) string {
 	return strings.ToLower(withoutSuffix)
 }

+func ParseGeneratedSecretName(secret string, appEnv config.App) string {
+	name := fmt.Sprintf("%s_", appEnv.StackName())
+	withoutAppName := strings.TrimPrefix(secret, name)
+	idx := strings.LastIndex(withoutAppName, "_")
+	return withoutAppName[:idx]
+}
+
 func ParseSecretEnvVarValue(secretValue string) (SecretValue, error) {
 	values := strings.Split(secretValue, "#")
 	if len(values) == 0 {
@ -150,3 +157,21 @@ func PassInsertSecret(secretValue, secretName, appName, server string) error {

 	return nil
 }
+
+func PassRmSecret(secretName, appName, server string) error {
+	_, err := exec.LookPath("pass")
+	if err != nil {
+		return errors.New("pass cannot be found on your $PATH, is it installed?")
+	}
+
+	cmd := fmt.Sprintf(
+		"pass rm --force hosts/%s/%s/%s",
+		server, appName, secretName,
+	)
+
+	if err := exec.Command("bash", "-c", cmd).Run(); err != nil {
+		return err
+	}
+
+	return nil
+}