From f9ae9c9a56abe2a56c253a217215e3c24a3cffdf Mon Sep 17 00:00:00 2001 From: decentral1se Date: Tue, 31 Aug 2021 10:31:54 +0200 Subject: [PATCH] feat: add app secret rm --- TODO.md | 2 +- cli/app/secret.go | 68 ++++++++++++++++++++++++++++++++++++++++++++--- secret/secret.go | 25 +++++++++++++++++ 3 files changed, 91 insertions(+), 4 deletions(-) diff --git a/TODO.md b/TODO.md index c5532a83..a8441303 100644 --- a/TODO.md +++ b/TODO.md @@ -29,7 +29,7 @@ - [ ] `secret` (WIP: decentral1se) - [ ] `generate` (WIP: decentral1se) - [ ] `insert` (WIP: decentral1se) - - [ ] `rm` (WIP: decentral1se) + - [x] `rm` - [x] `ls` - [x] `undeploy` - [ ] `volume` diff --git a/cli/app/secret.go b/cli/app/secret.go index 1d8b0394..6f1215ee 100644 --- a/cli/app/secret.go +++ b/cli/app/secret.go @@ -42,10 +42,72 @@ var appSecretInsertCommand = &cli.Command{ } var appSecretRmCommand = &cli.Command{ - Name: "remove", - Usage: "Remove a secret", - Aliases: []string{"rm"}, + Name: "remove", + Usage: "Remove a secret", + Aliases: []string{"rm"}, + Flags: []cli.Flag{allSecretsFlag, internal.PassFlag}, + ArgsUsage: "", Action: func(c *cli.Context) error { + appName := c.Args().First() + if appName == "" { + internal.ShowSubcommandHelpAndError(c, errors.New("no app name provided")) + } + + if c.Args().Get(1) != "" && allSecrets { + internal.ShowSubcommandHelpAndError(c, errors.New("cannot use '' and '--all' together")) + } + + if c.Args().Get(1) == "" && !allSecrets { + internal.ShowSubcommandHelpAndError(c, errors.New("no secret(s) specified?")) + } + + appFiles, err := config.LoadAppFiles("") + if err != nil { + logrus.Fatal(err) + } + + appEnv, err := config.GetApp(appFiles, appName) + if err != nil { + logrus.Fatal(err) + } + + host := appFiles[appName].Server + ctx := context.Background() + cl, err := client.NewClientWithContext(host) + if err != nil { + logrus.Fatal(err) + } + + filters := filters.NewArgs() + filters.Add("name", appEnv.StackName()) + secretList, err := cl.SecretList(ctx, types.SecretListOptions{Filters: filters}) + if err != nil { + logrus.Fatal(err) + } + + secretToRm := c.Args().Get(1) + for _, cont := range secretList { + secretName := cont.Spec.Annotations.Name + parsed := secret.ParseGeneratedSecretName(secretName, appEnv) + if allSecrets { + if err := cl.SecretRemove(ctx, secretName); err != nil { + logrus.Fatal(err) + } + if internal.Pass { + secret.PassRmSecret(parsed, appEnv.StackName(), host) + } + } else { + if parsed == secretToRm { + if err := cl.SecretRemove(ctx, secretName); err != nil { + logrus.Fatal(err) + } + if internal.Pass { + secret.PassRmSecret(parsed, appEnv.StackName(), host) + } + } + } + } + return nil }, } diff --git a/secret/secret.go b/secret/secret.go index 470f14a0..684939fb 100644 --- a/secret/secret.go +++ b/secret/secret.go @@ -65,6 +65,13 @@ func ParseSecretEnvVarName(secretEnvVar string) string { return strings.ToLower(withoutSuffix) } +func ParseGeneratedSecretName(secret string, appEnv config.App) string { + name := fmt.Sprintf("%s_", appEnv.StackName()) + withoutAppName := strings.TrimPrefix(secret, name) + idx := strings.LastIndex(withoutAppName, "_") + return withoutAppName[:idx] +} + func ParseSecretEnvVarValue(secretValue string) (SecretValue, error) { values := strings.Split(secretValue, "#") if len(values) == 0 { @@ -150,3 +157,21 @@ func PassInsertSecret(secretValue, secretName, appName, server string) error { return nil } + +func PassRmSecret(secretName, appName, server string) error { + _, err := exec.LookPath("pass") + if err != nil { + return errors.New("pass cannot be found on your $PATH, is it installed?") + } + + cmd := fmt.Sprintf( + "pass rm --force hosts/%s/%s/%s", + server, appName, secretName, + ) + + if err := exec.Command("bash", "-c", cmd).Run(); err != nil { + return err + } + + return nil +}