forked from toolshed/abra
		
	Compare commits
	
		
			15 Commits
		
	
	
		
			integratio
			...
			fix-secret
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 964d4efca4 | |||
| cb49cf06d1 | |||
| 9affda8a70 | |||
| 3957b7c965 | |||
| 0d83339d80 | |||
| 6e54ec7213 | |||
| 66b40a9189 | |||
| 049f02f063 | |||
| 15857e6453 | |||
| 31e0ed75b0 | |||
| b1d3fcbb0b | |||
| 7b6134f35e | |||
| 316b59b465 | |||
| 92b073d5b6 | |||
| 9b0dd933b5 | 
| @ -11,6 +11,7 @@ | ||||
| - kawaiipunk | ||||
| - knoflook | ||||
| - moritz | ||||
| - p4u1 | ||||
| - rix | ||||
| - roxxers | ||||
| - vera | ||||
|  | ||||
							
								
								
									
										7
									
								
								Makefile
									
									
									
									
									
								
							
							
						
						
									
										7
									
								
								Makefile
									
									
									
									
									
								
							| @ -2,6 +2,7 @@ ABRA         := ./cmd/abra | ||||
| KADABRA      := ./cmd/kadabra | ||||
| COMMIT       := $(shell git rev-list -1 HEAD) | ||||
| GOPATH       := $(shell go env GOPATH) | ||||
| GOVERSION    := 1.21 | ||||
| LDFLAGS      := "-X 'main.Commit=$(COMMIT)'" | ||||
| DIST_LDFLAGS := $(LDFLAGS)" -s -w" | ||||
|  | ||||
| @ -30,6 +31,12 @@ build-kadabra: | ||||
|  | ||||
| build: build-abra build-kadabra | ||||
|  | ||||
| build-docker-abra: | ||||
| 	@docker run -it -v $(PWD):/abra golang:$(GOVERSION) \ | ||||
| 		bash -c 'cd /abra; ./scripts/docker/build.sh' | ||||
|  | ||||
| build-docker: build-docker-abra | ||||
|  | ||||
| clean: | ||||
| 	@rm '$(GOPATH)/bin/abra' | ||||
| 	@rm '$(GOPATH)/bin/kadabra' | ||||
|  | ||||
| @ -10,6 +10,7 @@ import ( | ||||
| 	"strings" | ||||
|  | ||||
| 	"coopcloud.tech/abra/cli/internal" | ||||
| 	"coopcloud.tech/abra/pkg/app" | ||||
| 	"coopcloud.tech/abra/pkg/autocomplete" | ||||
| 	"coopcloud.tech/abra/pkg/client" | ||||
| 	"coopcloud.tech/abra/pkg/config" | ||||
| @ -45,6 +46,17 @@ Example: | ||||
| 	}, | ||||
| 	Before:      internal.SubCommandBefore, | ||||
| 	Subcommands: []cli.Command{appCmdListCommand}, | ||||
| 	BashComplete: func(ctx *cli.Context) { | ||||
| 		args := ctx.Args() | ||||
| 		switch len(args) { | ||||
| 		case 0: | ||||
| 			autocomplete.AppNameComplete(ctx) | ||||
| 		case 1: | ||||
| 			autocomplete.ServiceNameComplete(args.Get(0)) | ||||
| 		case 2: | ||||
| 			cmdNameComplete(args.Get(0)) | ||||
| 		} | ||||
| 	}, | ||||
| 	Action: func(c *cli.Context) error { | ||||
| 		app := internal.ValidateApp(c) | ||||
|  | ||||
| @ -187,6 +199,20 @@ func parseCmdArgs(args []string, isLocal bool) (bool, string) { | ||||
| 	return hasCmdArgs, parsedCmdArgs | ||||
| } | ||||
|  | ||||
| func cmdNameComplete(appName string) { | ||||
| 	app, err := app.Get(appName) | ||||
| 	if err != nil { | ||||
| 		return | ||||
| 	} | ||||
| 	cmdNames, _ := getShCmdNames(app) | ||||
| 	if err != nil { | ||||
| 		return | ||||
| 	} | ||||
| 	for _, n := range cmdNames { | ||||
| 		fmt.Println(n) | ||||
| 	} | ||||
| } | ||||
|  | ||||
| var appCmdListCommand = cli.Command{ | ||||
| 	Name:      "list", | ||||
| 	Aliases:   []string{"ls"}, | ||||
| @ -222,13 +248,11 @@ var appCmdListCommand = cli.Command{ | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		abraShPath := fmt.Sprintf("%s/%s/%s", config.RECIPES_DIR, app.Recipe, "abra.sh") | ||||
| 		cmdNames, err := config.ReadAbraShCmdNames(abraShPath) | ||||
| 		cmdNames, err := getShCmdNames(app) | ||||
| 		if err != nil { | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
|  | ||||
| 		sort.Strings(cmdNames) | ||||
| 		for _, cmdName := range cmdNames { | ||||
| 			fmt.Println(cmdName) | ||||
| 		} | ||||
| @ -236,3 +260,14 @@ var appCmdListCommand = cli.Command{ | ||||
| 		return nil | ||||
| 	}, | ||||
| } | ||||
|  | ||||
| func getShCmdNames(app config.App) ([]string, error) { | ||||
| 	abraShPath := fmt.Sprintf("%s/%s/%s", config.RECIPES_DIR, app.Recipe, "abra.sh") | ||||
| 	cmdNames, err := config.ReadAbraShCmdNames(abraShPath) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
|  | ||||
| 	sort.Strings(cmdNames) | ||||
| 	return cmdNames, nil | ||||
| } | ||||
|  | ||||
| @ -97,7 +97,7 @@ var appNewCommand = cli.Command{ | ||||
| 		var secrets AppSecrets | ||||
| 		var secretTable *jsontable.JSONTable | ||||
| 		if internal.Secrets { | ||||
| 			sampleEnv, err := recipe.SampleEnv(config.ReadEnvOptions{}) | ||||
| 			sampleEnv, err := recipe.SampleEnv() | ||||
| 			if err != nil { | ||||
| 				logrus.Fatal(err) | ||||
| 			} | ||||
| @ -108,7 +108,7 @@ var appNewCommand = cli.Command{ | ||||
| 			} | ||||
|  | ||||
| 			envSamplePath := path.Join(config.RECIPES_DIR, recipe.Name, ".env.sample") | ||||
| 			secretsConfig, err := secret.ReadSecretsConfig(envSamplePath, composeFiles, recipe.Name) | ||||
| 			secretsConfig, err := secret.ReadSecretsConfig(envSamplePath, composeFiles, config.StackName(internal.Domain)) | ||||
| 			if err != nil { | ||||
| 				return err | ||||
| 			} | ||||
| @ -168,14 +168,8 @@ var appNewCommand = cli.Command{ | ||||
| type AppSecrets map[string]string | ||||
|  | ||||
| // createSecrets creates all secrets for a new app. | ||||
| func createSecrets(cl *dockerClient.Client, secretsConfig map[string]string, sanitisedAppName string) (AppSecrets, error) { | ||||
| 	// NOTE(d1): trim to match app.StackName() implementation | ||||
| 	if len(sanitisedAppName) > 45 { | ||||
| 		logrus.Debugf("trimming %s to %s to avoid runtime limits", sanitisedAppName, sanitisedAppName[:45]) | ||||
| 		sanitisedAppName = sanitisedAppName[:45] | ||||
| 	} | ||||
|  | ||||
| 	secrets, err := secret.GenerateSecrets(cl, secretsConfig, sanitisedAppName, internal.NewAppServer) | ||||
| func createSecrets(cl *dockerClient.Client, secretsConfig map[string]secret.Secret, sanitisedAppName string) (AppSecrets, error) { | ||||
| 	secrets, err := secret.GenerateSecrets(cl, secretsConfig, internal.NewAppServer) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| @ -217,7 +211,7 @@ func ensureDomainFlag(recipe recipe.Recipe, server string) error { | ||||
| } | ||||
|  | ||||
| // promptForSecrets asks if we should generate secrets for a new app. | ||||
| func promptForSecrets(recipeName string, secretsConfig map[string]string) error { | ||||
| func promptForSecrets(recipeName string, secretsConfig map[string]secret.Secret) error { | ||||
| 	if len(secretsConfig) == 0 { | ||||
| 		logrus.Debugf("%s has no secrets to generate, skipping...", recipeName) | ||||
| 		return nil | ||||
|  | ||||
| @ -20,19 +20,23 @@ import ( | ||||
| 	"github.com/urfave/cli" | ||||
| ) | ||||
|  | ||||
| var allSecrets bool | ||||
| var allSecretsFlag = &cli.BoolFlag{ | ||||
| 	Name:        "all, a", | ||||
| 	Destination: &allSecrets, | ||||
| 	Usage:       "Generate all secrets", | ||||
| } | ||||
| var ( | ||||
| 	allSecrets     bool | ||||
| 	allSecretsFlag = &cli.BoolFlag{ | ||||
| 		Name:        "all, a", | ||||
| 		Destination: &allSecrets, | ||||
| 		Usage:       "Generate all secrets", | ||||
| 	} | ||||
| ) | ||||
|  | ||||
| var rmAllSecrets bool | ||||
| var rmAllSecretsFlag = &cli.BoolFlag{ | ||||
| 	Name:        "all, a", | ||||
| 	Destination: &rmAllSecrets, | ||||
| 	Usage:       "Remove all secrets", | ||||
| } | ||||
| var ( | ||||
| 	rmAllSecrets     bool | ||||
| 	rmAllSecretsFlag = &cli.BoolFlag{ | ||||
| 		Name:        "all, a", | ||||
| 		Destination: &rmAllSecrets, | ||||
| 		Usage:       "Remove all secrets", | ||||
| 	} | ||||
| ) | ||||
|  | ||||
| var appSecretGenerateCommand = cli.Command{ | ||||
| 	Name:      "generate", | ||||
| @ -87,28 +91,22 @@ var appSecretGenerateCommand = cli.Command{ | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
|  | ||||
| 		secretsConfig, err := secret.ReadSecretsConfig(app.Path, composeFiles, app.Recipe) | ||||
| 		secrets, err := secret.ReadSecretsConfig(app.Path, composeFiles, app.StackName()) | ||||
| 		if err != nil { | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
|  | ||||
| 		secretsToCreate := make(map[string]string) | ||||
| 		if allSecrets { | ||||
| 			secretsToCreate = secretsConfig | ||||
| 		} else { | ||||
| 		if !allSecrets { | ||||
| 			secretName := c.Args().Get(1) | ||||
| 			secretVersion := c.Args().Get(2) | ||||
| 			matches := false | ||||
| 			for name := range secretsConfig { | ||||
| 				if secretName == name { | ||||
| 					secretsToCreate[name] = secretVersion | ||||
| 					matches = true | ||||
| 				} | ||||
| 			} | ||||
|  | ||||
| 			if !matches { | ||||
| 			s, ok := secrets[secretName] | ||||
| 			if !ok { | ||||
| 				logrus.Fatalf("%s doesn't exist in the env config?", secretName) | ||||
| 			} | ||||
| 			s.Version = secretVersion | ||||
| 			secrets = map[string]secret.Secret{ | ||||
| 				secretName: s, | ||||
| 			} | ||||
| 		} | ||||
|  | ||||
| 		cl, err := client.New(app.Server) | ||||
| @ -116,7 +114,7 @@ var appSecretGenerateCommand = cli.Command{ | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
|  | ||||
| 		secretVals, err := secret.GenerateSecrets(cl, secretsToCreate, app.StackName(), app.Server) | ||||
| 		secretVals, err := secret.GenerateSecrets(cl, secrets, app.Server) | ||||
| 		if err != nil { | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
| @ -276,7 +274,7 @@ Example: | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
|  | ||||
| 		secretsConfig, err := secret.ReadSecretsConfig(app.Path, composeFiles, app.Recipe) | ||||
| 		secrets, err := secret.ReadSecretsConfig(app.Path, composeFiles, app.StackName()) | ||||
| 		if err != nil { | ||||
| 			logrus.Fatal(err) | ||||
| 		} | ||||
| @ -311,12 +309,7 @@ Example: | ||||
|  | ||||
| 		match := false | ||||
| 		secretToRm := c.Args().Get(1) | ||||
| 		for secretName, secretValue := range secretsConfig { | ||||
| 			val, err := secret.ParseSecretValue(secretValue) | ||||
| 			if err != nil { | ||||
| 				logrus.Fatal(err) | ||||
| 			} | ||||
|  | ||||
| 		for secretName, val := range secrets { | ||||
| 			secretRemoteName := fmt.Sprintf("%s_%s_%s", app.StackName(), secretName, val.Version) | ||||
| 			if _, ok := remoteSecretNames[secretRemoteName]; ok { | ||||
| 				if secretToRm != "" { | ||||
|  | ||||
							
								
								
									
										10
									
								
								go.mod
									
									
									
									
									
								
							
							
						
						
									
										10
									
								
								go.mod
									
									
									
									
									
								
							| @ -4,8 +4,8 @@ go 1.21 | ||||
|  | ||||
| require ( | ||||
| 	coopcloud.tech/tagcmp v0.0.0-20211103052201-885b22f77d52 | ||||
| 	git.coopcloud.tech/coop-cloud/godotenv v1.5.2-0.20231130100509-01bff8284355 | ||||
| 	github.com/AlecAivazis/survey/v2 v2.3.7 | ||||
| 	github.com/Autonomic-Cooperative/godotenv v1.3.1-0.20210731094149-b031ea1211e7 | ||||
| 	github.com/Gurpartap/logrus-stack v0.0.0-20170710170904-89c00d8a28f4 | ||||
| 	github.com/docker/cli v24.0.7+incompatible | ||||
| 	github.com/docker/distribution v2.8.3+incompatible | ||||
| @ -16,7 +16,7 @@ require ( | ||||
| 	github.com/moby/term v0.5.0 | ||||
| 	github.com/olekukonko/tablewriter v0.0.5 | ||||
| 	github.com/pkg/errors v0.9.1 | ||||
| 	github.com/schollz/progressbar/v3 v3.14.0 | ||||
| 	github.com/schollz/progressbar/v3 v3.14.1 | ||||
| 	github.com/sirupsen/logrus v1.9.3 | ||||
| 	gotest.tools/v3 v3.5.1 | ||||
| ) | ||||
| @ -56,7 +56,7 @@ require ( | ||||
| 	github.com/kevinburke/ssh_config v1.2.0 // indirect | ||||
| 	github.com/klauspost/compress v1.14.2 // indirect | ||||
| 	github.com/mattn/go-colorable v0.1.12 // indirect | ||||
| 	github.com/mattn/go-isatty v0.0.17 // indirect | ||||
| 	github.com/mattn/go-isatty v0.0.20 // indirect | ||||
| 	github.com/mattn/go-runewidth v0.0.14 // indirect | ||||
| 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect | ||||
| 	github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b // indirect | ||||
| @ -71,7 +71,7 @@ require ( | ||||
| 	github.com/prometheus/client_model v0.3.0 // indirect | ||||
| 	github.com/prometheus/common v0.42.0 // indirect | ||||
| 	github.com/prometheus/procfs v0.10.1 // indirect | ||||
| 	github.com/rivo/uniseg v0.2.0 // indirect | ||||
| 	github.com/rivo/uniseg v0.4.4 // indirect | ||||
| 	github.com/russross/blackfriday/v2 v2.1.0 // indirect | ||||
| 	github.com/skeema/knownhosts v1.2.0 // indirect | ||||
| 	github.com/spf13/pflag v1.0.5 // indirect | ||||
| @ -82,7 +82,7 @@ require ( | ||||
| 	golang.org/x/mod v0.12.0 // indirect | ||||
| 	golang.org/x/net v0.17.0 // indirect | ||||
| 	golang.org/x/sync v0.3.0 // indirect | ||||
| 	golang.org/x/term v0.13.0 // indirect | ||||
| 	golang.org/x/term v0.14.0 // indirect | ||||
| 	golang.org/x/text v0.13.0 // indirect | ||||
| 	golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e // indirect | ||||
| 	golang.org/x/tools v0.13.0 // indirect | ||||
|  | ||||
							
								
								
									
										28
									
								
								go.sum
									
									
									
									
									
								
							
							
						
						
									
										28
									
								
								go.sum
									
									
									
									
									
								
							| @ -51,12 +51,12 @@ coopcloud.tech/tagcmp v0.0.0-20211103052201-885b22f77d52/go.mod h1:ESVm0wQKcbcFi | ||||
| dario.cat/mergo v1.0.0 h1:AGCNq9Evsj31mOgNPcLyXc+4PNABt905YmuqPYYpBWk= | ||||
| dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= | ||||
| dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU= | ||||
| git.coopcloud.tech/coop-cloud/godotenv v1.5.2-0.20231130100509-01bff8284355 h1:tCv2B4qoN6RMheKDnCzIafOkWS5BB1h7hwhmo+9bVeE= | ||||
| git.coopcloud.tech/coop-cloud/godotenv v1.5.2-0.20231130100509-01bff8284355/go.mod h1:Q8V1zbtPAlzYSr/Dvky3wS6x58IQAl3rot2me1oSO2Q= | ||||
| github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1 h1:EKPd1INOIyr5hWOWhvpmQpY6tKjeG0hT1s3AMC/9fic= | ||||
| github.com/AdaLogics/go-fuzz-headers v0.0.0-20230106234847-43070de90fa1/go.mod h1:VzwV+t+dZ9j/H867F1M2ziD+yLHtB46oM35FxxMJ4d0= | ||||
| github.com/AlecAivazis/survey/v2 v2.3.7 h1:6I/u8FvytdGsgonrYsVn2t8t4QiRnh6QSTqkkhIiSjQ= | ||||
| github.com/AlecAivazis/survey/v2 v2.3.7/go.mod h1:xUTIdE4KCOIjsBAE1JYsUPoCqYdZ1reCfTwbto0Fduo= | ||||
| github.com/Autonomic-Cooperative/godotenv v1.3.1-0.20210731094149-b031ea1211e7 h1:asQtdXYbxEYWcwAQqJTVYC/RltB4eqoWKvqWg/LFPOg= | ||||
| github.com/Autonomic-Cooperative/godotenv v1.3.1-0.20210731094149-b031ea1211e7/go.mod h1:oZRCMMRS318l07ei4DTqbZoOawfJlJ4yyo8juk2v4Rk= | ||||
| github.com/Azure/azure-sdk-for-go v16.2.1+incompatible/go.mod h1:9XXNKU+eRnpl9moKnB4QOLf1HestfXbmab5FXxiDBjc= | ||||
| github.com/Azure/go-ansiterm v0.0.0-20170929234023-d6e3b3328b78/go.mod h1:LmzpDX56iTiv29bbRTIsUNlaFfuhWRQBWjQdVyAevI8= | ||||
| github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8= | ||||
| @ -590,8 +590,8 @@ github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHh | ||||
| github.com/hashicorp/go-multierror v1.1.0/go.mod h1:spPvp8C1qA32ftKqdAHm4hHTbPw+vmowP0z+KUhOZdA= | ||||
| github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= | ||||
| github.com/hashicorp/go-retryablehttp v0.5.3/go.mod h1:9B5zBasrRhHXnJnui7y6sL7es7NDiJgTc6Er0maI1Xs= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= | ||||
| github.com/hashicorp/go-rootcerts v1.0.2/go.mod h1:pqUvnprVnM5bf7AOirdbb01K4ccR319Vf4pU3K5EGc8= | ||||
| github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU= | ||||
| github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4= | ||||
| @ -705,8 +705,8 @@ github.com/mattn/go-isatty v0.0.10/go.mod h1:qgIWMr58cqv1PHHyhnkY9lrL7etaEgOFcME | ||||
| github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= | ||||
| github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= | ||||
| github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= | ||||
| github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= | ||||
| github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= | ||||
| github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= | ||||
| github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= | ||||
| github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= | ||||
| github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= | ||||
| github.com/mattn/go-runewidth v0.0.14 h1:+xnbZSEeDbOIg5/mE6JF0w6n9duR1l3/WmbinWVwUuU= | ||||
| @ -885,8 +885,9 @@ github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1 | ||||
| github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg= | ||||
| github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM= | ||||
| github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= | ||||
| github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY= | ||||
| github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= | ||||
| github.com/rivo/uniseg v0.4.4 h1:8TfxU8dW6PdqD27gjM8MVNuicgxIjxpm4K7x4jp8sis= | ||||
| github.com/rivo/uniseg v0.4.4/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUcx88= | ||||
| github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= | ||||
| github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= | ||||
| github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||||
| @ -900,8 +901,8 @@ github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb | ||||
| github.com/safchain/ethtool v0.0.0-20190326074333-42ed695e3de8/go.mod h1:Z0q5wiBQGYcxhMZ6gUqHn6pYNLypFAvaL3UvgZLR0U4= | ||||
| github.com/sagikazarmark/crypt v0.3.0/go.mod h1:uD/D+6UF4SrIR1uGEv7bBNkNqLGqUr43MRiaGWX1Nig= | ||||
| github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0= | ||||
| github.com/schollz/progressbar/v3 v3.13.1 h1:o8rySDYiQ59Mwzy2FELeHY5ZARXZTVJC7iHD6PEFUiE= | ||||
| github.com/schollz/progressbar/v3 v3.13.1/go.mod h1:xvrbki8kfT1fzWzBT/UZd9L6GA+jdL7HAgq2RFnO6fQ= | ||||
| github.com/schollz/progressbar/v3 v3.14.1 h1:VD+MJPCr4s3wdhTc7OEJ/Z3dAeBzJ7yKH/P4lC5yRTI= | ||||
| github.com/schollz/progressbar/v3 v3.14.1/go.mod h1:Zc9xXneTzWXF81TGoqL71u0sBPjULtEHYtj/WVgVy8E= | ||||
| github.com/sclevine/spec v1.2.0/go.mod h1:W4J29eT/Kzv7/b9IWLB055Z+qvVC9vt0Arko24q7p+U= | ||||
| github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= | ||||
| github.com/seccomp/libseccomp-golang v0.9.1/go.mod h1:GbW5+tmTXfcxTToHLXlScSlAvWlF4P2Ca7zGrPiEpWo= | ||||
| @ -1310,21 +1311,20 @@ golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBc | ||||
| golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= | ||||
| golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= | ||||
| golang.org/x/sys v0.14.0 h1:Vz7Qs629MkJkGyHxUlRHizWJRG2j8fbQKjELVSNhy7Q= | ||||
| golang.org/x/sys v0.14.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= | ||||
| golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= | ||||
| golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= | ||||
| golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= | ||||
| golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= | ||||
| golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= | ||||
| golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= | ||||
| golang.org/x/term v0.13.0 h1:bb+I9cTfFazGW51MZqBVmZy7+JEJMouUHTUSKVQLBek= | ||||
| golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= | ||||
| golang.org/x/term v0.14.0 h1:LGK9IlZ8T9jvdy6cTdfKUCltatMFOehAQo9SRC46UQ8= | ||||
| golang.org/x/term v0.14.0/go.mod h1:TySc+nGkYR6qt8km8wUhuFRTVSMIX3XPR58y2lC8vww= | ||||
| golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= | ||||
| golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= | ||||
| golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= | ||||
|  | ||||
| @ -25,6 +25,16 @@ func AppNameComplete(c *cli.Context) { | ||||
| 	} | ||||
| } | ||||
|  | ||||
| func ServiceNameComplete(appName string) { | ||||
| 	serviceNames, err := config.GetAppServiceNames(appName) | ||||
| 	if err != nil { | ||||
| 		return | ||||
| 	} | ||||
| 	for _, s := range serviceNames { | ||||
| 		fmt.Println(s) | ||||
| 	} | ||||
| } | ||||
|  | ||||
| // RecipeNameComplete completes recipe names. | ||||
| func RecipeNameComplete(c *cli.Context) { | ||||
| 	catl, err := recipe.ReadRecipeCatalogue(false) | ||||
|  | ||||
| @ -29,7 +29,7 @@ func UpdateTag(pattern, image, tag, recipeName string) (bool, error) { | ||||
| 		opts := stack.Deploy{Composefiles: []string{composeFile}} | ||||
|  | ||||
| 		envSamplePath := path.Join(config.RECIPES_DIR, recipeName, ".env.sample") | ||||
| 		sampleEnv, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 		sampleEnv, err := config.ReadEnv(envSamplePath) | ||||
| 		if err != nil { | ||||
| 			return false, err | ||||
| 		} | ||||
| @ -97,7 +97,7 @@ func UpdateLabel(pattern, serviceName, label, recipeName string) error { | ||||
| 		opts := stack.Deploy{Composefiles: []string{composeFile}} | ||||
|  | ||||
| 		envSamplePath := path.Join(config.RECIPES_DIR, recipeName, ".env.sample") | ||||
| 		sampleEnv, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 		sampleEnv, err := config.ReadEnv(envSamplePath) | ||||
| 		if err != nil { | ||||
| 			return err | ||||
| 		} | ||||
|  | ||||
| @ -25,6 +25,9 @@ import ( | ||||
| // AppEnv is a map of the values in an apps env config | ||||
| type AppEnv = map[string]string | ||||
|  | ||||
| // AppModifiers is a map of modifiers in an apps env config | ||||
| type AppModifiers = map[string]map[string]string | ||||
|  | ||||
| // AppName is AppName | ||||
| type AppName = string | ||||
|  | ||||
| @ -47,23 +50,30 @@ type App struct { | ||||
| 	Path   string | ||||
| } | ||||
|  | ||||
| // StackName gets whatever the docker safe (uses the right delimiting | ||||
| // character, e.g. "_") stack name is for the app. In general, you don't want | ||||
| // to use this to show anything to end-users, you want use a.Name instead. | ||||
| // See documentation of config.StackName | ||||
| func (a App) StackName() string { | ||||
| 	if _, exists := a.Env["STACK_NAME"]; exists { | ||||
| 		return a.Env["STACK_NAME"] | ||||
| 	} | ||||
|  | ||||
| 	stackName := SanitiseAppName(a.Name) | ||||
| 	stackName := StackName(a.Name) | ||||
|  | ||||
| 	a.Env["STACK_NAME"] = stackName | ||||
|  | ||||
| 	return stackName | ||||
| } | ||||
|  | ||||
| // StackName gets whatever the docker safe (uses the right delimiting | ||||
| // character, e.g. "_") stack name is for the app. In general, you don't want | ||||
| // to use this to show anything to end-users, you want use a.Name instead. | ||||
| func StackName(appName string) string { | ||||
| 	stackName := SanitiseAppName(appName) | ||||
|  | ||||
| 	if len(stackName) > 45 { | ||||
| 		logrus.Debugf("trimming %s to %s to avoid runtime limits", stackName, stackName[:45]) | ||||
| 		stackName = stackName[:45] | ||||
| 	} | ||||
|  | ||||
| 	a.Env["STACK_NAME"] = stackName | ||||
|  | ||||
| 	return stackName | ||||
| } | ||||
|  | ||||
| @ -150,7 +160,7 @@ func (a ByName) Less(i, j int) bool { | ||||
| } | ||||
|  | ||||
| func ReadAppEnvFile(appFile AppFile, name AppName) (App, error) { | ||||
| 	env, err := ReadEnv(appFile.Path, ReadEnvOptions{}) | ||||
| 	env, err := ReadEnv(appFile.Path) | ||||
| 	if err != nil { | ||||
| 		return App{}, fmt.Errorf("env file for %s couldn't be read: %s", name, err.Error()) | ||||
| 	} | ||||
|  | ||||
| @ -12,7 +12,7 @@ import ( | ||||
| 	"sort" | ||||
| 	"strings" | ||||
|  | ||||
| 	"github.com/Autonomic-Cooperative/godotenv" | ||||
| 	"git.coopcloud.tech/coop-cloud/godotenv" | ||||
| 	"github.com/sirupsen/logrus" | ||||
| ) | ||||
|  | ||||
| @ -55,45 +55,34 @@ func GetServers() ([]string, error) { | ||||
| 	return servers, nil | ||||
| } | ||||
|  | ||||
| // ReadEnvOptions modifies the ReadEnv processing of env vars. | ||||
| type ReadEnvOptions struct { | ||||
| 	IncludeModifiers bool | ||||
| } | ||||
|  | ||||
| // ContainsEnvVarModifier determines if an env var contains a modifier. | ||||
| func ContainsEnvVarModifier(envVar string) bool { | ||||
| 	for _, mod := range envVarModifiers { | ||||
| 		if strings.Contains(envVar, fmt.Sprintf("%s=", mod)) { | ||||
| 			return true | ||||
| 		} | ||||
| 	} | ||||
| 	return false | ||||
| } | ||||
|  | ||||
| // ReadEnv loads an app envivornment into a map. | ||||
| func ReadEnv(filePath string, opts ReadEnvOptions) (AppEnv, error) { | ||||
| func ReadEnv(filePath string) (AppEnv, error) { | ||||
| 	var envVars AppEnv | ||||
|  | ||||
| 	envVars, err := godotenv.Read(filePath) | ||||
| 	envVars, _, err := godotenv.Read(filePath) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
|  | ||||
| 	//	for idx, envVar := range envVars { | ||||
| 	//		if strings.Contains(envVar, "#") { | ||||
| 	//			if opts.IncludeModifiers && ContainsEnvVarModifier(envVar) { | ||||
| 	//				continue | ||||
| 	//			} | ||||
| 	//			vals := strings.Split(envVar, "#") | ||||
| 	//			envVars[idx] = strings.TrimSpace(vals[0]) | ||||
| 	//		} | ||||
| 	//	} | ||||
|  | ||||
| 	logrus.Debugf("read %s from %s", envVars, filePath) | ||||
|  | ||||
| 	return envVars, nil | ||||
| } | ||||
|  | ||||
| // ReadEnv loads an app envivornment and their modifiers in two different maps. | ||||
| func ReadEnvWithModifiers(filePath string) (AppEnv, AppModifiers, error) { | ||||
| 	var envVars AppEnv | ||||
|  | ||||
| 	envVars, mods, err := godotenv.Read(filePath) | ||||
| 	if err != nil { | ||||
| 		return nil, mods, err | ||||
| 	} | ||||
|  | ||||
| 	logrus.Debugf("read %s from %s", envVars, filePath) | ||||
|  | ||||
| 	return envVars, mods, nil | ||||
| } | ||||
|  | ||||
| // ReadServerNames retrieves all server names. | ||||
| func ReadServerNames() ([]string, error) { | ||||
| 	serverNames, err := GetAllFoldersInDirectory(SERVERS_DIR) | ||||
| @ -227,7 +216,7 @@ func CheckEnv(app App) ([]EnvVar, error) { | ||||
| 		return envVars, err | ||||
| 	} | ||||
|  | ||||
| 	envSample, err := ReadEnv(envSamplePath, ReadEnvOptions{}) | ||||
| 	envSample, err := ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		return envVars, err | ||||
| 	} | ||||
|  | ||||
| @ -13,15 +13,21 @@ import ( | ||||
| 	"coopcloud.tech/abra/pkg/recipe" | ||||
| ) | ||||
|  | ||||
| var TestFolder = os.ExpandEnv("$PWD/../../tests/resources/test_folder") | ||||
| var ValidAbraConf = os.ExpandEnv("$PWD/../../tests/resources/valid_abra_config") | ||||
| var ( | ||||
| 	TestFolder    = os.ExpandEnv("$PWD/../../tests/resources/test_folder") | ||||
| 	ValidAbraConf = os.ExpandEnv("$PWD/../../tests/resources/valid_abra_config") | ||||
| ) | ||||
|  | ||||
| // make sure these are in alphabetical order | ||||
| var TFolders = []string{"folder1", "folder2"} | ||||
| var TFiles = []string{"bar.env", "foo.env"} | ||||
| var ( | ||||
| 	TFolders = []string{"folder1", "folder2"} | ||||
| 	TFiles   = []string{"bar.env", "foo.env"} | ||||
| ) | ||||
|  | ||||
| var AppName = "ecloud" | ||||
| var ServerName = "evil.corp" | ||||
| var ( | ||||
| 	AppName    = "ecloud" | ||||
| 	ServerName = "evil.corp" | ||||
| ) | ||||
|  | ||||
| var ExpectedAppEnv = config.AppEnv{ | ||||
| 	"DOMAIN": "ecloud.evil.corp", | ||||
| @ -71,7 +77,7 @@ func TestGetAllFilesInDirectory(t *testing.T) { | ||||
| } | ||||
|  | ||||
| func TestReadEnv(t *testing.T) { | ||||
| 	env, err := config.ReadEnv(ExpectedAppFile.Path, config.ReadEnvOptions{}) | ||||
| 	env, err := config.ReadEnv(ExpectedAppFile.Path) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| @ -149,7 +155,7 @@ func TestCheckEnv(t *testing.T) { | ||||
| 	} | ||||
|  | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, r.Name, ".env.sample") | ||||
| 	envSample, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 	envSample, err := config.ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| @ -183,7 +189,7 @@ func TestCheckEnvError(t *testing.T) { | ||||
| 	} | ||||
|  | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, r.Name, ".env.sample") | ||||
| 	envSample, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 	envSample, err := config.ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| @ -211,16 +217,6 @@ func TestCheckEnvError(t *testing.T) { | ||||
| 	} | ||||
| } | ||||
|  | ||||
| func TestContainsEnvVarModifier(t *testing.T) { | ||||
| 	if ok := config.ContainsEnvVarModifier("FOO=bar # bing"); ok { | ||||
| 		t.Fatal("FOO contains no env var modifier") | ||||
| 	} | ||||
|  | ||||
| 	if ok := config.ContainsEnvVarModifier("FOO=bar # length=3"); !ok { | ||||
| 		t.Fatal("FOO contains an env var modifier (length)") | ||||
| 	} | ||||
| } | ||||
|  | ||||
| func TestEnvVarCommentsRemoved(t *testing.T) { | ||||
| 	offline := true | ||||
| 	r, err := recipe.Get("abra-test-recipe", offline) | ||||
| @ -229,7 +225,7 @@ func TestEnvVarCommentsRemoved(t *testing.T) { | ||||
| 	} | ||||
|  | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, r.Name, ".env.sample") | ||||
| 	envSample, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 	envSample, err := config.ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| @ -261,12 +257,19 @@ func TestEnvVarModifiersIncluded(t *testing.T) { | ||||
| 	} | ||||
|  | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, r.Name, ".env.sample") | ||||
| 	envSample, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{IncludeModifiers: true}) | ||||
| 	envSample, modifiers, err := config.ReadEnvWithModifiers(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
|  | ||||
| 	if !strings.Contains(envSample["SECRET_TEST_PASS_TWO_VERSION"], "length") { | ||||
| 		t.Fatal("comment from env var SECRET_TEST_PASS_TWO_VERSION should not be removed") | ||||
| 	if !strings.Contains(envSample["SECRET_TEST_PASS_TWO_VERSION"], "v1") { | ||||
| 		t.Errorf("value should be 'v1', got: '%s'", envSample["SECRET_TEST_PASS_TWO_VERSION"]) | ||||
| 	} | ||||
| 	if modifiers == nil || modifiers["SECRET_TEST_PASS_TWO_VERSION"] == nil { | ||||
| 		t.Errorf("no modifiers included") | ||||
| 	} else { | ||||
| 		if modifiers["SECRET_TEST_PASS_TWO_VERSION"]["length"] != "10" { | ||||
| 			t.Errorf("length modifier should be '10', got: '%s'", modifiers["SECRET_TEST_PASS_TWO_VERSION"]["length"]) | ||||
| 		} | ||||
| 	} | ||||
| } | ||||
|  | ||||
| @ -227,7 +227,7 @@ func LintAppService(recipe recipe.Recipe) (bool, error) { | ||||
| // therefore no matching traefik deploy label will be present. | ||||
| func LintTraefikEnabledSkipCondition(recipe recipe.Recipe) (bool, error) { | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, recipe.Name, ".env.sample") | ||||
| 	sampleEnv, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 	sampleEnv, err := config.ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		return false, fmt.Errorf("Unable to discover .env.sample for %s", recipe.Name) | ||||
| 	} | ||||
|  | ||||
| @ -227,7 +227,7 @@ func Get(recipeName string, offline bool) (Recipe, error) { | ||||
| 	} | ||||
|  | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, recipeName, ".env.sample") | ||||
| 	sampleEnv, err := config.ReadEnv(envSamplePath, config.ReadEnvOptions{}) | ||||
| 	sampleEnv, err := config.ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		return Recipe{}, err | ||||
| 	} | ||||
| @ -255,9 +255,9 @@ func Get(recipeName string, offline bool) (Recipe, error) { | ||||
| 	}, nil | ||||
| } | ||||
|  | ||||
| func (r Recipe) SampleEnv(opts config.ReadEnvOptions) (map[string]string, error) { | ||||
| func (r Recipe) SampleEnv() (map[string]string, error) { | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, r.Name, ".env.sample") | ||||
| 	sampleEnv, err := config.ReadEnv(envSamplePath, opts) | ||||
| 	sampleEnv, err := config.ReadEnv(envSamplePath) | ||||
| 	if err != nil { | ||||
| 		return sampleEnv, fmt.Errorf("unable to discover .env.sample for %s", r.Name) | ||||
| 	} | ||||
|  | ||||
| @ -21,11 +21,24 @@ import ( | ||||
| 	"github.com/sirupsen/logrus" | ||||
| ) | ||||
|  | ||||
| // secretValue represents a parsed `SECRET_FOO=v1 # length=bar` env var config | ||||
| // secret definition. | ||||
| type secretValue struct { | ||||
| // Secret represents a secret. | ||||
| type Secret struct { | ||||
| 	// Version comes from the secret version environment variable. | ||||
| 	// For example: | ||||
| 	//  SECRET_FOO=v1 | ||||
| 	Version string | ||||
| 	Length  int | ||||
| 	// Length comes from the length modifier at the secret version environment | ||||
| 	// variable. For Example: | ||||
| 	//   SECRET_FOO=v1 # length=12 | ||||
| 	Length int | ||||
| 	// RemoteName is the name of the secret on the server. For example: | ||||
| 	//   name: ${STACK_NAME}_test_pass_two_${SECRET_TEST_PASS_TWO_VERSION} | ||||
| 	// With the following: | ||||
| 	//   STACK_NAME=test_example_com | ||||
| 	//   SECRET_TEST_PASS_TWO_VERSION=v2 | ||||
| 	// Will have this remote name: | ||||
| 	//   test_example_com_test_pass_two_v2 | ||||
| 	RemoteName string | ||||
| } | ||||
|  | ||||
| // GeneratePasswords generates passwords. | ||||
| @ -35,7 +48,6 @@ func GeneratePasswords(count, length uint) ([]string, error) { | ||||
| 		length, | ||||
| 		passgen.AlphabetDefault, | ||||
| 	) | ||||
|  | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| @ -54,7 +66,6 @@ func GeneratePassphrases(count uint) ([]string, error) { | ||||
| 		passgen.PassphraseCasingDefault, | ||||
| 		passgen.WordListDefault, | ||||
| 	) | ||||
|  | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| @ -69,18 +80,22 @@ func GeneratePassphrases(count uint) ([]string, error) { | ||||
| // and some times you don't (as the caller). We need to be able to handle the | ||||
| // "app new" case where we pass in the .env.sample and the "secret generate" | ||||
| // case where the app is created. | ||||
| func ReadSecretsConfig(appEnvPath string, composeFiles []string, recipeName string) (map[string]string, error) { | ||||
| 	secretConfigs := make(map[string]string) | ||||
|  | ||||
| 	appEnv, err := config.ReadEnv(appEnvPath, config.ReadEnvOptions{IncludeModifiers: true}) | ||||
| func ReadSecretsConfig(appEnvPath string, composeFiles []string, stackName string) (map[string]Secret, error) { | ||||
| 	appEnv, appModifiers, err := config.ReadEnvWithModifiers(appEnvPath) | ||||
| 	if err != nil { | ||||
| 		return secretConfigs, err | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	// Set the STACK_NAME to be able to generate the remote name correctly. | ||||
| 	appEnv["STACK_NAME"] = stackName | ||||
|  | ||||
| 	opts := stack.Deploy{Composefiles: composeFiles} | ||||
| 	config, err := loader.LoadComposefile(opts, appEnv) | ||||
| 	if err != nil { | ||||
| 		return secretConfigs, err | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	configWithoutEnv, err := loader.LoadComposefile(opts, map[string]string{}, loader.SkipInterpolation) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
|  | ||||
| 	var enabledSecrets []string | ||||
| @ -92,12 +107,13 @@ func ReadSecretsConfig(appEnvPath string, composeFiles []string, recipeName stri | ||||
|  | ||||
| 	if len(enabledSecrets) == 0 { | ||||
| 		logrus.Debugf("not generating app secrets, none enabled in recipe config") | ||||
| 		return secretConfigs, nil | ||||
| 		return nil, nil | ||||
| 	} | ||||
|  | ||||
| 	secretValues := map[string]Secret{} | ||||
| 	for secretId, secretConfig := range config.Secrets { | ||||
| 		if string(secretConfig.Name[len(secretConfig.Name)-1]) == "_" { | ||||
| 			return secretConfigs, fmt.Errorf("missing version for secret? (%s)", secretId) | ||||
| 			return nil, fmt.Errorf("missing version for secret? (%s)", secretId) | ||||
| 		} | ||||
|  | ||||
| 		if !(slices.Contains(enabledSecrets, secretId)) { | ||||
| @ -107,68 +123,54 @@ func ReadSecretsConfig(appEnvPath string, composeFiles []string, recipeName stri | ||||
|  | ||||
| 		lastIdx := strings.LastIndex(secretConfig.Name, "_") | ||||
| 		secretVersion := secretConfig.Name[lastIdx+1:] | ||||
| 		secretConfigs[secretId] = secretVersion | ||||
| 		value := Secret{Version: secretVersion, RemoteName: secretConfig.Name} | ||||
|  | ||||
| 		// Check if the length modifier is set for this secret. | ||||
| 		for k, v := range appModifiers { | ||||
| 			// configWithoutEnv contains the raw name as defined in the compose.yaml | ||||
| 			if !strings.Contains(configWithoutEnv.Secrets[secretId].Name, k) { | ||||
| 				continue | ||||
| 			} | ||||
| 			lengthRaw, ok := v["length"] | ||||
| 			if ok { | ||||
| 				length, err := strconv.Atoi(lengthRaw) | ||||
| 				if err != nil { | ||||
| 					return nil, err | ||||
| 				} | ||||
| 				value.Length = length | ||||
| 			} | ||||
| 			break | ||||
| 		} | ||||
| 		secretValues[secretId] = value | ||||
| 	} | ||||
|  | ||||
| 	return secretConfigs, nil | ||||
| } | ||||
|  | ||||
| func ParseSecretValue(secret string) (secretValue, error) { | ||||
| 	values := strings.Split(secret, "#") | ||||
| 	if len(values) == 0 { | ||||
| 		return secretValue{}, fmt.Errorf("unable to parse %s", secret) | ||||
| 	} | ||||
|  | ||||
| 	if len(values) == 1 { | ||||
| 		return secretValue{Version: values[0], Length: 0}, nil | ||||
| 	} | ||||
|  | ||||
| 	split := strings.Split(values[1], "=") | ||||
| 	parsed := split[len(split)-1] | ||||
| 	stripped := strings.ReplaceAll(parsed, " ", "") | ||||
| 	length, err := strconv.Atoi(stripped) | ||||
| 	if err != nil { | ||||
| 		return secretValue{}, err | ||||
| 	} | ||||
| 	version := strings.ReplaceAll(values[0], " ", "") | ||||
|  | ||||
| 	logrus.Debugf("parsed version %s and length '%v' from %s", version, length, secret) | ||||
|  | ||||
| 	return secretValue{Version: version, Length: length}, nil | ||||
| 	return secretValues, nil | ||||
| } | ||||
|  | ||||
| // GenerateSecrets generates secrets locally and sends them to a remote server for storage. | ||||
| func GenerateSecrets(cl *dockerClient.Client, secretsFromConfig map[string]string, appName, server string) (map[string]string, error) { | ||||
| 	secrets := make(map[string]string) | ||||
|  | ||||
| func GenerateSecrets(cl *dockerClient.Client, secrets map[string]Secret, server string) (map[string]string, error) { | ||||
| 	secretsGenerated := map[string]string{} | ||||
| 	var mutex sync.Mutex | ||||
| 	var wg sync.WaitGroup | ||||
| 	ch := make(chan error, len(secretsFromConfig)) | ||||
| 	for n, v := range secretsFromConfig { | ||||
| 	ch := make(chan error, len(secrets)) | ||||
| 	for n, v := range secrets { | ||||
| 		wg.Add(1) | ||||
|  | ||||
| 		go func(secretName, secretValue string) { | ||||
| 		go func(secretName string, secret Secret) { | ||||
| 			defer wg.Done() | ||||
|  | ||||
| 			parsedSecretValue, err := ParseSecretValue(secretValue) | ||||
| 			if err != nil { | ||||
| 				ch <- err | ||||
| 				return | ||||
| 			} | ||||
| 			logrus.Debugf("attempting to generate and store %s on %s", secret.RemoteName, server) | ||||
|  | ||||
| 			secretRemoteName := fmt.Sprintf("%s_%s_%s", appName, secretName, parsedSecretValue.Version) | ||||
| 			logrus.Debugf("attempting to generate and store %s on %s", secretRemoteName, server) | ||||
|  | ||||
| 			if parsedSecretValue.Length > 0 { | ||||
| 				passwords, err := GeneratePasswords(1, uint(parsedSecretValue.Length)) | ||||
| 			if secret.Length > 0 { | ||||
| 				passwords, err := GeneratePasswords(1, uint(secret.Length)) | ||||
| 				if err != nil { | ||||
| 					ch <- err | ||||
| 					return | ||||
| 				} | ||||
|  | ||||
| 				if err := client.StoreSecret(cl, secretRemoteName, passwords[0], server); err != nil { | ||||
| 				if err := client.StoreSecret(cl, secret.RemoteName, passwords[0], server); err != nil { | ||||
| 					if strings.Contains(err.Error(), "AlreadyExists") { | ||||
| 						logrus.Warnf("%s already exists, moving on...", secretRemoteName) | ||||
| 						logrus.Warnf("%s already exists, moving on...", secret.RemoteName) | ||||
| 						ch <- nil | ||||
| 					} else { | ||||
| 						ch <- err | ||||
| @ -178,7 +180,7 @@ func GenerateSecrets(cl *dockerClient.Client, secretsFromConfig map[string]strin | ||||
|  | ||||
| 				mutex.Lock() | ||||
| 				defer mutex.Unlock() | ||||
| 				secrets[secretName] = passwords[0] | ||||
| 				secretsGenerated[secretName] = passwords[0] | ||||
| 			} else { | ||||
| 				passphrases, err := GeneratePassphrases(1) | ||||
| 				if err != nil { | ||||
| @ -186,9 +188,9 @@ func GenerateSecrets(cl *dockerClient.Client, secretsFromConfig map[string]strin | ||||
| 					return | ||||
| 				} | ||||
|  | ||||
| 				if err := client.StoreSecret(cl, secretRemoteName, passphrases[0], server); err != nil { | ||||
| 				if err := client.StoreSecret(cl, secret.RemoteName, passphrases[0], server); err != nil { | ||||
| 					if strings.Contains(err.Error(), "AlreadyExists") { | ||||
| 						logrus.Warnf("%s already exists, moving on...", secretRemoteName) | ||||
| 						logrus.Warnf("%s already exists, moving on...", secret.RemoteName) | ||||
| 						ch <- nil | ||||
| 					} else { | ||||
| 						ch <- err | ||||
| @ -198,7 +200,7 @@ func GenerateSecrets(cl *dockerClient.Client, secretsFromConfig map[string]strin | ||||
|  | ||||
| 				mutex.Lock() | ||||
| 				defer mutex.Unlock() | ||||
| 				secrets[secretName] = passphrases[0] | ||||
| 				secretsGenerated[secretName] = passphrases[0] | ||||
| 			} | ||||
| 			ch <- nil | ||||
| 		}(n, v) | ||||
| @ -206,16 +208,16 @@ func GenerateSecrets(cl *dockerClient.Client, secretsFromConfig map[string]strin | ||||
|  | ||||
| 	wg.Wait() | ||||
|  | ||||
| 	for range secretsFromConfig { | ||||
| 	for range secrets { | ||||
| 		err := <-ch | ||||
| 		if err != nil { | ||||
| 			return nil, err | ||||
| 		} | ||||
| 	} | ||||
|  | ||||
| 	logrus.Debugf("generated and stored %s on %s", secrets, server) | ||||
| 	logrus.Debugf("generated and stored %v on %s", secrets, server) | ||||
|  | ||||
| 	return secrets, nil | ||||
| 	return secretsGenerated, nil | ||||
| } | ||||
|  | ||||
| type secretStatus struct { | ||||
| @ -237,7 +239,7 @@ func PollSecretsStatus(cl *dockerClient.Client, app config.App) (secretStatuses, | ||||
| 		return secStats, err | ||||
| 	} | ||||
|  | ||||
| 	secretsConfig, err := ReadSecretsConfig(app.Path, composeFiles, app.Recipe) | ||||
| 	secretsConfig, err := ReadSecretsConfig(app.Path, composeFiles, app.StackName()) | ||||
| 	if err != nil { | ||||
| 		return secStats, err | ||||
| 	} | ||||
| @ -257,14 +259,9 @@ func PollSecretsStatus(cl *dockerClient.Client, app config.App) (secretStatuses, | ||||
| 		remoteSecretNames[cont.Spec.Annotations.Name] = true | ||||
| 	} | ||||
|  | ||||
| 	for secretName, secretValue := range secretsConfig { | ||||
| 	for secretName, val := range secretsConfig { | ||||
| 		createdRemote := false | ||||
|  | ||||
| 		val, err := ParseSecretValue(secretValue) | ||||
| 		if err != nil { | ||||
| 			return secStats, err | ||||
| 		} | ||||
|  | ||||
| 		secretRemoteName := fmt.Sprintf("%s_%s_%s", app.StackName(), secretName, val.Version) | ||||
| 		if _, ok := remoteSecretNames[secretRemoteName]; ok { | ||||
| 			createdRemote = true | ||||
|  | ||||
| @ -1,42 +1,30 @@ | ||||
| package secret | ||||
|  | ||||
| import ( | ||||
| 	"path" | ||||
| 	"testing" | ||||
|  | ||||
| 	"coopcloud.tech/abra/pkg/config" | ||||
| 	"coopcloud.tech/abra/pkg/recipe" | ||||
| 	"coopcloud.tech/abra/pkg/upstream/stack" | ||||
| 	loader "coopcloud.tech/abra/pkg/upstream/stack" | ||||
| 	"github.com/stretchr/testify/assert" | ||||
| ) | ||||
|  | ||||
| func TestReadSecretsConfig(t *testing.T) { | ||||
| 	offline := true | ||||
| 	recipe, err := recipe.Get("matrix-synapse", offline) | ||||
| 	composeFiles := []string{"./testdir/compose.yaml"} | ||||
| 	secretsFromConfig, err := ReadSecretsConfig("./testdir/.env.sample", composeFiles, "test_example_com") | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
|  | ||||
| 	sampleEnv, err := recipe.SampleEnv(config.ReadEnvOptions{}) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| 	// Simple secret | ||||
| 	assert.Equal(t, "test_example_com_test_pass_one_v2", secretsFromConfig["test_pass_one"].RemoteName) | ||||
| 	assert.Equal(t, "v2", secretsFromConfig["test_pass_one"].Version) | ||||
| 	assert.Equal(t, 0, secretsFromConfig["test_pass_one"].Length) | ||||
|  | ||||
| 	composeFiles := []string{path.Join(config.RECIPES_DIR, recipe.Name, "compose.yml")} | ||||
| 	envSamplePath := path.Join(config.RECIPES_DIR, recipe.Name, ".env.sample") | ||||
| 	secretsFromConfig, err := ReadSecretsConfig(envSamplePath, composeFiles, recipe.Name) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
| 	// Has a length modifier | ||||
| 	assert.Equal(t, "test_example_com_test_pass_two_v1", secretsFromConfig["test_pass_two"].RemoteName) | ||||
| 	assert.Equal(t, "v1", secretsFromConfig["test_pass_two"].Version) | ||||
| 	assert.Equal(t, 10, secretsFromConfig["test_pass_two"].Length) | ||||
|  | ||||
| 	opts := stack.Deploy{Composefiles: composeFiles} | ||||
| 	config, err := loader.LoadComposefile(opts, sampleEnv) | ||||
| 	if err != nil { | ||||
| 		t.Fatal(err) | ||||
| 	} | ||||
|  | ||||
| 	for secretId := range config.Secrets { | ||||
| 		assert.Contains(t, secretsFromConfig, secretId) | ||||
| 	} | ||||
| 	// Secret name does not include the secret id | ||||
| 	assert.Equal(t, "test_example_com_pass_three_v2", secretsFromConfig["test_pass_three"].RemoteName) | ||||
| 	assert.Equal(t, "v2", secretsFromConfig["test_pass_three"].Version) | ||||
| 	assert.Equal(t, 0, secretsFromConfig["test_pass_three"].Length) | ||||
| } | ||||
|  | ||||
							
								
								
									
										3
									
								
								pkg/secret/testdir/.env.sample
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										3
									
								
								pkg/secret/testdir/.env.sample
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,3 @@ | ||||
| SECRET_TEST_PASS_ONE_VERSION=v2 | ||||
| SECRET_TEST_PASS_TWO_VERSION=v1 # length=10 | ||||
| SECRET_TEST_PASS_THREE_VERSION=v2 | ||||
							
								
								
									
										21
									
								
								pkg/secret/testdir/compose.yaml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								pkg/secret/testdir/compose.yaml
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,21 @@ | ||||
| --- | ||||
| version: "3.8" | ||||
|  | ||||
| services: | ||||
|   app: | ||||
|     image: nginx:1.21.0 | ||||
|     secrets: | ||||
|       - test_pass_one | ||||
|       - test_pass_two | ||||
|       - test_pass_three | ||||
|  | ||||
| secrets: | ||||
|   test_pass_one: | ||||
|     external: true | ||||
|     name: ${STACK_NAME}_test_pass_one_${SECRET_TEST_PASS_ONE_VERSION}  # should be removed | ||||
|   test_pass_two: | ||||
|     external: true | ||||
|     name: ${STACK_NAME}_test_pass_two_${SECRET_TEST_PASS_TWO_VERSION} | ||||
|   test_pass_three: | ||||
|     external: true | ||||
|     name: ${STACK_NAME}_pass_three_${SECRET_TEST_PASS_THREE_VERSION} # secretId and name don't match | ||||
| @ -18,7 +18,7 @@ import ( | ||||
| // | ||||
| // ssh://<user>@<host> URL requires Docker 18.09 or later on the remote host. | ||||
| func GetConnectionHelper(daemonURL string) (*connhelper.ConnectionHelper, error) { | ||||
| 	return getConnectionHelper(daemonURL, []string{"-o ConnectTimeout=5"}) | ||||
| 	return getConnectionHelper(daemonURL, []string{"-o ConnectTimeout=60"}) | ||||
| } | ||||
|  | ||||
| func getConnectionHelper(daemonURL string, sshFlags []string) (*connhelper.ConnectionHelper, error) { | ||||
|  | ||||
| @ -18,15 +18,24 @@ func DontSkipValidation(opts *loader.Options) { | ||||
| 	opts.SkipValidation = false | ||||
| } | ||||
|  | ||||
| // SkipInterpolation skip interpolating environment variables. | ||||
| func SkipInterpolation(opts *loader.Options) { | ||||
| 	opts.SkipInterpolation = true | ||||
| } | ||||
|  | ||||
| // LoadComposefile parse the composefile specified in the cli and returns its Config and version. | ||||
| func LoadComposefile(opts Deploy, appEnv map[string]string) (*composetypes.Config, error) { | ||||
| func LoadComposefile(opts Deploy, appEnv map[string]string, options ...func(*loader.Options)) (*composetypes.Config, error) { | ||||
| 	configDetails, err := getConfigDetails(opts.Composefiles, appEnv) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
|  | ||||
| 	if options == nil { | ||||
| 		options = []func(*loader.Options){DontSkipValidation} | ||||
| 	} | ||||
|  | ||||
| 	dicts := getDictsFrom(configDetails.ConfigFiles) | ||||
| 	config, err := loader.Load(configDetails, DontSkipValidation) | ||||
| 	config, err := loader.Load(configDetails, options...) | ||||
| 	if err != nil { | ||||
| 		if fpe, ok := err.(*loader.ForbiddenPropertiesError); ok { | ||||
| 			return nil, fmt.Errorf("compose file contains unsupported options: %s", | ||||
|  | ||||
							
								
								
									
										11
									
								
								scripts/docker/build.sh
									
									
									
									
									
										Executable file
									
								
							
							
						
						
									
										11
									
								
								scripts/docker/build.sh
									
									
									
									
									
										Executable file
									
								
							| @ -0,0 +1,11 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| if [ ! -f .envrc ]; then | ||||
|     . .envrc.sample | ||||
| else | ||||
|     . .envrc | ||||
| fi | ||||
|  | ||||
| git config --global --add safe.directory /abra  # work around funky file permissions | ||||
|  | ||||
| make build | ||||
| @ -25,6 +25,24 @@ teardown(){ | ||||
|   fi | ||||
| } | ||||
|  | ||||
| # bats test_tags=slow | ||||
| @test "autocomplete" { | ||||
|   run $ABRA app cmd --generate-bash-completion | ||||
|   assert_success | ||||
|   assert_output "$TEST_APP_DOMAIN" | ||||
|  | ||||
|   run $ABRA app cmd "$TEST_APP_DOMAIN" --generate-bash-completion | ||||
|   assert_success | ||||
|   assert_output "app" | ||||
|  | ||||
|   run $ABRA app cmd "$TEST_APP_DOMAIN" app --generate-bash-completion | ||||
|   assert_success | ||||
|   assert_output "test_cmd | ||||
| test_cmd_arg | ||||
| test_cmd_args | ||||
| test_cmd_export" | ||||
| } | ||||
|  | ||||
| @test "validate app argument" { | ||||
|   run $ABRA app cmd | ||||
|   assert_failure | ||||
|  | ||||
		Reference in New Issue
	
	Block a user
	