docs/refactor: abra secret insert/remove examples & ensure no arbitrary insertion
#603
@ -145,9 +145,17 @@ var AppSecretInsertCommand = &cobra.Command{
|
||||
Short: "Insert secret",
|
||||
Long: `This command inserts a secret into an app environment.
|
||||
|
||||
Arbitrary secret insertion is not supported. Secrets that are inserted must
|
||||
match those configured in the recipe beforehand.
|
||||
|
||||
This can be useful when you want to manually generate secrets for an app
|
||||
environment. Typically, you can let Abra generate them for you on app creation
|
||||
(see "abra app new --secrets/-S" for more).`,
|
||||
Example: ` # insert regular secret
|
||||
abra app secret insert 1312.net my_secret v1 mySuperSecret
|
||||
|
||||
# insert secret as file
|
||||
abra app secret insert 1312.net my_secret v1 secret.txt -f`,
|
||||
Args: cobra.MinimumNArgs(4),
|
||||
ValidArgsFunction: func(
|
||||
cmd *cobra.Command,
|
||||
@ -183,6 +191,26 @@ environment. Typically, you can let Abra generate them for you on app creation
|
||||
version := args[2]
|
||||
data := args[3]
|
||||
|
||||
composeFiles, err := app.Recipe.GetComposeFiles(app.Env)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
secrets, err := secret.ReadSecretsConfig(app.Path, composeFiles, app.StackName())
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
var isRecipeSecret bool
|
||||
for secretName, _ := range secrets {
|
||||
if secretName == name {
|
||||
isRecipeSecret = true
|
||||
}
|
||||
}
|
||||
if !isRecipeSecret {
|
||||
log.Fatalf("no secret %s available for recipe %s?", name, app.Recipe.Name)
|
||||
}
|
||||
|
||||
if insertFromFile {
|
||||
raw, err := os.ReadFile(data)
|
||||
if err != nil {
|
||||
@ -233,6 +261,10 @@ var AppSecretRmCommand = &cobra.Command{
|
||||
Use: "remove <domain> [[secret] | --all] [flags]",
|
||||
Aliases: []string{"rm"},
|
||||
Short: "Remove a secret",
|
||||
Long: `This command removes a secret from an app environment.
|
||||
|
||||
Arbitrary secret removal is not supported. Secrets that are removed must
|
||||
match those configured in the recipe beforehand.`,
|
||||
Example: " abra app secret rm 1312.net oauth_key",
|
||||
Args: cobra.RangeArgs(1, 2),
|
||||
ValidArgsFunction: func(
|
||||
|
||||
@ -4,6 +4,7 @@ setup_file(){
|
||||
load "$PWD/tests/integration/helpers/common"
|
||||
_common_setup
|
||||
_add_server
|
||||
_fetch_recipe
|
||||
|
||||
# NOTE(d1): create new app without secrets
|
||||
run $ABRA app new "$TEST_RECIPE" \
|
||||
@ -195,6 +196,12 @@ teardown(){
|
||||
assert_failure
|
||||
}
|
||||
|
||||
@test "insert: cannot insert unknown secret" {
|
||||
run $ABRA app secret insert "$TEST_APP_DOMAIN" DOESNTEXIST v1 foo
|
||||
assert_failure
|
||||
assert_output --partial 'no secret'
|
||||
}
|
||||
|
||||
@test "insert: create secret" {
|
||||
run $ABRA app secret ls "$TEST_APP_DOMAIN"
|
||||
assert_success
|
||||
|
||||
Reference in New Issue
Block a user