diff options
Diffstat (limited to 'vendor/github.com/authzed/zed/internal/cmd/context.go')
| -rw-r--r-- | vendor/github.com/authzed/zed/internal/cmd/context.go | 202 |
1 files changed, 202 insertions, 0 deletions
diff --git a/vendor/github.com/authzed/zed/internal/cmd/context.go b/vendor/github.com/authzed/zed/internal/cmd/context.go new file mode 100644 index 0000000..d5a0eec --- /dev/null +++ b/vendor/github.com/authzed/zed/internal/cmd/context.go @@ -0,0 +1,202 @@ +package cmd + +import ( + "fmt" + "os" + + "github.com/jzelinskie/cobrautil/v2" + "github.com/jzelinskie/stringz" + "github.com/spf13/cobra" + + "github.com/authzed/zed/internal/client" + "github.com/authzed/zed/internal/commands" + "github.com/authzed/zed/internal/console" + "github.com/authzed/zed/internal/printers" + "github.com/authzed/zed/internal/storage" +) + +func registerContextCmd(rootCmd *cobra.Command) { + rootCmd.AddCommand(contextCmd) + + contextCmd.AddCommand(contextListCmd) + contextListCmd.Flags().Bool("reveal-tokens", false, "display secrets in results") + + contextCmd.AddCommand(contextSetCmd) + contextCmd.AddCommand(contextRemoveCmd) + contextCmd.AddCommand(contextUseCmd) +} + +var contextCmd = &cobra.Command{ + Use: "context <subcommand>", + Short: "Manage configurations for connecting to SpiceDB deployments", + Aliases: []string{"ctx"}, +} + +var contextListCmd = &cobra.Command{ + Use: "list", + Short: "Lists all available contexts", + Aliases: []string{"ls"}, + Args: commands.ValidationWrapper(cobra.ExactArgs(0)), + ValidArgsFunction: cobra.NoFileCompletions, + RunE: contextListCmdFunc, +} + +var contextSetCmd = &cobra.Command{ + Use: "set <name> <endpoint> <api-token>", + Short: "Creates or overwrite a context", + Args: commands.ValidationWrapper(cobra.ExactArgs(3)), + ValidArgsFunction: cobra.NoFileCompletions, + RunE: contextSetCmdFunc, +} + +var contextRemoveCmd = &cobra.Command{ + Use: "remove <system>", + Short: "Removes a context", + Aliases: []string{"rm"}, + Args: commands.ValidationWrapper(cobra.ExactArgs(1)), + ValidArgsFunction: ContextGet, + RunE: contextRemoveCmdFunc, +} + +var contextUseCmd = &cobra.Command{ + Use: "use <system>", + Short: "Sets a context as the current context", + Args: commands.ValidationWrapper(cobra.MaximumNArgs(1)), + ValidArgsFunction: ContextGet, + RunE: contextUseCmdFunc, +} + +func ContextGet(_ *cobra.Command, _ []string, _ string) ([]string, cobra.ShellCompDirective) { + _, secretStore := client.DefaultStorage() + secrets, err := secretStore.Get() + if err != nil { + return nil, cobra.ShellCompDirectiveError + } + + names := make([]string, 0, len(secrets.Tokens)) + for _, token := range secrets.Tokens { + names = append(names, token.Name) + } + + return names, cobra.ShellCompDirectiveNoFileComp | cobra.ShellCompDirectiveNoSpace | cobra.ShellCompDirectiveKeepOrder +} + +func contextListCmdFunc(cmd *cobra.Command, _ []string) error { + cfgStore, secretStore := client.DefaultStorage() + secrets, err := secretStore.Get() + if err != nil { + return err + } + + cfg, err := cfgStore.Get() + if err != nil { + return err + } + + rows := make([][]string, 0, len(secrets.Tokens)) + for _, token := range secrets.Tokens { + current := "" + if token.Name == cfg.CurrentToken { + current = " ✓ " + } + secret := token.APIToken + if !cobrautil.MustGetBool(cmd, "reveal-tokens") { + secret = token.Redacted() + } + + var certStr string + if token.IsInsecure() { + certStr = "insecure" + } else if token.HasNoVerifyCA() { + certStr = "no-verify-ca" + } else if _, ok := token.Certificate(); ok { + certStr = "custom" + } else { + certStr = "system" + } + + rows = append(rows, []string{ + current, + token.Name, + token.Endpoint, + secret, + certStr, + }) + } + + printers.PrintTable(os.Stdout, []string{"current", "name", "endpoint", "token", "tls cert"}, rows) + + return nil +} + +func contextSetCmdFunc(cmd *cobra.Command, args []string) error { + var name, endpoint, apiToken string + err := stringz.Unpack(args, &name, &endpoint, &apiToken) + if err != nil { + return err + } + + certPath := cobrautil.MustGetStringExpanded(cmd, "certificate-path") + var certBytes []byte + if certPath != "" { + certBytes, err = os.ReadFile(certPath) + if err != nil { + return fmt.Errorf("failed to read ceritficate: %w", err) + } + } + + insecure := cobrautil.MustGetBool(cmd, "insecure") + noVerifyCA := cobrautil.MustGetBool(cmd, "no-verify-ca") + cfgStore, secretStore := client.DefaultStorage() + err = storage.PutToken(storage.Token{ + Name: name, + Endpoint: stringz.DefaultEmpty(endpoint, "grpc.authzed.com:443"), + APIToken: apiToken, + Insecure: &insecure, + NoVerifyCA: &noVerifyCA, + CACert: certBytes, + }, secretStore) + if err != nil { + return err + } + + return storage.SetCurrentToken(name, cfgStore, secretStore) +} + +func contextRemoveCmdFunc(_ *cobra.Command, args []string) error { + // If the token is what's currently being used, remove it from the config. + cfgStore, secretStore := client.DefaultStorage() + cfg, err := cfgStore.Get() + if err != nil { + return err + } + + if cfg.CurrentToken == args[0] { + cfg.CurrentToken = "" + } + + err = cfgStore.Put(cfg) + if err != nil { + return err + } + + return storage.RemoveToken(args[0], secretStore) +} + +func contextUseCmdFunc(_ *cobra.Command, args []string) error { + cfgStore, secretStore := client.DefaultStorage() + switch len(args) { + case 0: + cfg, err := cfgStore.Get() + if err != nil { + return err + } + console.Println(cfg.CurrentToken) + case 1: + return storage.SetCurrentToken(args[0], cfgStore, secretStore) + default: + panic("cobra command did not enforce valid number of args") + } + + return nil +} |