-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: add config command and refine help
Signed-off-by: Tobias Brumhard <code@brumhard.com>
- Loading branch information
Showing
4 changed files
with
153 additions
and
55 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package main | ||
|
||
import ( | ||
"fmt" | ||
|
||
"earthly-vault-provider/pkg/provider" | ||
|
||
"github.com/spf13/cobra" | ||
) | ||
|
||
func buildConfigCommand(p *provider.Provider) *cobra.Command { | ||
cmd := &cobra.Command{ | ||
Use: "config", | ||
Short: fmt.Sprintf("Set a configuration value for %s", cli), | ||
Long: fmt.Sprintf(`Set a configuration value for %[1]s. | ||
Support config fields to be set are "address", "token" and "prefix". | ||
This must be used to set the Vault address and token prior to using the secret provider, | ||
since currently the secret providers cannot read any env vars. | ||
To set the vault address in a vault aware system for example do: | ||
$ %[1]s config address $VAULT_ADDR | ||
To unset config values you can just use the zero value, like for example | ||
$ %[1]s config address ""`, cli), | ||
Args: cobra.ExactArgs(2), | ||
ValidArgs: []string{"address", "token", "prefix"}, | ||
RunE: func(_ *cobra.Command, args []string) error { | ||
return p.SetConfigKey(args[0], args[1]) | ||
}, | ||
} | ||
|
||
return cmd | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
package main | ||
|
||
import ( | ||
"earthly-vault-provider/pkg/provider" | ||
"fmt" | ||
"log" | ||
|
||
"github.com/spf13/cobra" | ||
) | ||
|
||
func buildRootCommand() *cobra.Command { | ||
p := provider.New() | ||
|
||
cmd := &cobra.Command{ | ||
Use: cli, | ||
Short: fmt.Sprintf("%s is a secret provider for Earthly that connects to Vault", cli), | ||
Long: fmt.Sprintf(`%[1]s is a secret provider for Earthly that connects to Hashicorp's Vault. | ||
For docs on how to configure this take a look here: https://docs.earthly.dev/docs/earthly-config#secret_provider-experimental. | ||
Since the contract for secret providers is fairly simple you can test this provider by running: | ||
$ %[1]s <vault-path> | ||
This print the secret on stdout. | ||
Generally the CLI will look at ~/.vault-token and ~/.earthly/vault.yml for the configuration. | ||
The token from ~/.vault-token will be used if it exists, otherwise the token from ~/.earthly/vault.yml will be used. | ||
vault.yml should be used to set the Vault address and optionally a lookup secret can be added. | ||
For configuration you can also use the config command: | ||
$ vault login --method=userpass username=test | ||
$ %[1]s config token $(vault print token) | ||
$ %[1]s config address $VAULT_ADDR | ||
To set a config option in the vault.yml file, use the config subcommand.`, cli), | ||
// don't show errors and usage on errors in any RunE function. | ||
SilenceErrors: true, | ||
SilenceUsage: true, | ||
Args: cobra.ExactArgs(1), | ||
PersistentPreRun: func(cmd *cobra.Command, args []string) { | ||
// Enable swapping out stdout/stderr for testing | ||
p.Logger = log.New(cmd.OutOrStderr(), "", 0) | ||
}, | ||
RunE: func(cmd *cobra.Command, args []string) error { | ||
secretFetcher, err := p.LoadSecretStore() | ||
if err != nil { | ||
return err | ||
} | ||
|
||
secret, err := secretFetcher.GetSecret(cmd.Context(), args[0]) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
fmt.Fprint(cmd.OutOrStdout(), string(secret)) | ||
return nil | ||
}, | ||
} | ||
|
||
cmd.AddCommand(buildVersionCommand()) | ||
cmd.AddCommand(buildConfigCommand(p)) | ||
|
||
return cmd | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters