-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added secrets input prompt for secrets put-secret command #413
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,88 @@ | ||
package secrets | ||
|
||
import "github.com/databricks/cli/libs/cmdio" | ||
import ( | ||
"github.com/databricks/cli/cmd/root" | ||
"github.com/databricks/cli/libs/cmdio" | ||
"github.com/databricks/cli/libs/flags" | ||
"github.com/databricks/databricks-sdk-go/service/workspace" | ||
"github.com/spf13/cobra" | ||
) | ||
|
||
func init() { | ||
listScopesCmd.Annotations["template"] = cmdio.Heredoc(` | ||
{{white "Scope"}} {{white "Backend Type"}} | ||
{{range .}}{{.Name|green}} {{.BackendType}} | ||
{{end}}`) | ||
|
||
Cmd.AddCommand(putSecretCmd) | ||
// TODO: short flags | ||
putSecretCmd.Flags().Var(&putSecretJson, "json", `either inline JSON string or @path/to/file.json with request body`) | ||
|
||
putSecretCmd.Flags().StringVar(&putSecretReq.BytesValue, "bytes-value", putSecretReq.BytesValue, `If specified, value will be stored as bytes.`) | ||
putSecretCmd.Flags().StringVar(&putSecretReq.StringValue, "string-value", putSecretReq.StringValue, `If specified, note that the value will be stored in UTF-8 (MB4) form.`) | ||
} | ||
|
||
var putSecretReq workspace.PutSecret | ||
var putSecretJson flags.JsonFlag | ||
|
||
var putSecretCmd = &cobra.Command{ | ||
Use: "put-secret SCOPE KEY", | ||
Short: `Add a secret.`, | ||
Long: `Add a secret. | ||
|
||
Inserts a secret under the provided scope with the given name. If a secret | ||
already exists with the same name, this command overwrites the existing | ||
secret's value. The server encrypts the secret using the secret scope's | ||
encryption settings before storing it. | ||
|
||
You must have WRITE or MANAGE permission on the secret scope. The secret | ||
key must consist of alphanumeric characters, dashes, underscores, and periods, | ||
and cannot exceed 128 characters. The maximum allowed secret value size is 128 | ||
KB. The maximum number of secrets in a given scope is 1000. | ||
|
||
The input fields "string_value" or "bytes_value" specify the type of the | ||
secret, which will determine the value returned when the secret value is | ||
requested. Exactly one must be specified. | ||
|
||
Throws RESOURCE_DOES_NOT_EXIST if no such secret scope exists. Throws | ||
RESOURCE_LIMIT_EXCEEDED if maximum number of secrets in scope is exceeded. | ||
Throws INVALID_PARAMETER_VALUE if the key name or value length is invalid. | ||
Throws PERMISSION_DENIED if the user does not have permission to make this | ||
API call.`, | ||
|
||
Annotations: map[string]string{}, | ||
Args: func(cmd *cobra.Command, args []string) error { | ||
check := cobra.ExactArgs(2) | ||
if cmd.Flags().Changed("json") { | ||
check = cobra.ExactArgs(0) | ||
} | ||
return check(cmd, args) | ||
}, | ||
PreRunE: root.MustWorkspaceClient, | ||
RunE: func(cmd *cobra.Command, args []string) (err error) { | ||
ctx := cmd.Context() | ||
w := root.WorkspaceClient(ctx) | ||
if cmd.Flags().Changed("json") { | ||
err = putSecretJson.Unmarshal(&putSecretReq) | ||
if err != nil { | ||
return err | ||
} | ||
} else { | ||
putSecretReq.Scope = args[0] | ||
putSecretReq.Key = args[1] | ||
|
||
value, err := cmdio.Secret(ctx) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
putSecretReq.StringValue = value | ||
} | ||
|
||
err = w.Secrets.PutSecret(ctx, putSecretReq) | ||
if err != nil { | ||
return err | ||
} | ||
return nil | ||
}, | ||
} |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -120,6 +120,20 @@ func Select[V any](ctx context.Context, names map[string]V, label string) (id st | |
return c.Select(stringNames, label) | ||
} | ||
|
||
func (c *cmdIO) Secret() (value string, err error) { | ||
prompt := (promptui.Prompt{ | ||
Label: "Enter your secrets value", | ||
Mask: '*', | ||
}) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can this read from a pipe, e.g. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. @pietern , yes, it does read from pipe correctly |
||
|
||
return prompt.Run() | ||
} | ||
|
||
func Secret(ctx context.Context) (value string, err error) { | ||
c := fromContext(ctx) | ||
return c.Secret() | ||
} | ||
|
||
func (c *cmdIO) Spinner(ctx context.Context) chan string { | ||
var sp *spinner.Spinner | ||
if c.interactive { | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any thought around string vs bytes here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As per doc, difference is
Since we prompt customers to enter the key in terminal it's just natural to keep it as strings to avoid back and forth conversions