Skip to content

CLI Client for Pleasant, mainly Password Server, written in GoLang.

License

Notifications You must be signed in to change notification settings

davidlukac/go-pleasant-cli

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

37 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Pleasant Solutions CLI

Unofficial CLI for Pleasant products, mainly for the Password server.

Pleasant Password server

Pleasant Password server CLI provides a command line integration for the password server. Main features:

  • Working with folders.
  • Working with entries (secrets).

CLI commands

The base command for the CLI is pleasant, specifying Password server as password-server or ps in short:

$ pleasant password-server <CMD> <ENTITY> <FLAGS>
$ pleasant ps <CMD> <ENTITY> <FLAGS>

Working with folders

To get information about a Folder:

# With folder's UUID:
$ pleasant ps get folder <UUID>
# From folder's path:
$ pleasant ps get folder path/to/folder -p
# To print folder's ID: 
$ pleasant ps get folder path/to/folder -p -i
# Check whether a folder exists
$ pleasant ps exists folder path/to/folder

To create a new folder:

$ pleasant ps create folder path/to/folder

Working with entries (secrets)

To get a secret entry:

# With entry's UUID:
$ pleasant ps get entry <UUID>
# From it's path and name:
$ pleasant ps get entry /path/to/entry/entry-name -f
# To get a web link to an entry:
$ pleasant ps get entry /path/to/entry/entry-name -f -l

To create a new secret entry:

# Create entry 'foo' in the root folder interactively (name of the entry will be user as username as well):
$ pleasant ps create entry foo
# Create entry with random password:
$ pleasant ps create entry foo -r
# Specify username:
$ pleasant ps create entry foo -r -u foo-username
# Place the new entry into specific folder:
$ pleasant ps create entry foo -u foouser -p <folder-UUID>
# Use a path instead of folder UUID - folders will be created if paths doesn't exist:
$ pleasant ps create entry foo -p path/to/folder -f

To patch an existing entry:

# Patch entry identified by UUID with a JSON string:
$ pleasant ps patch entry <UUID> -j '{"Username": "new-username"}'
# Identifying the patching entry with path and name:
$ pleasant ps patch entry path/to/entry/entry-name -f -j '{"Username": "new-username"}'
# Patch with values from a Kubernetes Opaque Secret YAML file:
$ pleasant ps patch entry path/to/entry/entry-name -f -y input.yaml 

To clone/duplicate an existing entry, along with all its content and attachments:

# Clone an entry inside the original folder (adds ' - Copy' to the name):
$ pleasant ps duplicate entry <UUID>
# Clone it to a different folder (identified by the target folder UUID):
$ pleasant ps duplicate entry <UUID> -t <UUID>
# Clone the entry into an existing folder identified by a path:
$ pleasant ps duplicate entry <UUID> -t /foo/bar -p
# Clone the entry into a new folder on given path (i.e. create missing folders in the provided path):
$ pleasant ps duplicate entry <UUID> -t /foo/new-bar -p -c

Randomized patch values

The Kubernetes Secret YAML can contain a $RANDOM$ token as values, e.g.:

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: fooSecret
stringData:
  randomValue: $RANDOM$

The $RANDOM$ token will be replaced with a random value, if the randomize flag is used:

$ pleasant ps patch entry path/to/entry/entry-name -f -y secret.yaml -r 

The $RANDOM$ token may be even updated in the patch file with actual random value if update-k8s-opaque-yaml-file is used:

$ pleasant ps patch entry path/to/entry/entry-name -f -y secret.yaml -r -u

References

The patch file may contain references to existing fields in the Entry. For example if we want to patch a Custom field with value the Password:

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: fooSecret
stringData:
  referencedValue: $REF.ENTRY.Password.REF$

Global flags

Global flag might not be implemented for all commands yet!

  • quiet modifies output to minimum, so it's easier to parse in scripts.

Configuration

Credentials should be places into a .pleasant.yaml file, either in $HOME or in current folder:

password_server_url: ""
password_server_username: ""
password_server_password: ""