-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
main.rs
76 lines (67 loc) · 2.29 KB
/
main.rs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
use std::{
os::unix::process::CommandExt,
path::{Path, PathBuf},
process::Command,
};
use clap::Parser;
use config::{Config, Environment, File, FileFormat};
use serde::Deserialize;
use sudo_gcp::{get_access_token, get_gcloud_config, Email, Lifetime, Scopes};
#[derive(Debug, Deserialize)]
struct Settings {
service_account: Email,
#[serde(default)]
scopes: Scopes,
#[serde(default)]
lifetime: Lifetime,
}
#[derive(Debug, Parser)]
#[command(author, version)]
struct Args {
/// Path to config file
#[arg(short, long, default_value = "./sudo-gcp.toml")]
config_file: PathBuf,
// /// Email of service account to impersonate
// #[arg(short, long)]
// service_account: Option<Email>,
// /// Comma separated list of oauth scopes
// #[arg(long, default_value_t = Scopes::default())]
// scopes: Scopes,
// /// Add scopes in addition to the default
// #[arg(short, long)]
// append_scopes: Option<Scopes>,
// /// Lifetime of access token in seconds
// #[arg(long, default_value_t = Lifetime::default())]
// lifetime: Lifetime,
/// Command to run with temporary elevated privileges
command: Vec<String>,
}
fn get_settings<P: AsRef<Path>>(path: P) -> Result<Settings, config::ConfigError> {
let settings_file_path = path.as_ref().to_str().unwrap();
let settings = Config::builder()
.add_source(File::new(settings_file_path, FileFormat::Toml))
.add_source(Environment::with_prefix("sudogcp"))
.build()?;
settings.try_deserialize::<Settings>()
}
fn main() -> Result<(), Box<dyn std::error::Error>> {
env_logger::init();
let args = Args::parse();
let settings = get_settings(args.config_file)?;
let config = get_gcloud_config();
let access_token = get_access_token(
&config,
&settings.service_account,
&settings.lifetime,
&settings.scopes,
)?;
let mut command_iter = args.command.iter();
let command_exe = command_iter.next().unwrap();
let command_args: Vec<String> = command_iter.map(|s| s.to_string()).collect();
Err(Command::new(command_exe)
.args(command_args)
.env("GOOGLE_OAUTH_ACCESS_TOKEN", access_token.as_ref())
.env("CLOUDSDK_AUTH_ACCESS_TOKEN", access_token.as_ref())
.exec()
.into())
}