From 7a3c77a202f86bf85bcf052f4b83af91faa18938 Mon Sep 17 00:00:00 2001 From: Joe Garcia Date: Wed, 23 Nov 2022 13:19:17 -0500 Subject: [PATCH] Fixes #161 adds stdin support for policy load (#181) * Fixes #161 adds stdin support for policy load * resolve code smell --- cmd/conjur.go | 61 ++++++++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 56 insertions(+), 5 deletions(-) diff --git a/cmd/conjur.go b/cmd/conjur.go index ac1a865..e63bde0 100644 --- a/cmd/conjur.go +++ b/cmd/conjur.go @@ -3,6 +3,7 @@ package cmd import ( "bufio" "fmt" + "io/ioutil" "log" "os" "strings" @@ -17,6 +18,8 @@ import ( "golang.org/x/crypto/ssh/terminal" ) +const stdinErrMsg = "Failed to read from stdin." + var ( // Account conjur account Account string @@ -49,7 +52,16 @@ var ( InspectResources bool ) -func loadPolicy(policyBranch string, policyFilePath string, policyMode conjurapi.PolicyMode) { +func isInputFromPipe() bool { + stat, _ := os.Stdin.Stat() + return (stat.Mode() & os.ModeCharDevice) == 0 +} + +func loadPolicyFile(policyBranch string, policyFilePath string, policyMode conjurapi.PolicyMode) { + if policyFilePath == "" { + log.Fatal("Policy file path is required") + } + client, _, err := conjur.GetConjurClient() if err != nil { log.Fatalf("Failed to initialize conjur client. %s", err) @@ -67,6 +79,19 @@ func loadPolicy(policyBranch string, policyFilePath string, policyMode conjurapi prettyprint.PrintJSON(response) } +func loadPolicyPipe(policyBranch, policyContent string, policyMode conjurapi.PolicyMode) { + client, _, err := conjur.GetConjurClient() + if err != nil { + log.Fatalf("Failed to initialize conjur client. %s", err) + } + + response, err := client.LoadPolicy(policyMode, policyBranch, strings.NewReader(policyContent)) + if err != nil { + log.Fatalf("Failed to load policy. %v. %s", response, err) + } + prettyprint.PrintJSON(response) +} + func removeFile(path string) { err := os.Remove(path) if err != nil { @@ -209,7 +234,16 @@ var conjurAppendPolicyCmd = &cobra.Command{ Example Usage: $ cybr conjur append-policy --branch root --file ./path/to/root.yml`, Run: func(cmd *cobra.Command, args []string) { - loadPolicy(PolicyBranch, PolicyFilePath, conjurapi.PolicyModePost) + if isInputFromPipe() { + // Read from stdin + policy, err := ioutil.ReadAll(os.Stdin) + if err != nil { + log.Fatalf("%s %s", stdinErrMsg, err) + } + loadPolicyPipe(PolicyBranch, string(policy), conjurapi.PolicyModePost) + } else { + loadPolicyFile(PolicyBranch, PolicyFilePath, conjurapi.PolicyModePost) + } }, } @@ -222,7 +256,16 @@ var conjurUpdatePolicyCmd = &cobra.Command{ Example Usage: $ cybr conjur update-policy --branch root --file ./path/to/root.yml`, Run: func(cmd *cobra.Command, args []string) { - loadPolicy(PolicyBranch, PolicyFilePath, conjurapi.PolicyModePatch) + if isInputFromPipe() { + // Read from stdin + policy, err := ioutil.ReadAll(os.Stdin) + if err != nil { + log.Fatalf("%s %s", stdinErrMsg, err) + } + loadPolicyPipe(PolicyBranch, string(policy), conjurapi.PolicyModePut) + } else { + loadPolicyFile(PolicyBranch, PolicyFilePath, conjurapi.PolicyModePatch) + } }, } @@ -235,7 +278,16 @@ var conjurReplacePolicyCmd = &cobra.Command{ Example Usage: $ cybr conjur replace-policy --branch root --file ./path/to/root.yml`, Run: func(cmd *cobra.Command, args []string) { - loadPolicy(PolicyBranch, PolicyFilePath, conjurapi.PolicyModePut) + if isInputFromPipe() { + // Read from stdin + policy, err := ioutil.ReadAll(os.Stdin) + if err != nil { + log.Fatalf("%s %s", stdinErrMsg, err) + } + loadPolicyPipe(PolicyBranch, string(policy), conjurapi.PolicyModePut) + } else { + loadPolicyFile(PolicyBranch, PolicyFilePath, conjurapi.PolicyModePut) + } }, } @@ -429,7 +481,6 @@ func init() { conjurAppendPolicyCmd.Flags().StringVarP(&PolicyBranch, "branch", "b", "", "The policy branch in which policy is being loaded") conjurAppendPolicyCmd.MarkFlagRequired("branch") conjurAppendPolicyCmd.Flags().StringVarP(&PolicyFilePath, "file", "f", "", "The policy file that will be loaded into the branch") - conjurAppendPolicyCmd.MarkFlagRequired("file") // update-policy conjurUpdatePolicyCmd.Flags().StringVarP(&PolicyBranch, "branch", "b", "", "The policy branch in which policy is being loaded")