/
vaultUi.go
75 lines (63 loc) · 1.52 KB
/
vaultUi.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package cmd
import (
"fmt"
"log"
"os"
"os/exec"
"os/signal"
"runtime"
"github.com/instructure-bridge/truss-cli/truss"
"github.com/spf13/cobra"
)
var vaultUICmd = &cobra.Command{
Use: "ui",
Short: "Open the Vault UI in your browser",
Long: `This is useful when your vault is not exposed publicly.
As it will port-forward to the service, authenticate with aws auth,
and open the UI in your browser.`,
RunE: func(cmd *cobra.Command, args []string) error {
kubeconfig, err := getKubeconfig()
if err != nil {
return err
}
vault := truss.Vault(kubeconfig, getVaultAuth())
port, err := vault.PortForward()
if err != nil {
return err
}
defer vault.ClosePortForward()
token, err := vault.GetWrappingToken()
if err != nil {
return err
}
vaultURL := fmt.Sprintf("https://localhost:%s/ui/vault/auth?with=token&wrapped_token=%s", port, token)
log.Printf("Opening Vault UI at %s", vaultURL)
openbrowser(vaultURL)
c := make(chan os.Signal, 1)
signal.Notify(c, os.Interrupt)
for range c {
log.Println("Received SIGINT, cleaning up...")
return nil
}
return nil
},
}
func openbrowser(url string) {
var err error
switch runtime.GOOS {
case "linux":
err = exec.Command("xdg-open", url).Start()
case "windows":
err = exec.Command("rundll32", "url.dll,FileProtocolHandler", url).Start()
case "darwin":
err = exec.Command("open", url).Start()
default:
err = fmt.Errorf("unsupported platform")
}
if err != nil {
log.Fatal(err)
}
}
func init() {
vaultCmd.AddCommand(vaultUICmd)
}