-
Notifications
You must be signed in to change notification settings - Fork 270
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add CLI support #580
Add CLI support #580
Conversation
Hej @grobie! First of all thanks for the suggestion, I think this is a great idea especially since the more recent releases no longer uses sjcl. |
Fair enough. I guess having separate commands for encryption and decryption is also not necessary. Supporting decrypting a URL is probably already a very esoteric use case as well, and could be handled with a flag: I'd find some beauty in having the CLI binary be called $ ./create-initial-credentials.sh | yopass
https://yopass.se/#.... Would you be cool calling the binaries |
Running the CLI in a Docker container is not very convenient in the first place given all the flags and arguments which need to be set. So my proposal would be to go forward with binary names If someone wants to use the CLI from the docker image they'll likely configure a shell alias anyways and could do the following |
Sorry if my previous reply was unclear. I meant that the server is and should be continue to be delivered as a docker container. I agree that using docker for a CLI is a poor experience, I rather |
Codecov Report
@@ Coverage Diff @@
## master #580 +/- ##
===========================================
- Coverage 86.62% 69.41% -17.22%
===========================================
Files 3 6 +3
Lines 157 340 +183
===========================================
+ Hits 136 236 +100
- Misses 12 73 +61
- Partials 9 31 +22
Continue to review full report at Codecov.
|
Good evening @jhaals! I finally found some time today to write tests and restructure the code a bit. I'm not completely happy with the results, but I won't have much time the next days to continue working on that, so I wanted to push it at least for first review. The test coverage could be better, but it gets a lot more time consuming to set up the test infrastructure to cover all the error flows. I wonder if codeclimate's Cognitive Complexity is tuned for Go, but I'm happy to extract more functionality into smaller functions if you think that will help readability. Please feel free to comment where you'd like to see changes. The integration test currently uses the life demo site (if it can be reached), we could set a web server for these tests as well. Regarding package structure, I wanted to only provide the most important building blocks in a single Hope this goes into a direction you like. Cheers! |
@jhaals Anything I can help with to make this review easier? |
Hi @grobie! Sorry for the lack of updated on my side, I have completely missed this in the flood of dependabot updates. |
16bb914
to
691c33c
Compare
This change introduces a small cli program to support use cases like sharing the initial password for a new account created by some other command or script (e.g. awscli) with someone else. Secret messages are commonly read from stdin, but (small) files can also be shared directly via the --file flag. The generated sharing URL will be printed on stdout. Extending the default storage expiration time, disabling one-time passwords and using custom URL and API locations are all supported. Existing secret URLs can be decrypted with --decrypt. Existing limitations: no configurable output options and decrypted messages will always be printed on stdout (even for files). Tests are provided but not all error flows are covered.
@jhaals I just took a quick look and it was actually pretty straight forward to move the tests to a I also removed one of codelimate's reported issues (extracting the flag parsing into a separate |
I think this looks good 👍 |
@grobie thanks again for doing this work! I played around a bit with the cli and noticed that Secondly the nice |
@jhaals ooops. Looks like some last-minute changes / extractions (in order to satisfy more codeclimate settings) broke this! I'll add a test to verify the correct flag parsing and fix both things today. |
Awesome 👍 |
See #612 |
This change introduces a small cli program to support use cases like
sharing the initial password for a new account created by some other
command or script (e.g. awscli) with someone else.
Secret messages are commonly read from stdin, but (small) files can also
be shared directly via the --file flag. The generated sharing URL will
be printed on stdout. Extending the default storage expiration time,
disabling one-time passwords and using custom URL and API locations are
all supported. Existing secret URLs can be decrypted with --decrypt.
Existing limitations: no configurable output options and decrypted
messages will always be printed on stdout (even for files).
Tests are provided but not all error flows are covered.
Original draft description
Hej @jhaals!
Today I wanted to quickly securely share the output of a CLI command with someone else and thought "I wish I could do that directly without having to copy&paste it into the browser". As a curious developer on a rainy Saturday, I first implemented a proof of concept and then searched on Github for prior work. Of course I'm not the first who had that idea. Though it was quite easy to add full support for text/file secrets and all options.
The beauty of yopass is that it's so simple. Following the guideline I'd love to have a single binary for all interactions with yopass and invoke the CLI with
yopass encrypt
. So here is my proposal:encrypt
,decrypt
,server
(breaking change to start server:yopass server
)pkg/yopass
(encrypt + client primitives) andpkg/yopass/server
(current server dependencies)What do you think about that, would you accept such contribution? Anything you'd like to keep stable without changes (server interface, package structure)?
Have a great weekend!