manage_nsfs | Generate access keys

- Generate access keys if not provided by the flags
- Added --regenerate flag to regenerate the access keys automatically on update
- Printing the access keys after add and update

Signed-off-by: liranmauda <liran.mauda@gmail.com>

src/cmd/manage_nsfs.js

@@ -9,6 +9,7 @@ const fs = require('fs');
 const P = require('../util/promise');
 const _ = require('lodash');
 const config = require('../../config');
+const cloud_utils = require('../util/cloud_utils');
 const native_fs_utils = require('../util/native_fs_utils');
 const nb_native = require('../util/nb_native');
 
@@ -46,14 +47,15 @@ Account Options:
     --name <name>               (default none)                              Set the name for the account.
     --email <email>             (default none)                              Set the email for the account.
     --new_name <name>           (default none)                              Set a new name for the account (update).
-    --uid <uid>                 (default as process)                        Send requests to the Filesystem with uid.
-    --gid <gid>                 (default as process)                        Send requests to the Filesystem with gid.
+    --uid <uid>                 (default none)                              Send requests to the Filesystem with uid.
+    --gid <gid>                 (default none)                              Send requests to the Filesystem with gid.
     --secret_key <key>          (default none)                              The secret key pair for the access key.
     --new_buckets_path <dir>    (default none)                              Set the filesystem's root where each subdir is a bucket.
     
     # required for add, update, and delete
     --access_key <key>          (default none)                              Authenticate incoming requests for this access key only (default is no auth).
     --new_access_key <key>      (default none)                              Set a new access key for the account.
+    --regenerate                (default none)                              Wen set and new_access_key is not set, will regenerate the access_key
     --config_root <dir>         (default config.NSFS_NC_DEFAULT_CONF_DIR)   Configuration files path for Noobaa standalon NSFS.
 
     # Used for list
@@ -146,7 +148,7 @@ async function main(argv = minimist(process.argv.slice(2))) {
                 return;
             }
             if (argv.gid && typeof argv.gid !== 'number') {
-                console.error('Error: GIT must be a number');
+                console.error('Error: GID must be a number');
                 return;
             }
         }
@@ -353,25 +355,64 @@ async function account_management(argv, config_root, from_file) {
     await manage_account_operations(action, data, config_root, config_root_backend);
 }
 
+/**
+ * set_access_keys will set the access keys either given as args or generated.
+ * @param {{ access_key: any; secret_key: any; }} argv
+ * @param {boolean} generate a flag for generating the access_keys automatically
+ */
+function set_access_keys(argv, generate) {
+    const { access_key, secret_key } = argv;
+    let generated_access_key;
+    let generated_secret_key;
+    if (generate) {
+        ({ access_key: generated_access_key, secret_key: generated_secret_key } = cloud_utils.generate_access_keys());
+        generated_access_key = generated_access_key.unwrap();
+        generated_secret_key = generated_secret_key.unwrap();
+    }
+
+    return [{
+        access_key: access_key || generated_access_key,
+        secret_key: secret_key || generated_secret_key,
+    }];
+}
+
+/**
+ * Will print the access_keys
+ * @param {{ access_keys: any[]; }} data
+ */
+function print_access_keys(data) {
+    const access_keys = data.access_keys[0];
+    console.log(`\n\n`);
+    console.log('access_key:', access_keys.access_key.unwrap());
+    console.log('secret_key:', access_keys.secret_key.unwrap());
+}
+
 async function fetch_account_data(argv, config_root, from_file) {
     let data;
+    let generate_access_keys = true;
     const action = argv._[1] || '';
     if (from_file) {
         const raw_data = await fs.promises.readFile(from_file);
         data = JSON.parse(raw_data.toString());
     }
+    let new_access_key = argv.new_access_key;
+    if (action === 'update') {
+        generate_access_keys = false;
+        if (argv.regenerate) {
+            const keys = set_access_keys(argv, true);
+            new_access_key = keys[0].access_key;
+        }
+    }
+    if (action === 'delete') generate_access_keys = false;
     if (!data) {
         data = _.omitBy({
             name: argv.name,
             email: argv.email,
             creation_date: new Date().toISOString(),
             wide: argv.wide,
             new_name: argv.new_name,
-            new_access_key: argv.new_access_key,
-            access_keys: [{
-                access_key: argv.access_key,
-                secret_key: argv.secret_key
-            }],
+            new_access_key,
+            access_keys: set_access_keys(argv, generate_access_keys),
             nsfs_account_config: {
                 distinguished_name: argv.user,
                 uid: !argv.user && argv.uid,
@@ -544,16 +585,17 @@ async function get_account_config_file_status(data, accounts_path, access_keys_p
     }
 }
 
-
 async function manage_account_operations(action, data, config_root, config_root_backend) {
     const accounts_path = path.join(config_root, accounts_dir_name);
     const access_keys_path = path.join(config_root, access_keys_dir_name);
     if (action === 'add') {
         await add_account_config_file(data, accounts_path, access_keys_path, config_root_backend);
+        print_access_keys(data);
     } else if (action === 'status') {
         await get_account_config_file_status(data, accounts_path, access_keys_path);
     } else if (action === 'update') {
         await update_account_config_file(data, accounts_path, access_keys_path, config_root_backend);
+        print_access_keys(data);
     } else if (action === 'delete') {
         await delete_account_config_file(data, accounts_path, access_keys_path, config_root_backend);
     } else if (action === 'list') {

src/util/native_fs_utils.js

@@ -260,7 +260,7 @@ async function create_config_file(fs_context, schema_dir, config_path, config_da
         } catch (err) {
             if (err.code !== 'ENOENT') throw err;
         }
-        dbg.log0('native_fs_utils: create_config_file config_path:', config_path, 'config_data:', config_data, 'is_gpfs:', open_mode);
+        dbg.log0('create_config_file:: config_path:', config_path, 'config_data:', config_data, 'is_gpfs:', open_mode);
         // create config dir if it does not exist
         await _create_path(schema_dir, fs_context);
         // when using GPFS open dst file as soon as possible for later linkat validation
@@ -284,13 +284,13 @@ async function create_config_file(fs_context, schema_dir, config_path, config_da
         } else {
             src_stat = await nb_native().fs.stat(fs_context, open_path);
         }
-        dbg.log0('native_fs_utils: create_config_file moving from:', open_path, 'to:', config_path, 'is_gpfs=', is_gpfs);
+        dbg.log0('create_config_file:: moving from:', open_path, 'to:', config_path, 'is_gpfs=', is_gpfs);
 
         await safe_move(fs_context, open_path, config_path, src_stat, gpfs_options, tmp_dir_path);
 
-        dbg.log0('native_fs_utils: create_config_file done', config_path);
+        dbg.log0(' create_config_file:: done', config_path);
     } catch (err) {
-        dbg.error('native_fs_utils: create_config_file error', err);
+        dbg.error('create_config_file:: error', err);
         throw err;
     } finally {
         await finally_close_files(fs_context, [upload_tmp_file, gpfs_dst_file]);