1.0.6

display help if no arguments are present

when creating a vault, check if file exist to prevent overwriting files

config test

ignore coverage in develop & main

.github/workflows/coverage.yml

@@ -3,10 +3,9 @@ name: Coverage
 
 on:
   push:
-    branches:
-      - '!develop'
-      - '!main'
-      - '*'
+    branches-ignore:
+      - 'develop'
+      - 'main'
 
 jobs:
   coverage:

CHANGELOG.md

@@ -1,3 +1,8 @@
+## 1.0.6
+* display --help if no arguments are present
+* Check if the path to save the vault is empty (prevent overwriting existing files)
+* show examples only per command help not in main
+
 ## 1.0.5
 * help templates/examples
 * support for .config/ssh-vault/config.yml

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "ssh-vault"
-version = "1.0.5"
+version = "1.0.6"
 authors = ["Nicolas Embriz <nbari@tequila.io>"]
 description = "encrypt/decrypt using ssh keys"
 documentation = "https://ssh-vault.com/"
@@ -37,6 +37,7 @@ serde_json = "1.0"
 sha2 = "0.10.8"
 shell-words = "1.1.0"
 ssh-key = { version = "0.6.2", features = ["ed25519", "rsa", "encryption"] }
+temp-env = "0.3.6"
 tempfile = "3.8.0"
 url = "2.4.1"
 x25519-dalek = { version = "2.0.0", features = ["getrandom", "static_secrets"] }

src/cli/actions/create.rs

@@ -65,6 +65,10 @@ pub fn handle(action: Action) -> Result<()> {
             // setup Reader(input) and Writer (output)
             let (mut input, output) = dio::setup_io(input, vault)?;
 
+            if !output.is_empty()? {
+                return Err(anyhow!("Vault file already exists"));
+            }
+
             if input.is_terminal() {
                 if skip_editor {
                     input.read_to_end(&mut buffer)?;

src/cli/actions/mod.rs

@@ -78,7 +78,7 @@ pub fn process_input(buf: &mut Vec<u8>, data: Option<Secret<String>>) -> Result<
 
 #[cfg(test)]
 mod tests {
-    use crate::cli::actions::{create, view, Action};
+    use crate::cli::actions::{create, edit, fingerprint, view, Action};
     use serde_json::Value;
     use std::io::Write;
     use tempfile::NamedTempFile;
@@ -91,7 +91,7 @@ mod tests {
     }
 
     #[test]
-    fn test_create_with_input() {
+    fn test_create_view_edit_with_input() {
         let tests =[
             Test {
                 input: "Machs na",
@@ -145,6 +145,47 @@ mod tests {
 
             let output = std::fs::read_to_string(output).unwrap();
             assert_eq!(input, output);
+
+            let edit = Action::Edit {
+                key: Some(test.private_key.to_string()),
+                passphrase: None,
+                vault: vault_file.path().to_str().unwrap().to_string(),
+            };
+
+            // set EDITOR to cat instead of vi
+            temp_env::with_vars([("EDITOR", Some("cat"))], || {
+                let vault_edit = edit::handle(edit);
+                assert!(vault_edit.is_ok());
+            });
+
+            let vault_contents_after_edit = std::fs::read_to_string(&vault_file).unwrap();
+            assert_ne!(vault_contents, vault_contents_after_edit);
+
+            // check if we can still view the vault
+            let output = NamedTempFile::new().unwrap();
+            let view = Action::View {
+                key: Some(test.private_key.to_string()),
+                output: Some(output.path().to_str().unwrap().to_string()),
+                passphrase: None,
+                vault: Some(vault_file.path().to_str().unwrap().to_string()),
+            };
+            let vault_view = view::handle(view);
+            assert!(vault_view.is_ok());
+
+            let output = std::fs::read_to_string(output).unwrap();
+            assert_eq!(input, output);
+
+            // try to create again with the same vault (should fail)
+            let create = Action::Create {
+                fingerprint: None,
+                key: Some(test.public_key.to_string()),
+                user: None,
+                vault: Some(vault_file.path().to_str().unwrap().to_string()),
+                json: false,
+                input: Some(temp_file.path().to_str().unwrap().to_string()),
+            };
+            let vault = create::handle(create);
+            assert!(vault.is_err());
         }
     }
 
@@ -203,4 +244,15 @@ mod tests {
             assert_eq!(input, output);
         }
     }
+
+    #[test]
+    fn test_fingerprint() {
+        let fingerprint = Action::Fingerprint {
+            key: Some("test_data/ed25519.pub".to_string()),
+            user: None,
+        };
+
+        let fingerprint = fingerprint::handle(fingerprint);
+        assert!(fingerprint.is_ok());
+    }
 }

src/cli/commands/create.rs

@@ -20,6 +20,23 @@ pub fn validator_fingerprint() -> ValueParser {
 pub fn subcommand_create() -> Command {
     Command::new("create")
         .about("Create a new vault")
+        .after_help(
+            r#"Examples:
+
+Share a secret:
+
+    echo "secret" | ssh-vault create -u new | pbcopy
+
+Share a secret with a known user in GitHub:
+
+    echo "secret" | ssh-vault create -u alice
+
+Share a secret with Alice using its second key:
+
+    echo "secret" | ssh-vault create -u alice -k 2
+
+"#,
+        )
         .visible_alias("c")
         .arg(
             Arg::new("fingerprint")

src/cli/commands/edit.rs

@@ -3,6 +3,14 @@ use clap::{Arg, Command};
 pub fn subcommand_edit() -> Command {
     Command::new("edit")
         .about("Edit an existing vault")
+        .after_help(
+            r#"Examples:
+
+Edit a secret:
+
+    ssh-vault edit secret.txt.vault
+"#,
+        )
         .visible_alias("e")
         .arg(
             Arg::new("key")

src/cli/commands/mod.rs

@@ -10,9 +10,7 @@ use clap::{
 
 use std::env;
 
-pub fn new(after_help: &str) -> Command {
-    let after_help_string = after_help.to_string();
-
+pub fn new() -> Command {
     let styles = Styles::styled()
         .header(AnsiColor::Yellow.on_default() | Effects::BOLD)
         .usage(AnsiColor::Green.on_default() | Effects::BOLD)
@@ -21,15 +19,8 @@ pub fn new(after_help: &str) -> Command {
 
     Command::new("ssh-vault")
         .about("encrypt/decrypt using ssh keys")
+        .arg_required_else_help(true)
         .version(env!("CARGO_PKG_VERSION"))
-        .help_template(
-            "\
-{before-help}{name} ({version}) - {about-with-newline}
-{usage-heading} {usage}
-
-{all-args}{after-help}",
-        )
-        .after_help(after_help_string)
         .color(ColorChoice::Auto)
         .styles(styles)
         .subcommand(create::subcommand_create())
@@ -44,8 +35,7 @@ mod tests {
 
     #[test]
     fn test_new() {
-        let after_help = "after help";
-        let command = new(after_help);
+        let command = new();
 
         assert_eq!(command.get_name(), "ssh-vault");
         assert_eq!(
@@ -56,6 +46,5 @@ mod tests {
             command.get_version().unwrap().to_string(),
             env!("CARGO_PKG_VERSION")
         );
-        assert_eq!(command.get_after_help().unwrap().to_string(), after_help);
     }
 }

src/cli/commands/view.rs

@@ -3,6 +3,14 @@ use clap::{Arg, Command};
 pub fn subcommand_view() -> Command {
     Command::new("view")
         .about("View an existing vault")
+        .after_help(
+            r#"Examples:
+
+View a secret:
+
+    ssh-vault view < secret.txt.vault
+"#,
+        )
         .visible_alias("v")
         .arg(
             Arg::new("key")

src/cli/start.rs

@@ -3,31 +3,7 @@ use anyhow::Result;
 
 /// Start the CLI
 pub fn start() -> Result<Action> {
-    let after_help = r#"
-EXAMPLES:
-
-Share a secret:
-
-    echo "secret" | ssh-vault create -u new | pbcopy
-
-Share a secret with a known user in GitHub:
-
-    echo "secret" | ssh-vault create -u alice
-
-Share a secret with Alice using its second key:
-
-    echo "secret" | ssh-vault create -u alice -k 2
-
-View a secret:
-
-    ssh-vault view < secret.txt.vault
-
-Edit a secret:
-
-    ssh-vault edit secret.txt.vault
-
-"#;
-    let cmd = commands::new(after_help);
+    let cmd = commands::new();
     let matches = cmd.get_matches();
     let action = dispatcher::dispatch(&matches)?;
     Ok(action)

src/config.rs

@@ -17,3 +17,16 @@ pub fn get() -> Result<Config> {
             .build()?),
     }
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_config_get() {
+        temp_env::with_vars([("SSH_VAULT_SSHKEYS_ONLINE", Some("localhost"))], || {
+            let config = get().unwrap();
+            assert_eq!(config.get_string("sshkeys_online").unwrap(), "localhost");
+        });
+    }
+}

src/tools.rs

@@ -5,17 +5,6 @@ pub fn get_home() -> Result<PathBuf> {
     home::home_dir().map_or_else(|| Err(anyhow!("Could not find home directory")), Ok)
 }
 
-pub fn get_config() -> Result<()> {
-    let home = get_home()?;
-    let config = home.join(".config").join("ssh-vault");
-
-    if !config.is_dir() {
-        std::fs::create_dir_all(&config)?;
-    }
-
-    Ok(())
-}
-
 pub fn filter_fetched_keys(response: &str) -> Result<String> {
     let mut filtered_keys = String::new();